Thorsten Kurpjuhn, european security market development manager at Zyxel, explores how network managers and internet users can navigate the online minefield and limit the risks of cybercrime.
If ever there was a modern version of the old American wild west, it’s the world online. Too often, the internet and devices connected to it generate spaces where criminals thrive, and law enforcement is, well, minimal.
The advantages of a well-managed network are huge but generally, just like Clint Eastwood in the famous spaghetti western, the only solution to the good, the bad and the ugly things you may encounter via the internet is to take matters into your own hands and/or work with people who have the expertise to help you.
In this article we find out how you can channel your inner Clint, identify the threats around you and – most importantly of all – how you can run those cybercriminals right out of town (or at least, off your network).
The bad
Cybercrime is all around us and it’s getting worse. The unavoidable fact is that data – all kinds of data, even apparently innocuous data – can be sold on the dark web.
When data is stolen, and/or when it is later purchased, it may be used in many types of crime, from blackmail to identity theft.
Cybercrime is now a highly profitable, highly sophisticated industry and if you have a network, it is extremely likely that somebody will try to breach it.
According to the World Economic Forum, current cybercrime trends include remote access attacks, attacks executed via smartphone, vulnerabilities in home automation and the Internet of Things (IoT), and evasion of traditional cybercrime protection measures using artificial intelligence (AI).
This makes two things particularly clear. One is that it’s not just the network you must protect, but a plethora of devices attached to it, not all of which will be ‘traditional’ connected devices like computers and phones.
Second, that measures we have previously relied on to protect us, such as traditional firewalls and virus checkers, are no longer enough because the cybercriminals can breach them – if not today, then almost certainly tomorrow.
The ugly
It is an ugly truth that network managers must think like cybercriminals in order to beat them. They must anticipate their moves, understand their evolution and watch their behaviour. And if they find that difficult, then like Clint Eastwood’s character Blondie, they must work in partnership with people who can, to help them achieve their objectives.
The Office for National Statistics has suggested that in the UK, an individual is more likely to fall victim to cybercrime than any other type of offence: the criminals in this area are very slick operators and their own networks are widespread and responsive.
They are also persistent: small business in the UK faced an average five cyber-attacks a year in 2017/18. Since small businesses make up the vast majority of enterprises in the UK, these criminals have clearly been working hard.
The good
The good news is that business of all sizes, individuals and households alike can now install affordable, extensive and intelligent protection from cybercrime.
For businesses, this can be set up to cover the entire network and devices attached to it. However, given the complexity and scale of the issues involved, many people are baffled by the options available and unsure what they need.
We know that cybercrime is a swiftly-evolving sector, that criminals are using AI and machine learning to make their daily attacks more sophisticated. It stands to reason that you need protection software that can do the same, and meet fire with fire.
Remember also that with the IoT growing at top speed, computers are not the only devices you must protect. Do you have smartphones that work online? Do you have a smart heating or lighting or security system? They are vulnerable to breaches and must be protected, too.
Here is a basic checklist of attributes to look for in network protection services:
Anti-virus
This must be constantly scanning files against the very latest threats, i.e. it must offer genuine real-time protection and not rely on manual updates by the user.
It should go beyond virus protection to cover all malware including trojans, ransomware, worms, spyware and rogue ware. File size should be unlimited, and the protection should be able to run at optimal settings without compromising network performance.
Sandboxing
This is the isolation of files within a secure environment and in a security setting, which allows suspicious files to be sent to the cloud and checked for malware.
Unlike traditional services, network protection that incorporates sandboxing filters out potential harmful files before they can cause any damage.
Anti-spam
This should operate via SMTP and POP3 protocols, offer zero-hour virus outbreak protection and implement both a sender-based IP reputation filter and blacklist/whitelist support.
Application
Should allow granular control over important applications and be able to identify and control their behaviours, including bandwidth. It should support robust user authentication and generate real-time statistics and reports.
Content filtering
Should use a cloud-based, dynamic database to ensure up-to-the-minute protection. SafeSearch support and GeoIP for IP tracking are also advantageous.
Intrusion detection and prevention
Your cybercrime protection system should be able to detect and alert you, in real time, as soon as suspicious or malicious activity occurs. Your protection profile should be customisable.
It is now a basic fact of life that cybercriminals are frequently more expert at manipulating networks and data than the owners of those networks.
It is also true that cybercrime is growing in scope and complexity, threatening us all. Having top-class network protection is simply not negotiable any more. And if you don’t have it, well, to quote another Clint Eastwood film altogether; ‘Do you feel lucky …?’
Image Credit: Yagisu