Dangers from the Internet
A conversation with Internet security expert François Tschachtli reveals possible steps toward hacker prevention.
François Tschachtli is responsible for the Swiss branch of AVG Technologies and for Germany, Austria, Benelux and International.
Mr. Tschachtli, what would you describe as the greatest threat to SMEs from the Internet?
The greatest danger still lurks on infected websites. Invisible malicious codes are stored there, which become active when the website is simply viewed and settle in the computer. The user does not even have to perform any action to catch the "bad guy". Nor does he notice anything about it. Since most employees move around in virtual space every day, hackers can carry out their work and infect computers virtually "in passing". And they don't just do this via relevant websites. Trusted URLs are also hacked again and again, spreading malicious code. A good virus scanner that updates itself several times a day is a MUST today.
And what about phishing emails?
Unfortunately, we are finding that good prey can still be made with this and that many fall into this trap despite official warnings. The "perpetrators" act very cleverly and specifically appeal to people's curiosity and sensationalism or use supposedly trustworthy sender addresses such as UBS, DHL and PostFinance. The contents are written in error-free German, so that the phishing attack is not recognized at first glance. All it takes is a little inattention, and the user enters sensitive data or opens attached PDFs on replicated pages.
How to recognize a replicated website?
First and foremost, you need to know that today neither a bank nor any other company sends mails with sensitive content. If the spam mail is opened nevertheless, one can "illuminate" the link contained in it without clicking. This makes it obvious that the Internet address does not match the original URL of the company. Phishing pages can also be distinguished from genuine ones via the browser's address bar.
An appeal for greater caution?
This and the constant need to raise employee awareness. This is time-consuming, but simply essential. Because caught viruses and malware cost money, resources and trouble. Even if companies don't come up with world firsts and don't have to be afraid of exclusive inventions being spied on and passed on, attacks can still lead to major damage.
Fortunately, there are security solutions.
Yes. Good antispam solutions intercept spam mails and web filters scan web pages before opening them, block infected pages and ensure safe web browsing. It is important that the solutions - such as antivirus - are continuously updated. To give a figure that makes visible how much dynamism there is on the web and among hackers: our SecureSurf carries out up to 1000 updates a day. There's a lot going on in cyberspace.
Keyword "mobile working": Are mobile devices sufficiently protected or do you notice gaps again and again?
In very few cases is data on tablets and smartphones protected. If we look at the answer to question one, employees are just as exposed to dangers on the Internet with the mobile devices they use for business as they are on "normal" computers. Apps sometimes have hidden functions that are legal but not necessarily desirable. These include mobile adware - also called madware - that can share contacts and other information without being asked. It is recommended that companies provide their employees with security software and make them aware of the dangers.
You have the Norman Security Portal launched. What's behind it?
A simple concept to help SMBs protect their IT and the entire network from viruses without effort. This means that companies no longer need to install, update and manage virus protection locally. This is done by the local IT partner in the form of a "managed service". This is a huge advantage, especially for companies that do not have their own IT department. They no longer have to worry about anything and still enjoy the highest level of protection.
What are the costs?
From around 34 Swiss francs per year and workplace.
Norman Security Portal https://www.norman.com/ch/business