Why is it that computer users are getting virus attacks by cyber criminals? The short answer is because they can and we make it easy for them. In this article I want to concentrate on Malware or Ransomware attacks.
The days of simple malware being developed to cause a bit of mischief have long gone. Nowadays most of these attacks are designed and co-ordinated by series criminals and even organised crime syndicates. Why do you ask, well it is simple and the sad fact is that crime pays! They are after your money, or at least your bank or credit card details so they can get to your money. And the big incentive for these people, is that cyber-crime doesn’t really hurt anyone and because they haven’t used any violence, if they do get caught, the sentences are light.
What is ransomware?
Basically it is a program designed to extract a ransom payment in exchange for information about you. In your case, it may be the kidnapped assets will be data that is stored on your device. The malware designer or ‘Cyptor’ as we call them, encrypts your data and will only release it if you have a decryption key. But, that is only released on demand for payment. The Cryptor will often claim to be from the Police or FBI.
Cryptor attacks are not just on businesses. It could be your personal files they are after and the demand could be for any sum of money but typically it is about £200, but could be higher depending on the data effected. If your data is subject to a virus attack, then you would normally be notified after about 48 hours, if you don’t pay, the price goes up. If you still don’t pay, then the key will be deleted and you will have no access to your data. Even if you pay, there is no guarantee you will get your data back and according to recent findings 40% of crypto locker victims agreed to pay after the virus attack.
If you are a business, then this cost could be higher as you could lose sales, reduce your productivity or have significant costs for a system recovery. But more importantly, imagine if all of your customer data was stolen or compromised – that could have a damaging long term effect on your business and add a competitive advantage to other businesses in your sector.
There are more Virus attacks than ever before and you may have heard to this selection?
The worry statistic is that in the first six months of 2015 there was as many attacks as the whole of 2014. The next question is what does 2016 hold?
How does that virus attack work?
The two most common virus attacks are Phishing and Water holing. Phishing, is where you will receive an email that contains a link to a website or an infected file. To get infected, all you have to do is open the file or click on the link. Water holing is where you visit a legitimate website, one you may have accessed many times and your device becomes infected by a Drive-By infection. This means the website has already been infected and this has been passed onto you.
It is worth noting, virus attacks can affect all devices, PC/Laptops, Mac Computers and IPads/Android/Windows tablets and smartphones. If your device is connected to work network, then your shared files will also become infected and you now have a major problem as the virus can go anywhere on your network.
Today’s virus attacks are a lot more sophisticated than earlier attacks. For example, when the first attacks were ‘Unleashed’ quite often the decryption key was hidden within the source code. This made reversing the attack relatively simple. Current virus makers are not making that mistake and reverse engineering attacks is becoming more difficult meaning they are more effective.
You would imagine that if you want to catch these cyber criminals you would just follow the money trail. However, they are clever to that and are often demanding payment in Bitcoin or other digital currencies meaning tracing is more complicated and time consuming. If they use the Tor network, it is virtually impossible.
How can you protect yourself and business against virus attacks?
I suppose you could always adopt the ‘head in the sand’ approach and think it has never happened to me in the past, it won’t happen in the future!
Or, you could take adopt some basic steps to protect yourself.
- Educate your users
- Backup up your data and test and verify your data restores.
- Enforce a strong password policy
- Protect all of your devices with Anti-virus and malware
- Ensure your network is protected with Firewalls with IPS (Intrusion Protection Systems)
- Patch all our software and operating systems
- Manage use of the Internet
- Control access to corporate data
- Manage the launch of programs
There is no magic formula for keeping cyber criminals out. However, it is your duty of all employers and employees to protect your business as best you can. For further information or a free security consultation, get in touch with Unleashed today on 0333 240 0565 or visit www.weareunleashed.com.
Data Source:- Kaspersky Security Networks