If So, You May Be Turning It Into A Zombie
It all started with an employee at a law firm surfing the Web on his lunch hour. He went to his favorite news site and without knowing it, attackers infected his workstation. A malicious virus was embedded into it. The virus spread from his computer throughout the law firm's network. This allowed the hacker to control all the computers on the network.
The key takeaway? As tempting as it is to go online between tasks to catch up on life outside the office, DON'T – that is, don't do it from a company device.
Innocent Web Browsing Can Put Your Business At Risk
If you want to hop on Facebook for a quick minute or check your personal Gmail account, do it on your own time, and on your own computer device. It should go without saying that you should never mix personal web surfing and social media use with company devices.
Over 600,000 Facebook accounts are hacked every day, mostly without users knowing that something is wrong until it's too late. If you’re using a company device to access a compromised account, you’re opening up a door to a hacker who can then get into your company’s network.
You probably don't think twice about surfing the Web from your business devices. We've all done this from time to time.
But when you visit a malicious website or accidentally click a malicious link, you can download ransomware or another virus into your computer that works its way throughout your network. This poses a significant data security risk to your company.
All It Takes Is One Employee And One Computer
Online attackers try to redirect you to compromised websites. They either create these websites or hack into legitimate ones.
When you or one of your employees visits a compromised website, your business computer gets infected and deploys a chain of malware throughout the network.
It only takes a few seconds for this to happen.
And you don’t even have to have to click on anything. You just need to visit the site!
Now your business computer has been turned into a zombie!
Huh? What's this? Is it like the "Walking Dead?"
Well, sort of. A zombie is a computer that's been compromised by a virus or trojan horse. A hacker uses it remotely to perform malicious tasks. The attacker takes control of your computer without your knowledge. He can steal your data or make your computer send out spam to others (or both).
And, just like "The Walking Dead" a zombie computer can turn other connected devices into zombies. Soon, you’ll have an army of zombies marching throughout your computer network.
How Can You Tell That Your Computer Is A Zombie?
- Is it functioning strangely?
- Is it running slowly?
- Does the fan speed up suddenly for no reason?
If so, your business computer might be a zombie.
Now the attackers can exploit multiple computers in your business to create an army of zombies! This is also known as a botnet.
What's A Botnet?
A botnet is where multiple internet-connected devices such as workstations, laptops, servers, and Internet of Things (IoT) devices are controlled by malware.
A botnet is designed to infect as many of your connected devices as possible. It uses your computing power to automate malicious tasks.
Even scarier ... you won't know that the botnet is infecting your IT system.
What About Employees Working From Their Personal Computers? Is This A Problem?
While Bring Your Own Device (BYOD) policies are meant to improve efficiency, criminals can exploit unsecured mobile devices to gain entry into your business.
Many organizations allow BYOD. However, unless these devices are secured and remotely monitored, they can pose a threat.
If these mobile devices are turned into zombies (like in the example above) and connected to your business network, "The Walking Dead" will take over.
What Should You Do?
Establish Strict Regulations Regarding Computer Use
Ideally, your employees shouldn't use their personal devices on the business’ secure network. But in today's mobile workforce, this isn't realistic.
What you can do:
- Make sure your IT Service Company employs Mobile Device Management to manage the security of these devices. It can also detect botnets and remove them.
- Ensure your computers and network are adequately protected with a multi-layered, enterprise-based defense solution, along with Remote Monitoring Management.
Bottom line? Keep things professional. Don’t use company PCs, devices, phones, or Internet for personal use - EVER.