The director of Pandalabs, the laboratory which Panda Security set up to fight against malware, shares with us the main tips that businesses should follow to be safe in the digital, multi-device, and mobile era.
Panda Security.: There are more and more security hurdles for businesses these days. The volume of malware is increasing and the threats are getting more sophisticated. Ransomware such as Cryptolocker, direct threats and persistent advanced threats are the main risks but there are more. How do you see this complex panorama?
Luis Corrons: It’s true. Businesses are facing ever greater security risks. The advancement of technology is every faster and this means that risks no longer affect us as they did previously – instead of focusing on PCs, we need to keep an eye on mobile devices and tablets, not to mention any other device that employees use to access corporate applications that the company may not be aware of. There are new ways for attacks to enter the business and there will be even more in the future. Wearables, without saying more, could be another entrance point for attacks. If companies aren’t aware of this and don’t take the correct precautions, this could end up being a nightmare from a security perspective.
P.S.: Are they aware of this reality?
L.C.: They are well aware of it, in fact, they have quickly jumped on the bandwagon. However, they aren’t fully aware of the risks nor how to correctly react to it.
P.S.: In your opinion, how should they behave?
L.C.: The first thing that they have to do is identify all of the devices which can access the corporate applications. It could be convenient if they introduce a policy such as BYOD (Bring Your Own Device). Many employees would prefer to use their own device but, in this case, the company will need to inform them that in order to access the corporate systems, there needs to be some controls in place. The business needs to always know which devices are connected and what security measures each one has.
Another key tip is to act as if they’ve already been attacked and that the “baddies” have already gotten in. You should never think that you are completely safe, as there is always the possibility of an attack, this is why it is vital to know what is running on your network at all times.
It’s common for a cybercriminal to attack a small business with the intention of accessing the systems of a larger one.
The problem is that many businesses think “why would they attack us? We’re small and of little interest”. This way of thinking is a mistake and it’s common for a cybercriminal to attack a small business with the intention of accessing the systems of a larger one. Small businesses can be customers of providers for large multinationals and if their systems aren’t secure then this can represent an easy entry point for attackers. This is what happened with target, the large American supermarket chain, which was attacked in 2013 thanks to a hole in the security system of its air-conditioning provider, which also happened to be a small business. Thanks to this small hole, the cybercriminals were able to infect the POS and steal credit card details of the customers. A small business could put the largest multinational in the world at risk.
P.S.: Suppose that, owing to the lack of resources that they have available, this is why small businesses are the most vulnerable…
L.C.: In reality, every business is at risk of an infection or attack. Obviously the larger the business, the more attractive it is to criminals – they have more computers and distribution points, which means more possibilities to attack. However, they are also the ones which have better protected their systems. Smaller companies, although they have less points of attack, usually leave a lot to be desired when it comes to security as they lack resources or the cost is too high.
Not having updated software is one of the biggest holes in security that there is. The other is lack of knowledge and awareness.
P.S.: Lots of small businesses (and large ones, too) have antiviruses, however, these solutions aren’t enough in the face of new attacks…
L.C.: An antivirus can detect lots of malware but it can’t detect them all, especially new attacks which are more sophisticated and are based on social engineering which tricks the users. So, what is the solution? What can a small business do to ensure its security? The first thing is to have an antivirus and software updated (obviously Windows, which updates itself automatically, but also other software, extensions of Flash, etc.). Not having updated software is one of the biggest holes in security that there is. The other is lack of knowledge and awareness. It’s important to explain to employees the social engineering techniques that are being produced, that they don’t open suspicious files or ones from unknown senders, etc. There’s a lot of information available and courses to learn about Cryptolocker and other types of attacks. If both these holes are sealed up then businesses will be much better off.
P.S.: Panda has created Adaptive Defense to cover the areas where a traditional antivirus can’t reach. Can you tell us more on this solution?
L.C.: It is a solution that controls everything that happens on your network. It allows the administrators to have total control of all files and applications that are running on the company’s computers or servers, and in the near future it will expand its abilities to mobile devices.
Adaptive Defense monitors everything and if it sees that what is being downloaded is good, it leaves it be (it continues to monitor it, just in case). However, if it spots something unusual it will block the download and, in the case of it being something which we have never seen before, or unknown, it will block it temporarily until it can be classified. The user can also personalize the management of the tool via different parameters, meaning they can see everything clearly with this platform. It also informs you if you are running an up-to-date version of an application or if, for example, an employee is using Dropbox to copy confidential information. Finally, the most important part, it analyzes everything and can be used alongside the antivirus that the company already has, be it a Panda one or not.
P.S.: PC, servers, mobiles… the next area to protect will be the Internet of Things? What with the increase in wearables and the huge number of sensors….
L.C.: Without a doubt, in fact, at Panda we are already working on covering the Internet of Things, it’s our next, big step.
Thanks for the extra warning. The most vulnerable spots so to speak, on the company body is the wearables, the byo devices such as mobiles and tablets.