After a year’s hard work, it comes as no surprise that employees, small business owners and companies at large, look forward to activating their out-of-office email responses in anticipation of a restful festive season.
However, the threat to the security of cyber systems still loom large as malware and ransomware[i] attacks remain, necessitating proactive steps to protect software and the integrity of business applications.
“For the sixth quarter in a row, archives remained the most popular malware delivery file type being used in 36% of threats identified by HP Wolf Security. Email also remained the top vector for delivering malware to endpoints, covering 80% of the threats identified – and indicating that more emphasis is needed in educating individuals and companies against these threats, even during the festive season,” Yesh Surjoodeen, Southern Africa Managing Director at HP says.
By isolating threats that have evaded detection tools and made it to endpoints, HP Wolf Security gives an insight into the latest techniques used by cybercriminals, equipping security teams with the knowledge to combat emerging threats and improve their security postures.
According to Surjoodeen, of the email threats detected by HP Wolf Security in Q3, 12% had bypassed one or more email gateway scanner – the same percentage seen in Q2. Malicious web browser downloads fell slightly by one percentage point to 11% in Q3. Threats delivered by other vectors, such as removable media, remained at 9% quarter-on-quarter.
As South Africa’s trusted leader in computer and laptop manufacturing, HP security experts recommend the following tips to ensure cybercriminals do not steal your joy this festive season:
- Think before you click.
The cybersecurity landscape is ever evolving, with criminals using advancing techniques to attack the tools most central to business’ ecosystem. “As mentioned in the report, emails are still the leading vector of attack and these are well coordinated multifactored attacks,” Surjoodeen explains. Most people are aware of phishing emails, which have become common modes to send links to fake websites.
In Q3, HP Wolf Security detected a malware campaign targeting hotels in Latin America with macro-enabled PowerPoint add-ins. The presentations, sent via email, were disguised as information from a hospitality management software vendor. Bogus emails are key to watch, and if not from a trusted server – it’s best to err on the side of safety and think before you click. Or make use Sure Click and be protected no matter what you click.
- Update your software.
Software updates are critical to the safety and integrity of both software and hardware. These provide for new and improved functionality[ii] while addressing existing issues, such as bugs and crashes. Antivirus updates improve products to keep you safe from new viruses and malware. Keeping systems updated enables internet connected devices to be prepared to handle complex tasks, particularly related to services introduced after their initial release.
- Limit file sharing to trusted recipients.
Before sharing sensitive information containing financial details or PowerPoint data – check the emails are being sent to the right vendors and clients and that the information is encrypted. According to the Wolf Threat report, using compromised email accounts enables attackers to piggyback off a domain’s legitimacy and reduces the likelihood of being stopped by email filters that rely on reputation.
In reality, and particularly during the festive season, software and hardware protection is the last thing on anyone’s mind as they prepare to shut laptops down to go on vacation. However, remaining updated on the latest protective tools for your devices and employing vigilant safety protocols stave off data leaks, ransomware payouts and cybercriminals gaining control of your company’s resources.
- Yesh Surjoodeen, Southern Africa Managing Director at HP