Tag Archive for: malware

2017March22Security_CAlthough a ransomware infection might feel targeted, you’re not the only one who’s been infected. Ransomware is spreading at an alarming rate, but the further it goes, the more resources are allocated to fighting it. If your data is held hostage, always check these lists for free decryptors first.

The state of ransomware in 2017

It’s been almost 30 years since malware was first created that could encrypt locally-stored data and demand money in exchange for its safe return. Known as ransomware, this type of malware has gone through multiple periods of popularity. 2006 and 2013 saw brief spikes in infections, but they’ve never been as bad as they are now.

In 2015, the FBI estimated that ransomware attacks cost victims $24 million, but in the first three months of 2016 it had already racked up more than $209 million. At the beginning of 2017, more than 10% of all malware infections were some version of ransomware.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may happen as a result of self-propagating ransomware strains, while others might come from cyber attackers who are hoping targets are so scared that they pay up before doing any research on how dated the strain is.

No matter what the circumstances of your infection are, always check the following lists to see whether free decryption tools have been released to save you a world of hurt:

Prevention

But even when you can get your data back for free, getting hit with malware is no walk in the park. There are essentially three basic approaches to preventing ransomware. First, train your employees about what they should and shouldn’t be opening when browsing the web and checking email.

Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything in case of an infection.

Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.

Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above, but most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. If you do, you probably won’t have the expertise to discern where your security was penetrated.

Don’t waste time fighting against a never-ending stream of cyber attacks — hand it over to us and be done with it. Call today to find out more.

Published with permission from TechAdvisory.org. Source.

2017March3Security_CBusiness owners have spent the last couple months fearful of cyber attacks from the “fileless malware” plastered across headlines. The reality of this new threat doesn’t actually call for panic…yet. Getting acquainted with this new malware today could save you from a headache in the future.

What is this new threat?

To oversimplify the matter, fileless malware is stored somewhere other than a hard drive. For example, with some incredibly talented programming, a piece of malware could be stored in your Random Access Memory (RAM).

RAM is a type of temporary memory used only by applications that are running, which means antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.

This isn’t the first time it’s been detected

Industry-leading cyber security firm Kaspersky Lab first discovered a type of fileless malware on its very own network almost two years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

Where is it now?

Apparently being infected by this strain of malware makes you an expert because Kaspersky Lab was the group that uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyber attackers to withdraw undisclosed sums of cash from ATMs.

Am I at risk?

It is extremely unlikely your business would have been targeted in the earliest stages of this particular strain of malware. Whoever created this program is after cold hard cash. Not ransoms, not valuable data, and not destruction. Unless your network directly handles the transfer of cash assets, you’re fine.

If you want to be extra careful, employ solutions that analyze trends in behavior. When hackers acquire login information, they usually test it out at odd hours and any intrusion prevention system should be able to recognize the attempt as dubious.

Should I worry about the future?

The answer is a bit of a mixed bag. Cybersecurity requires constant attention and education, but it’s not something you can just jump into. What you should do is hire a managed services provider that promises 24/7 network monitoring and up-to-the-minute patches and software updates — like us. Call today to get started.

Published with permission from TechAdvisory.org. Source.

2017january12_security_cAs cyber attacks continue to rise, businesses large and small need to stay one step ahead with IT services that keep them protected no matter what. What once were minor nuisances have now become advanced threats that can actually put you out of business. In fact, these cyber attack statistics will prove to you that you need managed services from a technology provider to remain safe and competitive.

The numbers

Small businesses are not at risk of being attacked, but worse, they’ve already fallen victim to cyber threats. According to Small Business Trends, 55 percent of survey respondents say their companies have experienced cyber attack sometime between 2015 and 2016. Not only that, 50 percent reported they have experienced data breaches with customer and employee information during that time, too. The aftermath of these incidents? These companies spent an average of $879,582 to fix the damages done to their IT assets and recover their data. To make matters worse, disruption to their daily operations cost an average of $955,429.

The attacks

So what types of attack did these businesses experience? The order from most to least common are as follows: Web-based attacks, phishing, general malware, SQL injection, stolen devices, denial of services, advanced malware, malicious insider, cross-site scripting, ransomware and others.

Why managed services?

Managed services is the most effective prevention and protection from these malicious threats. They include a full range of proactive IT support that focuses on advanced security such as around the clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection and more.

Not only that, but because managed services are designed to identify weak spots in your IT infrastructure and fix them, you’ll enjoy other benefits including faster network performance, business continuity and disaster recovery as well as minimal downtime. One of the best things about managed services is the fact that you get a dedicated team of IT professionals ready to assist with any technology problems you might have. This is much more effective and budget-friendly than having an in-house personnel handling all your IT issues.

Being proactive when it comes to cyber security is the only way to protect what you’ve worked hard to built. If you’d like to know more about how managed services can benefit your business, just give us a call, we’re sure we can help.

Published with permission from TechAdvisory.org. Source.

2016december28_security_cRansomware has become a fast-track for making money for some hackers this holiday season. But instead of just demanding a small payment for the decryption code that will unlock their computers, some hackers are demanding that victims sacrifice two other friends to ensure they receive the code they need. Read more to find out what makes Popcorn Time such a devious program and how you can avoid becoming one of its victims.

Ransomware is nothing new. Cybersecurity miscreants have been taking advantage of online users for years by requiring payment to “unlock” a victim’s computer. What Popcorn Time does differently is give users the option to spread the virus to two other victims in the hopes that they will pay the ransom — a tactic that promises to double their money at the expense of your sense of morality (and at the expense of your friendships as well).

The Cost of Popcorn

When you inadvertently download this ransomware, you will be met with a screen that explains that your files have been hijacked/encrypted, and that to get them back you will need to pay one Bitcoin for a decryption key that they keep stored remotely. The Bitcoin fee is usually more than $700, a hefty price to pay during any season but particularly difficult for those infected during the holiday season.

Spread the “Holiday Cheer” and Hope they Bite

What makes Popcorn Time unique is the option victims have to take their cost away by allowing the ransomware to affect two of their friends for a chance to get a free decryption code. Of course, it works only if both friends pay the ransom, which leaves you looking (and feeling) like the Grinch.

Avoiding Popcorn Time this Season

The easiest way to avoid downloading ransomware is to stay off of sites that might contain questionable files. However, this is nearly impossible for modern users, and many hackers are getting good at making their files look legitimate. Limit your exposure to potential ransomware by keeping your software up-to-date and your computer protected with a security program from a reputable company (for example Norton or Symantec). If you need to learn more about how to avoid running into ransomware while you’re online, give our professional cybersecurity consultants a call. We’ll keep you away from the popcorn this season.

Published with permission from TechAdvisory.org. Source.

2016october19_businessproductivity_cThe internet is constantly tempting us. There’s an endless collection of funny cat videos, memes, and social media statuses to consume. Sure, the occasional three-minute YouTube video never hurt anyone, but if employees waste hours of their working day on these websites, that’s a problem. So how can you, as a business owner, discourage employees from procrastinating on the internet? When it comes to increasing employee productivity, keeping a close eye on your personnel’s internet behavior reaps various benefits.

Time-saving measures
At times, the internet can be very addictive. Internet monitoring software saves employees from the temptation of online videos and games by restricting access to time-wasting sites that you deem unnecessary for business. But internet monitoring software doesn’t even have to be as extreme as denying permission to harmless social media websites. Just letting your employees know that you’ll be randomly monitoring their internet activity discourages them from taking prolonged visits to their Instagram page.

Avoiding harmful websites
The internet hosts plenty of unsavory links and websites. Employees who haphazardly click phishing links or access malware-ridden pornography sites can put your business at risk. Working with infected machines can slow down the entire system and, in some cases, completely halt operations. But by using internet monitoring tools you can restrict access to dangerous websites, and identify reckless employees to remove their internet privileges, if necessary.

Controlling bandwidth usage
Even while using the internet for the right purposes, bandwidth can be used up quickly. Internet monitoring gives you up-to-the-minute reports on your bandwidth usage. Once you have a clear understanding of your company’s overall bandwidth usage, you can then control its expenditure. This feature allows you to prioritize bandwidth for critical business applications and reduce bandwidth for less necessary websites.

Increasing productivity on the internet
Internet monitoring software may be a powerful tool, but it should be used responsibly. As a business owner, you need to walk a fine line between over-surveillance and under-surveillance. What you should do is establish a clear internet policy. Then, explicitly define the disciplinary measures to be dispensed on anybody who goes against the requirements of the internet policy. And deal with time-wasting employees on a case-by-case basis. It’s unreasonable to remove everyone’s Facebook privileges because one or two abused theirs.

Employee productivity can be difficult to achieve, especially with the proliferation of what we would like to call, “procrastination software.” But with web monitoring software, you can truly get your business — and your employees — back on track. Looking for more ways to increase business productivity with technology? Give us a call. We’ll be happy to make suggestions.

Published with permission from TechAdvisory.org. Source.

2016september21_security_cEveryone, from doctors to lawyers, needs to continue learning to stay ahead of the times. Business owners might have it worst of all, oftentimes needing to stay on top of several industries to keep their company running. Keep reading for a refresher on all the latest trends and buzzwords used in the cybersecurity sector.

Malware

For a long time, the phrase ‘computer virus’ was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as a type of malware.

Ransomware

Don’t let all the other words ending in ‘ware’ confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is ‘ransomware,’ which encrypts valuable data until a ransom is paid for its return.

Intrusion Protection System

There are several ways to safeguard your network from malware, but intrusion protection systems (IPSs) are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can deploy an exploit or take advantage of a known vulnerability.

Social Engineering

Not all types of malware rely solely on fancy computer programming. While the exact statistics are quite difficult to pin down, experts agree that the majority of attacks require some form of what is called ‘social engineering’ to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.

Phishing

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy, and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value — always verify the source of any service requesting your sensitive data.

Anti-virus

Anti-virus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well known malware variants.

Zero-day attacks

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyber attackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

Patch

When software developers discover a security vulnerability in their programming, they usually release a small file to update and ‘patch’ this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest advances in malware.

Redundant data

When anti-virus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.

We aren’t just creating a glossary of cyber security terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out for yourself.

Published with permission from TechAdvisory.org. Source.

2016Apr13_Security_CIn the 21st century, personal computing is with us wherever we go. This is all thanks to the proliferation of mobile devices such as smartphones and tablets. These devices allow us to take work home with us. And, with bring your own device (BYOD) strategy, businesses have never been so productive. However, BYOD poses a number of security risks if you’re not careful. What are these problems? How are they caused? Here are some BYOD security risks you should know before implementing it in your business.

Data leakage

The biggest reason why businesses are weary of implementing a BYOD strategy is because it can potentially leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and systems. There is also a chance that an employee will take work with them, where they are not using the same encrypted servers that your company is using, leaving your system vulnerable to inherent security risks.

Lost devices

Another risk your company has to deal with, is the possibility of your employees losing their personal devices. When devices with sensitive business information are lost, there is a chance that this could end up falling into the wrong hands. Additionally, if an employee forgets to use a four digit PIN code to lock their smartphone or tablet, anyone can gain unauthorized access to valuable company data stored on that particular device. Therefore, your company should consider countermeasures for lost devices like completely wiping the device of information as soon as an employee reports a missing or stolen phone.

Hackers can infiltrate your system

Personal devices tend to lack adequate data encryption to keep people from snooping. This along with the fact that your employees might not have updated their devices can allow hackers to infiltrate your IT infrastructure.

Connecting to open Wifi spots makes your company more susceptible to hackers. Open wireless points in public places can put device owners at risk because there is a chance that hackers may have created that hotspot to trick people into connecting. Once the device owner has connected, attackers can simply surveil web activity and gain access to your company’s accounts.

Vulnerable to malware

Viruses are also a big problem when implementing BYOD strategies into your business. Using personal devices means your employees can access whatever sites or download any mobile apps that your business would normally restrict to protect your system.

Jailbreaking or rooting a device also puts your systems at risk because it removes limitations imposed by the manufacturer to keep the mobile software updated and protected against external threats. It’s best to understand that as your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies to your business, prepare your IT department for an array of potential malware attacks on different devices.

So you might be thinking that it would probably be best to just avoid implementing a BYOD strategy in the first place. However, BYOD will help your business grow and adapt to the modern workplace, and should not be dismissed as a legitimate IT solution. It’s just important to educate your company about these risks so that problems won’t occur for your business down the line.

If you need some help implementing IT security solutions for your company, or if you have any concerns regarding IT, give us a call.

Published with permission from TechAdvisory.org. Source.

2016Mar29_Security_CAs companies go to the Internet to conduct their business, their IT security becomes more vulnerable to many hackers and viruses. That’s why it’s even more important to recognize whether or not your systems are under threat from malicious software to swiftly fend off the infection. So how do you know if your company’s IT security is under threat? Here are a few warning signs to tell if you are a victim of malware infection.

Slow computer

The most common symptom of a malware infection is a slow running computer. Are your operating systems and programs taking a while to start up? Is your data bandwidth suspiciously slow? If so, your computer may potentially have a virus.

However, before you immediately assume your computer has a virus, you should check if there are other causes to your computer slowing down. Check if you’re running out of RAM. For Windows, open task manager (Ctrl + Shift + Esc) and go to the Performance tab and check how many gigabytes of RAM you are using under the Memory section. For Mac OS users, you can open the Activity Monitor app and under System Memory you should be able to find out your RAM usage.

Other causes of a slow system include a lack of space on your hard drive and damaged hardware. Once you’ve ruled out the other potential causes, then a virus may have infected your device.

Blue screen of death (BSOD)

If your PC crashes regularly, it’s usually either a technical problem with your system or a malware infection. You might not have installed the latest drivers for your device or the programs you’re running could possibly be incompatible with your hardware. If none of these problems are apparent in your PC then the virus could be conflicting with other programs causing your crashes.
To check what caused your last BSOD go to Control Panel> System and Security> Administrative Tools> Event Viewer and select Windows Logs. Those marked with an “error” are your recorded crashes. For troubleshooting solutions, consult forums or your IT department to figure out what to do next.

Programs opening and closing automatically

Malware can also be present when your programs are opening and closing automatically. However, do check if some programs are meant to behave this way or if they are simply incompatible to run with your hardware first before coming to the conclusion that your computer has a virus.

Lack of storage space

There are several types of malware that can manipulate the files saved on your computer. Most tend to fill up your hard drive with suspicious files. If you find any unknown programs that you have never installed before, don’t open the application, search up the program’s name over the Internet and use antivirus protections once you’re certain that it’s malware.

Suspicious modem and hard drive activity

Combined with the other warning signs, if your hard disk is working excessively while no programs are currently running or if you notice that your external modem is always lit then you should scan your computer for viruses.

Pop-ups, websites, toolbars and other unwanted programs

These are irritating signs that your computer has a virus. Pop-ups come from clicking on suspicious pages, answering survey questions to access a website’s service or installing free applications. Don’t click on ads where Jane says she earned $8000 a month staying at home. When you get pop-ups appearing out of the blue, refrain from clicking anywhere on the pop-up page and just close out of the window and use your anti-malware tool immediately.

Equally, free applications allow you to download their service for free but the installation process can be riddled with malware. When you’re installing a program from the Internet it’s easy to just skim over the terms and conditions page and repeatedly press next. This is where they get you. In the process of skipping over certain installation steps, you might have agreed to accepting a new default browser, opening unwanted websites and other programs filled with viruses. Just be cautious the next time you download something for free. It’s best to try avoiding any of these practices when you can in order to protect your computer.

You’re sending out spam

If your friends are telling you that you’ve been offering them suspicious messages and links over social media or email, you might be a victim of spyware. These may be caused from setting weak passwords to your accounts or forgetting to logout of them.

In the end, it’s best to know how malicious software affects your computer so you can take steps to rectify the situation as soon as possible. Regardless of whether or not your system has experienced these symptoms, it’s always smart to perform regular malware scans to ensure your business is safe. To find out more about malware and IT security, contact us today.

Published with permission from TechAdvisory.org. Source.

Female hand giving a bribe to businessman - closeup shotThe threat of being infected by malicious software is part and parcel of spending time on the internet, and no sooner have the antivirus and security software programs released an update or new patch than cyber criminals are scrambling for ways to circumvent them. In addition, as end users become savvier to the tricks and scams used to steal our data, money or identities, new tactics are employed to try and fool us. And that includes Chimera, a new strain of ransomware which has recently been uncovered.

Business is booming in the world of cyber crime, and scammers, extortionists, phishers and hackers are constantly on the lookout for new ways to exploit our fears and naivety in order to boost their bank accounts, steal our data, or simply cause us mayhem for their own twisted pleasure. One of worst types of malware for playing with our emotions – and therefore increasing the likelihood of us capitulating to its demands – is ransomware. If you don’t know how this program works, read on for an introduction.

If your computer has been infected by ransomware, the first sign that something is wrong is normally discovering that you are unable to open one or more of your files. That’s because the malware encrypts them, rendering them completely inaccessible. The next thing you see will be a ‘ransom note’, either in the form of an email or a notice that appears directly on your screen. You will be told that if you want to see your files again you will need to pay a sum of money. After making payment you will (allegedly) be sent a code that will allow you to decrypt your files.

Some types of ransomware up the fear factor even further by pretending that the FBI, CIA or other national law enforcement or government agency is behind the ‘kidnapping’. You will be told that your files are being held hostage because you have downloaded pirated software or files, or visited an illegal or illicit website – such as those depicting extreme pornography or threatening national security. Regardless of whether or not you are guilty of any of the above – be it a visit to an x-rated website, or downloading a pirated copy of the latest episode of The Walking Dead, your first instinct is probably to panic. The thought of no longer having access to any of our information, files or data is enough to make most of us break out into a cold sweat. If you haven’t backed up, everything from your vacation pictures to your company’s data could be lost for good.

The problem for ransomware creators, however, is that many users have wisened up to their tactics, and are refusing to pay, instead calling in an IT specialist to try and restore their encrypted files. This has left cyber criminals needing to find a way to boost ‘trade’. And that is where Chimera comes in. Christened by the Anti-Botnet Advisory Centre – a part of Germany’s Association of the Internet Industry – unlike previous forms of ransomware, which were indiscriminate when choosing their victims, this latest threat primarily targets businesses.

An employee will receive an email, purporting to be an application for a job within your firm, or some kind of corporate deal. This email will include a link ostensibly to the applicant’s resume or to details of the offer, but will in fact go to an infected file stored in Dropbox. Chimera then infects the user’s computer and encrypts any local files. Once the PC has been rebooted, the ransom note will be displayed on the desktop. Payment is usually set at around $680 USD, which must be paid in Bitcoins. And in order to further scare the victim into paying, the note will also state that failure to make payment will result in the user’s files being published online.

If there is a slight silver lining to the Chimera cloud, it is that the Anti-Botnet Advisory Centre has not found any proof that files have been published – at least not yet. In fact, it is still unknown whether the ransomware does actually take the encrypted files or if it is just an empty threat. Regardless, it is still a threat which could easily convince many users to pay the ransom. And should Chimera make good on its threats, the ramifications for a business are huge – and that’s without taking into consideration the nightmare of having your files encrypted in the first place. With Chimera targeting businesses of all sizes, and random employees within the business at that, isn’t it time you took another good look at your organization’s security posture?

Contact us today and talk to one of our security experts. We’ll be more than happy to help ensure that your small or medium-sized business isn’t taken hostage by Chimera or any other type of ransomware.

Published with permission from TechAdvisory.org. Source.