Front vs Back-Door Viruses: Which Should I Be Locking First?
Opening up your computer and finding that you’ve somehow been infected with a virus is never a good thing, especially when you’ve got sensitive business information stored there. Viruses come in various different forms and operate in a number of ways. The main two ways in which a virus can worm its way into your system are through front and back-door attacks. Just like your home, you’d never go to bed only locking the front and leaving the back door open. Or vice versa. Here’s all you need to know about protecting your business from becoming infected from a front or back-door attack.
We will tackle each respective type of virus separately and explain what each of them is.
Front-Door Viruses
All front-door attacks require the actions of the user to allow the virus to infect the system. This is why they are referred to as a front-door attack, as metaphorically, the user is tricked into opening the front door and letting the virus in. The most common ways in which this style of attack is disguised are emails, web browsing or downloads.
Once you’ve allowed the virus to enter your system, it then has control of all of your data. The hackers then have the ability to run a program with all your rights and privileges. This also means that they can delete all of your stored files too.
The virus can easily be spread further as it will grant the hackers access to your emails which could be used to run a program to send thousands of spam emails to your contact list. As your contacts would normally receive trustworthy emails from you, the risk of them following the link or downloading the attachment would be greater.
A real-life example of a front-door attack would be the Petya attack. This global cybercrime operated on both a front and back-door basis. The virus was first spread as a Ukrainian tax and accounting software package. Once this “software” was downloaded by the user, the virus then “came in through the front-door” and infected that particular system. The hackers would then continue this method in hope that other users would be persuaded to download the same bug due to receiving it from a more reliable source.
Petya was an example of a Ransomware attack, meaning that the virus would capture your data and then demand a ransom sum in order for you to regain access to it. There was no guarantee that you would get your data returned, even if you matched the ransom fee.
How to Protect From a Front-Door Virus
As front-door attacks require access to be granted by you, you are the only one who can stop them from getting in. Think of these attacks in the same light as you would a burglar trying to get into your car. You wouldn’t leave it unlocked and make it easy for them, would you?
Granted, nobody purposely leaves their car unlocked and it’s an easy accident to happen but, so is being on the receiving end of a cyber attack so you must be extra careful.
Here are various ways in which you can effectively protect your business from front-door attacks:
- Be cautious when opening email attachments, even from friends. If you have even the slightest of suspicion around an attachment, it’s best not to open it and you can always check with the sender.
- When browsing the internet, tread carefully when you’re looking at a less reputable website. Clicking on a wrong link could prove costly.
- Beware of free downloads that seem too good to be true.
- Use effective virus scanners and keep your versions updated.
- Consider using less popular but still reputable email readers and web browsing software. Attackers are renowned for targeting the more popular, well-known options. There are plenty of excellent and free open source options on the market.
Back-Door Viruses
A back-door virus is any form of program that grants unauthorised access to an entire system via a software or network vulnerability. These attacks differ from front-door as they do not require any action by the user of the system and still hold the ability to infect.
Older systems that are no longer supported by the supplier are the most vulnerable to an attack. Suppliers will release various security patches included in system updates at regular intervals in order to keep their systems safe from cyber attacks.
Users will often delay downloading and updating their systems as they see it as an inconvenience. This is a hacker’s dream as the weaknesses that are being patched in the updates are common knowledge, therefore they know the exact weak points of the systems that won’t update straight away and where to attack.
May 2017 saw one of the largest back-door Ransomware attacks of recent times sweep across 150 different countries around the world. This attack specifically targeted Microsoft Windows operating systems by infecting data and demanding payments through Bitcoin cryptocurrency.
This attack hit the NHS particularly hard as they relied heavily on Microsoft XP, a legacy system that is no longer supported. The WannaCry outbreak cost the NHS a whopping £180,000 in emergency fees. A monstrous fee they could’ve avoided if they had a Disaster Recovery Plan in place.
16 NHS organisations across Britain had their files scrambled, causing havoc and mass disruption to services. A&E departments were forced to close to non-critical patients and an abundance of appointments and operations were cancelled. Emergencies were redirected to other branches and doctors were reduced to pen and paper when diagnosing patients.
How to Protect From a Back-Door Virus
The NHS could’ve dealt with the WannaCry outbreak much quicker and more effectively if they had a Disaster Recovery Plan in place. Whether it be front-door or back-door, it is always easier to prevent than cure a cyber attack. Don’t wait for it to happen to you before you realise just how much damage they can cause you. Here are various ways that you can protect your business from back-door attacks:
- Regularly update your operating system. Learn from the NHS’ biggest mistake. It is imperative to update your operating system at regular intervals so that you don’t miss out on crucial software fixes. By using an outdated system that was no longer supported, the NHS left themselves wide open. Suppliers will be able to find a fix for your issue much quicker on a newer system which means less downtime should you unfortunately become infected.
- Backup your data regularly. Should anything go wrong, your backups will determine the depth of impact that the attack will leave on your business. Don’t shoot yourself in the foot and potentially lose weeks or months work of your hard work.
- Maintain and go beyond compliance with your system. It’s paramount that smaller business follow the correct protocols when it comes to data protection as they don’t have the capital to bail them out if disaster strikes.
Learn More About Disaster Recovery & Ransomware Attacks
It’s always a good idea to be prepared for anything that could be thrown at you, especially in business. Both front and back-door attacks can bring businesses to the ground and we believe that you should lock both in order to keep productivity at a maximum.
How does Disaster Recovery fit into your business? There are plenty of options for businesses, both small and large, to ensure that they are completely covered. So, download our disaster recovery guide which is packed full of helpful advice and guidance on what to do to recover your data if disaster strikes: