How to Protect Network from Malware

Tuesday, October 17, 2017 @ 02:10 PM gHale


One issue the industry faces on a daily basis is if there is some form of malware sitting on the network, lurking and learning about is happening on a daily basis before it initiates an attack.

The catch is malware attacks can go undetected for months and even years.

RELATED STORIES
ARC-SANS: Security Education for Industry
ICSJWG: Putting Numbers Behind Risk
ICSJWG: Change in Security Approach Needed
Power Grid Compromise

“There’s a concerning trend in these supply-chain attacks,” said Craig Williams, the head of Cisco’s Talos team in a post. “Attackers are realizing that if they find these soft targets, companies without a lot of security practices, they can hijack that customer base and use it as their own malware install base…And the more we see it, the more attackers will be attracted to it.”

The longer your network is exposed, the higher your chance of falling victim to these types of attacks.

The following are six ways a user can protect a network:
1. Network Education: Job one is to know what’s on your network in real-time, at all times, end-to-end.
2. Fix broken devices: This seems obvious, but you would be surprised at how often devices that impact network performance go undetected. Fix the broken devices, the misconfigured devices, and the damaged cables and devices, and set up a program of regular repair and maintenance.
3. Don’t permit user-owned devices like routers and Wi-Fi links: We aren’t suggesting not to use this technology, just be sure to have specific procedures and strict policies in place to manage it. This will make it easier to find the crack in the system and prevent further damage.
4. Make sure your firewalls are configured properly: Place firewalls between segments of your network, and make sure they are all configured properly. Be vigilant with the application of new technology as firewall hardware is becoming more intelligent. We also suggest whitelisting on email firewalls to eliminate spam and phishing schemes.
5. Consider edge-device firewalls: These devices protect the edge devices in the network. This is exceptionally important when you have significant numbers of user input devices, such as HMIs (Human Machine Interfaces), PLCs and ATMs.
6. Engage in regular social engineering: All of what has gone before is well and good, but if you don’t engage in training your users, they will still begin to slide.

For a more in-depth look at how you can protect your network, click on this white paper, “Gaining Visibility on Malware Attacks“.



Leave a Reply

You must be logged in to post a comment.