Ransomware Is Evolving

Do you remember the WannaCry ransomware?

It ran rife about 18 months ago locking down an estimated 200,000 computers owned by giants such as Boeing, Renault, FedEx, and Telefónica.

The disaster could have been averted if the companies in question had applied patches. The interesting thing about WannaCry and the reason for its rapid spread is that it contained a worm component.

Despite news about it abating, WannaCry is still very much with us. In fact, according to a recent blog on BullGuard, 17% of ransomware attacks in Q3 of 2017 were due to WannaCry, and in Q3 of 2018, that number rose to 29%.

There’s a new malware in town

Many types of ransomware are opportunistic. Their modus operandi is a simple automation, like infected email attachments, sent to a vast number of potential victims.

However, a new kid on the block, SamSam, does things a bit differently.

This ransomware has been around for a while. However, according to BullGuard, a group of cyber fraudsters have used it to successfully extort $6 million over the past two and a half years.

Unlike other attacks, they’ve adopted a manual approach making it hard to detect and difficult to stop.

It’s unlikely to affect home users because the crooks are targeting large corporations in search of massive ransoms.

However, it does show that you can never be complacent when it comes to cyber protection. New ideas are always emerging along with new methods of attack. That’s why it’s essential you make sure a trusted cybersecurity product protects you and your data.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: BullGuard

Even Old Windows Server Machines Can Fend of Hacks

Windows Server 2003

 

Microsoft wants you to upgrade your business onto the latest Windows OSes that offer security patches because, if you’re running a Windows Server 2003 machine, you’re doomed.

Sound advice, but many large institutions (such as those in healthcare and manufacturing) can’t upgrade because they rely on legacy software that won’t run on modern operating systems.

It costs an enormous amount to upgrade, especially when the machines are fine and it’s just the Server that’s the issue.

However, all is not lost because there are some things you can do to keep your old Windows Server 2003 secure.

Network segmentation and monitoring

Network segmentation goes beyond placing vulnerable servers behind a firewall.

By restricting access to your most critical servers, and making sure only system admins can control them, you’re reducing the network hackers can access should they breach your firewall.

It’s not a costly exercise, and Enterprise internet routers often have access control features that can limit which computers can talk to what. It’s also wise to monitor vulnerable servers (especially if carrying critical information) for any unusual traffic.

Application whitelisting

Whitelisting works by allowing only trusted applications to run on your computer.

It’s the opposite approach to antivirus products that blacklist malicious programs based on known indicators.

Backup sensitive data

Hopefully, you’re already doing this, but backing up important data stored in your machines will help. Particularly with the growing popularity of ransomware that infects your computer and encrypts all the data within it, which will only be freed once a ransom is paid.

The best option

Although these ideas will help, the best solution is still to upgrade.

Yes, it will be costly in the short-term, but that investment will help the long-term security of your data and reputation of your business.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: pcworld

2017 Will See More Advanced Cyber Attacks Says Panda Security

Cyber attacks

 

Cyber attacks are getting more sophisticated. Hardly a month goes by without another report such as the one that recently hit the NHS.

Companies are being warned to be more and more vigilant as the cyber criminals find new ways of infecting their increasingly connected worlds.

To look at this further and identify the potential weak spots that could be targeted in 2017 and beyond, Panda Security has ranked the most popular attacks of the year and analysed their evolution.

Cybercrime

Cybercriminals focus their efforts on those attacks which can rake in the most profit, using more effective tactics and professionalising their operations in a way that allows them to make quick and easy money in an efficient manner.

Ransomware

This Trojan Horse will take centre stage with regard to cybersecurity and will cannibalise other more traditional attacks that are based on data theft. The pursuit of profit is the primary motivation of cybercriminals, and ransomware is the simplest and most effective way to achieve this. Some things never change: victims of this hijacking malware will have to decide whether to pay, or not, to recover their data. Of course, paying the ransom does not guarantee the total recovery of stolen data.

Companies

The number of attacks directed at corporations will increase, as these attacks become more and more advanced. Companies are already the prime target of cybercriminals, as their information is more valuable than that of private users.

Internet of Things (IoT)

The next cybersecurity nightmare. The technological revolution has ushered in the complete integration of smaller devices into the grid, which can be converted into entryways into corporate networks.

DDoS Attacks

The final months of 2016 witnessed the most powerful DDoS (Distributed Denial of Service) attacks in history. These attacks were carried out by bot networks that relied on thousands of affected IoT devices (IP cameras, routers, etc.). 2017 will see an increase in this kind of attack, which is typically used to blackmail companies or to harm their business (by blocking web access, online shopping, etc.).

Mobile Phones

Focusing on one single OS makes it easier for cybercriminals to fix a target with maximal dissemination and profitability. Android users will get the worst of it in the next 12 months.

Cyberwar

The precarious situation with regard to international relations can have huge — and serious — consequences in the field of cybersecurity. Governments will want access to still more information (at a time when encryption is becoming more popular), and intelligence agencies will become still more interested in obtaining information that could benefit industry in their countries. A global situation of this kind could hamper data sharing initiatives in the next year.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Panda Security

Protect Your PC Against Ransomware for Free

Ransomware

 

Ransomware is a nasty type of malware that encrypts your business or personal files on your hard drive and then demands money. Once the user pays the ransom, the malware usually assists with the decryption process.

The effects can be devastating both for you personally and your business, which is why we wanted to draw your attention to a free piece of software that could bring the protection against ransomware you’ve been looking for.

Cybereason’s RansomFree is a free desktop program for Windows 7 and up. It uses behavioural analysis instead of regularly updates malware definitions to protect your machine. By analysing all the ransomware it could find, Cybereason identified common characteristics for which its program monitors your system.

If it spots any, that program is flagged for review and the program suspends any activity it thinks is suspicious.

The program is easy to download (from Cybereason’s website – follow the link above) and will alert you that the program has placed some specially constructed files on your system that help RansomFree do its job. It then sits quietly in the background until it is needed.

How to protect yourself from ransomware

Other than using software such as RansomFree, you should also:

  • Regularly back up your files and make sure they can be restored
  • Keep your operating system and programs up-to-date
  • Disable Java and Flash when possible
  • Avoid downloading programs or files from dodgy websites
  • Never open an attachment from suspicious emails

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

What We learned From the Fake Windows 10 Update Emails

windows 10 fake emails

 

Last year it was estimated that over 14 million people upgraded their computers to Windows. But the way the mass upgrade was handled by Microsoft left the door wide open for attackers.

Those that hadn’t yet upgraded waited patiently for their invite from Microsoft to download their copy.

But attackers jumped on the bandwagon, seeing this as a golden opportunity because Microsoft’s message said:

Watch for your notification so that you can start your upgrade. Your notification to upgrade could come as soon as a few days or weeks.”

Needless to say what followed was a raft of fake Microsoft 10 installers being emailed to users tricking them into downloading and running a ZIP file.

The email landed in inboxes showing as being sent by “update[at]Microsoft.com” inviting people to upgrade their operating system to Windows 10.

The email looked legit, easily fooling anyone to take the bait:

Windows 10 fake email

 

Attached to the email was a .zip file containing the fake installer. If you were unlucky and clicked on it, the cryptovirus took over your PC and displayed a CTB-Locker ransomware code with a timer counting down to when your files would be irreversibly destroyed, unless of course you paid the ransom. And, unlike some other ransomware, there is no way out of this one.

Windows 10 ransomware

This post is a warning for future attacks like this one because the chances are, if you did  fall prey to this attack it’s too late.

The most important thing to remember to safeguard your important files against this type of attack is to backup.

Solutions, such as MPMIT Vault, will save a lot of heartache because it allows you to backup your files online, ensuring they will be forever safe and sound.

It’s also important to run active anti-virus. Granted, it may not stop every attack, but it will protect you from the vast majority. You can use free anti-virus and whilst good, they do come with limited features so it’s always best to go with a paid version, such as BullGuard.

The only way to stay safe against attackers is to backup and run anti-virus. Although it may not be 100% foolproof, it gives you a fighting chance to keep your files and photos safe.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: PCUtilitiespro

Beware of the Trojan

“A Trojan horse, or Trojan, is a type of malware that masquerades as a legitimate file or helpful program with the ultimate purpose of granting a hacker unauthorized access to a computer. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses can make copies of themselves, steal information, or harm their host computer systems.” (Wikipedia)

Trojans represent the biggest threat to home and business computer users. Not only because of how many there are in circulation, but because of their sophistication and the threat they pose.

With the ability to steal information and passwords, the Trojan allows the hacker to take complete control of your system. Which is why it always pays to be vigilant when it comes to opening emails and attachments or downloading files from unknown sources.

In this post, we want to draw your attention to one particular type of Trojan…

Ransomware – The Police Virus

This particular type of nasty ‘kidnaps’ or holds your computer files or system captive and then demands a ransom for a fix.

If your computer is infected, you will get messages displayed on your screen with logos of international law enforcement agencies. The effect is to trick the user into believing that their computer has been locked by the authorities for visiting inappropriate websites or making illegal downloads.

You will then be told that to unlock your computer you have to pay a fine, usually £100 (euros or dollars).

These messages actually come from the Trojan itself, which is hidden within your computer.

What should you do if your get this or indeed any Trojan or virus on your computer?

Go to someone that knows what they’re doing. Find your local IT specialist and invest in some quality virus protection software.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders
and small businesses in Ipswich. Bury St Edmunds and surrounding villages.