What would happen to your mortgage company if it were hit with a serious computer virus or other malware? Could your company survive both the immediate and long-term financial impact of your critical data and client records being compromised or lost? More importantly, could your company weather the loss of customer confidence in your ability to protect their data?
Data security is essential for any mortgage business, and failure to adequately protect that data can be catastrophic.
At one time, computer security was very simple. Viruses were spread directly from computer to computer on floppy disks. The viruses could be hidden inside the files on the disk, or hidden in the very structure of the disk itself as a boot sector virus. Avoiding a computer virus was a simple as never accepting files or floppy disks from unknown sources.
Then came networks, which allowed computers within an organization to freely share files—and viruses. This was quickly followed by the development of the internet, which gave viruses access to computers not just on the local network, but anywhere in the world. This was followed by the introduction of email, which gave viruses an entirely new way to spread from machine to machine and network to network.
And then came the rise of viruses hidden within macros inside of common document files, such as Word or Excel. Suddenly, almost without warning, businesses and computer users found themselves in a losing war against a constantly evolving army of viruses and assorted malware. Computer security quickly became a battleground, and far too often, the virus creators were on the winning side.
But what exactly are computer viruses? And what differentiates a computer virus from other forms of malware (an umbrella term used to describe destructive, malicious computer code) such as worms or Trojans?
Let’s take a brief look at viruses, trojans, and worms, and the differences between each.
A virus is a malicious program that reproduces or replicates—just like a living virus—and creates copies of itself. These copies may be stand-alone files that mimic the names of real files or executables in an attempt to trick users into opening or running them. The viral payload may also copy itself into the file structure of a legitimate file or program. Once the file or the program is open or executed, the virus can do various things, depending on the intent of the virus creator. For instance, the virus may do something fairly benign, such as simply display a message, or it may do something far more destructive.
Destructive viruses may erase or encrypt critical system files or user data files, or reformat the computer hard drive. Regardless of the level of destructiveness of a virus, all viruses can cause considerable performance issues for computers by consuming system resources, such as memory, processor cycles, and hard drive space—all of which are needed for legitimate programs and user operations. There are five major recognized categories of viruses:
File infector viruses inject their code into a legitimate executable (.exe) or command (.com) file and spread by infecting other files each time the infected file is run or accessed. This type of virus is often memory-resident. This means that if you run an infected file from a disc, USB drive, or other removable media, and then disconnect that media from your computer, the virus is still active in your computer’s memory and can still infect other files.
Boot sector viruses infect hard drives on the structural level, in an area of the disk called the boot sector. When starting your computer from a hard drive, the boot sector is the very first part of the disk the computer looks at. This is the area of the disk where vital information needed to start or ‘boot’ the computer is stored. This means that a virus hidden in this part of the disk is loaded into memory before any operating system or antivirus software is loaded. Boot sector viruses are also memory-resident and can infect any disk inserted into the computer after it is booted.
The worst of both worlds, these viruses combine the traits of a file infector virus and a boot sector virus. Because of this, this type of virus can be both very destructive and very hard to remove from an infected computer.
These are similar to boot sector viruses but with one important difference; these viruses save a copy of the ‘clean’ or original boot records elsewhere on the disk, where it can usually be recovered using special software such as disk recovery tools.
Beginning with Microsoft Office 97, Microsoft introduced the ability to create custom functions and to automate tasks in common Office applications, such as Word and Excel, through user-created macros. Based on Visual Basic, macros opened an entirely new way for malicious coders to create harmful viruses. Macros are now one of the most common and destructive types of viruses in existence.
A Trojan horse is not technically a virus, since it does not reproduce or replicate like a true virus. Instead, a Trojan horse pretends to be something desirable to a user—an application, an email attachment, or a document—that conceals a malicious payload that, when triggered, can delete or damage user data or system files.
A large number of Trojans compromise computer security by downloading viruses or other threats, such as botnet clients. Botnet clients can enslave computers to work in tandem as an element in an illicit network. Such networks are often used to breach the security of other computers or computer networks. Botnets are also commonly used to take down websites or entire networks by flooding them with data requests in what is known as a distributed denial of service (DDOS) attack.
Worms are a form of malicious program that replicates itself from computer to computer. Unlike a virus, a worm does not rely on an infected file to spread. Instead, it is the infected file. Worms often exploit security holes to spread quickly from computer to computer within a network or across the internet. Worms can spread exponentially and can quickly bring a network to its knees by generating overwhelming network traffic as they spread from computer to computer.
Now that you are familiar with the most common forms of malware, the next question is simple: What can your business do to protect itself against these threats?
Proper security and data protection require a comprehensive plan. A properly managed and maintained antivirus program that protects against mortgage cyber attackers is a critical part of that plan, as is a firewall to protect against threats originating outside of your network.
However, antivirus software and a firewall are only two pieces of a total data security package. For true protection, you need a partner who is familiar with the special needs of mortgage companies and who has the experience to provide the protection you need.
ABT can be that partner.
Our unique cloud applications, DeviceGuardian™ and EmailGuardian™, can be added to any computer or mobile device to give you the peace of mind you need to know that your data is protected and secured from outside threats. DeviceGuardian™ technology offers full Consumer Financial Protection Bureau (CFPB) regulatory compliance for secure device management, with fully managed antivirus protection and secure data backup.
EmailGuardian™ uses sophisticated, multi-layered detection engines and intelligence to protect email data and employees from malware, spam, advanced threats, and zero-day attacks. With over 18,000 customers, EmailGuardian™'s threat intelligence and adaptive network are constantly improving defenses to eliminate new and advanced threats. It is also works to contain spear-phishing attempts by reviewing every URL for threats, and to ensure spam and malware don’t reach your network.
Contact us today to see what Access Business Technologies’ DeviceGuardian™ and EmailGuardian™ can do for your company.