2014 could go down as one of the most significant years in the world of cybersecurity, and malware in particular. It wasn’t just the small window that revealed data breaches at Target, Neiman Marcus, Michaels Craft Stores and potentially dozens of other retailers. Nor was it the fact that this explosion in data breaches could all be the work of a seventeen-year-old.
When news broke last week that security researchers had found more than 2 million stolen passwords hidden on a hacker’s website, it didn’t take long for media around the world to get on the case. It appears the passwords were stolen over many months, and from users of Facebook, Twitter, Google, LinkedIn and many other sites.
The story that seemed to get the most attention from the media and from security experts was what these 2 million passwords told us about the password habits of users. That they were awful. Not that that’s really news, but still, once again we discovered that the most common passwords included in the haul were 123456, 111111, and perhaps worst of all, password.
However, we noticed something else, something that other security experts seemed to miss completely. The initial suspect in the heist was a keylogger, a tiny piece of malware that will infect computers, steal things like logins and passwords, and pass them back to the hackers.
On the very same day the media frenzy started, we noticed that a security firm OPSWAT revealed some very scary test results. When they planted a basic keylogger on one of their test computers, and ran scans with more than 40 of the most popular consumer and business antivirus products over two weeks, only one product caught the keylogger. Which probably means most consumers and even small businesses probably won’t be able to detect it either.
While the better antivirus brands are generally good at catching the most common malware, a study by the University of Alabama found that those same products only catch around 25% of the more advanced malware. And that’s the stuff that can do the most harm.
Keyloggers are typically in search of logins and passwords, but they don’t just log what you type. They can also capture screenshots of what’s on your computer, screenshots of the websites you visit and the folders you open, and even what you search for. And software isn’t the only variety. There’s a growing trend towards hardware keyloggers – keyloggers designed to look identical to a plug or connector you’d expect to find at the back of a computer or even a cash register. One such hardware keylogger was recently found plugged into the back of a cash register at a Nordstrom store in Florida.
If keyloggers make their way on to computers in your business, the hackers may be able to steal logins and passwords to your website or bank account. They might also be able to steal payroll and customer information. They might even be able to hop from your computers to your website, and from there infect visitors to your site. Which could end up with your business being blacklisted by the search engines until you solve the problem.
So what can you do cripple this menace?
- Start by talking to your employees, explain what a keylogger is, how it can threaten your workplace, and how you can all work together to protect against them.
- Require all your employees to use anti-keylogger software, like Key Scrambler (free). They won’t protect your business against every type of keylogging but are a good defense against the more common software based. Some work by instantly encrypting or scrambling all your keystrokes so that they’re unusable to hackers.
- Make sure you and your employees use one of the many safe surfing tools or plugins, like Web of Trust (WoT). As users become more wary of malware hidden in email attachments, hackers are turning to websites instead. Known as watering holes, hackers will find vulnerable websites, load them with keylogging malware, and simply lie in wait for visitors to those sites. SiteLock is finding as many as 5,000 small business web sites every single day already compromised and requiring malware removal. Safe surfing tools will help alert you of suspicious or dangerous websites before you click on them.
- Always have good antivirus software on every computer and device you use in your business and at home. And encourage your employees to do the same. Some of the best is free, including for your smartphone and tablet. And scan often — at least once a week is recommended.
- All employees should change their passwords often and think about passphrases instead.
- Be careful what you allow employees to download and install. Poor security habits and hygiene are a leading contributor to malware infections. Slow down, guard up, verify first, and only download if you’re really sure and you really need to.
For more information on protecting your business from cybersecurity threats call SiteLock at 855.378.6200.
A watering hole, or water hole, is a website with vulnerabilities that hackers take advantage of to plant malware. The idea is that the malware simply lies in wait until someone visits your website, and if that someone is not using protection, he or she will find their computer or smartphone infected with that malware.
When you purchase a new PC, you wouldn’t dream of connecting to the Internet without having an antivirus tool in place. Because it’s fairly common knowledge that the pace of growth and infection of viruses and attacks that affect personal computers is increasing rapidly and they can do serious damage. PC viruses and malware are often looking for personal information, like credit card data, that can be used for criminal and fraudulent activities.
To counteract the PC infection and theft that viruses and malware can cause, anti-virus tools have a sophisticated knowledge base of active threats. And they continuously look out for computers that have out-of-date antivirus software so they can update it automatically to protect PC owners and their computers from new threats as they are discovered.
If you’re like most small business owners, you probably don’t believe that something as small as a piece of malware could threaten your business. After all, what could you possibly have that malware could want? And why would a hacker pick on you when they have so many bigger fish to go after?
Maybe this story will change your mind. A very small, nine-person business in southern California recently announced that it would have to close down suddenly and permanently after a small piece of malware known as a banking Trojan managed to slip on to the computer of one of its employees.
In a recent interview with Barry Moltz on Blog Talk Radio, Neill Feather, President of SiteLock, responds to the growing concern, particularly for small businesses, of website risks and how adding website security can protect online businesses and their reputation.
The fact is that small businesses are increasingly a prime target for cyber crime. Case in point – Neill references a recent study by Verizon that states that 95% of online businesses that are attacked by hackers have fewer than 100 employees. And the number of attacks continues to grow each day.
The Open Web Application Security Project (OWASP) was formed with the goal of supporting the creation, development, acquisition, operation and maintenance of applications that can be trusted by their users.
As more applications are developed online, the threats to attack those applications increase even more rapidly in the form of threat agents. The agents, in this case, are not often the good guys (even though sometimes they are employees or others within your organization). They are any capability, intention or activity that attempts to exploit the company’s assets, frequently its data.