In June 2017, yet another type of complex ransomware has infected computers worldwide. It goes by the name ‘Petya,’ and it caused companies like DLA Piper and Maersk to freeze up their systems. The only way for these companies to have unlocked their systems, is, of course, by paying a hefty ransom.
If your company was safe from Petya this time around, how can you continue to stay safe from ransomware attacks in the future?
The interesting thing about the Petya virus is that the authors of Petya demanded the large ransom (100-bitcoin) only after many companies infected already resumed their operations. Though it looks like some victims had decided to pay a smaller ransom, Petya’s financial success didn’t amount to much.
While all ransomware viruses typically work in the same way, each one possesses a unique attribute that makes it stand out from the others. Perhaps it infects more companies, demands more money than other forms of ransomware, or is simply that much harder to prevent.
Before Petya, the big ransomware virus to look out for was WannaCry. Though WannaCry could fall into its own category of headline-making ransomware, it actually shares some similarities with Petya. Like WannaCry, Petya infiltrated networks through systems that used Microsoft Windows. And, although it seems that Petya’s main goal was to disrupt Ukrainian infrastructure (where the virus was sourced from) rather than just make money, it’s important for everyone to be aware of such a virus’ capabilities. Knowing what’s out there makes you less likely to become a victim yourself since you know how to prevent an attack in the future.
It goes without saying that not all cyber attacks can be prevented. Because technology is so complex and because there is so much we cannot see on the Internet, hackers are finding new ways to get what they want. But, first and foremost, we must educate ourselves about what kind of hacks are out there, how we may possibly be vulnerable to those attacks, and how to protect ourselves in every way possible.
From what we know from this attack, only Windows systems were targeted. Those who haven’t updated their software were more at risk, as well as businesses. Home networks weren’t really a target in this case, which is pretty true for most cyber attacks (but not always).
Unlike WannaCry or other types of ransomware, Petya locks up entire data systems instead of individual files. A worm is sent out and encrypts machines. This on its own is a reminder that although we may not be able to prevent attacks, we can back up our data separately so that we can access it even if it gets hacked.
Lastly, it’s important that you’re doing what you can to protect your network. The first step is seeking out the help of a managed service provider that’s up to date on cyber attacks and knows how to evaluate your system for any inconsistencies. Generally, a good antivirus should work, but only if that antivirus’ usage is being constantly monitored by an expert.
Hopefully, you’ll never fall victim to a ransomware attack like Petya. But, if you do, remember that you should never pay up to the perpetrator. This only encourages these hackers to continue doing what they do.
Working together with your team and the expertise of a managed service provider, you can spend less time worrying about these hacks and more time doing what you do best; running your business.
In the meantime, try our RiskAware™ Cyber Security Scan & Report to see where your security currently stands.
Ransomware is a nasty type of virus that extorts people for money by essentially blackmailing them. When it comes to major companies and even small businesses, ransomware can seriously take advantage of you and anyone else involved. And, as we all know, ransomware can affect our personal lives as well.
Unlike other types of hacks, ransomware is not easy to get rid of. Often, people need to either pay the money or risk losing all their data instead.
Don’t let ransomware take over your business or your life. Here are the ways ransomware can affect you if you don’t take charge. (And, by take charge, we mean taking all the cyber security precautions there are, including backing up your data!)
Ransomware essentially takes your data hostage. If you’re a small company who has put in a lot of work to get your business off the ground, this is a huge disappointment. If you’re a major company, you’re going to have a lot of backtracking to do, and a lot of “‘splainin'” to do, too. No one wants to have to start back at square one again.
If you didn’t back up your data and you’re not in a place to lose everything you’ve worked for, then ransomware can force you to pay up. Though the FBI discourages paying these cyber terrorists, it may be the only way to get back your important data.
If people are familiar with your company, a ransomware attack can seriously ruin the reputation you have with your customers. Sure, if you can overcome the ransomware no problem, then it may be that no one will find out and you can move on with your life. But, if your company goes down the drain or sensitive customers’ information gets leaked, you’re really in trouble.
If we let ourselves get affected by ransomware one time, we’re probably going to do our best to make sure it doesn’t happen again. But, if a ransomware attack happens in the first place, it may mean you don’t have a good cyber security plan in place. Therefore, you may be vulnerable to more attacks in the future.
When ransomware affects your work life, that’s one thing. But, when it affects your personal life, it’s another. Ransomware can get into your own personal computer and take away your precious memories, including photos, videos, writings, or even conversations you’ve saved.
Some of us keep very important information on our computers. This can be everything from our tax documents to bank information or photocopies of a passport. In some cases, this type of information is your “evidence.” It’s proof you paid your taxes or proof that you paid a bill. Ransomware can take that away, wreaking havoc on your personal finances.
Believe it or not, ransomware has started to affect SmartTVs, video game systems, cars, and other IoT devices. Despite the fact that IoT makes our lives easier, remember, the Internet can be a very dangerous place. With convenience, there sometimes is a catch. You don’t want to be trying to relax and watch TV when a ransomware message appears on your screen.
Amazon Echo may be helping to solve a murder, as it may have recorded the mysterious events that took place. While this is bad news for the murderer and good news for the family, it makes a lot of us wonder how private our lives really are when we invest in all this smart technology. Ransomware and other type of hacks can lead to us being watched and heard without us even knowing it. There’s no telling what or how they will use what they gather against you.
As you can start to see, ransomware can pretty much affect any device, including health technology. This could be any device to help aid a person’s health. Think pacemakers, implants, and in the future, other health machines like digital contact lessons. If hackers can go to any means necessary to make you desperate enough to pay, would you really put it past them?
The bottom line is that ransomware is a very scary thing. It can come at a surprise and put us in a situation where we really have no idea what to do. It can cost us time, money, and a lot of hard work. This can cause a heck of an amount of stress, that will certainly take a toll on our work and personal life as a whole.
Smeester & Associates can provide you with assistance for your cyber security practices. In the meantime, see if you are at a risk of being hit with ransomware. Take our RiskAware™ Cyber Security Scan & Report to find out.
As this year comes to an end, we have yet to see any type of decrease in cyber security threats and attacks. In fact, cyber attacks continue to grow at an alarming rate.
However, as we hone in on the types of attacks there are, it becomes a little bit easier to know what you’re looking for, and potentially stop an attack before it hits. That being said, hackers and the methods they use to take down even the biggest websites, like Twitter, are constantly changing. This is because when people find ways to stop attackers, the attackers find more creative methods to do what they set out to do. Just like any other vicious, drug-resistant virus.
And, as 2017 rolls around, we can expect to see different and more powerful types of attacks. So, the question is, will you be ready to fight them when they come?
Most hackers are motivated solely by money and will go to whatever means necessary to get a lot of it out of your company. This can be done through the use of ransomware, which is getting more advanced as time goes on. Hackers are going to find stronger types of ransomware attacks, and they will extort businesses for way more money than ever before. Thus, companies are going to have a hard time keeping up with proactive security measures enough to “deter” the ransomware. But, we’ll get to that later.
As people are using their mobile devices to conduct business more and more, we will be seeing more attacks via those devices. Along with this, however, we hope to see people taking their mobile security more seriously than they have in the past. But, despite the desire for protection, mobile device security just isn’t up to par with its stationary counterparts. We’re looking at all different kinds of threats in 2017, from theft of intellectual property to the potential destruction of critical infrastructure. Companies won’t be able to deal with these threats in real-time due to the minimal capabilities of mobile devices to do so. This, unfortunately, can mean bigger and broader attacks across the board than we’ve ever seen.
One thing we may be seeing more of in 2017 are internal attacks. Because companies are bumping up their cyber security, hackers are needing to find more “undercover” ways to do what they want to do. This could be anything from placing actual insiders in the company to hackers deceivingly targeting your email and every move you make on your various social media outlets. These attackers will try to manipulate employees from the inside into letting in a major breach, causing a lot of serious damage in the process.
But, there is some good news…
Despite the fact that hackers will be more innovative in the coming year, so will security vendors and software overall. One trend we’ll start to see in 2017 is that companies will be spending more money on their cyber security than in the past; something that we’ve been certainly been hoping to see more of.
In addition to more spending on security, we’re also likely to see cyber security take a new route…a somewhat Israeli, Iron Dome, kind of route. IT professionals are looking for ways to deter attacks as they happen and stop one right in its tracks. This is a trend we may be seeing more of in the next year, and you’ll want to get on board as soon as this kind of security hits the market.
Cyber security should be a huge concern for any company. But, these companies need to keep up with the times. The data world is always changing and we need to be aware of the trends so that we’re not as vulnerable.
If you want to be sure you’re keeping up with these cyber security trends, then contact us at Smeester & Associates. We have all the tools necessary for you to make the right decision regarding your security methods. Try our RiskAware™ Cyber Security Scan & Report to see your current exposure level.
Did you know that 50% of small- and medium-sized businesses (SMBs) have no backup or disaster recovery plan in place? With all the risks that come with severe data loss and extended downtime, it’s surprising that IT decision makers aren’t doing more to safeguard their business.
SMBs should not have to experience downtime if they simply implement a business disaster and recovery solution before downtime occurs, so that they can restore essential data quickly and painlessly, and resume normal business operations. Consider CloudEndure’s 2016 Disaster Recovery Survey.
Here are four things to know about downtime:
Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!
Ransomware can happen to anyone, though many people tend to think it will never happen to them. Unfortunately, if you fall victim to ransomware, you could end up paying a hefty amount; a ransom, to get back your files. Ransomware occurs when someone hacks your system, corrupts your files, and asks for at least $500 in bitcoin. In case you don’t know, bitcoins are not an easy thing to get your hands on.
For those who have the money to pay up, maybe ransomware is not such a problem for you. But, for most people, ransomware can be a very scary thing to have to face.
Luckily, there are solutions when it comes to fighting off ransomware, but it all starts with you. If you want to make sure this cyber-kidnapping doesn’t ruin your network, then here’s what you can do.
This goes without saying. If you see an email or something suspicious on your system, don’t click on it. Delete it, and if possible, advise your IT person or CIO about what you saw.
As with any form of cyber security, it’s essential you know what it is that you need to protect from potential ransomware. Do you have customer credit card information? Intellectual property? A list of email addresses of potential leads? Decide what it is you need to protect and make sure everyone who’s dealing with it is aware as well.
This is the most important thing you can to do when it comes to protecting yourself from ransomware. The people behind these attacks will take your files, lock them, and only give them back to you once you pay.
Therefore, in order to always be prepared for a ransomware attack, it’s essential that you’re constantly backing up your information. The main goal of these people is to get money from you, so while you should be concerned about what they have, there’s not too much to worry about it.
Make sure you are backing up your data as much as possible. It’s good to also back it up on an external hard drive, as ransomware can get into your cloud. While backing your data up everyday may be a bit overboard, it’s really not. Imagine the one day you don’t do it is the day you get hit with a ransomware attack. But, if doing it everyday is too much for you, then just make sure you at least do a backup whenever you have new important data.
When you find out that you’ve been a victim of a ransomware attack, you’ll know pretty quickly. When you try to access your files, it will ask you to pay up by buying a bitcoin (or several). The first rule and the only rule is to not pay. If you’ve backed up your information, you’ll have nothing to worry about.
If you haven’t backed up your data, then that’s another story. Your options are a bit more limited. However, if the information they have isn’t so vital to you continuing on with your routine matters, then forget about it. After all, giving these guys money just enables them to keep doing what they’re doing. Also, there are occasions where people pay the ransom, only to find the files are inaccessible. Don’t fall into that trap.
Ransomware can happen to anyone, as can any other kind of cybersecurity attack. Of course, each type of attack has different ways of preventing it. But, when it comes to ransomware, the best way to prevent any attack is simply by backing up your information at all costs.
Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!
This full access can be a huge security risk, and Niantic recently addressed this concern with a statement saying they are fixing the bug that allowed the app to gain full access to users’ accounts.
Niantic’s gigantic database of data is full of information provided by its users, which makes it the perfect target for hackers and criminals. If the Niantic servers are hacked, the hijackers could potentially have access to all of your personally identifiable information (PII). The company has offered minimal details on how it plans to store all that data, but promises that it is taking the appropriate measures to protect the large database of PII – the type of information that hackers have been increasingly targeting.
The public nature of Pokémon GO has caused some unforeseen side effects and attracted other cybersecurity concerns. Many fake versions of the app have been uncovered, which contain malware that can lock your smartphone and cause more harm. Also, criminals have reportedly been able to use the geolocation feature to lure players to remote areas and rob them at gunpoint. This shows that although the new game has received an abundance of positive feedback, there are some major dangers that players aren’t aware of.
The vulnerability of mobile data within Pokémon GO means that there’s a greater need for managed IT security. Especially with the ongoing trend of BYOD, the likelihood of introducing unwanted cyber activity and harmful attacks via these connections is at an all-time high. If your employees are using unprotected devices when using the game, it could lead to exposing sensitive business data in the event of a hack.
Pokémon GO is a prime example of the various security risks that are presented with unprotected mobile devices and the growing need for managing these endpoints. By leveraging a solution like mobile device management (MDM), you can greatly reduce these risks. MDM gives you the ability to remotely wipe an individual’s data if a device is compromised. An MDM solution will also allow you to implement app management policies and put restrictions on app purchases from non-validated markets.
Using the internet to do business brings huge opportunities and benefits, however just like a shop on the street, you need to take a few security measures to protect your business. It’s just as important as locking your doors or putting your cash in a safe, and most security issues can be addressed with simple security practices.
Free Wi-Fi is tempting, but be sure that you consider who is providing the connection. Public connections at the local coffee shop are usually unsecured and leave your machine open to outsiders. While these networks provide a convenience, there are risks to be aware of.
Shopping from familiar websites is a good place to start. Stick with the reputable sites that are tried and true – like Amazon or eBay. Also, when checking out and finalizing the purchase, look for the ‘padlock’ symbol or the abbreviation ‘https’ in the address bar at the top of your browser. This will ensure that you are on a secure, encrypted part of this webpage. Keeping an eye on your bank statements for suspicious activity is always a good idea, among these other best practices for shopping online.
Passwords for logging into any website should contain a mix of letters, numbers, and special characters – as well as be different for each website that you log into. It can definitely be a pain to remember all of these passwords, but ask yourself which is more of a pain – remembering these, or recovering stolen personal information.
When you walk away from your machine, lock it. In Windows, it is as easy as pressing the Windows key + L. On an Apple Mac, pressing “Control+Shift+Eject” will do the trick (unless you do not have an optical drive, then you can hit the “Power” key instead of “Eject”). This practice would be the equivalent to deadbolting the front door of your home. It acts as a deterrent to the bad guys as well as a line of defense. It may even be worth setting up a password lock on your Apple or Windows machine as well.
If an offer is too good to be true, it probably is. If you get an email from an unknown source, do not click any of the links within it – and immediately report it to your IT department. If a window pops up while browsing a website, immediately close it. Familiarity is always your friend. Using your judgment and trusting your gut is the ultimate defense when online. Always play it safe!
Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!
Now that we’re officially in the middle of the holiday season, there’s a flood of emails flying through cyberspace from family, friends, online retailers and charities. This heavy online traffic makes it easier than ever to sneak in malicious emails, targeting unsuspecting users looking to connect with old friends and find holiday deals. Whether it’s a phishing scam that is trying to snag your credit card number or a malware campaign that installs unauthorized code on your system from an email link, ‘tis the season to protect yourself.
So where, exactly, do these seasonal cyberscams come from? Many of these malicious Grinches send emails from fake URLs, disguising them to appear legitimate. Faux charities are another common scam designed specifically to take advantage of your generosity during the season of giving. Even friends and family may send what looks like an innocent forward your way, only to discover that they inadvertently launched some decidedly un-cheery, unpleasantness to your inbox instead.
However, if you take some basic online protective measures you’ll be in a lot better shape to avoid the latest cyberscams this holiday season:
There’s no better time than the holidays to wrap up a nice bit of malicious code masquerading as an online promotion for a major sale or a holiday e-card. That’s why the U.S. Computer Emergency Response Team (US-CERT) has released asecurity alert that focuses specifically on how to avoid holiday-related cyberscams. Additionally, the Anti-Phishing Working Group (APWG) offers a comprehensive list of suggestions on avoiding phishing scams that are good any time of year.
The holidays should be a time for celebration. Use smart online practices to help spread seasonal cheer, and stay safe this holiday season.
It is always best to do everything you can to stop your computer from getting infected with any malicious software. Taking some simple steps, like having adequate security software (antivirus and anti-malware) installed on your computer, applying OS security patches, not clicking on suspicious email links that you don’t recognize and not opening unexpected email attachments, are all sensible precautions that everyone should take.
What to Do If You Get Infected with Ransomware
Even if you do try to protect yourself from attack, sometimes malicious code can still end up on your computer. If your computer does become a victim of Ransomware (such as Cryptolocker) there are some steps you can take to mitigate the damage.
Always Backup Your Files
Once your system is infected with Ransomware, it is likely that you are going to suffer some damage or loss to your computer files. The best preventative measure you can take is to regularly backup your files on an external system (either other hard drive or in the cloud – or both!), so that if your computer is taken hostage, you have your files in another location. However, if you do find yourself infected, removing the malware quickly and following these simple steps can minimize the damage and reduce the risk of further infection as much as possible.