Malware and Antivirus

The internet can be a dangerous place. I remember it being dangerous even 18 years ago when we made a mistake of prepping a server for a client and then putting that same server raw on the internet before allowing us to put a firewall on it. It got infected with a virus within 5 minutes. The mistake we made to this newly built server was putting it on the internet with no firewall and no AV to test the public IP. We had to reformat that server, and luckily it was not production equipment. It was a big reminder that the Internet could be a dangerous place quickly. I will personally never for that moment, and it was a powerful lesson for us.

Another powerful lesson was this, Pay for a proper antivirus, not a cheap one. Paying for a less expensive Antivirus/Malware solution or a free one for that matter is trouble, and we have seen the consequences of such behavior. Over the past 8 – 12 years, Malware that encrypts data on clients’ networks has become rampant and a billion-dollar or more business. There have always been viruses since the inception of the PC back in the ’80s. These new variants of viruses and malware are different. There has never been a more beneficial and advantageous time for hackers to take advantage of companies’ vulnerabilities and then encrypt their data to hold it for ransom.

A few years back, when ransomware started popping up on the Internet, we noticed something across the board, and I will name a few antiviruses that we saw fall to the sword of ransomware attacks as if it were butter in a hot pan. Panda, Viper, Kaspersky, Norton/Symantec, Esat, Malwarebytes, Clam AV, Windows firewall or defender, Mcafee.

I remember the day we realized that using certain Antiviruses was ineffective in keeping these attacks out of ransomware attacks on small businesses. Back in those days, email servers were way less effective in blocking these things, so we’re antivirus companies. It’s almost as if the bad guys had a leg up because all the vendors that defended against antivirus had to switch to defending against malware and ransomware attacks. This was new for the industry, and it took quite a while for these companies to catch up. We at crown computers got into many back-alley street fights with ransomware back in those days. Some battles we won and those that we didn’t rely upon back our backup solutions to restore the data because the antivirus software we used got mowed over.

And just like any other enemy in any other type of battle, we try and learn the enemy’s vulnerability so that we can adequately defend our client base. We chose Sophos antivirus and later on added Sentinel one.

We can safely say that since doing a decade or more ago and going effectively what we referred to at the time was going from Crown 1.0 security to Crown 2.0 security; we have evaded all Ransomware attacks using this software. This is such a fantastic feeling for us because before Sophos; we never knew when a client would get taken out. It did not take long for us to warn all clients that we must switch to this new way of security. It seems such a contrast when looking back on the days when getting slaughtered by the bad guys because the good guys could not keep up. That was almost over a decade ago and the fact that we have not had another ransomware attack feels like a miracle. We appreciate our vendors for this. Thank you, Sophos 😊

To protect all Workstations and Servers for our clients, we use commercial grade, industry-leading software protection from the software manufacturers, Sophos AV and Sentinel One. These softwares give us the ability to control so many security aspects of a workstation. With Sophos and Sentinel one, we have total control and confidence to keep malware and ransomware in check. This past decade has been a testament to that statement. As they say, the proof is in the pudding.

 

We have complete centralized control of all our clients AV/Maleware so we know when AV definitions go out and we know when Viruses or issues come up with machines as well. Tickets are created when an incident occurs so we can react in kind.