Unless you’re sleeping you know that cybersecurity is the single largest threat to your network uptime. “2016 saw a host of new cybersecurity threats and breaches – there are currently 578.7 million malware programs in existence, with four to five new malware threats per second,” according to AV-TEST’s Security Report 2015/16. That number is projected to rise to more than 600 million by the end of the year, the report stated.
Dell, had its security products log more than 64 million unique malware samples, which represented a 73% rise previous year and a tripling of numbers.
More than 85% of malware attacks occurred on Windows machines in 2015. More importantly, some 12 million new Windows malware programs enter the market each month according to this same report.
Scary, right? It doesn’t have to be if you and your IT team remain alert. Apply security best practices such as defense-in-depth architecture and ensure you monitor your network with the right tools.
While not solely a security tool, network monitoring solutions such as Statseeker do provide another element in a defense in depth program. By logging network traffic and keeping it there forever, it is possible to view an audit trail in an effort to reconstruct a sequence of events. That means it would be possible to log all the network traffic related to a malware incident.
If you are dealing with malware you also have to log information at a higher level.
For example: who connected to what computer? What type of credentials did they use to log in? What applications did they run?
Traffic analysis features, such as Netflow work well in those scenarios. That analysis is established from a baseline created to understand what the network should look like on a daily basis. That baseline would be running over a period of time and then the user could see their average usage. So, if there was a bandwidth increase from a malware agent working on the network, it would be possible to create an alert that tells you of abnormal traffic and that would help pick up on the attack.
In the above scenario, if some type of attack should occur, the user would have the information and historical background to see how long it has been occurring. That is important because malicious attacks can take an average of 256 days to identify. Furthermore data breaches caused by human error take an average of 158 days to identify, according to a Ponemon Institute study.
Contact Statseeker to see how we can help improve your network uptime. For more information, download this free whitepaper - Gaining Visibility on Malware Attacks.
Frank Williams is the CEO of Statseeker, a global provider of innovative network monitoring solutions for the IT enterprise and OT industrial market space. Frank holds a BSEE, augmented by many post graduate courses in management, leadership and technology.