Hackers are now angling to get you to do their dirty work for them. Security researchers have discovered a new kind of malware offering victims a ‘nasty’ way to unlock their files. Instead of paying a ransom with bitcoin, victims need only send the ransomware to another unsuspecting victim. If two or more others are infected by your personalized link, the hackers will release your encrypted files.
This new malware, called Popcorn Time, may also delete the victim’s files if you enter an incorrect decryption code too many times. Malware Hunter Team found the new tactic, which is still in development, and hasn’t been released yet. But security experts are keeping their eyes on it.
Ransomware is becoming the number one malware used by hackers who’ve already encrypted information from small businesses to major health care organizations.
Protect your information from hackers and ransomware
- First and foremost, regular backups of your most important files could help take some of the ‘bite’ out of a potential attack. With regular, offsite backups, you could be less at the mercy of the hackers.
- We cannot say this enough: education, education, education. Train your employees about the latest tactics used by hackers, and encourage them to never open an attachment or click on a link that looks suspicious – even if it appears to come from someone inside your organization. Cyber criminals are getting increasingly sophisticated, and better at spoofing email addresses.
- Patch your operating system, anti-virus, browsers, etc. and keep them all up to date.
- Consider setting up additional firewall protection to enhance security.
The Network Team has solutions and training to help with all of these. Reach out today to find out how we can help protect you.
Another day, another major hack discovered that affected millions of people. Uber was hacked in 2016, exposing personal information from 57 million people, and the company did not reveal the hack until November 2017. The hackers got names, email addresses and phone numbers of Uber users. Hackers also got driver's license numbers for 600,000 of those victims.
As hacking attacks become more commonplace, it can be easy for them to fade into white noise. Instead, they need to open our eyes to the growing risk from hackers.
As the ransomware epidemic continues to spread, ask yourself how vulnerable your business is to cyber-extortion. A vulnerability assessment is a good first step to strengthening your defenses.
Six questions to ask in assessing your ransomware vulnerability.
- Are you training users on the dangers of phishing?
2. Do you back up your business data regularly?
3. Do you have anti-phishing email security?
4. Have you deployed endpoint security with specific ransomware protection?
5. Are your mobile devices secure?
6. Do you have a patch management policy?
If your answer to any of the above is no, you have a problem. If you want to avoid a ransomware attack, start working on turning those no's into yesses.
TNT offers classes to train users on ransomware and security related issues. Contact us today to learn more.
A phishing scam that’s been around for months is hitting the news again. Hackers targeted nearly 110 million Netflix subscribers in the sophisticated scam that’s bypassing a lot of SPAM filters.
Users receive an email indicating their account has been suspended due to a billing error. They are directed to a fake Netflix landing page. Users are prompted to enter personal and billing information. The page not only looks legitimate, the hackers have found ways to host it on trusted servers.
A recent security survey from Datto shows email phishing remains one of the most common scams hackers use to access your files and information, and/or plant ransomware.
Ransomware is malicious software that blocks your access to your files and information until you pay a ransom.
Datto surveyed IT companies to find out what kind of ransomware attacks their clients were facing.
- 26% of those surveyed said their clients were hit with multiple ransomware attacks in a single day.
- 56% of the businesses attacked by ransomware lost critical data.
- 97% of the IT pros surveyed expect the ransomware problem to continue to increase in frequency over the next two years.
So, what can you do to make sure your company and customer information is as safe as possible from phishing scams? Education is the number one weapon against phishing scams, and hackers in general. In the example of the Netflix phishing scam, users should log into Netflix from a new browser window and check the status of their account there instead of clicking on links in the email.
Perimeter and endpoint security cannot be overemphasized. Have a firewall with layer 7 filtering and cloud-based protection on all your endpoints to be sure that they are safe, both in and out of the office.
Learn more about the dangers of ransomware, including an inside look at the tacticts hackers use by reading our Ransomware Protection page.