Small and medium-sized businesses face a challenge when it comes to keeping their data secure. Many companies don’t have the budget to hire a Managed Service Provider (MSP) to take care of their IT needs, and often, they think they do not have enough knowledge or time to handle it themselves, therefore the path of least resistance is to not have any security at all. At the very best SMBs use a consumer version of antivirus software.
But these days, neither of those options is a good idea. Having no protection leaves you too vulnerable, and the problem with using a consumer product in a work environment is whoever is managing the network cannot look across all computers at once and implement policy changes or updates.
Do hackers really target small businesses?
The media coverage of big time data breaches like Target, Neiman Marcus, and Home Depot may have many SMB owners thinking that they are not at risk, but even small and medium-sized businesses need to make sure that their data and that of their customers is protected.
Here’s a statistic that should get your attention: One in five small businesses are a victim of cybercrime each year, according to the National Cyber Security Alliance. And of those, nearly 60% go out of business within six months after an attack. And if you need more convincing, a 2014 study of internet threats reported that 31% of businesses with fewer than 250 employees were targeted and attacked.
Why do hackers target small businesses?
Hackers like small businesses because many of them don’t have a security expert on staff, a security strategy in place, or even policies limiting the online activity of their employees. In other words, they are vulnerable.
Don’t forget that it was through a small service vendor that hackers gained access to Target’s network. Hackers may get your own customer’s data like personal records and banking credentials and your employee’s log in information, all the while targeting the bigger fish.
While hackers account for most of the data lost, there is also the chance of accidental exposure or intentional theft by an employee.
What can I do to protect my small business?
For mom-and-pop outfits, Avast for Business, a free business-grade security product designed especially for the small and medium-sized business owner, offers tremendous value. The management console is quite similar to our consumer products meaning that the interface is user-friendly but also powerful enough to manage multiple devices.
“Avast for Business is our answer to providing businesses from startup to maturity a tool for the best protection, and there’s no reason for even the smallest of companies not to use it, because it starts at a price everyone can afford, free,” said Luke Walling, GM and VP of SMB at Avast.
Some companies may still opt to pay for a MSP, and in many cases, especially for medical or legal organizations, handing over administration to a third-party may be a good way to go. Either way, our freemium SMB security can be used, and if you use a MSP then the savings can be passed on to you.
Is free good enough for a business?
Many IT professionals have been using free security on their home computers for years. It’s not such a huge leap of faith to consider the benefits of making the switch in their businesses as well.
“I have been using Avast since 2003 at home, with friends, with family. You really come to trust and know a product over the years. It lends itself to business use really well, nothing held back,” said Kyle Barker of Championship Networks, a Charlotte-area MSP.
How do I get Avast for Business?
Visit Avast for Business and sign up for it there.
Malvertising, sounds like bad advertising right? It is bad advertising, but it doesn’t necessarily include a corny jingle or mascot. Malvertising is short for malicious advertising and is a tactic cybercriminals use to spread malware by placing malicious ads on legitimate websites. Major sites like Reuters, Yahoo, and Youtube have all fallen victim to malvertising in the past.
How can consumers and SMBs protect themselves from malvertising?
Malvertising puts both website visitors and businesses at great risk. Site visitors can get infected with malware via malvertising that either abuses their system or steals personal data, while businesses’ reputations can be tarnished if they host malvertisments. Even businesses that pay for their ads to be displayed on sites can suffer financial loss through some forms of malvertising because it can displace your own ads for the malicious ones.
To protect themselves, small and medium sized businesses should make sure they use the latest, updated version of their advertisement system, use strong passwords to avoid a dictionary attack and use free Avast for Business to discover and delete malicious scripts on their servers. Consumers should also keep their software updated and make sure they use an antivirus solution that will protect them from malicious files that could turn their PC into a robot, resulting in a slowed down system and potential privacy issues. Avast users can run Software Updater to help them identify outdated software.
How does malvertising work?
Businesses use ad systems to place and manage ads on their websites, which help them monetize. Ad systems can, however, contain vulnerabilities. Vulnerabilities in general are a dream come true for cybercriminals because vulnerabilities make their “jobs” much easier and vulnerabilities in ad systems are no exception. Cybercriminals can take advantage of ad system vulnerabilities to distribute malicious ads via otherwise harmless and difficult to hack websites.
Why cybercriminals like malvertising
Cybercriminals fancy malvertising because it is a fairly simple way for them to trick website visitors into clicking on their malicious ads. Cybercriminals have high success rates with malvertising, because most people don’t expect normal looking ads that are displayed on websites they trust to be malicious. Targeting well-visited websites, not only raises the odds of ad clicks, but this also allows cybercriminals to target specific regions and audiences they normally wouldn’t be able to reach very easily. Another reason why malvertising is attractive to cybercriminals is because it can often go unnoticed, as the malicious code is not hosted in the website where the ad is being displayed.
Examples of malvertising
An example of an ad system platform with a rich history of vulnerabilities is the Revive Adserver platform, formerly known as OpenX. In the past attackers could obtain administrator credentials to the platform via an SQL injection. The attackers would then upload a backdoor Trojan and tools for server control. As a result, they were able to modify advertising banners, which redirected site visitors to a website with an exploit pack. If the victim ran outdated software, the software would download and execute malicious code.
Another malware family Avast has seen in the wild and reported on that spread via malvertising was Win32/64:Blackbeard. Blackbeard was an ad fraud / click fraud family that mainly targeted the United States. According to our telemetry, Blackbeard infected hundreds of new victims daily. Blackbeard used the victim’s computer as a robot, displaying online advertisements and clicking on them without the victim’s knowledge. This resulted in income for botnet operators and a loss for businesses paying to have their ads displayed and clicked.
New intelligent app from Avast learns individual user behavior and optimizes features to maximize battery life.
Avast is excited to announce the release of our newest app, Avast Battery Saver. Battery Saver is the first intelligent battery-saver app for Android that increases battery life by an average of 7 hours. Avast Battery Saver optimizes your device’s settings, adjusting data connections, screen brightness and timeouts based off of its ability to learn about individual usage behavior.
“Everyone needs more battery life for their mobile devices, but most battery savers shut down the wrong apps,” said Jude McColgan, Avast’s President of Mobile. “Avast Battery Saver learns which apps are most important to the user, and shuts down only those that are less used.”
In contrast to other battery-saver applications, Avast Battery Saver learns about your daily routine and thus suggests the best smart profiles for your phone. It doesn’t require you to change your behavior or usage, nor does it affect voice calls, text messages, or the ring volume of your phone.
Avast Battery Saver significantly improves battery life, saving up to 20% on one charge — and it’s free from the Google Play Store.
This improved battery manager will take care of your battery’s health the same way a doctor takes care of yours. The result is more battery life with less hassle.
The app’s convenient features make Android devices significantly more efficient
- Smart profiles activate automatically based on time, location, and battery level.
- App consumption detects and permanently stops apps that drain too much battery life.
- Precise estimate of remaining battery life based on actual phone usage and historical data. Battery level is displayed in a percentage and time remaining in status bar notification.
- The application can turn off Wi-Fi when there are no known hotspots nearby.
- Your phone limits connections to the Internet to every 5, 10, 15 or 30 minutes, based on your current profile configuration, when its screen is turned off.
- Emergency mode is activated when your battery level is very low, and it turns off all functions that require significant energy, saving power for when you really need it (e.g. Wi-Fi, data connection, Bluetooth or GPS).
The app currently works with these profiles: Home, Work, Night, and Super-Saving Emergency Mode. You can easily switch from one mode to another and manage them within the app. Avast Battery Saver is now available for download in the Google Play Store.
Wi-Fi and encryption
Data transmitted over a wireless network can be either unencrypted or encrypted. While both options are available to users, the use of open, unprotected Wi-Fi networks has become increasingly popular across the globe. In the case of open wireless networks, the transmitted data are unencrypted and might be visible to others, as is shown in the screenshot below. To resolve this issue, many wireless networks use password protection. However, the method and strength of these passwords matter: if a weak encryption method, such as WEP, is used, an attacker can simply crack the password and decrypt the device’s communication. Hence, the use of a strong encryption such as WPA/WPA2 is suggested. The length of a password is another important factor to its strength — a strongly encrypted communication with a short key length can still be cracked by hackers within a short amount of time. Because of this, a key length of longer than 8 characters is strongly recommended.
(Figure 1: List of available wireless networks featuring both encrypted and unencrypted options.)
Today, Avast announced the launch of Avast GrimeFighter at the Mobile World Congress in Barcelona. The new application helps Android users free extra memory on their devices with just a few taps so they can save the data that matters to them while enjoying a faster, smoother performance on their devices.
How Avast GrimeFighter works
Avast GrimeFighter begins by scanning all applications on an Android device, identifying unimportant or unnecessary data that could be eliminated without damaging applications’ functionalities. Using GrimeFighter’s easy-to-use interface, users can choose from two modes that allow them to eliminate excess files with ease: Safe Cleaner and Advanced Cleaner. Safe Cleaner is a customizable scanner that quickly identifies unimportant data for instant, one-tap removal. Advanced Cleaner runs in parallel to Safe Cleaner, mapping all of the device’s storage and creating a simple overview of all files and applications that take up space. Advanced Cleaner locates inflated or unused applications and arranges them by file type, size, usage, or name, so users can permanently remove the files and free up storage space.
In addition to cleaning up unwanted data, Avast GrimeFighter helps maximize storage capacity by syncing with personal cloud storage accounts so users can manage their device’s storage without having to delete valuable data. Users can drag files to the cloud icon and GrimeFighter will instantly transfer them to a safe folder in the cloud. Avast GrimeFighter is currently compatible with Dropbox and can assist users in setting up a Dropbox account. Additional popular cloud storage solutions will be added soon.
How does excess data get accumulated?
Bits and pieces of data accumulate on your device, whether you are aware of it or not. GrimeFighter helps you locate excess data that you wouldn’t typically be able to find, such as data left over from initiated app downloads, residual data, thumbnails, and app caches. Popular apps, like Facebook and Instagram, also create excess data on your device as they inflate from their original download size when used regularly. Avast tested some of the most popular Android apps and found that their size can grow exponentially during one week of heavy usage:
install size: additional data accumulated:
1) Facebook 36.7MB 153MB
2) Flipboard 12.6MB 71.1MB
3) Google Maps 23.21MB 68.8MB
Avast GrimeFighter will help the more than one billion Android users free up anywhere from 500MB to 1GB of storage per device to enjoy faster performance and is available for download on Google Play.
Avast mobile security experts launched a new app today at the Mobile World Congress in Barcelona.
Avast SecureMe is the world’s first application that gives iPhone and iPad users a tool to protect their devices and personal data when they connect to Wi-Fi networks. The free app automatically locates Wi-Fi networks and tells users which of them are safe. Since many users connect without knowing the status of the Wi-Fi network – whether it’s protected or not – Avast SecureMe will create a secure connection in order to keep them safe.
“Public Wi-Fi and unsecured routers have become prime targets for hackers, which presents new risks for smartphones and tablets – even iOS devices aren’t immune,” said Jude McColgan, President of Mobile at Avast.
Avast SecureMe will be available in a invitation-only public beta test within the next few weeks. Please sign up here, and the SecureMe team will contact you.
The app notifies you if it finds security issues
Avast SecureMe includes a feature called Wi-Fi Security. (This feature is also available for Android users within the Avast Mobile Security app available on Google Play.) People who use open Wi-Fi in public areas such as airports, hotels, or cafes will find this helpful. This feature’s job is to scan Wi-Fi connections and notify you if it finds any security issues including routers with weak passwords, unsecured wireless networks, and routers with vulnerabilities that could be exploited by hackers.
“Avast SecureMe and Avast Mobile Security offer users a simple, one-touch solution to find and choose safe networks to protect themselves from the threat of stolen personal data,” said McColgan.
What’s the risk that my personal data will be stolen?
If you use unsecured Wi-Fi when you log in to a banking site, for example, thieves can capture your log in credentials which can lead to identify theft. On unprotected Wi-Fi networks, thieves can also easily see emails, browsing history, and personal data if you do not use a secure or encrypted connection like a virtual private network (VPN). See our global Wi-Fi hacking experiment to see how widespread the threat really is.
The SecureMe app includes a VPN to protect your privacy
Avast SecureMe features a VPN to secure your connections while you conduct online tasks you want to remain private, especially checking emails, doing your online banking, and even visiting your favorite social network sites. Avast SecureMe automatically connects to the secure VPN when it detects that you have connected to a public Wi-Fi making all transferred data invisible to prying eyes. For convenience, you can disable the protection for Wi-Fi connections you trust, like your home network.
Avast SecureMe for iOS will be available soon in the iTunes Store. Before it’s widespread release, we will conduct an invitation-only public beta test. Please sign up here, and the SecureMe team will contact you.
The Wi-Fi Security feature is now also included in the Avast Mobile Security app for Android, available on Google Play.
The use of open, unprotected Wi-Fi networks has become increasingly popular across the globe. Whether you’re traveling around a new city and rely on public Wi-Fi networks to get around or you’re at your favorite coffee shop and connect to its Wi-Fi, you’re left in a vulnerable situation when it comes to protecting your data. Just as you lock the door of your house when you leave, you should also use a security app if using public Wi-Fi.
Avast’s hack experiment examines browsing habits of people across the globe
The Avast team recently undertook a global hacking experiment, where our mobile security experts traveled to cities in the United States, Europe, and Asia to observe the public Wi-Fi activity in nine major metropolitan areas. Our experiment revealed that most mobile users aren’t taking adequate steps to protect their data and privacy from cybercriminals. In the U.S., the Avast mobile experts visited Chicago, New York, and San Francisco; in Europe, they visited Barcelona, Berlin, and London; and in Asia, they traveled to Hong Kong, Seoul, and Taipei. Each of our experts was equipped with a laptop and a Wi-Fi adapter with the ability to monitor the Wi-Fi traffic in the area. For this purpose, we developed a proprietary app, monitoring the wireless traffic at 2.4 GHz frequency. It’s important to mention that there are commercial Wi-Fi monitoring apps like this available in the market that are easy-to-use, and available for free.
The study revealed that users in Asia are the most prone to attacks. Users in San Francisco and Barcelona were most likely to take steps to protect their browsing, and users in Europe were also conscious about using secure connections. While mobile users in Asia were most likely to join open networks, Europeans and Americans were slightly less so; in Seoul, 99 out of 100 users joined unsecured networks, compared with just 80 out of 100 in Barcelona.
1) Seoul: 99 out of 100
2) Hong Kong: 98 out of 100
3) Taipei: 97 out of 100
4) Chicago: 96 out of 100
5) New York: 91 out of 100
6) Berlin: 88 out of 100
7) London: 83 out of 100
8) Barcelona: 80 out of 100
9) San Francisco: 80 out of 100
Our experiment shed light on the fact that a significant portion of mobile users browse primarily on unsecured HTTP sites. Ninety-seven percent of users in Asia connect to open, unprotected Wi-Fi networks. Seven out of ten password-protected routers use weak encryption methods, making it simple for them to be hacked. Nearly one half of the web traffic in Asia takes place on unprotected HTTP sites, compared with one third U.S. traffic and roughly one quarter of European traffic. This can most likely be attributed to the fact that there are more websites in Europe and the U.S. that use the HTTPS protocol than in Asia.
So, how much of your browsing activity can actually be monitored?
Because HTTP traffic is unprotected, our team was able to view all of the users’ browsing activity, including domain and page history, searches, personal log in information, videos, emails, and comments. Read more…
New mobile apps, a live Wi-Fi hack, results of a global Wi-Fi experiment, a demonstration of mobile malware, and Avast mobile experts can all be found at Avast’s booth (hall 5 stand 5K29) at this year’s Mobile World Congress in Barcelona.
Open Wi-Fi Risks and Live Demonstration
Connecting to public Wi-Fi networks at airports, hotels, or cafes has become common practice for people around the world. Many users are, however, unaware that their sensitive data is visible to hackers if they don’t use protection. This data includes emails, messages, passwords and browsing history – information you don’t necessarily want the guy sipping the latte next to you at the cafe to see. Avast experts traveled to different cities across the U.S., as well as Europe and Asia, to find out how much information is openly shared via public Wi-Fi. They found that one-third of browsing traffic in New York City, San Francisco and Chicago is openly visible for hackers.
At the Congress, Avast will conduct a Wi-Fi hack demonstration. The demonstration will allow visitors to see, first hand, what a hacker can access if they don’t use protection. Participants can connect to Avast’s (password protected) Wi-Fi network to browse and send messages as they normally would when connected to open Wi-Fi. To demonstrate how this information would look through the eyes of a hacker, their activities will be displayed on a screen at the Avast stand.
Mobile Malware and Simplocker Demonstration
Mobile malware is often perceived as a myth, yet Avast currently has more than one million samples of mobile malware in its database. Avast recently discovered a new variant of the mobile ransomware, Simplocker, which will also be demonstrated during the Congress. Visitors can see how the malware disguises itself, behaves, and will learn how they can protect themselves.
Introducing Avast’s New Suite of Apps
Avast will be introducing a suite of new apps at this year’s Mobile World Congress, including productivity and security apps for Android and iOS. Avast GrimeFighter and Avast Battery Saver address two of the most common complaints for Android users: storage concerns and battery life. Avast GrimeFighter helps users free extra storage on their devices by identifying unimportant data for one-tap removal, while Avast Battery Saver extends battery life up to 24 hours by learning the user’s behavior and optimizing features to preserve battery power.
Avast SecureMe is a dual solution app that helps iOS users identify secure Wi-Fi connections and protect personal data while using public Wi-Fi connections.
Wi-Fi Security, a feature available in Avast SecureMe, and coming soon to Avast Mobile Security for Android, prevents users from falling victim to Domain Name Server (DNS) hijacking by exposing vulnerabilities in routers they want to connect to.
We look forward to meeting you!
If you are attending this year’s Mobile World Congress, feel free to stop by the Avast booth to speak with Avast experts, learn more results from Avast’s global Wi-Fi experiment, see Avast’s new mobile apps and participate in the Wi-Fi demonstration. If you aren’t attending, make sure to check our blog, follow us on Twitter and Instagram, and like us on Facebook for updates during the Congress!
Note to media: If you would like to set up a meeting with Avast, please email PR@avast.com.
Not too many years ago we had phones that only made calls. Smartphones are the newest generation of phones that bring a lot of possibilities right to our fingers through the apps specifically designed for them. We all got used to the Windows (or Mac) world, but now we are witnessing a revolution from “standard” programs and some specialized tools to a world where every common thing can be done by our smartphones. Sometimes it seems, that the device is smarter than we are!
But can it protect itself from the increasing number of threats?
You’ll find a lot of articles on the Internet which state that security companies exaggerate the need for mobile security and antivirus protection. You’ll read that Google Play and the new security technologies of Android Lollipop are the only things necessary for security. I could post many examples of such (bad) tips, but I don’t want to waste your time or mine.
Do you use only Google Play as your app source?
A common (and wise) security tip is to stick with Google Play for downloading apps. This is good advice despite the fact that we see here in the Avast blog that Google Play fails to detect some apps as malware. Look for our mobile malware senior virus analyst Filip Chytry’s articles. He continuously discovers holes in Google Play security.
However, what if you want apps that have been banned from Google Play? No, I’m not talking about (just) adult apps. Google banned anti-ad apps, for instance. So where is a safe place to get them? The answer is simple: outside of Google Play. The Amazon Appstore for Android is quickly increasing the possibilities.
Do you think that clean apps can’t become bad ones?
Clean apps can become bad ones, and with the new Google Play permission scheme, you may not even notice. This makes updating your apps (another very common and wise hint) an additional complication.
As the apps we love can turn against us, the best tip of all is that you install a mobile security app that helps you know what it being added to your phone. Avast Mobile Security updates its virus database very often to detect the latest threats and allows you to install securely all the apps you love.
This makes you smarter than your smartphone!
Avast is pleased to offer the World’s First Free Business-Grade Security to small and medium-sized businesses.
In a move that will make a difference to the security of local businesses across the USA and the UK, Avast launches Avast for Business—a free, easy to use, cloud-managed security offering that protects small to medium-sized businesses (SMBs) from viruses and cyber attacks.
This is the first free information security product built specifically for businesses with cross-platform protection, meaning that it protects both PCs and Macs. It solves a problem that many businesses have: No IT staff, lean IT budgets, lack of know-how, or even any security at all.
“Since 2001 we’ve delivered great, free security products for home users,” said Vince Steckler, Chief Executive Officer of Avast. “We believe the time is right to provide great security that is not only free, but also simple for SMBs to implement and manage. A small business may not view their customer database or online orders at the same level as data of an enterprise. Avast for Business addresses the problem of those businesses using consumer products and not being adequately protected; it gives those enterprises a business-class solution they can grow with.”
Avast for Business is easy for SMB owners to install, configure and manage advanced security solutions with or without the help of a full-time IT manager. Users are able to effortlessly monitor, manage and protect devices anywhere, anytime from Avast’s cloud-management console.
“Anybody can use the interface,” said Kyle Barker of Championship Networks, an Avast partner in North Carolina, USA. “If you’ve ever seen a simple installment of Avast, you’ve seen the interface, you know the controls. Anybody that ever used the small office console already knows every feature that’s in this product. It’s a simple transition.”
From the easy-to-navigate console, users have the ability to configure robust reporting and alerting to easily stay on top of what is happening inside of their environment. Avast for Business features include:
- Free Essential Antivirus protection (File Shield, Web Shield, Mail Shield)
- HTTP and HTTPS Threat Scanning & Integrated Browser Protection
- A Web-based management console that is accessible anywhere, anytime.
- Robust reporting and alerting engine
- Cross-Platform Support including Windows and Mac OSX.
For advanced security requirements, Avast for Business also offers premium services. There are no limits on the number of protected devices, and businesses can activate and deactivate licenses as needed. This allows them to grow comfortably without the concern of overwhelming costs.
“It’s very easy to choose on a month to month basis the number of licenses you want. Any number of licenses can be mixed from free and premium and you can change this on a month to month basis,” said Barker.
Later in 2015, Avast will introduce programs for managed service providers and the reseller channel, to benefit from the power of free. In the spring, Avast will form its first ever partner advisory council in order to bring partners closer to Avast, to discuss features and functions specific to their needs.