What is it?
Malware is any “malicious software.” Malware can steal, encrypt, or delete your data, alter or hijack core computer functions, and spy on your computer activity without your knowledge or permission.
Most modern malware contains advanced capabilities that help it spread, avoid detection or be very difficult to remove.
Why is it a risk?
A Denial of Service attack (DoS) is when an attacker attempts to overwhelm a victim’s server.
A Distributed Denial of Service (DDoS) attack is when the attacker uses many unwitting accomplice computers to attack their victim. By orchestrating the actions of many computers, it is easier for the attacker to overwhelm their victim.
A server with a publicly accessible port (like the one described in this alert) can be turned into such an accomplice.
Although malware might be targeted specifically at your organization, it is much more common malware is designed to use your computer as an unknowing participant in a DDOS on some government, financial or other large organization.
Many malware applications attempt to trick human users into providing system passwords, often by masquarading as legitimate software products.
Although many people consider Apple or Linux based operating systems to provide better protection, they are definitely not immune to malware.
How can you mitigate the risk?
1) Keep your operating system up-to-date.
2) Use an anti-virus/malware product (even on Linux or Mac servers). There are many excellent anti-malware applications available for different operating systems, with different features, and at different price points. We recommend using a search engine and reading multiple reviews before committing.
3) Write and maintain tight firewall rules on any Internet facing server. The exact syntax used for firewall rules depends on your operating system and firewall software, but the Enterprise Networking Planet article, “What Are Firewall Rules? Definition, Types, and Best Practices”, provides an excellent overview.
4) Respond promptly to infection alerts.
Resources:
Enterprise Networking Planet: What Are Firewall Rules? Definition, Types, and Best Practices
https://www.enterprisenetworkingplanet.com/security/firewall-rules/