- 14 October 2021 11:48
Danger - ransomware may be hiding in those old files
Many businesses are unaware that danger may be lurking in their old files. Over the years files, emails and backups have been saved to network-attached storage (NAS) devices – but are all these old files safe from ransomware?
As Managing Director of Victory ICT Services, a managed services provider (MSP) based in regional Victoria, I assumed the files saved to his NAS were all safe. He has always run anti-virus (AV) products, and scanned all files when he deployed a new AV product.
With each new AV product he ran a full scan of his NAS box over a weekend, and with all previous antivirus products nothing was ever detected.
I thought we were safe until I transitioned to Comodo Security Solutions, whose tech is unique. They performed an in-depth scan across all files, including those on my NAS. The result shocked me - Comodo discovered multiple previously undetected trojans and malware.
Victory ICT use the NAS as a personal local repository for files, emails and backups. They also ensure all customers have offsite and air-gapped backups to protect against a local ransomware attack or infection.
Over the years I have used numerous AV and next-gen antivirus products – four were major household name ‘market leading’ solutions. With Comodo I discovered the other AV products’ lack of detection of malware, which is very scary.
The discovery came during a Comodo demonstration. I had thought their claims sounded too good to be true, and it was all ‘smoke and mirrors’.
But during their technical implementation, going through my due diligence, I ran their security solution against my NAS box. I was expecting a clean bill of health, as every other AV solution had said it was clean.
Comodo’s deep inspection quickly discovered that numerous files on my NAS had embedded malware, just waiting to launch an attack. I believe if I had a Windows OS instead of a Linux OS on my NAS, I would have been toast. I would have had one or more ransomware infections.
My confidence in ‘traditional’ antivirus or even next-gen antivirus has been seriously compromised. I am shocked that market leading security products totally missed malware that had made it through their products and/or sandbox technology.
Clearly organisations need to move from detection-based antivirus products to prevention-based solutions that have the ability to look at every file, script or macro and isolate and contain all writes if it is unknown, and then automatically analyse it to determine if it is malicious or safe. Victory ICT Services has now standardised on Comodo Security.