8 Ways Cybercriminals Make Your Firewall And Antivirus Useless
Having the right cybersecurity technology is just a part of doing business in today’s world.
In fact, security solutions like firewalls and antivirus software accounted for $23 billion in annual revenue – it’s likely that you contributed to that in some small way.
But are they really worth your money?
There’s no disputing the need for an effective firewall or antivirus solution, regardless of the size or specialty of the business in question.
But, given that they are such a standard in the business setting today, have you ever stopped to figure out what you’re paying for?
What is a Firewall?
Your firewall is your first line of defense for keeping your information safe. A firewall is a particular type of solution that maintains the security of your network. It blocks unauthorized users from gaining access to your data. Firewalls are deployed via hardware, software, or a combination of the two.
A firewall inspects and filters incoming and outgoing data in the following ways:
With Packet Filtering that filters incoming and outgoing data and accepts or rejects it depending on your predefined rules.
Via an Application Gateway that applies security to applications like Telnet (a software program that can access remote computers and terminals over the Internet, or a TCP/IP computer network) and File Transfer Protocol Servers.
By using a Circuit-Level Gateway when a connection such as a Transmission Control Protocol is made, and small pieces called packets are transported.
With Proxy Servers: Proxy servers mask your true network address and capture every message that enters or leaves your network.
Using Stateful Inspection or Dynamic Packet Filtering to compare a packet’s critical data parts. These are compared to a trusted information database to decide if the information is authorized.
What about Antivirus?
Antivirus is installed to protect at the user level, known as endpoint protection, and is designed to detect and block a virus or malware from taking root on a user’s computer, or worse, accessing a network to which the user is connected.
If a user encounters a threat, the antivirus software detects the threat and blocks it using a string of text – an algorithm – that recognizes it as a known virus. The virus file tries to take one action or sequence of actions, known to the antivirus software, and the algorithm recognizes this behavior and prompts the user to take action against suspicious behavior.
Is this type of cybersecurity software effective?
To an extent.
Sorry for the underwhelming answer, but it’s a bit of a difficult question to answer.
A next-generation firewall and up to date antivirus solution are great at doing specifically what they’re designed for.
The problem is that they are not the end-all, be-all of cybersecurity in the modern world.
You could have the best firewall and antivirus software on hand, and still be vulnerable in any number of other ways…
The top 8 ways that cybercriminals get around firewalls and antivirus
Cybercriminals target your employees. As important as cybersecurity technology is, on its own, it simply isn’t enough. The key to truly comprehensive cybersecurity is simple, yet often overlooked: the user.
Cybersecurity gimmicks — such as “set it and forget it” firewalls and antivirus software — fail to account for how important the user is.
Even the most effective digital security measures can be negated by simple human error, which is why conventional solutions are simply not enough to make sure you’re safe.
Much of cybersecurity is dependent on the user, and as such it’s vital that you properly educate your employees in safe conduct.
The more your workforce knows about the security measures you have in place and how they can contribute to cybersecurity, the more confidently they can use the technology is a secure manner.
Well trained employees become a part of cybersecurity, and are capable of:
Identifying and addressing suspicious emails, phishing attempts, social engineering tactics, and more.
Using technology without exposing data and other assets to external threats by accident.
Responding effectively when you suspect that an attack is occurring or has occurred.
Cybercriminals target your offsite devices, outside of business hours. This is a critical limitation of your cybersecurity software, and it’s obvious when you think about it – if your firewall is only installed on your work devices, but you let employees use personal devices and home workstations to access business data, then obviously you won’t be totally secure.
In addition to having a detailed Acceptable Use policy in place at the office to stop your staff from using work devices to use unauthorized software and visit dangerous websites, you also need a mobile device policy in place to protect your data that may be on personal devices.
The right monitoring software for mobile devices will protect you from a number of dangerous scenarios, including:
Jailbreaking and rooting company devices
Unauthorized access to company data
Lost or stolen devices that need to be remotely wiped
Cybercriminals figure out your passwords – because your passwords are weak.
Users, both at home and at work, tend to be horrible at selecting and maintaining strong passwords.
Did you know, for instance, that 81% of data breaches in 2017 came down to stolen and/or weak passwords?
Are you confident in your password strength?
Find out for sure by reviewing these common password mistakes:
Length and Complexity: Keep in mind that the easier it is for you to remember a password, the easier it’ll be for a hacker to figure it out. That’s why short and simple passwords are so common – users worry about forgetting them, so they make them too easy to remember, which presents an easy target for hackers.
Numbers, Case, and Symbols: Another factor in the password’s complexity is whether or not it incorporates numbers, cases, and symbols. While it may be easier to remember a password that’s all lower-case letters, it’s important to mix in numbers, capitals, and symbols in order to increase the complexity.
Personal Information: Many users assume that information specific to them will be more secure – the thinking, for example, is that your birthday is one of a 365 possible options in a calendar year, not to mention your birth year itself.The same methodology applies to your pet’s name, your mother’s maiden name, etc. However, given the ubiquity of social media, it’s not difficult for hackers to research a target through Facebook, LinkedIn, and other sites to determine when they were born, information about their family, personal interests, etc.
Pattern and Sequences: Like the other common mistakes, many people use patterns as passwords in order to better remember them, but again, that makes the password really easy to guess. “abc123”, or the first row of letters on the keyboard, “qwerty”, etc., are extremely easy for hackers to guess. Despite the fact that passwords are the most direct way to access a user’s private information, most passwords in use today are simply not strong or complex enough. Passwords protect email accounts, banking information, private documents, administrator rights and more – and yet, user after user and business after business continues to make critical errors when it comes to choosing and protecting their passwords.
Keep these tips in mind when setting your passwords:
Password Strength: It’s common that passwords are required to include uppercase letters, lowercase letters, numbers, and special characters. Consider using a passphrase—which is when you combine multiple words into one long string of characters—instead of a password. The extra length of a passphrase makes it harder to crack. For a more secure passphrase, you’re encouraged to combine multiple unrelated words to create the phrase, for example, “m4ryh4d4l1ttl3l4mb.”
Password Managers: These programs store all of your passwords in one place, which is sometimes called a vault. Some programs can even make strong passwords for you and keep track of them all in one location, so then the only password or passphrase you have to remember is the one for your vault.The downside of using a password keeper program is if an attacker cracks your vault password, then he or she knows all of your passwords for all of your accounts.
Multi-Factor Authentication: Multi-Factor Authentication is a great way to add an extra layer of protection to the existing system and account logins. 45% of polled businesses began using MFA in 2018, compared to 25% the year prior.By requiring a second piece of information like a randomly-generated numerical code sent by text message, you’re better able to make sure that the person using your employee’s login credentials is actually who they say they are. Biometrics like fingerprints, voice, or even iris scans are also options, as are physical objects like keycards.
Cybercriminals penetrate your unpatched, out of date networks. Did you know that one of the most common ways that cybercriminals get into a network is through loopholes in popular software, applications, and programs?
Despite how advanced modern software is, it is still designed by humans, and the fact is that humans make mistakes. Due to this, much of the software you rely on to get work done every day could have flaws — or “exploits” — that leave you vulnerable to security breaches.
Many of the most common malware and viruses used by cybercriminals today are based on exploiting those programming flaws; to address this, developers regularly release software patches and updates to fix those flaws and protect the users.
This is why it’s imperative that you keep your applications and systems up to date.
Unfortunately, most users find updates to be tedious and time-consuming and often opt to just click “Remind Me Later” instead of sitting through an often-inconvenient update process.
Comprehensive and regular patch management is a crucial part of proper IT security. Some of the worst data breaches are based on “zero-day exploits”, which are based on exploits found by hackers but not by the developers, leading to severe security risks and an immediate need for patching.
Cybercriminals target data that hasn’t been backed up.
Do you have a data backup policy in place?
If not, then you’re vulnerable, right now, to ransomware.
Ransomware has quickly become one of the biggest cyber threats to businesses today – remember the Wanna Cry epidemic that infected hundreds of thousands of IT systems in more 150 countries?
That was ransomware, and it could happen to you too. Unless that is, you get a data backup solution put in place.
If you have you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that.
That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.
Be sure to:
Back up data on a regular basis (at least daily).
Inspect your backups to verify that they maintain their integrity.
Secure you backups and keep them independent from the networks and computers they are backing up.
Cybercriminals trick your staff into installing dangerous software.
One of the most popular cybercrime tactics is to trick users into downloading malware, under the assumption it’s a type of software they need.
This could be hidden in a large downloaded file that users may think is a work program, a video game, or even a mobile app.
This is further reason why you need an Acceptable Use policy and content filter in place on work devices. These types of measures will protect you against your unsuspecting employees.
Cybercriminals trick your staff with phishing emails.
A popular cybercrime tactic among hackers today is “phishing” – a method in which they send fraudulent emails that appear to be from reputable sources in order to get recipients to reveal sensitive information and execute significant financial transfers.
It’s more effective than you might assume. That’s why the rate of phishing attacks increased by 65% in recent years – businesses keep making it easy for cybercriminals to get away with.
Share these key tips with your employees to make sure they know how to spot a phishing attempt:
Incorrect Domain: Before even taking a look at the body of the message, check out the domain in the sender’s address. Maybe they claim to be from your bank, or a big name company – but talk is cheap.It’s much more difficult to spoof an actual domain name, and so it’s more common to see domains that are closer, but not 100% correct. If it seems fishy, it probably is.
Suspicious Links: Always be sure to hover your mouse over a link in an email before clicking it. That allows you to see where it actually leads. While it may look harmless, the actual URL may show otherwise, so always look, and rarely click.
Spelling and Grammar: Modern cybersecurity awareness comes down to paying attention to the details. When reading a suspicious email, keep an eye out for any typos or glaring errors. Whereas legitimate messages from your bank or vendors would be properly edited, phishing emails are notorious for basic spelling and grammatical mistakes.
Specificity: Another point to consider is how vague the email is. Whereas legitimate senders will likely have your information already (such as your first name) and will use it in the salutation, scammers will often employ vaguer terminology, such as “Valued Customer” – this allows them to use the same email for multiple targets in a mass attack.
Urgent and Threatening: If the subject line makes it sound like an emergency — “Your account has been suspended”, or “You’re being hacked” — that’s another red flag. It’s in the scammer’s interest to make you panic and move quickly, which might lead to you overlooking other indicators that it’s a phishing email.
Attachments: Phishers will often try to get you to open an attachment, so, if you see an attachment in combination with any of the above indicators, it’s only more proof that the email is likely part of a phishing attempt.
Cybercriminals cut out the middle man and pretend to be you.
With the amount of personal data that people put online today, it’s not as difficult for cybercriminals to impersonate you as you might think.
By mining your social media, your LinkedIn and your company website, it can be pretty easy for a hacker to figure out your email address and reset your password.
Or maybe instead they spoof your email address and use it to contact a subordinate or a business contact to gain further information and access to use against you.
You need to protect yourself as a matter of privacy, and with the right processes:
Never give out private information: A basic cybersecurity rule is knowing not to share sensitive info online. The trusted institutions with which you do business will not ask you for your private information.They already have your account numbers, social security number, and your passwords. They won’t have any good reason to ask for it again, right? If an email from a superior or external contact asks for that info, it is likely a scam, so be sure to confirm the request by phone or in person.
Set standard protocols for requests: Have steps put in place for management to follow when asking for information or access from employees. If your employees have a clear idea of how these interactions should look, they’re less likely to be fooled by a hacker posing as their supervisor.
Are your firewall and antivirus worth the money?
Security software is a vital part of your cybersecurity – but the key word in that statement is part.
You should definitely invest in the usual cybersecurity solutions, but they are not enough on their own. Cybercriminals have so many tactics and methods for penetrating an organization like yours that you can’t settle for defending yourself on one front alone.
That’s why you need a comprehensive defense, that combines cybersecurity solutions, employee training, best practices, and detailed policies.
Anything less and you will have left a gap in your armor, making only a matter of time before cybercriminals find their way in.