In the previous article we discussed how Perimeter Defense and Anti-Virus solutions are an important part of your overall security regime to protect your online privacy. These solutions focus specifically on known vulnerabilities rather than zero day defense mechanisms. Just as you go to the doctor once you have a problem, these solutions focus on resolving a problem after it has presented.
The subject of much controversy over the last few years is ransomware. This software encrypts the files on your device and then locks your machine until you pay a ransom fee to the perpetrator. If you pay the ransom then your files are decrypted and your machine is unlocked.
This software is unwittingly installed by clicking links inside emails, or visiting web sites with links to infected software or spread through advertising (refer to the article on malvertising).
The impact to a consumer machine can be severe, resulting in the loss of personal data (at best) on the impacted machine, and potentially across the entire network.
Should a corporate machine be impacted, the stakes become much higher as the ransomware can potentially replicate itself across entire corporate networks, locking proprietary data for eternity (or until the ransom is paid).
Preventing this replication is an important part of Cyber Privacy such as BlackFog Privacy. By preventing outbound connections to other machines or remote servers it is possible to stop these infections before they occur and effectively stop the attack.
Like ransomware, spyware is malicious software that is deployed on your machine through many of the same methods employed by ransomware. The difference is that spyware focuses on collecting information about you, such as credit cards, social security numbers, your address, location, etc. and sending it back to their servers to exploit at a future time.
Spyware can be quite difficult to detect because most people don’t even realize they are infected. It can continually collect information about you for years before it is discovered. It can even be used for transmitting other files across the network so that it can replicate to other devices.
By monitoring the data flowing out of your computer BlackFog Privacy is able to detect anomalies in data leaving the network and protect your personal data.
Data Collection and Profiling
Another important aspect of privacy protection is device defense. Rather than detecting and preventing suspicious network transactions as we described above this focuses on preventing the collection of data on your device in the first place.
Your computer or mobile device is a very complex machine which runs hundreds of background tasks and processes on a daily basis which are constantly collecting information systemwide and at the application level. This includes information not only about the device itself, such as where it has been, but what you have been doing with it.
The system stores this information in databases, registries, log files and other file types on your device. BlackFog operates at both the process level and the system itself and monitors the collection of any personally identifiable data and constantly cleans it. This also includes closing applications, background tasks, removing certain cache files and other recorded information that might be collected and sent to remote servers.
BlackFog focuses on prevention rather than cure and is an important part of a layered approach to data security and your online privacy.