Malware is a very wide spread virus that can be run on a remote machine and steal personal information such as email account passwords, bank passwords, credit cards details, etc. This information can be used over the internet to engage in criminal activities or any illegal works. The intruders send the malware in many forms like email, a pop up window in a browser, etc. When user clicks on the email links or the browser based pop ups the intruders install the malware on the target’s machine and try to access the personal information. Even though in the present world, there are many anti malware softwares and anti-viruses, intruders or hackers find one or the other way to access the machines.
If a user pays attention to what he is accessing over a network or internet most of the malware attacks can be stopped or minimized. There are many types of malwares that can be used for intrusion like viruses, Trojans, worms, ransomewares, fileless malware, adware, spyware, etc.
Many user are becoming victims of these malwares daily and the victims are growing day by day.
For example, if someone want to enter a company’s network then they use Trojans to gain access to the network and then start stealing the information. There are many best practices available to employ mitigate the malware effects. Below are a few:
- Firewalls: Firewalls reduces various attacks by restricting inbound and out bound communications. A company or an organization must clearly define the firewall policies for inbound and out bound communications. As firewall is the first defense system in inbound communication policies must be clear.
- Intrusion Detection Systems: The main idea of IDS (Intrusion Detection systems) is to identify the network traffic. Mostly IDSs uses signatures to detect viruses, worms and malware. IDSs are placed both external to organization and internally behind the firewall so that a company or an organization will have a clear view on both incoming and outgoing traffic and thus can take necessary reactions immediately.
- Authorized Local Network Devices: There should be a strict rule in a company or an organization that devices connected to an organization must be only that are provided by the company. Otherwise there are chances of network affected by malware through the personal laptops, USB drives etc.
- Anti-Virus Updating: As day by day new viruses are coming into existence it is important to set anti-virus applications to automatically update signature files and scan engines. Monitoring of console logs is necessary in an organization to detect any system that failed to update.
- Host-based Firewall: Host based firewall is another mechanism to reduce the malware attacks. Basically, this kind of mitigation is done on laptops in an organization to check for any viruses, Trojans or illegal executables and delete them immediately.
- Vulnerability Scanning: Vulnerability scanning must be made mandatory in every organization. If the code that is pushed to production in an organization contains any out of compliance data, there is a very big chance of hackers getting their hand on it, so every organization must do threat analysis before deploying to production.
- Email Filtering: One of the simple yet affective ways to reduce a malware attack is email filtering. Any suspicious email can be marked as suspicious email and can be reported to company’s security team. By marking the unknown email senders as suspicious there is less chance of allowing the malware to be installed on the machine.
References
- https://www.us-cert.gov/sites/default/files/publications/malware-threats-mitigation.pdf
- https://searchsecurity.techtarget.com/definition/botnet
- https://www.csoonline.com/article/2615925/security/security-your-quick-guide-to-malware-types.html
