Ransomware -- The Newest Way Cyber Thieves Are Attacking Your Small Business
Yesterday the SANS organization reported on Ransomware. According to this article, the target can be anyone! That means your small business is not being overlooked.
A newly detected ransomware variant is infecting computers. Once a machine is infected, the malicious software locks up the computer, making it impossible for users to access their information. A warning is displayed, saying that the user has violated US federal law because the IP address associated with the computer was identified as having visited illicit websites. The message tells users that to unlock their machines, they must pay the US Department of Justice US $100 through a pre-paid money card. The attack also infects computers with another type of malicious software known as Citadel that enables cyber thieves to steal online banking information. Having this type of information stolen could be devastating to a small business!
Last week, our company hosted a seminar targeted to help business leaders understand why this is happening, how it is happening and how your business can proactively protect your data and bank accounts from these types of attacks.
Step one on the road to security… get educated!
If you are interested in some of the information that was covered at our seminar, join us for a webinar on May 23rd at 11am that will address the question, "How secure are your business data assets?"
To join us, email me at randy@sklartech.com
Ten Questions Concerning Data Breaches That All Small Business Owners Should Ask Themselves
Even as you read this, cyber criminals are actively at work looking in business systems for valuable information and other resources they can turn into a profit. Their attacks are not targeted. In most cases the attacks are more of a “let’s see who we can trick with this mass email” approach. You see, nobody is breaking into your system. These attacks are succesful because you are inadvertently installing their malicious software and then they are commanding your system to send the data back to them. Cyber criminals are much smarter than that and, yes, your small business is a primary target!
Here are the 10 questions to ask once you discover your systems and data have been compromised.
- Was personal data compromised from your system?
- Did a data breach actually occur?
- Is the intrusion or data breach still occurring?
- Have you created a plan to remediate the intrusion?
- Was the breach accidental or malicious?
- Have you alerted outside council?
- Do you understand your legal obligation for breach notification?
- How effective is your crisis communications plan?
- Was your data breach response plan effective in responding to this incident?
- How can we avoid a data breach in the future?
Source: Kroll
For more information, you can download the whitepaper:
What Happens If My Mobile Phone Gets Infected?
Most people have no idea if their mobile devices have been infected with malware, simply because they don't think mobile malware even exists (call it the Mac syndrome?).
On a PC, the signs are pretty obvious; Your computer slows to a near-screeching halt, your browser re-directs you to random websites, your friends are suddenly calling asking about your career change to become a Viagra distributor (since your email has probably been hacked).
- The first sign your phone has been infected is suspicious fees on your phone bill. This is the most common infection. A malicious software program secretly sends SMS short codes that bill the caller (typically 5 digital text messages).
- Another sign is decreased battery life.
- There are other more technical threats and scanning your phone for malware if you think you accentually installed an infection is the best way to tell you are infected. Some malware detectors include F-Secure Mobile Security 7.6 and McAfee Mobile Security 2.0.
If you need help you can contact our helpdesk for additional support:
helpdesk@sklartech.com | 804-730-2628
A few months ago I got an ITunes bill for $99 for a game. I immediately questioned my children and it appears one of them downloaded a free game. When it installed it must have asked them if they wanted to upgrade, and of course they did... bam, $99! In a separate event, another one of my children purchased about $250 worth of virtual money on a game she received for Christmas. I understand this gaming company has changed their software so it isn’t so easy to accidently make these types of purchases. No matter, I removed it immediately! Very frustrating!
USA Today posted an interesting article regarding ways to keep your mobile devices free from malicious software code. Here is an overview:
Some of the malicious programs discovered have names like RuFraud, Droid Dream Light, GG Tracker and FlexiSpy. The purpose of these malicious programs are to auto-subscribe you to monthly services. They can send sensitive data about your smartphone to criminals with a wide variety of motives such as spying on you by reporting your GPS location, emails and text messages. The auto-subscribe attack can be real costly because you won’t know it's happening until after you get your bill up to 30 days later, sort of like what happened to me!
Here is how to stay safe:
- Read the reviews – look for other users reporting things like “This app cost me $100 in text message charges!”
- Major publishers are okay – Facebook and Rovio (created Angry Birds) are unlikely to scam you
- Don’t give your personal information - If the app asks for your info you don’t need to give it.
Cyber thieves have discovered a new way to cash in… don’t be their next victim.
http://www.usatoday.com/tech/news/story/2012-04-09/malicious-security-apps/54127696/1
The USA Today reported that two separate studies of mobile devices have found serious privacy and security issues. One of the studies found that smartphones and tablet PCs can be eavesdropped on when they are being used to make purchases, conduct online banking transactions, or access VPNs (virtual private networks). Another study uncovered a number of ways to break into Apple's iOS, its operating system for mobile devices. It is likely that cyber criminals will increasingly turn to mobile devices in their attacks as the devices become more and more commonplace in business transactions.
http://www.usatoday.com/tech/news/story/2012-04-08/smartphone-security-flaw/54122468/1
Recently I had a conversation with a fellow business leader regarding how companies are being breached. He was very dismissive and felt that what I was explaining to him wouldn't happen to his company's data. He did not understand what anyone would want to do with his information. The problem today is that the target isn't always your data; in fact, the target is your money or something that could be turned into money. If your business doesn't store or process credit cards, store identities or other client information that could be valuable, it would be easy to say there is nothing there. Right? No! Not right!
In 2011 the Wall Street Journal posted an article regarding how small and mid-sized businesses were now being targeted primarily because of their lack of security. The article highlighted how cyber criminals were breaking into the bank accounts of these businesses via their systems and stealing their money. In 2009 the Wall Street Journal posted a similar article indicating that cyber criminals had made off with 40 million dollars of SMB businesses. The 2011 article indicated that over 1 billion had been withdrawn out of SMB accounts.
Before you dismiss the importance of security within your business, do yourself a favor and listen to the facts and the trends. Then decide if you are or are not at risk.
This week, USA Today reports that more than half of the Macs infected with the malicious software program called “Flashback” are located in the U.S., including 274 in Cuppertino, Apple's hometown. This is according to Ivan Sorokin, a malware analyst at Russian antivirus company Dr. Web.
A massive botnet (collection of compromised systems under a controlled command center) comprised entirely of Macs is how cyber criminals are gaining access to systems and data. No more breaking in, instead they install their code and we allow them access or send them the data they want. This malicious software program, like others, is designed to allow Cybergangs to spread spam, infect web sites and hijack online bank accounts.
An indicator that your Mac could be compromised is that it will perform slower and the hard drive appears to be busy at work while you aren’t even using it.
This is not a new occurrence and there is an increasing push from the Anti-Cyber Crime community to encourage Apple to step up their approach to security and to start to fight back as demonstrated by Microsoft.
Read more: http://usat.ly/HjUk88
There is a great web app developed by Dr. Web that you can use to check whether or not your computer has been infected. It is available here: Dr. Web
Real Hackers Breaking-In Without Technology
When we use the word hacker we often imagine a geek that has nothing else to do but spend his or her spare time trying to ease their self esteem and "get even" with the world by hacking into company networks, causing disruption and turmoil. This is actually still the motive of most attacks from the hacking group Anonymous but their targets are more political and done with a "robin-hood" approach. The reality is that most hackers aren't seeking notoriety, yet rather financial gain. The problems that ensue are enough for these hackers. They don't want to be discovered.
Real case:
Last summer a disgruntled former computer-tech at Gucci's US headquarters in Manhattan was indicted with a 50-count charge of hacking into the computer system and wreaking havoc. Sam Chihlung Yin, 34, crashed computers for 24 hours shutting the company down from accessing data, email and processing sales across the country. Estimates are in the $200,000 range in lost sales. Some data and emails were deleted permanently [I guess even big companies have flawed backup strategies??]
Yin was terminated from Gucci for abusing his employee discount by buying goods in bulk, shipping them to Asia for resale and turning a profit. He pleaded not guilty in Manhattan Supreme Court and was released without bail. [Are you kidding me!?]
He did all of this without actually hacking in. All he had to do was con his former co-workers.
"A forensics investigation found that after he left the job, he called the company's IT department posing as the fake employee to get his former co-workers to activate the fob, and from there he used that access to perpetrate digital mayhem, deleting servers, destroying storage set-ups ,and wiping employee mailboxes..."
via: http://www.nypost.com/p/news/local/manhattan/booted_techie_hijacked_gucci_cy_9VCzfNBkLlxglVe3hWzJ5L
Seven Computer Security Myths
Occasionally I hear a comment made regarding computer security that is anything short of the truth. It's even more shocking that sometimes I hear these same things from computer techs that I encounter.
Myth #1: The web is safe because I have never been infected before.
You may not even know you’re infected. Many web malicious software (aka malware) attacks are designed to steal personal information and passwords or use your machine for distributing spam, malware or inappropriate content without your knowledge
Myth #2: Only porn, gambling, and other “dodgy” sites are dangerous
Hijacked trusted sites represent more than 83% of malware hosting sites. That’s correct. The majority of infected sites are websites that you trust and visit daily—they’ve just been hacked to distribute malware. Why? Because these sites are popular, high-traffic venues that silently distribute malware to unsuspecting visitors. Download the infected sites list to see just a small sampling of these kinds of sites.
Myth #3: Only naive users get infected with malware and viruses
Malware from drive-by downloads happens automatically without any user action, other than visiting the site. Therefore, it doesn’t matter what level of computer expertise you have. The fact is, if you are visiting sites on the internet, you are at risk.
Myth #4: You can only get infected if you download files.
Most malware infections now occur through a “drive-by” download. Hackers inject the malicious code into the actual web page content, then it downloads and executes automatically within the browser as a by-product of simply viewing the web page.
Myth #5: Firefox is more secure than Internet Explorer
All browsers are equally at risk because all browsers are essentially an execution environment for JavaScript, which is the programming language of the web and therefore used by all malware authors to initiate an attack. In addition, many exploits leverage plug-ins such as Adobe Acrobat reader software, which runs across all browsers. Although the more popular browsers may get more publicity about unpatched exploits, it’s the unpublicized exploits you should be most concerned about. The fact is, there is no safe browser.
Myth #6: When the lock icon appears in the browser, it’s secure.
The lock icon indicates there is an SSL encrypted connection between the browser and the server to protect the interception of personal sensitive information. It does not provide any security from malware. In fact, it’s the opposite because most web security products are completely blind to encrypted connections: it’s the perfect vehicle for malware to infiltrate a machine.
Myth #7: Web security requires a trade-off between security and freedom
The internet has become a mission critical tool for many job functions, whether it’s Facebook for HR or Twitter for PR. it’s completely unnecessary to create a trade-off between access and security. A suitable web security solution provides the freedom to grant access to sites that your users need while keeping your organization secure.
In case you missed you missed it, here is the video for the online presentation given by Randy Sklar last week. He covered business security topics that can help keep you safe and thriving.