The biggest mistake is to ignore network share access rights – responsible for 35% of incidents. In such a case there might be open sharing with access rights configured as “full access” to everyone on an internal file server or end-user work desktop, e.g., a shared public document workspace where all documents are stored. Sooner or later this can become a prominent source of malware redistribution throughout the organization.
Modern malware takes advantage of existing vulnerabilities. A network with just a single missing patch can be put at serious risk. And this is a common issue seen mostly in small to medium organizations with end-users numbering less than 100. These organizations either do not have enough expertise or ignore patching completely. This mistake is responsible for 25% of incidents.
Use of multiple vendor antimalware solutions (15% of incidents) may lead to a situation where it is hard to mitigate malware attacks. This may occur if one of the vendors does not respond fast enough to attacks. Delays in responses may run to days, weeks or even months. During this time the solution of another vendor would detect and remove malware, but only in its part of the network – and malware would attack it from the unprotected side.
A partially protected environment (15% of incidents) is where an antimalware solution is installed on part of the network, leaving other resources unprotected.
Firmware vulnerability (5% of incidents) may be exploited by attackers through hardware devices, such as routers, firewalls and other network appliances.
And another relatively infrequent mistake (also 5% of incidents) is to believe that software downloaded from the Web is always perfectly sound software.
It’s important that your IT vendor understands these risks and implements solutions to minimize them. Call us today and we will evaluate your current network setup to minimize your risk of being attacked.