Computers are multilingual machines that speak many languages, such as: DNS, VPN, FTP, TCP, IP, UDP, etc. These languages and many more all travel over the Internet so computers can communicate with each other and with network components. We call these various languages – protocols. Hackers, our adversaries, see protocols as attack-vector opportunities – pathways to illegally access our networks and computers.

Through attack vectors, hackers search for attack surfaces or weaknesses. For networks, it could be outdated network equipment, weak passwords, etc. For computers, weaknesses occur when you:

• Download infected files (e.g., Torrent sites)
• Access infected cloud storage files
• Install untested or free software, etc.
• Insert an infected removable drive

Other conditions must coexist for an infection to be successful. For example, other conditions include unreliable software, improper administrator privileges, and an ineffective antivirus or anti-malware program.

One or more of the following normal events can cause software to become unreliable:

• Software becomes out of date
• Anti-malware software subscription expires
• Software updates fail
• Software removals/uninstalls are not complete
• Malware infections land on the disk
• Files close improperly
• Windows database (Registry) becomes too cluttered
• Disk hardware corruptions occur
• etc.

As for improper administrator privileges, users should never have administrator privileges attached to their user accounts. A user account without administrator privileges eliminates silent malware installations. 

For example, without administrator privileges and when attempting to install software, the system displays a pop-up window asking for the administrator password. Do not enter the password unless you are installing software. If you are not installing software, malware is attempting a silent install. Cancel the pop-up window.

Furthermore, user access to data, applications, etc. should be limited to the minimum permissions possible to accomplish their tasks (Zero Trust). This limited access minimizes any damage. 

Finally, as for an ineffective antivirus program, please understand the difference between first- and second-generation malware and antivirus programs.

First-Generation Malware

Although legacy antivirus programs scan your disk looking for infections, they cannot guarantee you a clean and healthy system. They rely on a database of malware signature definitions. With these programs, there will always be a window of opportunity for malware to infect a system.

The time lag between when malware is released on the internet and when your antivirus database is updated – defines the window of opportunity. We call these zero-day infections. Hence, legacy antivirus programs cannot stop zero-day infections.

In addition, in the past few years, we have been experiencing new forms of malware that definition-base antivirus programs cannot detect. We call these new malware forms – second-generation malware.

Second-Generation Malware

Yellcom automated Cybersecurity Protection Services include a second-generation antivirus program – SentinelOne. It uses a signatureless approach to identify malware. SentinelOne monitors active processes, applications, and services looking for malware behavior. When SentinelOne identifies malware behavior, it automatically terminates the executing program, blocks it from replicating to other computers, repairs any damaged files, repairs the Registry, restarts Windows services, etc.

We automatically monitor your systems 24/7/365 for passive and active malware conditions. The monitoring services automatically repair malware intrusions or alert us when a system needs human attention. Our services can spot an issue and correct it before it causes user downtime or corrupts user data. Yellcom Cybersecurity Protection Services give you the confidence that your laptops, workstations, and servers perform reliability and that your data is secure and available.

If you experience data loss, viruses, ransomware, or other malware infections, we can do better.

Contact us if you wish to discuss your possibilities.