8 threats that even antivirus cannot catch

Malware attacks and data thefts are on the rise as evident from the recent news headlines. The mere use of antivirus software wouldnt serve the purpose. The reason being, antivirus programs block attacks by using patterns or signatures to identify malicious software code. This signature-based detection was successful when the threats were lesser and spread over a good time frame. Relying entirely on antivirus solutions will not serve the purpose now because your system is exposed to threats in routine situations. The whitepaper published by John Metzger, Senior Product Marketing Manager, and Jonathan Shaw, Product Manager at Sophos highlights eight everyday threats in which we need to update the protection of our PC beyond traditional antivirus program. Let us look at them and understand their implications:

1.

The zero-day threat

Zero-day threats are those malware threats that are not recognizable as they didnt match up with earlier threats. As per the research report, Zero-day threats can also exploit zero-day vulnerabilities, or previously unknown security deficiencies that software vendors have not yet patched. In March 2011, unknown attackers unleashed the zero-day attack on RSA Company by infiltrating its servers and stealing sensitive information. Preventive measure: Run security scan on a regular basis to detect and remove the latest threats.

2.

Working outside the firewall

Workplace has become mobile now and has provided opportunity to employees to access their mails from outside be it airports, hotels, cafes, or home. This access has created an unsecured network. Cyber criminals can exploit such vulnerable networks to push malicious software and spam through Conficker worm. Preventive measure: Keep your operating system up-to-date by installing the latest patches.

3.

The unpatched PC

As per the whitepaper, One small unpatched vulnerability in an application, browser or operating system can lead to huge problems. Hackers invade such unpatched computers with Conficker worms and instruct infected PCs to transmit valuable information like financial account credentials. Preventive measure: Download and install all the latest patches on your computer. According to a Gartner report, 90% of successful attacks against software vulnerabilities could have been prevented with an existing patch or configuration setting.

4.

The uncontrolled application

Many of our favorite personal applications like instant messaging (IM), social networking sites, peer-to-peer (P2P) clients, voice over IP (VoIP) and games, brings unacceptable risk or performance issues. As per the research, in 2010, the U.S. Federal Trade Commission sent letters to almost 100 organizations whose personal information, including sensitive data about customers and employees, had leaked onto P2P networks. Preventive measure: You can disallow the permission to install unwanted applications.

5.

Web insecurity

One may visit some inappropriate sites, knowingly or unknowingly. These sites often redirects to sites hosting fake antivirus programs also known as scareware. Infection can even be spread from a compromised reputable site through browser plug-ins. Preventive measure: Use URL filtering mechanism to block all those sites know to host malware like porn, hate, and gaming sites.

6.

The lost laptop

The difficult thing in a lost laptop is to recover exposed information. In a study conducted for Intel in 2009, it was found that a single lost or stolen laptop could cost approximately $50,000 to its owner. Preventive measure: Data encryption is the remedy to be used on all laptops and removable storage devices.

7.

Misdirected e-mail

One typo error can send your important documents and confidential data to a wrong email id. This information can be exploited by criminals for organizing identity thefts. Preventive measure: You can ensure that files are encrypted before transferring through e-mails so as to prevent any damage. You can also use data loss prevention software to warn the recipient user or block the file transfer.

8.

The infected USB device

USB device bypass your computers firewall protection and could be a source of malicious software. Preventive measure: Verify the authenticity of thumb drives and CD before using them. Such removable media may be contaminated with malware. You can also use software that allows readonly access to such devices.

Conclusion
The best defense is use an endpoint protection solution that provides multiple layers of protection, including live antivirus, behavior-based detection, web protection, application control, patch assessment, network access control, data encryption, data loss prevention, and device control.