Tag Archives: AVG Business AntiVirus

1 in 3 small businesses is clueless about ransomware!

A third of small to medium sized businesses surveyed by AVG had never heard of ransomware, demonstrating an urgent need for education on one of the fastest growing malware categories.

 

Ransomware is one of the world’s fastest growing malware categories. In June, we surveyed businesses to understand who had heard of the term ‘ransomware’ and what they understood about it. 381 of our small-to-medium business (SMB) customers in the US and UK responded to our questions and the results proved revealing and concerning.

Here are the key points:

68% of respondents said they had heard of the term ‘ransomware.’

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/avgransomware

That may look like a good percentage, but this also indicates that even with security industry, media and governments working hard to educate businesses about the risks, nearly 1 in 3 is still not aware of this significant risk.

So what is ransomware and how does it impact businesses?

Ransomware is a generic term for a category of malware that restricts access to a device or the file(s) on a device until a ransom is paid. It’s a method for criminals to make money by infecting the device and has become very effective at causing havoc for a business or organization that is unfortunate enough to become a victim.

It’s not new, which is why the 32% concerns me. The first cases were reported as far back as 2005, which took the form of fake antivirus software claiming you had issues that required payment in order to be fixed.

Over time, ransomware morphed into scareware messages. Scareware messages, designed to trick users into downloading malicious software and often disguised as communications from law enforcement, typically claim that a device has been infected or that the usage history of a device shows illegal activity—or in some cases blatantly locking files until you call and pay the ransom.

The 68% of respondents claiming to know what ransomware is had very different opinions, many of them inaccurate. When asked to explain the term, it turns out that 36% (of the 68%) didn’t actually know what it was.

A major security concern

Since 2013 when Cryptolocker ransomware first surfaced, ransomware has now become a major security issue with organizations being held to ransom – and in some cases paying to get their data unlocked. Numerous incidents have been cited where thousands of dollars have been paid: hospitals, charities, hairdressers have all been held to ransom. One university has suffered 21 attacks in the last year alone!

The true scale of the problem is somewhat hard to define though because, understandably, many businesses and organisations are reluctant to reveal they’ve been held to ransom because of fears about being targeted again, or losing existing or new customers.

People are held to ransom in just a few seconds

Unsuspecting victims are infected through emails impersonating customer support personnel from well-known company brands. Once activated, the malware encrypts files and demands payment, typically a few hundred dollars within a timeframe of 48 or 72 hours.

Last year alone, the FBI received 2,453 complaints about ransomware hold-ups last year, costing the victims more than $24 million dollars! Earlier this year, the UK National Crime Agency claimed ransomware attacks have increased in frequency and complexity, and now include public threats by the perpetrators to publish victim data online, as well as the permanent encryption of valuable data.

4 ways to protect your computers and networks against ransomware

  1. Stay vigilant. One of the most common methods of infecting a system is via a spearheading email with a malicious attachment or link. If you are not expecting the email, or it looks suspicious in any way, do not open it and delete it.
  1. Back up your software and systems. It’s really important you keep your software and operating system updated. Back-up your files regularly and don’t forget to keep your backup media disconnected from your PC. Otherwise, your backups might get encrypted as well. This also applies to storage and network drives e.g. Google Drive, Dropbox, etc.
  1. Use the latest protection software. At AVG, we take ransomware very seriously and our AVG Internet Security and AntiVirus Business Edition solutions detect and block ransomware and other malware variants from infecting your devices and servers – leaving you to focus on what matters.
  1. Don’t pay. If you do fall victim, do not pay. Funding these criminals only encourages them to attack other people. Research the specific infection to see if there is a decryption tool. We offer 7 of these tools for free with more on the way.

Don’t be the 1 in 3

Taking proactive steps to protect your organization from a ransomware attack is essential to the smooth running of your business—it is your livelihood, after all. Contingency and remediation planning are also crucial to business recovery and continuity, and these plans should be tested regularly.

Multi-layered security approach battles Ransomware

From Locky to SamSam, JIGSAW to CryptoLocker, today’s ransomware variants can take down businesses with dramatic consequences.

Ransomware will prevent file access, web browsers, applications, and entire operating systems – holding the lifeblood of a business operation ‘hostage’ until a ransom is paid.

At AVG, we use a multi-layered security approach with multiple layers of inspection and testing to identify and eliminate a wide variety of malware, including ransomware. When accessing a file, our multi-layered security approach uses several different inspection and detection techniques, as detailed below, to determine whether the file is malicious.

This is reflected in our security technology engine powering our AVG Antivirus Business Edition and Internet Security Business Edition software solutions.

Simply described, the process includes these layers:

  • Files are first compared to any known variants in a malware database – both the metadata and content of the files are analyzed
  • Files are then tested in an emulator (a virtual computer)
  • Now that the file is running, its behavior is assessed using a variety of techniques, including Artificial Intelligence algorithms
  • Behavioral assessments occur in the AVG application and in the cloud, but they all work together behind the scenes and in real-time to determine whether a file is malicious
  • If the file is determined to be malware, it is quarantined, and AVG’s Crowd Intelligence feature updates all AVG software

We also regularly submit our security software to independent test labs. Results from these independent tests serve as more proof points to the effectiveness of our technology and multi-layer approach. Our latest round of testing by AV-Test.org earned a six out of six rating – the highest rating for protection. In a recent Real-World Protection Test by AV Comparatives, AVG scored a 99.8% detection rating.

It is difficult to predict and guard against everything hackers may throw our way, but in the face of constantly evolving threats, a multi-layered security approach is a smart strategy.

To find out more about our AVG Business Edition solutions, please visit our business security page.

Six things to think about in the new year

Here are six things to think about for this year, with business security strategy top of mind…

1. Artificial Intelligence keeping us safe online
Artificial intelligence and machine learning isn’t just about robot dogs and self-driving cars. The latest AVG Business anti-malware products contain a number of sophisticated neural learning and cloud-data collection techniques designed to catch malware earlier and more often. Expect to hear more through 2016 about how artificial intelligence will help transform security solutions to help keep malware at bay.

2. Certificate Authorities: beginning of the end
SSL continued to be a big talking point in 2015 with further vulnerabilities being disclosed. This year the debate will continue around certification, development of new open standards and easier choices for website owners. Every news story about certificate mismanagement, security mishaps, and data breaches puts Certificate Authorities under increasing scrutiny. For many small businesses, the website owners paying a Certificate Authority and submitting themselves to what can sometimes be an arduous verification and checking process, is cumbersome and unnecessary.

This is where technical alternatives like Let’s Encrypt (currently in beta) are bound to flourish.

Additionally, Google’s Certificate Transparency project will continue to identify rogue SSL Certificates through detections built into modern day web browsers, as Google continues to hold Certificate Authorities to account – helping keep us all safer.Lastly, with the promise of other solutions such as the Internet Society’s proposed DANE protocol, offering the ability for any website owner to validate their own SSL certificate and therefore bypass a Certificate Authority altogether, 2016 will be an interesting year to watch!

3. Malvertising, Ad Networks: shape up, or ship out
Malvertising is what happens when malware is served up to innocent web site visitors; it’s happening all too frequently and is caused by questionable third party relationships and the poor security of some online advertising networks. At the root of this problem is the “attack surface” of ever-growing, ever-complex advertising and tracking “scripts” provided by ad networks and included by publishers (often blindly) on their websites. The scripts are slowing the browsing experience and anyone who has installed an ad blocker recently will tell you they can’t believe how fast their favourite websites are now loading. Research conducted by The New York Times showed that for many popular mobile news websites, more than half of the bandwidth used comes from serving up ads. That’s more data from loading the ads, scripts and tracking codes, than the content you can see and read on the page!

Whatever the solution, one thing is for certain, Ad Networks need to shape up and address their security, otherwise 2016 may well be remembered as the year of Malvertising.

4. Augmenting passwords with extra security steps in 2016
The need for strong passwords isn’t going anywhere in 2016. There were reminders in 2015 that even having the world’s longest smartphone passcode doesn’t mean someone can’t figure it out.

This year, there will be growing use of extra steps to make accessing data safer. In 2015, Yahoo announced a security solution using mobile devices rather than a password for access, and we even saw Google include Smart Lock features that can use the presence of other nearby devices to unlock your smartphone. Two-factor authentication – using two steps and ‘something you have and something you know’ to verify someone’s identity – will continue to be popular for use by many cloud-based providers looking to avoid data breaches.

5. The Internet of Things needs security by design
Every device seems to be getting smart – in the home and in the office. You’re likely going to be using your smartphone as a “lifestyle remote” to control a growing array of devices. Being able to set the office temperature remotely, or turn on the kettle in the communal kitchen without leaving your desk may sound helpful, but the devices have the potential to give up WiFi keys. Every unprotected device that is connected to a network is open to hacking. Cyber criminals are probing hardware, scanning the airwaves, and harvesting passwords and other personal identity data from wherever they can. So the advice is simple: every connected innovation needs to be included in your business-wide security.

6. Update and upgrade or face the financial and legal consequences?
Upgrading and updating all your software, devices, gadgets and equipment remains a vital business issue. The Internet of Things is raising new questions about who is responsible for what in a legal sense. Who owns data? What happens when machines take “autonomous” decisions? Who is liable if something goes wrong? To take one extreme example, a police officer pulled over one of Google’s driverless cars in November for causing a traffic jam on one Californian highway by driving too slowly. Again, the lesson is clear. The simple rule this year is to ensure that your business software and systems are always using the latest update. Your life may not depend on it, but your livelihood might.

So these are my six “thinking points” as we head into 2016.

Here at AVG, we look forward to helping you keep security front and center for your business this year. For more information on AVG Business security solutions that keep devices, data and people protected every day, across the globe, visit http://www.avg.com/internet-security-business.

AVG Business kicks off Cybersecurity Month with free upgrade to 2016 Business Software Suite

AMSTERDAM – September 30, 2015 – AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, today announced the release of its 2016 Business Edition software suite with new versions of its AVG AntiVirus Business Edition and AVG Internet Security Business Edition products. The 2016 suite, central to the company’s expanded security strategy for business, provides enterprise scale security to channel partners and small to medium-sized businesses (SMBs) in the frontline defense against malware and online threats.

Available worldwide, the products include a free remote management console to provide businesses easy and efficient remote access to all systems on a network. Technical support is also included at no cost.

“Today’s release of our core AntiVirus and Internet Security products for business delivers new and advanced cybersecurity protections and we are excited to get these into the hands of our channel and small to medium businesses across the globe,” said Joanna Brace, VP of Marketing and Product Marketing, AVG Business. “Online security is our core expertise and it is a fundamental requirement for business growth and success in today’s connected world. With the release of these critical security solutions, we are once again demonstrating our online security leadership and commitment to our customers.”

Today’s news is timed with two industry initiatives European Cyber Security Month and National Cyber Security Awareness Month, underscoring AVG’s leadership in online security and its strong commitment to protecting devices, data and people at work and at home. In support of these initiatives, channel partners will receive free upgrades to the 2016 Business Edition with renewals of existing licenses. AVG Business is also hosting security webinars for SMBs and providing comprehensive reseller kits for partners.

Features of the new 2016 Business Edition upgrade include:

  • New Scanning Engine: Scans faster and smarter with cloud-based detection technology
    The 2016 scanning engine implements AVG’s most advanced algorithms, providing better protection and shorter scanning times. It is also driven by new cloud-based detection technologies that leverage the majority of AVG’s 200 million endpoints to rapidly recognize new and emerging threats and deliver virus updates in as close to real-time as possible.
  • New Real-Time Outbreak Detection: Uses crowd intelligence technology for better protection
    Crowd intelligence technology has been added to AVG’s cloud-based outbreak detection to identify even the newest malware variants and outbreaks in software, all in real-time.
  • New Artificial Intelligence Detection: Uses advanced intelligence to identify threats
    Advanced artificial intelligence has been added to proactively identify new threats in real-time before our AVG VirusLab team has catalogued the threats.
  • Online Shield: Uses the Cloud to guard against today’s threats
    The 2016 Online Shield delivers today’s best cloud-based detection to more quickly identify dangerous downloads.
  • Data Safe: Protects your company’s most valuable data
    Data Safe lets businesses create password-protected virtual disks on their system, ensuring they can confidently encrypt and protect folders, files and data securely.
  • File Shredder: Deletes data securely
    Industry-compliant File Shredder securely deletes data to help prevent unintended recovery.

The AVG AntiVirus Business Edition and AVG Internet Security Business Edition are available now.

Channel partners can work directly with their account managers and also download our comprehensive reseller kits at our Reseller Center: https://secure.avg.com/rc-login. SMBs can purchase from the AVG.com web site: http://www.avg.com/business-security.


The AVG Business Portfolio

The AVG Business portfolio includes AVG Business CloudCare™, a free cloud-based administration platform offering channel partners a simple way to implement and manage services such as antivirus, content filtering, online backup and email security services for their customers, using centralized and highly customizable policies; the 2016 AVG Business Edition, a suite of software solutions that includes AVG AntiVirus Business Edition and AVG Internet Security Business Edition and offers comprehensive security protection for channel partners and SMBs;  AVG Business Managed Workplace, a comprehensive remote monitoring and management (RMM) platform with integrated premium remote control for channel partners and their clients; and AVG Business Secure Sign-On, a next-generation mobile device management service.

Supported by a worldwide network of more than 10,000 partners, AVG’s strong IT security heritage complements its proven strength as an RMM provider and partner to help smaller IT companies and MSPs transition and flourish as fully-fledged managed services businesses.

To view our Press Kit, which includes product screenshots, video and other elements of this news, please visit http://now.avg.com/avg-2016-business-edition-press-kit.


About AVG Technologies (NYSE: AVG)

AVG is the online security company providing leading software and services to secure devices, data and people. AVG’s award-winning technology is delivered to over 200 million monthly active users worldwide. AVG’s Consumer portfolio includes internet security, performance optimization, and personal privacy and identity protection for mobile devices and desktops. The AVG Business portfolio – delivered by managed service providers, VARs and resellers – offers IT administration, control and reporting, integrated security, and mobile device management that simplify and protect businesses.

All trademarks are the property of their respective owners.

www.avg.com


Contacts:

Zoe Kine
Tel: +1 415-694-3654
Email: [email protected]

Zena Martin
Tel: +44 7496 638 342
Email: [email protected]

 

Press information: http://now.avg.com