Prime Factors Blog

Why Anti-Malware Simply Isn't Enough to Keep Hackers Out

Posted by Patrick Riley on Aug 16, 2016 10:00:00 AM

Find me on:

44317239_s.jpgAnti-malware has aided the fight against hackers a great deal, there is no dispute regarding this fact. These programs scan and predict hacker behavior before anyone even has a chance to open a dangerous email or click on a suspicious link. Some companies have done a better job than others in implementing this software into their devices, but for the most part, consumers and employees can stay safe from attacks whether they know it or not. While these preventative strategies are exceptionally important, it just isn't enough to keep hackers at bay. All companies will need to look beyond anti-malware to have a fighting chance against them.

To learn how encryption can lower the cost of regulatory compliance while enhancing security, download our white paper Reducing the Cost of Regulatory Compliance with Encryption 

Overblown Claims and Promises

The Ponemon Institute reports that a majority of anti-malware products send alerts of which only about 20% are reliable, and only 4% of those alerts are investigated. Investigations into false positives cost companies about $1.25 million in lost time, and malware infections and alerts continue to rise from year to year. Your network is not like anyone else's network, meaning one size does not fit all when it comes to malware protection. You have your own unique gateways that aren't necessarily accounted for by the manufacturers of the products. Depending on the type of program you implement, the customization features may not be anywhere near what you need them to be, and a company trying to sell you their product is not likely to make that one of their selling points. The malware needs to be able to scan all of your activity, and while many have heuristic learning methods, that still doesn't guarantee they'll catch everything. Even one threat that goes unchecked could spell major trouble for you.

Your Software May Not Be As Strong As You Think

When Qatar National Bank experienced their hack earlier this year, they were displeased to find out it was because their software was out of date. For a bank that deals with such a high volume, both in the number of customers and number of transactions, you can imagine how much extra work and hassle the breach caused. In this case, it was Turkish hackers who turned QNB's system upside down by running an SQL injection on the software's entry fields. Once the criminals' statements were hidden within the software, it was only a matter of time before they got the data they needed to cause major havoc within the organization. And they weren't just holding financial data: they also had intelligence information from across Europe, including that of the royal families.

Incentives Are Too High

You may not know it, but there are buildings in certain countries that look very much like the one you work in every day, except that they house hackers who work to come up with new ways to scam people and ransom their information. Their net is wide — practically everyone in the world uses some type of connected device. The potential rewards are substantial, and they're taking few risks because they're targeting people outside their own country. With this type of rigged system, software vendors know just how ineffective their programs can become in a very short period of time. With all the effort being thrown into these criminal activities, there have been some major breakthroughs in how the criminals scheme for more effective ways to get what they need.

The Techniques Are Strong

Some criminals are relentless, and you can't underestimate or make assumptions that your business won't become a target. A hacker may want a particular thing, say the financial data of your customers, so they begin by creating fake credit cards or purchase goods online. They then work to single out an unknown vulnerability within your software, and insert code into your program so they can take advantage of the weak link. Even the most advanced developers, who understand their code backwards and forwards, know that some talented criminal can probably find a way in if they really want to. Once in the network, criminals install the malware from within, meaning your carefully planned protection will do you absolutely no good.

There Are Too Many Openings

In the early days, there may have only been a few ways for cybercriminals to access systems given the limited scope of technology. However, nowadays there are multiple ways that a hacker can end up worming their way into your network. Every time an employee plugs in a new device (e.g., a cell phone, USB drive, mouse, etc.), they create another opportunity for some type of virus or code injection to take over your data. A hacker may try anything to get into your system, even going so far as to visit the office buildings to plant their own equipment in random places. As soon as people catch on to a certain type of trick, like ignoring random USB drives they find on the lobby floor, hackers already have multiple new techniques ready to replace it.

Sharing Is Commonplace

The threat doesn't just come from a lack of strong software. Employee error accounts for nearly half of all attacks. Sometimes, an employee is interested in compromising an employer. However, typical internal breaches occur when an employee doesn't realize they're revealing far too much information about the company to the wrong people. The communication can occur in chat rooms, emails, over the phone, or in person, and there's no way to monitor it all. Anti-malware won't stop someone who manages to get the sensitive information that came from an inside source.

Attitudes About Security Are Still Lax

While attitudes inside an organization are certainly changing a great deal, there are still too many people out there who commit common sins like having extremely weak passwords or forgetting to lock their computer when they have to leave their desk for a meeting. The same people who are terrified that their identity may be stolen when at their home computers could very well be the same ones who are making these types of errors when they first walk into work in the morning. A company can certainly take a variety of steps to tighten up their security by placing an emphasis on better practices, but that doesn't necessarily mean that everyone will follow those rules at all times (especially when they're already frustrated by other matters and just want to go home).

Personal Data Is Everywhere

Hackers want information for their own gain, and the direct path to that end are obviously the most coveted. However, there are people who are in this for the long game as well. For example, cookie hijacking is a way that hackers may try to take a more circuitous approach to getting what they want. Websites like Ebay and Yahoo may successfully encrypt the financial data they take from their customers, but they leave data like emails and history open to attackers. Once a hacker has this information they can use it to start running their own scams and schemes. This is not to say that these businesses don't understand their risks. In fact, many experts will write this risk off as negligible. However, a lack of advanced security on even the most basic data for your customers could still be traced back to you, and wind up costing your business a great deal in indirect negative ramifications.

Small Businesses Are On the Menu

According to the Ponemon Institute, more than 50% of small businesses have seen some type of attack on their systems, with a third of those businesses having no clear understanding about how it came to happen to them. There are multiple reasons why a business may not keep up with their security, but it's a preventable problem that needs to be addressed head on — even if the business owner knows nothing about technology. Many of these smaller businesses who were victims had CEOs who didn't designate a single person to be in charge of making security decisions. A lack of policies regarding security or a disregard for those policies by key people in the company may also be partially to blame. And it's not just on your business either. About 40% of these problems are caused by a third party – meaning if you work with other organizations or affiliated companies who fail to follow a strict security policy, they could potentially make your system vulnerable to a costly attack. This is especially worrisome, given you can't regulate your partners. You can only set up an air-tight system that keeps your data under control.

Cost-Effective Solutions

Encryption introduces more well-rounded security measures into your network, as opposed to relying on your current methods. While the ideal situation is to build both virtual and physical walls around your information so there's no chance a thief could penetrate them, it simply isn't possible. Encryption is similar to buying a security system with ultimate protection, so that you're not stuck filing insurance claims for damaged or stolen property or closing down your business until you can get it back up and running. Just like a physical theft, there are only so many ways to prevent a dedicated cybercriminal who will stop at nothing to get in. Encryption, however, will slow a thief down to the point where they may move onto something else. The best software may very well keep your data secure regardless of how much time and effort hackers invest.

To learn how encryption can lower the cost of regulatory compliance while enhancing security, download our white paper Reducing the Cost of Regulatory Compliance with Encryption


Topics: Enterprise Data Protection