Ransomware is the scariest type of malware out there. It can have a myriad of negative effects on a business, yet it seems to still be on the fringe of the mainstream. Today, we thought we would give somewhat of a refresher course on ransomware. 

The growing popularity of ransomware has been disconcerting to many IT professionals, particularly due to the different tactics that this malware variant has been spotted utilizing. In order to protect your business from these attacks, it helps to know how they work. We’ve put together a beginner’s field guide to ransomware types to help you identify (and hopefully avoid) it.

Ransomware attacks grew less common in both 2018 and thus far in 2019 when compared to 2017. Unfortunately, recent events have made it more likely that this trend will reverse in the near future. Why is that? Simple: some municipalities have set a precedent of paying up.

Your business is susceptible to countless threats and vulnerabilities, all of which aim to bring your organization crumbling to the ground. These include all types of technology-related problems that cause downtime and other terrible situations that your business has to overcome. Let’s look at some of the threats you face from day to day, and try to establish an appropriate response to each.

There was a time when people didn’t have to worry about getting computer viruses on their cell phones. Nowadays, with the exponential growth of mobile technologies, including application development options, mobile malware has become a problem, and it can be a big problem for your business. Today, we’ll take a look at the growing mobile malware market, from the threats to what you can do to keep it from being a problem for you.

While modern security solutions have made great strides to protect businesses, there are still a lot of threats out there that can create problems for your organization. If you don’t take a proactive stance on security, you could potentially expose your network to incoming threats of all kinds. We’ll help your business understand what threats are out there, why they are dangerous, and what you can do to keep your organization secure.

With a meager market share that is one-third the size of Google’s, one would think that Bing would be trying to keep controversy away from a user’s search results. However, the Microsoft search engine has recently encountered a few notable PR disasters that may be enough to convince some not to use it - especially if it leads to a security breach.

Ransomware has now been a major threat to businesses and other organizations for a couple of years, and 2018 is no different. For those who don’t know, ransomware is a form of malicious software (malware) that threatens the elimination of hijacked and encrypted data if a user doesn’t pay a ransom. It is known to be one of the most prolific and pervasive threats seen on the Internet today. We will take a look at how ransomware has evolved over the past several years, what the future of ransomware looks like, and what you can do to protect yourself against it.

Phishing scams have one of the most descriptive names in all of computing, mostly because of how similar phishing is with fishing. Just as one does when one goes fishing, bait is dangled in the hopes of getting a bite - but to take the comparison one step further, different types of bait can be used, depending on the catch one is trying to make.

Every business owner needs to consider how to approach network security. This is especially true with the litany of threats that face their organization’s network from simply being connected to the Internet. It may sound like an overstatement at first, but when you consider what some huge corporations--that have some very deep pockets--have dealt with very recently, it becomes evident that figuring out how to approach cybersecurity is one of the most important considerations any business owner has to make.

Certain threats out there are dangerous enough to cause major entities to warn against them. In particular, a recent malware by the name of VPNFilter has been deemed dangerous and prevalent enough that the FBI has addressed it. Since the malware targets routers (probably not your first guess in terms of possible vulnerabilities), it has considerable potential to become a nuisance for your organization.

Hackers and cybercriminals, like most people, tend to gravitate towards high-reward activities. In this case, that means that focus is turning to creating malware that attacks the router, potentially infecting the users that leverage it to connect wirelessly to the Internet. Researchers at Kaspersky Lab recently discovered an example of such a malware, so today, we will review this threat and how to best protect your network.

Email is often touted as a favorite medium for launching cyberattacks against businesses and individuals. This is because it’s easy to hide the true intent behind an email attack within its contents, whether they are embedded images in the message itself, or links to external sources. How can you know for sure whether the links in your email inbox are legitimate?

In a statement given by Tom Bossert, the homeland security adviser to the White House, blame for the WannaCry attacks leveraged from May 12th to the 15th in 2017 was attributed to the Democratic People’s Republic of Korea. This assertion is in line with the conclusions that New Zealand, Australia, Canada, and Japan have come to, according to Bossert.

Would you be surprised if we told you that cybercrime is one of the biggest threats to the success of your organization? Unfortunately, there’s no escaping the fact that your business will be under fire from all sides by security threats. One of the most notorious methods includes phishing--email scams that are designed to harvest credentials and other information from unsuspecting users.

Would you be surprised to hear that there are at least 1.4 million phishing websites set up each month? These numbers come from the Webroot Quarterly Threat Tread Reports, which estimate May 2017 as an all-time high for phishing website increase at over 2.3 million websites being set up during that month. This makes phishing one of the most prevalent methods of fraud in the world--in fact, phishing scams are the number one reason for data breaches all over the world.

Here are three of the most notable phishing scams from 2017 that you may have missed.

Amazon Shipping Phishing Scheme
Earlier this year, there was a massive phishing scam which disguised emails as coming from Amazon. The emails appear to be legitimate, but when you click on the link located in the email, you’ll be directed to a domain that either has nothing to do with Amazon, or closely resembles it, but isn’t quite the genuine article. The emails try to convince users to confirm their login credentials by logging into a portal that looks like the actual login screen.

Google Docs Hack
If you’ve ever used Google Docs to share text documents with others, you know that you’ll receive an email with a link to the document. You should never click on links in unsolicited emails, but you’d think you can trust something supposedly coming from a big company like Google. The truth of the matter is that the phishing scheme was notable because it tricked users into granting permissions to third-party apps rather than hand over personal credentials. It’s part of a growing trend that sees phishing malware growing more sophisticated, which should be cause for concern for just about anyone--particularly business owners.

IRS W-2 Tax Season Phishing Scams
Your business deals with employee W-2 forms and other information that’s important during tax season. In particular, tax season is a very popular time for phishing attacks, as users are expecting emails to confirm the submission of their tax forms. Recent phishing attacks targeting businesses asking for W-2 forms or other personal information can safely be regarded as phishing scams, and they only get worse during tax season.

For more information about how to avoid phishing scams and other issues, reach out to us at (508) 622-5100.

The variety of malware known as ransomware exploded in popularity in 2016, encrypting victims’ files and demanding cryptocurrency payments to restore the data to the estimated tune of $1 billion. This may seem to suggest that large corporations and companies are the primary targets of these cyber criminals--and for some, they are.

It doesn’t matter which industry your organization falls into. Your business will always be susceptible to threats in some way, shape, or form. Therefore, it’s your responsibility to ensure that your business understands how to protect itself from these threats, before it’s too late. We’ll help you learn more about the various issues that you need to watch out for, and what you can do to stop them.

When you hear the term “hacker,” what do you imagine? You likely see what many see, a lone user hunched over a computer, creating chaos for chaos’ sake. However, this is a dangerously narrow view of those who qualify as “hackers.”

Society relies on law enforcement to enforce laws in a fair and just manner, but even the police have their work cut out for them when they are targeted by a cyberattack. A recent incident in Cockrell, Texas shows that not even the police are immune to the threats of ransomware--particularly the emerging brand of ransomware, Osiris.

When it comes to data breaches, some users don’t know or suspect one has occurred until it’s far too late to do anything about it. Sometimes viruses or malware will lurk on a device until certain criteria are met. Others will execute immediately. We’ve listed some of the potential threats that you will encounter in the business world, as well as what you can do about them.

Viruses
Viruses are a common occurrence, even by normal computing standards. It doesn’t take much to contract one. Even clicking on the wrong link or downloading the wrong file could infect a computer with a virus. Viruses are known to cause PC performance issues, in particular slowdowns. In fact, viruses are often symptoms of deeper-rooted problems, and should be handled as such.

Malware
If you’ve contracted a virus, it’s worth checking for infections by other malware. Malware, or “malicious software,” is designed to fulfill a certain task. The task… well, that can vary. Some types of malware will steal data or destroy it, while others will run scripts that make it more difficult to do your job. Regardless of its function, it’s clear that malware is not something you want to take lightly, and you should always be running an antivirus program to promptly eliminate any infections.

Trojans
Trojans are a specific type of malware that work in much the same way that the Greek’s Trojan Horse worked. Trojans will install backdoors on your devices to allow remote access for future campaigns. Trojans are often installed on devices while the organization is suffering from another type of breach, like a virus or malware issue, effectively making use of a diversion tactic to ensure future access. It’s most often the case that only the most powerful antivirus or antimalware systems can detect trojans.

Ransomware
This is the cream of the crop in terms of major threats that your business needs to watch out for. Ransomware is exactly what its name implies--it’s malware that locks down your data using encryption and demands a ransom for its safe return. In most cases, unless the organization has a backed-up copy of the data, businesses have no choice but to pay the fine. Since ransomware spreads in many of the same modes as normal malware, like spam and malicious links or attachments, it’s best to implement a spam filter and to educate your team on how to avoid clicking on the wrong link.

Phishing and Spear Phishing
These types of threats leverage technologies like email to find those foolish enough to download viruses and malware on their system or hand over sensitive data. These spam messages are called phishing attacks. More targeted attacks tend to include personalized messages that could include the victim’s phone number, physical address, and so on--all to make the message seem legitimate. Phishing attacks often come disguised as messages from law enforcement or special government agencies, threatening “legal action” for a supposed crime or unpaid fine. A spam filter can cut your organization’s phishing and spear phishing messages down considerably, and it can save you plenty of time in the long run.

To learn how you can protect your business from all manners of threats, reach out to Automation Concepts & Technologies at (508) 622-5100.