US Govt Recommends Vendor System Configs To Block Malware Attacks

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) today reminded users and system administrators to properly configure their systems to defend against malware that can exploit improper configurations.

The reminder was published by the cyber-security agency through the US National Cyber Awareness System designed to provide users with information on current security topics and threats.

"Protect yourself from unwanted—and potentially harmful—files or programs by adhering to vendor-recommended configurations for hardware and software," CISA says.

"Doing so in addition to maintaining regular patch maintenance, will help give your systems and networks the best security possible."

Malware protection guidance

Besides encouraging administrators and users to properly configure their computing systems to avoid potential malware attacks, CISA also provides a list of security practices that will help drastically reduce malware risks if followed.

The agency's ST18-004 security tip revised in April 2019 recommends installing and maintaining anti-malware solutions, using caution when clicking and opening links and attachments received by email, blocking pop-up advertisements to defend against malvertising, and using accounts with limited user permissions to prevent malware from spreading.

CISA also advises keeping one's software updated to patch recently discovered vulnerabilities that could be exploited by threat actors, to always back up data to avoid losing information in the event of a malware infection, and to use anti-spyware tools.

Using a firewall for blocking malicious traffic, monitoring accounts for suspicious activity, and disabling AutoRun and AutoPlay features for external media to prevent malicious code automatically being executed from infected external devices are the rest of the recommendations provided as part of CISA's malware protection guidance.

The US government cyber-security agency also provides guidance for operating and software updates as part of its ST04-006 security tip revised in September 2018, highlighting the following best practices:

Cyber Essentials guide for SMBs, local government agencies

In November, CISA launched the Cyber Essentials guide for small businesses and small SLTT governments to help them understand and address cybersecurity risks.

This guide "aims to equip these organizations with basic steps and resources to improve their cybersecurity resilience" according to CISA.

The agency also published a Cyber Essentials infographic the same day, with the following list of six measures that organizations can take to diminish their cyber risks:

This month, US consumers were encouraged by the DHS to be aware of incoming malicious campaigns and scams that usually become active and start targeting potential victims during each year's holiday season.

In July, CISA, the Multi-State Information Sharing and Analysis Center (MS-ISAC), the National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) urged government partners and the cyber community to reinforce ransomware defenses in a joint statement.

Once the protection steps recommended in the joint statement are implemented, government partners are also advised to go through the best practices issued by CISA, MS-ISAC, NGA, and NASCIO for more measures designed to boost their org's security shield.