During the 1930’s the French constructed a trench network known as the Maginot Line in a bit to fend off any invasion. They thought if you simply map out any place an enemy can attack, lay down men and barricades in those places, you can withstand attack. The French found out a decade later that you cannot map every possible avenue for attack.
Today many businesses install an antivirus program as their Maginot Line and think the IT defence job is done. However, there are many ways to access a network and bypass the antivirus software.
Hackers constantly create viruses faster than antivirus programs can recognise them. There are approximately 100,000 new viruses released daily, and cybercriminals often test their creations against all available platforms before releasing them onto the internet. The windows updates that you might click “Remind Me Later” for are often there to help with your IT defence and patch some of the vulnerabilities in the antivirus protection.
Even with great IT defence and a perfect antivirus program that is able to detect and stop every threat, once an employee has been coerced into clicking on a link on a website or in an email, all the antivirus software in the world won’t save you. It is impossible to identify every piece of malware, so behavioural identification is used. A problem with this is that some legitimate software behaviourally may look like a virus, so once a user has enabled the software to execute, antivirus software ignores similar applications unless they are a 100% identifiable threat. When the user clicks on a link from a hacker pretending to be John from IT, he is effectively telling the antivirus software that the malware is safe to run.
These are some areas hackers may target:
- The Human Layer
- The Physical Layer
- The Network Layer
- The Mobile Layer
You need an IT defence plan that will enable you to notice and respond to breaches quickly and at each level.
The physical layer refers to all the computers and devices that you have in your office and can physically touch. This layer is the easiest to defend but is still exploited often.
Data from the Bureau of Crime Statistics and Research (BOCSAR) shows the number of incidents of mobile phone theft has remained at an astonishing level averaging 22,051 incidents in NSW per year.
In regards to the physical layer it is advisable to:
- Keep all computers and devices under supervision when in use and keep them locked away when they are not needed.
- Have only authorised employees use your devices.
- Be sure not to plug in any unknown USB drives.
- Have your hard drives professionally wiped or destroy them before disposal.