But that didn’t deter our team, which has come up with a rather interesting method to do it. They took a gaming PC and five resource-intensive games, and examined the impact of three security solutions on the gaming process in a range of usage scenarios.

Research methodology

They chose a fairly modern gaming PC:

• Intel Core i7-12700K
• Nvidia RTX 2070
• Samsung 850 Evo 250GB SSD
• 2x G Skill Intl F4-3200C14-16GTZKW modules of 16GB each
• Asus TUF GAMING Z690-PLUS WIFI D4 motherboard

Next, they assembled a “golden image” — a primary copy of the hard drive with a freshly installed Windows 10 system and five games. After each series of tests, they restored the drive state from the golden image so that each run was carried out under the same conditions, on a fresh operating system with no artifacts left behind by previous software installations.

The first series of tests was carried out on a clean system without a security solution; at least — as far as this was possible, since if an external antivirus isn’t installed on Windows 10, the built-in Windows Defender is automatically enabled. Thus, the experiment involved:

• Windows Defender
• Kaspersky Internet Security
• Norton 360 for Gamers

The selected games were:

• Red Dead Redemption 2 (action-adventure)
• Far Cry 5 (first-person shooter)
• Dota 2 (multiplayer online battle arena)
• Shadow of the Tomb Raider (action-adventure)
• Counter-Strike: Global Offensive (multiplayer tactical first-person shooter)

These games have built-in benchmarks: preset scenarios that automatically load computer resources to check compatibility with that computer. That is, they show the relative performance of the game on a specific hardware in a specific environment.

Built-in benchmarks ensured that the game engine performed the same in each test. In case of real gamers’ participation in the study, it would have been impossible to get the same impact on the device in each trial.
The tests were carried out in different conditions: simple game, game with video stream recording to disk, and in online streaming mode. The researchers measured the frame rate (FPS) to see what impact the security solutions in the default configuration had on the games.

The verdict

It turns out that antivirus software has virtually no effect at all on gameplay. In the words of the researchers, “the tests revealed no impact on the gaming process.” All recorded deviations fell within the measurement error.

What’s more, the tests produced the same results both for our product (aimed at home users in general) and for a special gaming edition solution from our competitors. Here’s the conclusion word-for-word:

What else can antivirus interfere with?

So, antivirus software doesn’t slow down games, but what about other negative effects? Experienced gamers know that a security solution running in the background can let them down at the critical moment by:

• Launching a database update. What if, during an online session, the antivirus decides to update its databases, thereby overloading the internet channel? This will cause a slowdown, which can be fatal for online games.
• Showing notifications about intercepted threats. Your antivirus might suddenly decide to boast about stopping a threat. And, boom, just as you’re about to slay the final boss, a notification pops up.
• Scanning the hard drive. You’re so engrossed in a game that you don’t notice the time flying. But, thoughtfully scheduled for 7am, a full scan of the hard drive kicks in and ruins everything.

You might reasonably ask: why didn’t our researchers analyze antivirus impact on gameplay in these scenarios too? The answer is simple: Kaspersky products feature a special game mode. Enabled automatically when you start playing, it postpones antivirus database updates, notifications and regular drive scans (including scheduled ones) until after your session ends.

At the same time, it provides uninterrupted (and unnoticeable) protection in the background. Which means:

• The system is fully protected against any malware attacks — whether by good old ransomware or even fileless malware.
• Links you click on in a chat room are immediately scanned for scams, phishing, and other online threats.
• Your personal data is continuously monitored for leaks, including on the dark web.
• All passwords and keys are securely stored in encrypted form, protecting your accounts and all their contents (whether it’s cryptocurrency or skins) from takeover.
• A VPN connection hides your IP address, secures data in transit, and improves ping/latency — if you choose the fastest server (VPN not available for downloading or activation in Belarus, China, Saudi Arabia, Iran, Oman, Pakistan, and Qatar).
• Your home Wi-Fi is safe from intruders.
• Registry, autoloading and other system parameters are optimized for gaming so you don’t waste a single millisecond.

Moreover, Kaspersky Premium provides access to unique services like Priority Support Line, PC Health Check-Up, and Remote IT Services. It also allows to optimize your PC performance by cleaning up duplicate and large files, managing apps and activities, and much more.

Enable the Kaspersky Protection extension

The Kaspersky Protection extension handles activity in the browser. Its main task is to protect your computer from dangerous sites and online scammers, but it can also remove banners. It activates when you install Kaspersky Security Cloud — look for its icon on the browser navigation bar:

If there is no icon, then you may have opted to disable it during installation, and you will have to enable Kaspersky Protection in the list of extensions.

Block ads with Anti-Banner

The Anti-Banner feature in Kaspersky Security Cloud is not active by default. However, you can turn it on it directly in the browser. To do so, click the Kaspersky Protection icon, followed by the green Enable button in the drop-down menu. Refresh the page and any banners will disappear.

You can also activate the feature from Kaspersky Security Cloud by opening the settings panel (the gear icon in the lower-left corner of the main program window).

In the menu that appears, select Protection and then Anti-Banner (in the middle of the long list of product tools).

Anti-Banner settings to remove multilingual and specific ads

Advertising networks know a lot about you, and they frequently show banners in your language, even on sites that aren’t. Our ad-blocker extension gets rid of such ads. However, if you use multiple languages at once, you’ll need to filter ads in each of them. As before, you’ll do so in Kaspersky Security Cloud’s settings panel. Open the Anti-Banner section, and select List of filters.

To block ads in a particular language, simply enable its filter in the list.

In addition to language filters, the settings include options to get rid of social media widgets (buttons with links to Facebook, Twitter, etc.) and windows inviting you to subscribe to updates. To enable them, select Thematic filters.

Sometimes an individual ad bypasses a filter and remains visible on the site. You can add such ads to the list of blocked banners manually. To do so, open theAnti-Banner section in the Kaspersky Security Cloud settings panel and select Blocked banners.

In the window that opens, click Add and paste the address of the banner into the Web address mask (URL) field. You can get this address by right-clicking the banner and selecting Copy Link.

Click OK again and refresh the site.

Not all ads are bad

If you don’t want to give all ads the chop, allow them on a specific site by adding it to the allowlist.

The easiest way is right in the browser: Click the Kaspersky Protection extension icon, then Anti-Banner, and select Allow on this website in the list that opens.

Another way to do the same thing: Open Kaspersky Security Cloud’s settings panel, select Anti-Banner, followed by Websites with allowed banners, and click Add.

Copy the address of the page you want to add, paste it into the Website field, and click OK.

Now you know how to block and unblock advertising banners as you please. More information about Anti-Banner and other useful tools in Kaspersky Security Cloud is available in our blog.

Who sets age restrictions on video games?

Roughly two dozen video game age rating systems exist worldwide. Most European countries, for example, adhere to the Pan European Game Information (PEGI) standard, and in the United States, Canada, and Mexico, the Entertainment Software Rating Board (ESRB) sets the restrictions.

Germany, Russia, Australia, and some other countries also use a variety of classification systems. Japan has two: the Computer Entertainment Rating Organization (CERO) and the Ethics Organization of Computer Software (EOCS).

Apple’s App Store likewise uses its own system. Meanwhile, Google Play supports various regional standards, but in most countries it uses the International Age Rating Coalition (IARC) system.

In other words, there are lots of different video game ratings, and which classification to adopt is not as trivial a question as it sounds. We’ll return to that a bit later, but first let’s figure out what age categories there are and how to interpret them.

How to interpret age restrictions

Most systems indicate the minimum recommended age using the corresponding number. But not all of these numbers are to be taken literally. For example, the Russian rating 0+ is roughly the same as PEGI 3 (i.e., suitable for anyone). Meanwhile, systems such as ESRB use descriptions instead of numbers: E — Everyone, T — Teen, and so on, but each description corresponds to a certain age group.

Either way, the purpose of these classifications is to inform the buyer that the game may contain adult language, scenes of violence, and other potentially undesirable content.

To help you decide, in addition to the age restriction itself, many systems specify why the game received it. For example, ESRB uses verbal descriptions of elements that might cause offense. In Europe, South Korea, and Japan, on the other hand, pictograms are used.

In some regions, ratings are advisory; in others, they are stricter. In many countries, for example, it is against the law to sell 18+ games to minors.

Why age restrictions vary by rating system

Keep in mind that different countries have different definitions of what constitutes inappropriate content. For example, the multiplayer game DayZ was hit by some major retail restrictions in Australia last year. The reason was that players could earn bonuses for drug use. To get it through the door of Australian stores, the developers released a modified version of the game.

Meanwhile, Hideo Kojima’s pleasantly titled Death Stranding was deemed a 15+ game in the eyes of those same Australian regulators. Across the water in New Zealand, even 13-year-olds can play it legally. And that’s despite both countries acknowledging that the game contains violence and swearing — but no drugs. Many other countries, for their part, slapped an adult rating on it.

Death Stranding age rating:

• ESRB: M — adults (17+)
• PEGI: 18+
• RARS (Russia): 18+
• ACB (Australia): MA15+
• OFLC (New Zealand): R13

The Sims 4 is an example of a game awarded diametrically opposite age classifications in different countries: from one of the softest (6+) to the strictest (18+). Whereas most rating systems agreed that it was suitable for teens, in Russia, it’s for adults because the game allows players to create same-sex couples and quarrel with relatives. But Germany, for example, took a totally different view: German regulators deem The Sims, with its absence of realistic violence, suitable for younger folks.

The Sims 4 age rating:

• ESRB: T — teens
• PEGI: 12+
• RARS (Russia): 18+
• ACB (Australia): M — 15+
• USK (Germany): 6+

Children’s game ratings

The situation with games for tiny hands is not always clear either. For example, the eye-catching Pokémon Sword and Pokémon Shield are suitable for children of any age according to the ESRB, despite containing cartoon violence. But in Europe and Russia, it is considered wholly inappropriate for very young eyes, receiving a 7 rating under PEGI and 6+ under RARS.

Pokémon Sword and Pokémon Shield age rating:

• ESRB: E — everyone
• PEGI: 7+
• RARS (Russia): 6+

How to choose a game for kids

As you can see, the various age rating organizations are far from unanimous when it comes to classifying video games. That means you don’t necessarily have to reject a title simply because your child is younger than the age indicated on the box or in the app description. It’s better to form your own opinion.

• Pay attention not only to the age restriction, but to the reason it was issued. If you live in a country where information about game contents is not supplied on the box or in the description, search for it online. Knowing what the game is about will help you decide.
• Compare the rating in your country with ones elsewhere for a more comprehensive picture. Remember that, for example, swear words might get literally lost in translation, meaning that a game might have a higher rating in countries where the original language is the one spoken in the game.
• Watch a game trailer on YouTube or the developers’ website. Read or watch a few online reviews — you can find video game bloggers and vloggers on any social network. That’s usually enough to get a decent idea of what the game is like.

After purchasing a game for your child, try playing it together. Work out how to play, and talk about the graphics, plot, and dialogs. Be there when your child plays online. That way, you’ll get a much better idea of whether it was the right choice for your child, not to mention getting some quality time with each other.

And, so that he or she does not spend too much time playing games, use parental-control tools to set time limits. For example, Kaspersky Safe Kids lets you set time limits and more on a computer or smartphone.

That vulnerabilities abound in Windows 7 is beyond doubt — and not because Microsoft is bad at programming. Any operating system is a complex beast, consisting of myriad components and many millions of lines of code, so avoiding bugs is impossible without sacrificing speed and convenience. Cybercriminals will always be out there searching for vulnerabilities to exploit, infecting computers with malware, stealing data, taking control of systems, and so on.

In exceptional cases, developers do still patch vulnerabilities in outdated operating systems. However, getting that to happen takes something on the scale of a global pandemic. In 2017, for example, during the WannaCry rampage, Microsoft released updates including for the already discontinued Windows XP and Windows Server 2003.

That update fixed a vulnerability through which the malware had penetrated devices. However, most cyberattacks do not cause such a splash (and hence response from developers). Nevertheless, their relatively modest scale is no comfort to victims.

What to do with Windows 7

If Windows 7 is already installed on your computer, our simplest and best advice is to upgrade to Windows 10. Even if 7 is your soulmate, the current version of the operating system is more reliable — and peace of mind and data security are worth the couple of hours needed to install and get used to it.

If for some reason you can’t upgrade to Windows 10 — hardware or software compatibility issues — and must stick with Windows 7, you will have to take charge of security yourself. First off, you need protection that blocks the exploitation of unpatched vulnerabilities.

Kaspersky security solutions include Kaspersky Exploit Prevention, which prevents the exploitation of previously unknown bugs. It was this technology that enabled us to detect several zero-day vulnerabilities in Windows, including CVE-2018-8589, CVE-2019-0797, and CVE-2019-0859.

Exploit Prevention is integrated in our security solutions for both home and business users. Here’s how to enable it:

• Open settings by clicking the gear in the bottom left corner of the application.
• Go to Protection.
• Select System Watcher.
• Under Automatic Exploit Protection, select the Monitor attempts to perform unauthorized operations checkbox.
• Select what to do with suspicious actions. On an unsupported system, blocking is the best option.

How to decrypt files encrypted by Yatron

Yatron ransomware is based on another encryptor, Hidden Tear, which has an unusual story. A few years ago, Turkish researcher Utku Sen created this malware for educational and research purposes and uploaded the source code to the Internet. The legacy of this software is still with us all; experts continue to find new ransomware based on it, and Yatron is just one such example.

Fortunately, vulnerabilities were found in the Yatron code, and our experts took advantage of them to create a decryptor. If you see a *.yatron extension on any locked files, then go to the No More Ransom website to download a decryption tool that will recover your files.

How to decrypt files encrypted with FortuneCrypt

The second ransomware package is also difficult to call a masterpiece — er, hackerpiece? Instead of using advanced languages like C/C++ and Python, the creators of FortuneCrypt wrote it in BlitzMax, a fairly simple language that is a kind of turbocharged BASIC. In the history of our research into malware tracking, we had never before encountered this language.

Our experts found that the malware’s encryption algorithm is far from perfect, and that allowed them to develop a decryptor for it. As with Yatron, FortuneCrypt victims can download a decryption tool from the No More Ransom portal.

What to do about ransomware on your computer

First of all, do not pay the ransom. Paying only encourages criminals, and it is no guarantee you will be able to recover your data. The best course of action is to go to the No More Ransom website, which was created by experts from several cybersecurity companies and law enforcement agencies from all over the world, including Kaspersky, Interpol, and the Dutch police, to alleviate the plight of ransomware victims. The website contains decryptors for hundreds of ransomware programs, and of course they are all free.

How to protect yourself from ransomware extortionists

Finally, some tips on how to avoid becoming a victim:

• Do not download programs from unknown and suspicious websites. Even if the name of the program looks right, the package may contain something completely different and dangerous.
• Do not click on links and do not open file attachments to e-mails from unknown recipients. If you receive a suspicious and unexpected message from a friend or colleague, call them to clarify whether the file is safe to open.
• Make sure to install the latest updates for your operating system and the programs that you use regularly. This will help you to steer clear of the vulnerabilities that ransomware makers take advantage of.
• Install a reliable antivirus app and never disable it, even if certain programs ask you to.
• Perform backups of important data and store that data in the cloud, on a flash drive, or on an external drive.

Back in 2017, we introduced Kaspersky Free antivirus globally, a solution that offered basic protection for PC users at absolutely no cost, so that no person would be left unprotected from cyberthreats. Under its hood thrummed the same engine as in our premium security products, which collect the majority of awards from independent test labs each year. And it really was free — no payment required, no third-party ads. And, no surprise, it became quite popular.

But every product must evolve to address users’ needs, which are constantly changing, and our free solution is no exception. With this evolution, it went way beyond being just an antivirus utility — so we stopped calling it an antivirus. We think its new name suits it much better; it’s functionally much closer to our full-fledged flagship Kaspersky Security Cloud than to a basic security solution. Now, let us take a quick look at how exactly Kaspersky Security Cloud Free has evolved far beyond Kaspersky Free antivirus.

What is the difference between Kaspersky Free antivirus and Kaspersky Security Cloud Free?

First of all, unlike Kaspersky Free antivirus, the free version of Kaspersky Security Cloud exists not only for Windows, but for other platforms as well. It helps protect both Android and iOS mobile devices.

Second, whereas our free antivirus solution was limited to an antiphishing engine and basic protection from malware, Kaspersky Security Cloud Free is a significantly more advanced multiplatform solution with a diverse spectrum of features, capable of adapting the protection it offers to your lifestyle. To learn about Kaspersky Security Cloud Free in detail, you can read this post, and here we’ll just quickly go through the most important features.

Just like the paid version, Kaspersky Security Cloud Free is different from other security solutions because of its adaptivity scenarios. For example, it helps you check if a service you use has leaked your account data, and it provides helpful advice that is relevant to you, specifically, because it relates to services that you actually use.

It also helps you keep your passwords strong and secure with Kaspersky Password Manager and protects your traffic with a VPN solution. On Android, it helps you manage app permissions and delete the apps you don’t use. The paid version has even more adaptivity scenarios, but the general idea is the same: Kaspersky Security Cloud helps you with the security you need when you need it.

But what if I am already a Kaspersky Free user?

No worries, your Kaspersky Free antivirus will work just fine. You won’t need to change your security solution and start using Kaspersky Security Cloud Free — although we’d strongly recommend it. The license will be renewed automatically. You can continue as if nothing has changed.

Our users are extremely important to us, and that’s why we won’t just shut down Kaspersky Free antivirus and force you to move to the newer solution. However, if you are already using Kaspersky Free, we suggest that you give Kaspersky Security Cloud — Free a try — it’s still just as free, but it provides more features and stronger security for different types of devices. And there’s no such thing as too much security in the modern world.

Attacks through the supply chain

Being attacked through a supply chain typically means that a service or program that you have used for some time has become malicious. Over the past few years, we have seen several similar incidents with varying degrees of complexity and destructiveness. Here are a couple of the loudest.

ExPetr ransomware outbreak

While focusing on the destructive consequences of ExPetr (aka NotPetya), few people recall how it began. That’s a shame: One of its distribution vectors practically defines “supply-chain attack.” Attackers compromised the automatic update system of accounting software called M.E.Doc, forcing it to deliver the ransomware to all customers. As a result, ExPetr caused millions in losses, infecting both large companies and small businesses.

The CCleaner incident

CCleaner is one of the most famous programs for system registry cleaning. It is widely used by both home users and system administrators. At some point, attackers compromised the program developer’s compilation environment, equipping several versions with a backdoor. For a month these compromised versions were distributed from the company’s official websites. It was downloaded 2.27 million times.

How to avoid becoming a victim

As you can see, in a supply-chain attack, cybercriminals do not have to choose you as a target. To some extent, you choose yourself, simply by using a particular service or program.

The conclusion is clear (and it’s not the most original one): Every single business device with Internet access must be protected. That includes computers, servers, mobile phones, and so on. Even if you are sure that you are not installing unknown programs on a computer, that’s no guarantee malware won’t come to you as an update of old and familiar software. In particular, computers should be protected by technologies that can counteract malicious miners and ransomware. These two attack methods are easiest to monetize, so attackers use them persistently.

How to protect small businesses

For small businesses, choosing a security solution is traditionally difficult. Products for home users lack the necessary capabilities, and solutions for large businesses are expensive and too complicated to manage without a dedicated IT Security department. So that small companies can protect their digital assets against modern cyberthreats, we have updated Kaspersky Small Office Security solution.

Our solution is optimized for companies ranging in size from 5 to 25 employees, does not require any special skills for administration, and is capable of protecting almost every connected business device — personal computers, Windows file servers, and Android mobile devices.

One of the main components of the solution, Kaspersky System Watcher, is equipped with behavioral analysis technologies that can identify ransomware and miners before they can do any harm to the user. In addition, Kaspersky Small Office Security protects online payments made with a browser, allows you to encrypt sensitive data, and makes backup copies of important information. You can find out more detailed information, buy a solution, or download a trial version on the Kaspersky Small Office Security website.

Baltimore, Maryland, was attacked on May 7. The city’s administration decided not to give in to the extortionists and suffered damages of more than $18 million, according to preliminary estimates. A few weeks later, Riviera Beach, Florida, was next. The city’s computers were encrypted, and officials decided to pay the extortionists 65 bitcoins, or about $600,000.

A week after that, another city in the same state was attacked — Lake City. This time, the city administration deliberated even less and ended up paying almost half a million dollars to the extortionists. It is not yet known whether they were able to decrypt their data, but they confirmed that the attackers sent them the decryption key.

This is not the beginning of a new wave of attacks. You don’t have to dig deep to find plenty of other similar, prominent incidents — in Atlanta, Georgia, Jackson County, Georgia, Albany, New York, and more.

To pay or not to pay?

As the Baltimore case shows, it is much more expensive to fight the consequences of an attack than to pay extortionists. Perhaps it was the calculation of the damages from this incident that influenced the decisions of the Riviera Beach and Lake City councils.

Of course, the decision to pay is understandable. When ransomware paralyzes city services, we are talking not only about financial damages, but also about the lives and well-being of local residents. However, every time a city pays, attackers become more convinced that their efforts are not in vain. So, they choose their next victim and keep the trend going. That’s a big part of why the FBI and companies involved in information security do not recommend paying.

How to avoid getting encrypted

Almost all ransomware infections follow a similar script: Someone in a city’s administration receives a letter that includes a malware link or attachment and, not recognizing the threat, the employee launches the malware, which exploits long-known vulnerabilities in operating systems or other software to encrypt data. Sometimes (again, through known vulnerabilities), the malware spreads to all computers on the victim’s local network. Therefore, we have three main tips:

• Update software right away, prioritizing operating systems.
• Employ security solutions that can handle known and yet-undetected ransomware on all computers. Even if you already have a reliable protection, you can use the Kaspersky Anti-Ransomware Tool as an additional protective layer — it can work in combination with other companies’ security products.
• Teach employees to recognize and defend against the social-engineering techniques malefactors use to get a foothold in corporate networks.

Among our other solutions, we offer Kaspersky Interactive Protection Simulation, a solution designed specifically for local public administrations. It was created in the framework of the COMPACT project created by the European Commission, but it is also suitable for training public administrations around the world. You can learn a little more about it in this article.

Not long ago, our spam filters began catching a new version of blackmail letters. At this time, they threaten to undermine the reputation of the websites of small and medium-size companies. The scheme is quite simple: They send letters to victims’ public addresses (or submit them using their website “contact us” form), demanding a transfer of a small (by business standards) amount of 0.3 to 0.5 bitcoins to their bitcoin wallet. (At the time of this writing, the amount was never more than the equivalent of $4,200).

What are they threatening?

These cybercriminals are trying to impress their victims with large numbers. Their threats are as follows:

• They will submit offensive letters signed by the victim’s company to 33 million sites with web contact forms.
• They will send out annoying advertising letters with promises of free iPhones to 19 million addresses.
• They will continue the assault with aggressive spam on 35 million forums.

As a result, they say, the Spamhaus project will recognize the victim’s site as a source of spam and will block it forever, completely undermining the reputation of the site and the company.

How real are the threats?

The short answer is, they are not real at all. The amount of work that hackers would have to undertake for a disinformation campaign like the one outlined would require too much time and effort to be profitable. Spammers’ only hope is to frighten the recipient enough to pay.

In fact, if the company decides to pay, all it accomplishes is getting added to the list of victims who tend to cooperate with extortionists. By demonstrating that you are ready to agree to their demands, you are making your company more likely to receive similar letters in the future.

What should you do?

If you receive such a message, it may be tempting to act, but you should not. However, to avoid similar letters in the future, use a security solution that can block spam mailing at the server level.

Password mining

Not all companies use complex and unique passwords for their wireless networks, and few bother to disable the broadcasting of the network’s name. And not many at all limit the power of the WI-Fi signal to prevent network connections from outside of the office. Thus, usually little prevents a potential attacker from hanging around near the office and trying to get into a corporate network through a Wi-Fi connection.

Performing a simple dictionary attack on the router’s login takes just a few seconds. Hacking complex password combinations takes more time, unless the attacker is in a hurry, it is quite possible. However, that’s not always necessary, because with some routers, an attacker can simply use vulnerabilities in the firmware.

Firmware vulnerabilities

Researchers regularly detect vulnerabilities that can allow malefactors into a network, bypassing your Wi-Fi router’s passwords and other protective mechanisms. In some cases they can get superuser rights on the device. Usually developers are quick to patch those vulnerabilities. The trouble is that many organizations do not install patches in a timely manner, especially when doing so involves reflashing firmware.

Guest network

Many companies use different Wi-Fi networks for employees and guests. This is a reasonable measure: on the one hand, customers and other visitors to the office can connect to the Internet; on the other hand, they will not have access to the corporate network and internal resources. However, guest Wi-Fi can work against you.

Getting a password for a guest network is easy enough — that’s the idea. But in some cases — if the network is improperly configured — it can let guests reach some elements of the corporate infrastructure.

Even with the correct network configuration, your employees can unwittingly put themselves in jeopardy. Suppose that one of them wanted to access a network resource blocked by corporate policy. Without thinking twice, he connects a laptop with confidential data to the guest network. Now an attacker lurking in the same guest network can try to perform a man-in-the-middle attack and infect his laptop with malware.

How to make corporate malware less vulnerable

We believe Wi-Fi networks are still worthwhile; they do, however, need security-oriented approaches for both device and corporate-network configuration.

• Update the firmware of Wi-Fi routers and access points, and keep them up to date. Manufacturers are constantly fixing vulnerabilities; don’t assume if something works, that means it’s secure.
• Set a unique, long, complex password to access Wi-Fi. Your employees will need to enter it only once on each device, and strong passwords make hacking a network more complicated.
• Limit signal strength so that your network is not available from outside of the office.
• Hide the name of the network to make it harder to find.
• Choose a name for the network that is not obvious or easily guessable — and keep the router model number out of it, so attackers can’t use that to search for a known vulnerability.
• Segregate the guest network so guests do not have access to internal resources. You may have to deprive your visitors of some convenience (such as the ability to print a document on your printer), but you will significantly reduce the risk of data leakage.
• Use a reliable security solution so that even if an attacker breaches your network, they will not be able to cause significant damage to workstations and servers.