News & Events
In my nearly 30 years of advising clients on IT security I have never come across a more aggressive and successful piece of malware as CryptoLocker. ‘Successful’ from the angle of the perpetrator, not from the perspective of the network owner, regrettably. Since the beginning of this year, HTG has been aware of wave after wave of CryptoLocker attempts on Waikato businesses. Unfortunately, sufficient of these attacks were effective to cause a lot of disruption and consequential monetary loss to the victims.
To some degree networks can be protected against CryptoLocker through technology. Clients who are subscribers to HTG Fortress, for instance, benefit from a higher level of protection than is obtainable from normal defences. However, there is nothing that can prevent successful infection through users momentarily or unknowingly letting their guard down and opening unsolicited email attachments or clicking on links to infected websites.
I believe that there wouldn’t be many users out there who are not aware that clicking on unsolicited email attachments or suspicious links is risky. However, the perpetrators are getting smarter and smarter and each new generation of Ransomware is dressing up to look more and more like legitimate correspondence.
For example, the newest Ransomware variant that is circulating around the Waikato and elsewhere is just a simple message offering a resume. It looks something like the picture on the left.
Subscribers to HTG Fortress will automatically be protected against this new variant. However, regardless of whether you are especially protected or not,
The Golden Rule is: never open attachments in unsolicited emails or click on links to webpages you don’t trust.
And if you are wondering why, like the burgers that you buy from McDonald’s anywhere in the world, these attacks have such a high degree of similarity and consistency no matter where they emanate from, read the article at the bottom.
If in doubt, please forward your email to the HTG specialist malware team at email@example.com and we will advise you on its authenticity. This service is FREE to all members of the Waikato Chamber of Commerce.
How can you help yourself avoid infection:
- Use and regularly update your anti-virus and anti-malware software. Please note that antivirus software is not perfect but it can still catch a large percentage of malware and reduce noise. If you want to be more protected, install proper anti-malware such as Malwarebytes. For more information this please click HERE.
- Keep your operating system and applications up-to-date – install the latest patches. If you still have machines running Windows XP or Windows Server 2003, consider upgrading them.
- Do not open attachments in emails unless you are 100% certain that they are authentic.
- Do not click on links unless you are 100% certain of what they are.
- Make sure all of your files are regularly backed up.
If you need assistance with checking if your network is sufficiently protected against the above or any malware, or if you want help to improve protection, please contact our specialist team on 0800 484 4357.Read more
What prompted me to write this article is a recent story published by the BBC of how the Bangladesh Central Bank lost over $100 million to hackers. It turned out that the bank’s system was protected only by a cheap internet router with no proper firewalling services built in – the type that many businesses still run in NZ.
I have long and consistently urged my clients to be careful about cyber security. This is because where I sit I come to hear of a lot of risk-taking and actual losses incurred by businesses through cybercrimes. Consider the following statistics:
- Over 856,000 New Zealanders were affected by cybercrime each year, costing at least $257m in 2015
- An average of 25 attacks per day happened last year, causing $13m in damage – up 68 per cent
- For one email platform, nearly 70 per cent of all email was identified as spam or malware. And this is not uncommon. Most businesses don’t realise this because their email host filters out 99.99% of this offal.
- A US study has found 60 per cent of small businesses went out of business within six months of a data breach.
The majority of the issues arise from momentary lapses of attention. It can be very hard to beat the cybercrime perpetrators because they are often very brilliant at what they come out with. For example, ransomware writers are sending out more and more innocent looking messages that even the most seasoned cyber-detectives are having difficulty differentiating from legitimate emails.
However, there is one source of vulnerability that is extremely commonplace and simple to protect against but which, from my observation, is not well managed in many organisations. I am referring to the firewalls that many businesses use to secure their networks from external strikes.
Running a basic home firewall at your business today is identical to driving without seat belts on.
For many businesses, the first firewall they had ever installed was the basic home variety firewall/router that used to be given away for free when anybody signed up for an internet connection back in the early days. These devices have very basic firewalling support such as port address translation and basic NAT. In the pioneering days when the internet first appeared, cyberattacks were unsophisticated and few and far between. Even the most rudimentary firewall provided sufficient shelter.
Most businesses, not knowing what risks they took, replace the last firewall with another firewall of the same genre as the older one packs up. They are therefore perpetuating the vulnerability from one replacement cycle to the next.
Unfortunately, over the decades the complexity and frequency of cyberattacks has mushroomed. In the last five years especially, we have seen unprecedented increases in the volume, forms, and intricacy of such outbreaks.
If you are running one of these firewalls, or if you are not sure, my advice to you is to urgently have someone review if that device is giving you sufficient protection.
Running a basic home firewall at your business today is identical to driving without seatbelts on. You get wiped as soon as an accident occurs.
If you are running one of these firewalls, or if you are not sure, my advice to you is to urgently have someone review if that device is giving you sufficient protection. In my travels I have seen far too many of them still in active service.
If you need any help with checking if your firewall or other security defences are fit for purpose for your business, please just request a FREE audit by our security specialists at HTG.Read more