After receiving phenomenal positive feedback at our previous live cyber exercising workshops in Edinburgh and Aberdeen, the Scottish Business Resilience Centre organised another Exercise in…
- Ethical Hacker Paul examines the use of anti-virus software and why it’s worth investing in.
When we think ransomware attacks, we tend to think about companies and organisations like the NHS, Keseya, Colonial Pipeline in the US, and Travelex.
However, attacks on small to medium-sized companies are on the rise and they prove to be increasingly lucrative for attackers with the cost to the business being in the tens of thousands of pounds. In believing themselves not to be a worthy target, many SMEs have become easy prey simply by having poor security in place.
What is ransomware?
Ransomware is a type of malicious software, also known as malware, that exploits security holes to infect the system and subsequently encrypt the data on the drive. Some ransomware can also spread across a network and infect other computers on it, making them very hazardous to your data. They are specifically designed to be stealthy and remain hidden within other programs to avoid detections. So how do we counteract ransomware? Well, we use an anti-virus.
Anti-virus is a software application that has been designed specifically to protect computers against a malware attack. A basic anti-virus will scan your files so anything matching known malware and display a warning to the user when found and asks if it should remove it. More advanced anti-virus can offer other services such as email and browser protections.
The software is also frequently patched to counter new threats as they arise, so it is important to keep it updated.
How does it work?
Say an employee receives an email from someone who appears to be a trusted customer, attached is a file which, due to trusting this customer, the employee downloads it without thinking. Upon opening the file, the computer is immediately infected with ransomware that begins encrypting everything. If the computer has an anti-virus program installed, it should catch the malicious program upon opening and immediately close it down and quarantine it.
If your anti-virus software also offers email protection, then it will scan incoming mail traffic and flag any that it deems to be suspicious or a threat. Similarly, if your antivirus also supports browser protection, then the software will stop users from immediately jumping to that site, flag it as dangerous, and suggest users go back. Again, these functions also require the software is kept up to date so it can utilise the latest lists.
Do I need it?
Unfortunately, in the current climate the answer is always yes! However, you should research for an antivirus solution that works best with your needs. It may also be worth checking with your IT provider, if you have one, and see what security options they have in place for you also!