Virus writers are constantly adapting in an attempt to get around security measures. The threat landscape has changed from virus’s written by pimply teenagers as a form of digital graffiti, to organised crime approaching it as a business.
Social engineering has become a key attack vector. Phishing attacks where the writer entices you to click, download, or provide sensitive information, have been prolific for years. We’re now seeing new approaches! One cunning method employed by malware writers is to copy a virus onto a few USB flash drives & strategically drop them in the company carpark. Some unsuspecting staff member will pick them up & think “cool, I just found a free flash drive”! Once they plug it into the corporate network, the virus writer can launch their attack from within the firewall.
Another method is to target Mac users. Mac’s are growing in popularity amongst senior managers & virus writers realise it. Viruses are being written that lie dormant on the Mac host, but spread their infection when plugged in to the office network.
One key way to minimise problems is to use Network Access Control. Security products from vendors like Symantec will run checks on any device that connects to the network. Is it running the latest patches? Has it been scanned for any infections? Does the user have the correct permissions & appropriate access? By considering your IT security in a holistic manner, users can stay ahead of the game.