3 Ways You Can Get Infected With Ransomware

What to do if you are hit by ransomware

There’s been a lot in the news over the last few weeks about ransomware attacks. As the media can give people the wrong impression let me clear up some things for you. Continue reading

What to Do If You Get Hit With Ransomware

What to do if you are hit by ransomware

If you get hit with ransomware there will be a number of indications, including:

  • A screen telling you that your business files are encrypted.
  • You can’t open any of your documents.
  • Your files may have a weird extension of different icon.
  • there will be instructions for how to pay up to recover your files.

This blog article details a number of steps you can take instead of paying the ransom straight away. Continue reading

Why Everyone Should Be Terrified of Ransomware

Malware

If you want to scare someone in computing then start talking to them about ransomware. There are few things as scary for IT professionals as the prospect of systems locking up with hackers demanding money to return things back to normal. Continue reading

Are You Protected Against Leakware?

Leakware or extortionware

You should have heard about ransomware by now. Cyber-criminals access and encrypt your data and you have to pay a “ransom” for the key to unlock your data. If you have a backup you can revert to that and forget about the hackers threats. Leakware (also known as extortionware) is similar, but now the bad actors are threatening to post your confidential information online if you don’t pay up. Continue reading

7 Things You Need to Know About Ransomware!

Ransomware - Need To Know

Ransomware is a when cybercriminals kidnap your data (via encryption) and then demand money so that you can decrypt your own data. It sounds scary and it certainly is! Here are the top seven things you need to know about ransomware. Continue reading

Common Types of Malware to Watch Out For

Infected SystemsWhat is a virus and is it the same as malware?

Malware describes software designed to act maliciously on a computer. The name ‘malware’ is a shorthand for ‘malicious software’ and describes exactly what it is. A computer virus is a single type of malware that can cause harm to your PC, but it is only one of many. Other types of malware are listed below.

Adware

Short for advertising-supported software, adware is a type of malware that delivers adverts to your computer. These advertisements often pop-up and are intrusive, irritating and  designed to trick you into clicking something you don’t want. A common example of malware is pop-up ads that appear on many websites and mobile applications.

Adware often comes bundled with “free” versions of software that uses these intrusive advertising to make money. Commonly it is installed without the user’s knowledge and are purposely made to be difficult to remove.

Spyware

Spyware is designed to spy on the user’s activity without their consent or knowledge. Spyware is often installed in the background, collects keyboard input and can harvest data from the computer, monitor web activity and more.

Spyware typically requires installation to the computer. This is commonly done by tricking users into installing the spyware themselves instead of a software application that they thought they were getting. Victims of spyware are often be completely unaware of its presence until the stolen data is used elsewhere (ie in a fraudulent bank transactions or stolen online accounts).

Virus

A computer virus is a form of malware that is installed inadvertently, causing damage to the computer and / or user. A typical virus may install a keylogger to capture passwords, logins and bank information from the keyboard or it might steal or delete data, interrupt programs or cause the computer to crash.

Modern virus programs commonly use your computers processing power and internet bandwidth to perform illegal tasks remotely for hackers. The first sign of this can be when the computer sounds like it is doing a lot of work when no programs are running. A computer virus is often spread through installing unknown software or downloading attachments that contain more than they seem.

Ransomware

Ransomware is a very malicious variety of malware that prevents the user from accessing their own files and data until a ransom is paid. Files within the system are often encrypted with a password that won’t be revealed to the user until they receive money usually in the form of bitcoin.

Instead of accessing the computer as normal, the user is presented with a screen which details the contact and payment information required to access their data again.

Ransomware is typically downloaded through malicious file attachments, email or through a vulnerability in the computer system.

Worm

Another type of malware is the computer worm. Worms spread across computer networks by exploiting vulnerabilities within the operating system. Often these programs harm their host networks by consuming large amounts of network bandwidth, overloading computers and using up all the available resources.

While similar to a virus a worm is able to both copies of itself and spread independently. A virus must rely on human activity to run a program or open a malicious attachment while worms can simply spread over the network without human intervention.

If you would like to make your business secure from malware, give us a call at 08 8326 4364 or via email on support@dpcomputing.com.au.

Could Your Backups Survive A Ransomware Attack?

More and more businesses and organizations are getting hit by ransomware demands. It doesn’t matter what industry you are in, hospitals, schools, factories, offices,… are all getting infected and hackers are raking in millions.

Ransomware attacks are devious in their simplicity. A user in a business is tricked into opening a file, usually through a phishing email or download. The file contains malware which then encrypts your data and demands money in exchange for the password to decrypt you data.

All businesses should have a backup and thus should simply be able to restore from their backup if the worst occurs. But this is not always the case.Sometimes the backup  fails for some reason and the data can’t be retrieved. In other instances, the business has a backup that can be restored but it doesn’t include everything they need. So have you tested your backup recently?

Sometime the backup is also caught in the ransomware encryption and becomes useless as a recovery method. This is why it is good to have at least one backup stored offsite and not connected to a computer network.

The only defense is to block the malware before it can infect your network and then continue the protection with a comprehensive backup strategy for all workstations and servers. Give us a call to discuss how we can help secure your business against ransomware today on 08 8326 4364 or support@dpcomputing.com.au.

Eleven Best Security Practices To Stop Ransomware

Ransomware and most malware attacks start in two main ways. A booby-trapped email with a malicious attachment or via a compromised website; which then work their way down to your endpoints and servers.To stop these attacks, it is critical that you have a multi layered approach to security.

This starts with a training your employees and patching your devices right through to cloud based malware filters, dedicated hardware firewalls and corporate grade security applications on each device.

The eleven best security practices to apply now are:

  1. Employee training
    Regular training for employees is essential. Employers need to inform their staff on what to look out for and don’t trust the contents of every email they receive.
  2. Patch early, patch often
    The sooner you patch Windows the fewer holes there are for ransomware to exploit.
  3. Backup
    Backup regularly and keep a recent backup copy off-line and off-site. Offline and off-site means ransomware can’t get to it. With recent backups data loss can be minimized.
  4. Implement corporate grade security software
    A free antivirus program might be ok for home use but do you really want a free program protecting your confidential business data and financial information?
  5. Install a firewall or UTM
    You probably don’t just rely on a cheap door lock on the front door of your house so why rely on a basic firewall on the electronic entrance to your business?
  6. Enable cloud based email filtering
    Don’t rely on your local antivirus software detecting and stopping malware within your email application. Block it before it even enters your network by using using a cloud based filter – one that uses multiple filters is even better.
  7. Enable file extensions.
    Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you.
  8. Disable Macros
    Don’t enable macros in document attachments received via email. A lot of infections rely on persuading you to turn macros on, so don’t do it!
  9. Be cautious about unsolicited attachments
    If you aren’t sure – don’t open it. Check with the sender if possible.
  10. Admin Login Rights
    Don’t have more login power than you need. Having administrator rights may bake things easier for administration but they also give malware free ranges on your computer and network. An infection which may be able to be contained to one device could become a network disaster is the malware exploits admin rights.
  11. Keep applications up to date.
    Stay up-to-date with new security features in your business applications
    For example Office 2016 now includes a control called “Block macros from running in Office files from the internet”.

Why Do People Create Viruses?

Why Do People Create Viruses?Writing a computer program is hard and writing a virus is even harder (BTW you don’t even need programming skills as viruses templates can be bought online), so why do people do it? In the majority of instances it comes down to 3 reasons:

  • Money
  • Bragging rights
  • Simply being a jerk.

While bragging or being a jerk is pretty self-explanatory, the money side is more interesting. Here are some of the ways people make money with viruses:

Bank account theft: As with real bank robbers virus creators are more than happy to help themselves to the money in your bank account. Once they have your login details (obtained via a key logger) they simply transfer your funds away or use your credit card details to go on a shopping spree. Sometimes they’ll leave the fun to another person by selling your details to the highest bidder.

Ransomware: Sometimes a virus will encrypt your files and demand money for a key to unlock you own data. Without a true backup procedure in place you are at their mercy.  Once you have paid the nightmare may not be over as they now know you are an easy target and request even more money.

Ad swappers: A very cheeky technique which you may never know is happening to you. This scam is when a virus puts annoying ads on websites you visit or places affiliate codes on pages. When you buy something legitimately – eg, from Amazon – the affiliate codes allow the hacker to get a percentage as a ‘referral fee’. Their kickback doesn’t make your purchase cost more and you may not even know you are infected.

Bitcoin mining: You have heard of digital currencies being used for payments but did you know you can also earn money via bitcoin mining? You can earn this money by running specialized software on your computer but sometimes this means paying more in running costs than you would actually make – unless you were very clever and sneaky, and used a virus to use the processing power on other people’s computers.

Botnets: If infected with a botnet, a computer can be remotely controlled to do whatever the virus creator wants. In most cases they’ll usually set the infected computers to overwhelm a target computer and blackmail the owners of that computer – the ‘Botmaster’ says “pay me thousands of dollars or I’ll crash your computer.”

Account stealing: Subscription accounts like Netflix and Hulu are often hijacked allowing other users a free ride by using your accounts. Gaming accounts open up another world of financial incentives with those digital items that people work hard for in the games worth a pretty penny on the black market.

These are just a few of the ways people make money through viruses and malware. If you know of any others please leave a comment below.

Give us a call at 08 8326 4364 to make sure your computer is secure and protected.

How Much Could A Ransomware Attack Cost Your Business?

How much is your data is worth? Information is probably the most valuable part of your business. Imagine if you lost your client database, accounting software, inventory management and any intellectual property you may own. How long will it take to recreate this data and how much money would you lose in lost productivity, staff wages and the time it takes to either recover or recreate the lost information?

Recently when the WannaCry ransomware spread through out the world, many businesses were suddenly forced to re-assess the value of their data: was it worth saving and what would be the ongoing costs of the attack?

If you don’t have a recent backup most ransomware attacks cost at least $US200 (if not a lot more) to get your files released and that is only IF the cyber criminals honor the payment and actually give you the decryption key (some even demand further payments). Meanwhile your business is still running and new client calls are still coming in and you may find yourself unable to operate with your systems down.

Paying the ransom may seem like a quick fix but:

  • There is still the downtime involved to restore your data resulting in lost productivity.
  • If word gets out that your data has been compromised you may find confidence in your business plummets and your existing clients head elsewhere.
  • The cyber criminals you pay, may now see you as an easy target and demand more money or target you for other scams and malware activity.
  • You may recover the data but is it compromised with other malware?
  • You may not get back all the data that has been lost.

So that $US200 ransom may end up costing many, many thousands of dollars!

How To Prevent Ransomware Attacks on your Business

Keep your systems up to date: Malware can take advantage of flaws in older versions of Windows and software – sometimes ones that have already been patched by Microsoft and third party vendors. To be protected businesses have to stay up to date with their patches & versions. To be up to date with Windows patches you need to be running a supported version of Windows. Delaying patches and updates puts your business at risk – we can help you keep you systems up to date.

Use corporate grade security software and firewall: Free software may be fine for low end home computers but if the worst happens you will get no support or help from a company providing free software. A firewall or UTM (unified threat management) device can also help block malware and ransomware infections. But whether it is a free or paid for solution the software (and any hardware devices) must be kept up to date.

Lock down employee computers: Very few staff will require full administrator access to your business network. With a higher level of permissions the more damage a person can do – either accidentally or by inadvertently installing malware. By locking down your computers you have a better chance of containing a malware attack to non-vital systems. Our expert computer technicians can design an access management plan that gives you best of both worlds – flexibility and security.

Educate your workplace: Most employees believe they are being cyber-safe but in reality it is quite different. Many malicious links and embedded malware have become harder to spot – and all it takes is a microsecond to click (and later regret it). We can work with your staff to establish procedures around checking links for authenticity before clicking, awareness around verifying the source of attachments and the importance of malware scanning and keeping systems up to date. We can help get the message through!

Have a solid backup plan: When ransomware hits, a connected backup = infected backup. Also a lot of cloud backup systems, such as Dropbox, immediately clone the infected files which also renders the cloud copy useless. The only safe backups will be the ones both physically and electronically disconnected. Our experts can set you up with a backup system that makes recovery simple.

Be proactive: The best way to avoid the costs of a ransomware attack is to prevent it from happening in the first place is with up to date antivirus software, regular systems updates and security audits. Remember, many businesses were able to watch WannaCry from the sidelines, completely unaffected and seized opportunities while their competitors were down.

Our regular maintenance plans can help protect your business against the next cyber-attack. Call us today on 08 8326 4364 or via email at support@dpcomputin g.com.au.