Why you should be wary of computer viruses
Everyone has heard of computer viruses and the damage they can cause. Does it only happen to other people? To what extent is your company affected? So it's crucial to know everything there is to know about anti-virus software.
Viruses and their strategies
What is a virus?
A virus is a computer programme capable of infecting another programme by modifying it and making it capable of infecting in turn. The original name is CPA: Code Auto-Propagable. This viral spread, similar to an epidemic, gave it its medical name: virus.
Types of virus
Viruses include :- Residents, also known as TSRs (Terminate and Stay Resident). They load themselves into the computer's RAM, so as to infect the files that the user executes as and when required.
- Non-resident viruses infect the hard disk and all the programs on it.
Their effects
Viruses have many and varied consequences. From harmless malfunction, with the stealthy passage of an element or an uncontrolled interaction, to the irreversible destruction of data.
How they work
Worms propagate through a network, such as email and the address book. A Trojan horse creates a flaw in a system to make it easier for a hacker to access. A rootkit is used to take remote control of a device. Logic bombs are activated in a different way: they are triggered by a particular event: activation, system date, etc. Spyware is spyware. The regin virus is a well-known example. It spies by controlling GSM mobile phone networks.
Mutants
Malware most often combines different types of malware. This makes them all the more dangerous. Mutant viruses occur when the original program has been rewritten several times by different hackers. Each hacker has been able to modify the behaviour of the virus, or its signature (the succession of bits that characterise it). This makes it all the more difficult to identify.Chameleons
Some malicious programmes have the ability to change their appearance, like chameleons. They have encryption and decryption capabilities. These are known as polymorphic viruses. Others have the power to go so far as to modify the signature of the programmes that seek to identify them. These are retroviruses, also known as buccaneering viruses.
Companies are a prime target
Eight out of ten businesses under attack
Last month, CESIN (Club des Experts de la Sécurité de l'Information et du Numérique) published a survey of 141 businesses. Unveiled at the inauguration of the FIC (International Cybersecurity Forum), it provides an overview of the latest malicious digital attacks. It reveals that in 2016, 80% of businesses suffered a cyber attack penetrating at least one of their servers.
The consequences of an attack
Once hacked, it takes between one and six hours for companies to notice. They then need between 3 days and 3 weeks to clean up their systems. According to NTT Com Security's Risk Value study published on 10 January, a cyber attack costs a company an average of €773k. These costs can be broken down as follows
- 19% in legal costs
- 18% in compensation to customers for damage suffered,
- 15% in third-party resources,
- 15% in fines or compliance costs,
- the remainder in public relations and compensation to suppliers and employees.
Common malware
Ransomware tops the list. It is the most common attack suffered by businesses, followed by denial of service. Next come external frauds, fake transfer order scams and president frauds. In the latter case, the hacker poses as the company's director in order to obtain sensitive information.
The need for protection
So what should you do? First of all, assess the level of protection your company's IT equipment currently enjoys. Is it sufficient? A firewall and anti-virus software are essential. Encryption, parental control and anti-spam filters are also recommended.
Leave the free stuff to individuals
Depending on your operating system, whether OS, Windows, Linux or Unix, you may have some built-in protection features. But make sure you back them up with a dedicated antivirus. And while it's true that there are some free ones out there, don't be fooled. Suitable for use by private individuals, they are less suitable for businesses, however small.
Pay-as-you-go for professionals
Mcafee, Norton Security with Symantec and Panda Security are among the best-known antivirus products. BitDefender also offers a complete suite with its GravityZone package. The advantage is that you can manage everything from a cloud console, ensuring protection for all your endpoints. This includes your employees' mobile devices.
Cyber threats are real. And they affect us all. As a company, the first thing to do is to equip yourself with a high-performance antivirus, capable of securing the gateways that your employees use to access the web (email, cloud), as well as your computer terminals. Only with a sufficiently powerful programme can you thwart the many viruses for which you are the ideal target.
Article translated from French