In the technology world, we continue to see an increase in the amount of malicious software that’s out there. Malware, viruses, Trojan horses, worms, whatever it is, there’s simply more out there today than there ever was. What does this mean for the technology professional ?
Anti-virus alone does not protect you enough anymore.
There. A simple one-line rule that explains it all. It doesn’t matter whether we’re talking about client-enforced anti-virus, gateway anti-virus or ISP-based anti-virus. It’s a simple fact that there are so many 0-day (brand new) malicious pieces of software out there that traditional anti-virus just can’t keep up. So what other steps can you take to protect your computers and networks ?
One facet of defense against malicious software is something that’s not entirely new, but very often overlooked: exe protection. Otherwise known as anti-executable software, it essentially protects your system from any unknown programs that try and run. After installing your choice of anti-exe software, a ‘white list’ gets created. This creates a list of services and programs that should be allowed to run. For example, Windows system processes, Dropbox, or other legitimate programs. But say, for example, you accidentally download a file that you think is safe but actually contains the crypto-locker worm (crypto-locker is a malicious program that encrypts your hard drive and demands that a sum of money be paid in order to unlock your data, affectionately known as ‘ransomware’). Instead of having all your data encrypted and possibly gone forever, your anti-exe software will simply automatically block the malicious executable program from running, and will give you a warning.
This can be an especially handy tool to install on server systems, since those are systems that often don’t change much and shouldn’t have all kinds of new, unknown executables running on it. There are numerous vendors out there selling and providing anti-exe software. I personally prefer VoodooShield, which can be found here: https://voodooshield.com