Malware Countermeasures

00:00

Hey, everyone, welcome back to the course. So in this video, we're gonna talk about some countermeasures you could do against malware attacks.

00:08

So one of the best things to do is just train your users and yourself not to open unknown attachments. So if you're not expecting an attachment email to you, why would you ever click on it and open it? Especially if the email looks suspicious

00:22

using a good antivirus anti malware solution to help protect against attacks, especially if you do open that unknown attachment, It can help block some of the more common attacks blocking unnecessary ports on your system. So making sure that the attacker doesn't have a way to communicate to your target device

00:38

hardening system. So making sure your software in your firmware is up to date.

00:42

Changing the default credentials is part of hardening, making sure that you're not using that default user name and password for things like your routers

00:50

avoiding getting files or software from untrusted sources. So making sure that's really coming from that manufacturer

00:59

using things like privileged access management. So just making sure that the right people can access the right things and that we segment out our privileges and that we only limit to people or systems to what

01:10

minimum access they need

01:14

file integrity. So going back to make sure we get the files from the trusted source, we also want to make sure that this file has not been altered. So we wanna make sure we look at the hash of that file from the source and then compare that to the hash of the file that we've downloaded and make sure those actually match up. If they don't, it could indicate that the files been tampered with,

01:33

using a host based intrusion detection system that can try to mitigate some of those threats as they're coming in

01:38

and using a host based firewall to block certain I P addresses that are on blacklist,

01:44

making sure that we train our employees, making sure that our employees can recognize

01:48

phishing emails, phishing attacks via phone. So phishing attacks, phishing attacks via text messaging, and the more we train people. Yes, people are still the weakest link, but the more we train them and show them why they should be doing this and how it affects their individual day, the more likely they are to not take those actions that we don't want them to take.

02:07

That being said, even the best security professional

02:10

might click a malicious link. In fact, I've seen that when I worked in health care, i t. That someone that was over the security team

02:19

put in their default credentials in a spreadsheet or excuse me, a Google sheet that supposedly HR had sent them. But it wasn't actually HR was a spoofed email address, and their credentials were stolen

02:30

doing things like sand boxing. So when a user downloads a file, they launch it basically in the sandbox. So no matter what the files not actually executed on their local machine,

02:42

So just a quick, quick question for you. The ways to comment malware include which of the following is it Privileged access management is a file integrity checking or is it hosts using a host? I d. S

02:53

alright. This one was pretty easy. It's all of them right? These were many of the things that we mentioned privileged access management file integrity checking as well as using a host based intrusion detection system using anti virus or anti Mauer solutions as well as educating our users.