Based on CYDEF’s monitoring activity, we’ve identified the top three cybersecurity threats to our customers.
What is a “Threat”?
A cybersecurity threat puts your network environment at risk of damage. This includes endpoints (like devices, computers) and apps (like Microsoft 365 accounts).
We’ve identified 3 types of threats:
- Potentially Unwanted Programs (PUPs): Widespread threats, small impact
- Malware: Rare threats, very high impact
- Phishing: Common threats, high impact
PUPs: Widespread Threat, Small Impact
Potentially Unwanted Programs (PUPs) are the most frequently identified threat.
- Adware: software that displays unwanted ads in a browser
- Bundlers: free software bundled with malware
- Driver optimization: software developed to deliver fake error messages
What You Need to Know
PUPs are considered threats for 3 reasons:
- They introduce unacceptable levels of risk;
- They increase help desk-related costs; and
- They reveal the gaps in unmanaged IT.
There is no immediate security action required upon finding a PUP on your network. These are annoying programs that irritate users. Plus, they take a lot of effort to remove. PUPs are parasitic, designed to survive at all costs. If a user attempts to remove the PUP, the program seems to disappear…but the problems persist. In some cases, administrators find it easier to wipe a machine clean instead of searching for the sources of the PUP.
Malware: Rare Threat, High Impact
Malware is the threat with the most potential for inflicting damage on a business.
A malware infection starts when malicious software bypasses preventive security measures. Then, the malware starts infecting a network. It starts with a single computer, but eventually, expands across an entire network. Once a ransomware attack has been dropped, it locks all the devices on the network, essentially halting your business operations.
What You Need to Know
In 2019, Microsoft stated only a third of SMBs remained profitable after a ransomware attack. Since then, data indicates that ransoms have increased dramatically. Ransoms have increased, on average, from $50,000 in 2019 to $235,000 in 2020.
A malware attack can break a business. It’s not just the ransom, but the cost of reparations to the network and the legal actions that can eat all a company’s resources.
Phishing: Common Threat, High Impact
Phishing attacks are the most frequently detected high-impact threat. These attacks common and carry significant consequences.
What You Need to Know
Attacks phishing for Microsoft/Office 365 credentials are particularly common. Once attackers gain access to a Microsoft account, they have a lot of power over your business. From within a legitimate domain, attackers can:
- Read or modify confidential documents;
- Reset passwords to gain access to a multitude of cloud services;
- Set up redirects for business email compromises;
- Leverage trust to compromise more employees; and
While a phishing attack doesn’t carry the threat of extinction like a ransomware event, it can inflict a significant amount of damage on an organization. Some organizations pay invoices fabricated by a cyber criminal, others see emails revealed to the public. Whatever the case, a company’s reputation is often damaged by a phishing attack.
Secure your Endpoints – and Your Organization
If you are worried about PUPs, malware, ransomware or phishing scams – CYDEF can help. In fact, our solutions a different from that of our competitors.
Most EDR Solutions Don’t Track Phishing
Phishing is not typically tracked by endpoint detection solutions. That’s where CYDEF differs from other endpoint detection and response (EDR) solutions.
While we don’t know what sites your employees are visiting, we do know when a browser asks to open particular link. We investigate suspicious links and often find them leading to phishing websites.
The phishing websites identified in our investigations usually have not been flagged by reputation engines. That’s because attackers rely on “known good” file-sharing and collaboration platforms (e.g., OneDrive) to host fake phishing pages. They also use recently compromised websites that have yet to be reported.
CYDEF’s EDR Solution: SMART-Sentinel
Our endpoint security solution, SMART-Sentinel, is designed to track threats before they inflict damage. Our free 30-day proof-of-value offers a window into what’s possible when working with CYDEF. In these first 30-days, we typically track a range of PUPs that exist on a network, providing the opportunity to eradicate the threat. It’s a low-risk, zero-cost opportunity for endpoint detection in a landscape rife with threats.