Malware Attacks Protection and Prevention

 

Malware Attacks Protection and Prevention Best Practices

Install Anti-Malware Software

While this sounds obvious, organizations can find it difficult to deploy anti-malware solutions on all their devices. Employees commonly use personal devices to access corporate systems, and those devices might not have adequate anti-malware protection. Some computing systems or devices may not support installation of anti-malware solutions —for example, legacy systems or internet of things (IoT) devices.

The first step to protect against malware is to ensure that all devices have strong anti-malware protection installed, and devices that don’t have it should be severely limited in their ability to access the network and sensitive systems.

Learn more in our detailed guide to anti-malware protection

Keep Software Updated

Software vendors regularly provide patches and updates to address new vulnerabilities as they arise. Many of these vulnerabilities could result in attackers deploying malware in the corporate environment. 

It is critical to check for and install all new software patches—this applies to operating systems, software tools, browsers, and plug-ins. It is advised to automate the patch management process to ensure updates happen quickly, and reduce the burden on IT teams.

Secure Browsers

Users are often infected by malware via their web browsers. A primary method for causing users to download malware is malicious pop ups—malicious sites and adware programs can create pop-ups to deliver malware or spyware to a user’s device, hijack the browser session, or perform other malicious actions. 

Other commonly exploited weaknesses in web browsers include malicious redirects, insecure plugins, DNS attacks, and insecure use of stored passwords and form data.

There are two main ways to protect against these threats. Use technological solutions that can limit impact, such as browser isolation and web filtering, and educate users on safe browsing habits.

Regulate Networking and Storage

These methods can help block common threat vectors that lead to malware infection:

Install or implement firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS).

Do not allow users to connect USB drives or use unsanctioned cloud storage services.

Close unused ports and disable unused communication protocols.

Delete inactive user accounts and limit permissions to active accounts according to the least privilege principle.

Implement Email Security and Spam Protection

Email is an essential business communication tool, but it is also a common malware distribution channel. To reduce the risk of infection:

• Ensure all incoming email messages, including attachments, are scanned for malware.

• Use a sandbox to safely “detonate” suspicious files to protect against unknown threats.

• Set up a spam filter to reduce spam and inappropriate or suspicious emails.

• Only allow users to click company-approved links

• Clearly warn about emails that come from non-company or unknown email addresses.

• Learn more in our detailed guide to prevent malware attacks.

Preventing Malware with Perception Point

Perception Point developed next-gen static and dynamic engines that detect and prevent any attempt to deliver malware.

These dynamic and static engines are broken up into several elements: In the front line stands the Recursive Unpacker which extracts all files and URLs transferred, thus uncovering and thwarting evasion techniques. Next is the Threat Intelligence layer – The best-in-class intelligence sources coupled with internally developed engines scans all content to identify any “known” malware. Following the threat intelligence, is a stack of the leading Anti-virus engines in the world in addition to Perception Point’s Signature Analysis engines for highly complex malware. The last piece of the “Everyday Malware” stack, is Perception Point’s phishing engines which use in-house build image recognition capabilities to prevent any type of URL based malware delivery.

New, sophisticated malware attacks all rely on the usage of an exploitation technique. This means that prior to any advanced malware release, the attacker will try to use an exploit to set the ground ready for installing one of any millions of malware options he has in his hands.

Perception Point knows how attackers think. This is why we invented the HAP – a proprietary next-gen dynamic engine that has visibility into the exploit level. In other words, instead of chasing the many malware out there, we “cut off the root” and prevent the malware from even being delivered, not to mention from running.