Over the course of the last few weeks, we have read and seen a flurry of malware attacks that are quite scary. Two in particular are very nasty and present new ways to infect and reduce your company’s productivity to a stand still.

The first is a fake Microsoft Security Essentials malware product. We have personally see this on a couple of systems now and it is making it rounds. It presents itself as the actual product on web page pop up and "warns" you of "malware". You allow it to run and it then infects your system. In terms of defense, the first step is knowledge. Microsoft will NEVER send you a pop up through a web page to warn you that you are infected; it would do so through its actual product on your desktop. Also, Microsoft Security Essentials is a decent anti-virus program, BUT it is only meant for home use only and even specifies in the terms and conditions when you download it that it will not be used for business. If you are a company, you need to use an anti-virus alternative. This will also allow you and your employees to discern between your company’s anti-virus product and this fake one.

The second one is under the category of ransomware. Essentially by being tricked from a link in an email, it installs their software on a machine. From there, it encrypts the entire hard drive. At this point the user is told they have 10 days to pay (right now the average is $300) to give the employee access back to their data. If they don’t pay, the hard drive’s data is deleted. Unfortunately, once it is installed, there is nothing that can be done to recover encrypted data. However, there are two ways to prevent and work around this issue. The first is to install a professional version of Anti-Spyware. Many free programs are out there that can detect this and other malware once it has already been installed. This doesn’t fix the problem. A professional version of the program actually stays resident in memory and can see if something that is ABOUT to be installed is malware, thus preventing the problem before it becomes an issue. The other tactic is to have your employees store company data on a central server or other location away from their computer. This way, in the event of severe malware (or other issue) striking a particular system, you can wipe the system without wiping away the employee’s (or company’s) work.

If you have concerns about these malware infections or the state of your security at your company in general, please contact us at sales.

More on malware mentioned above:

http://news.softpedia.com/news/Bogus-Microsoft-Security-Essentials-Alert-Used-to-Distribute-Fake-AV-350072.shtml

http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/

It was revealed that Adobe had a break in of its servers last Friday. As a result 2.9 million customer records were obtained that included credit card numbers and other information. However, the bigger threat looms as the thieves took the code for a number of Adobe products, including Adobe Acrobat and Adobe Reader.

When malware or viruses are created, they try and use weaknesses in an operating system or software to find cracks that can bypass security and install on your machine. Usually this is done by malware authors by using a "black box". It is essentially a machine with the program(s) they want to try and break and spend considerable time coding their way around defenses. However, with the source code, these people essentially have the alarm code for Adobe products and can see the inherit weaknesses in their products. The problem is Adobe Reader and Acrobat are programmed to insert themselves natively into Windows. This means that these programs have access to your operating system unlike other products. As a result, expect to see many patches and updates for Adobe coming in the next few weeks to try and dam the holes as it were.

However, there are alternatives to Adobe Reader and Acrobat. If you need access to view or create PDFs, there are many solutions that are free or nearly free and don’t require such a huge footprint on your computer. This results in higher productivity for your business and a large security hole closed.

If you wish to know more about these products or want to make sure your network is secure, feel free to contact us at sales.