How to secure web applications against malicious files

Modern web applications have evolved into a primary form of data communication as well as a platform where end users can easily collaborate, upload documents, images, or other files. However, this has led to applications being able to accept file uploads with any extension or type, giving attackers the opportunity to upload malicious files into applications that exploit both the organisation and its clients. Therefore, filtering uploads by validating for file types or extensions is no longer an effective way of defending against such attacks.

In the recent past, in-house sandboxing techniques have been used in company networks to detect malware in files. However, deploying an appliance for sandboxing and analysing local network files is not scalable, and it also adds severe latency and administrative overhead, which results in badly implemented security.

Additionally, enhanced inspection techniques that send notifications and adequate logging are required to defend against today’s file injections. By immediately notifying the administrator when an attack occurs, they have a better chance of combating threats.

Why anti-virus scanning isn’t enough

Running a business is becoming more dynamic, yet more complex. Unfortunately, this also applies to the business of malware and ransomware. Popular types of malware are being used to target websites, and are rarely detected by traditional anti-virus services.

The origin of these infections is typically through simple actions like file uploads in web applications. Today’s threats spread at a high velocity, making it difficult to detect a threat, isolate the signature, add the signature to databases, and make it publicly and continually available in a very short time. By the time the database update is available, the threat has already compromised a network’s systems and has successfully covered up its tracks.

While these signature-based legacy systems are still important as a first line of defense for prefiltering network traffic, organisations still need an additional security layer to protect against targeted malware.

Read this whitepaper from Barracuda to find out how to secure web applications against malicious file injections.

Want to learn more?

Complete IT Systems have a team of Barracuda specialists on hand to demo the solution, discuss business benefits and help you understand how the technology works for your organisation.

To get in touch or request a demo please contact us.

90% of malware is delivered via email. Is your business email secure?

Malware and email messages are, unfortunately, the same as bread to butter or hands to gloves. The two go hand in hand. In fact, the connection is so acute that it’s been found that over 90% of all known malware is delivered into companies via email.

And there’s even worse news for IT managers and systems administrators. Here’s some of the main points from the Cofense State of Phishing Defence report:

  • The average user / employee doesn’t go two full days between receiving phishing messages
  • More than 50% of phishing messages have the word “invoice” in the subject line
  • 21% of malicious emails carry harmful attachments or phishing-related malware

Given that this data was gathered over 135 million simulations, 800,000 emails and 50,000 actual phishing campaigns targeting companies in 23 industries, the threat is obviously a real one.

Protect your business email with a 6 month FREE Kaspersky trial!

To support remote working in this challenging time, we’re offering 6 months’ FREE protection with the very latest version of Kaspersky Security for Microsoft Office 365. This extends protection for SharePoint Online and Microsoft Teams, securing all collaboration and messaging channels within Microsoft Office 365.

Kaspersky Security for Microsoft Office 365 uses advanced heuristics, machine learning and other next-generation technologies to protect your communication and collaboration processes from ransomware, malicious attachments, spam, phishing (including Business Email Compromise) and unknown threats.

Sign up NOW for a FREE 6-month license and take protecting remote workers off your to-do list.

Why Kaspersky?

  • Prevent threats and keep your business running
  • Endpoint protection from the most tested, most awarded security vendor
  • Protect Windows desktops and file servers, Mac OS workstations, iOS and Android smartphones and tablets
  • Secure Microsoft Office 365 communication and collaboration

Want to find out more?

As Kaspersky Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

 

References:

https://www.darkreading.com/attacks-breaches/most-malware-arrives-via-email/d/d-id/1333023

The State of Phishing Defense 2018

Ransomware in numbers for UK SMBs

ransomware

With the recent spate of ransomware attacks in the UK proving that the threat hasn’t subsided, it is likely a good time to re-think your company’s IT security plan. To this end, we’ll be blogging over the coming weeks about the extent of the problem, the increasing creativity of hackers, the risks and exposure businesses face if ill-prepared, and some practical measures you can adopt to asses and safeguard your business against such a scenario.

What’s the impact of ransomware?

To kick off our series, we start with 10 key stats about how ransomware affects small businesses in the UK.

  1. Ransomware remains the most prominent malware threat to SMBs, with 83% reporting it as the most common security threat
  2. In the first half of 2019 alone, 61% of MSPs report attacks on their clients, with 19% reporting multiple attacks in a single day.
  3. On average, 2 in 5 SMBs report that they’ve fallen victim to a ransomware attack. SMBs with in-house IT teams are at greater risk
  4. When it comes to the ransomware threat, there is a disconnect between service providers and SMBs. 82% of MSPs are “very concerned” about the ransomware threat and 8% report their SMB clients feel the same.
  5. Phishing emails are the leading cause of successful ransomware attacks.
  6. Lack of cyber security education, weak passwords, and poor user practices are among the other top causes of attacks
  7. The aftermath of a ransomware attack can be a nightmare for any business. Almost 50% of victimised clients experienced business-threatening downtime.
  8. The average ransom requested by hackers is increasing. The average requested ransom for SMBs is now £1,990.
  9. And this as downtime costs are up by 300% year-over-year, and the cost of downtime is 53X greater than the average ransom requested in 2019.
  10. 81% of SMBs with backup and disaster recovery (BCDR) solutions in place are less likely to experience significant downtime during a ransomware attack. And victimised SMBs with BCDR in place recovered from the attack in 24 hours, or less.

This data is taken from a 2019 Datto study into how ransomware is affecting SMBs in the UK.

In our next article, we’ll look in more at how UK SMBs can plan for and prevent ransomware attacks.

How can I find out more?

As Datto Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

Datto

Driving Ferrari’s true cybersecurity

Connect, detect, protect.

When you’re one of the world’s most iconic brands, driven by the most successful team in Formula 1 history and people’s safety depends on the accuracy and availability of your data, you can’t afford to take risks. That’s why Ferrari trusts Kaspersky Lab to take care of its cybersecurity.

From its world-famous Maranello factory to the Formula 1 circuit, more than 5,000 Ferrari endpoints and systems globally are secured by the world’s IT Security specialists, Kaspersky Lab.

And as both companies’ technological vision and innovation extend to connected cars, Internet of Things and a constantly evolving web presence, Kaspersky Lab is deepening its technology partnership with Ferrari, delivering protection that extends beyond devices to the data itself, 24 hours a day, seven days a week.

“Though we work in very different industries, we’re united by the same core business values: technological leadership and a passion for innovation and getting forever better at what we do,” says Kaspersky Lab founder and CEO, Eugene Kaspersky. Speed, security, cutting-edge innovation…great ingredients for deepening a great partnership.

Always-on cybersecurity – everywhere.

In addition to the more than 300,000 unique pieces of malware Kaspersky Lab experts uncover every day, new threats are evolving all the time. As cyber criminals develop tools individually tailored to each victim, indicators of compromise are no longer enough on their own to help organisations detect attacks. The continuing march of ransomware and distributed denial of service (DDoS) attacks have joined with device integrity in an Internet of Things landscape to introduce new areas of vulnerability, particularly in manufacturing environments where new-found connectivity isn’t always accompanied by cybersecurity awareness.

In this environment, knowing where you’re vulnerable is as important as your ability to detect and prevent cyber-attacks. Rounding this self-awareness out with the latest threat intelligence to help anticipate what’s around the next chicane is vital for an organisation with Ferrari’s profile and reputation.

They need a security partner that doesn’t just keep pace with the latest threats, but stays ahead of them – while anticipating the vulnerability profile of the most innovative digital technologies. That’s why Ferrari chose to deepen its partnership with Kaspersky Lab. In addition to protecting traditional areas of company technology such as endpoints, ERP and PLM, Kaspersky Lab now works with Ferrari to protect its digital world through penetration testing, vulnerability assessment and threat intelligence.

Protecting the brand, ensuring availability

With a global web presence and a valuable brand to protect, it was critical that the company trusted to do this was not only global in reach, but global in its threat intelligence and analysis capabilities and expertise. Kaspersky Lab, already a trusted partner in protecting Ferrari’s endpoint ecosystem, was put through its paces and, once again, was the perfect fit to protect the company’s digital presence.

Defence against known web exploits, paired with threat intelligence and vulnerability assessment to anticipate and mitigate threats before they become a problem, is now another layer of Kaspersky Lab’s cybersecurity helping to protect one of the world’s biggest brands. On-demand scanning with minimal performance impact, protection from DDoS attacks, the capacity to provide actionable threat intelligence within strict platform specifications and complete confidentiality in reporting…just a few of the reasons Kaspersky Lab made it to Pole Position in Ferrari’s rigorous tests.

True security without compromise

But it doesn’t stop at the web: overall availability of systems, infrastructure and the applications running on them is of vital importance, but so is performance: “Performance, as you can understand, at Ferrari is very important, so we need to ensure security without compromise,” says Chief Technical Officer, Francesca Duri.

Tasked with ensuring the availability of the IT infrastructure for Ferrari’s manufacturing plants, Duri says Kaspersky Lab’s industrial cybersecurity solutions set it apart in a market where few mainstream vendors can offer this kind of expertise: “I was surprised in a very positive way when, working with Kaspersky, I learned that they already have solutions for security in this area. That’s the reason we’re working together and why we will keep working together to make sure the same level of cyber security applies to all the business areas.”

High performance under pressure gives you an edge

Ferrari operates one of the most sophisticated production lines in the world, where high levels of automation combine with precision techniques, test data and more than 2,000 employees to form a complex, high-value infrastructure with unique security requirements.

And that’s before you factor in the demands of a race weekend: with over 60Gb of data per car accumulating over the course of a race and multiple, real-time simulations using that data at the track, there’s a lot at stake.

“One of the advantages we’ve found in the collaboration with Kaspersky is their availability to follow our needs,” says CIO Vittorio Boero. “Kaspersky is a company I selected to work with in 2012 when I arrived here in Ferrari.” Like all the best relationships, this is one that continues to grow and evolve around shared vision, understanding and expertise.

Want to find out more?

As Kaspersky Platinum Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

Sophos ranked #1 in malware detection

MRG Effitas recently conducted a commissioned test comparing endpoint protection products’ ability to detect malware and potentially unwanted applications. Six different vendors, including Sophos, were reviewed in the test.

  • Sophos ranked #1 at detecting malware
  • Sophos ranked #1 at detecting potentially unwanted applications
  • Sophos had an impressive false positive rate

Click here to download your copy of the report.

As Sophos Gold Solution Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

Request your no-obligation free trial via this link or call us on 01274 396 213.