• BONGO IT BLOG

Hacking and Hackers 2016 - Defend Yourself Against Ransomware

Hacking and Hackers 2016 - Defend Yourself Against Ransomware

Global Threats to I.T Security

Security Threats 2016 - - Defend Yourself Against Ransomware

Security is always a front runner in IT but new thinking from the fraudsters and hackers requires new, or at least updated, defences.

This year we have seen some really big stories in the news about hacking and security, and there have been some very nasty viruses released on to the internet. So, can we afford to continue in the same way as we always have? If we do it may cost us dearly. This is not scaremongering, these are the facts. Who's Been Hacked In The Past Two Years?


Experian, Premera Blue Cross, UCLA Health System, JP Morgan customers, Ashley Madison, US Government employees (including overseas spies!), Sony employees, Home Depot shoppers, EBay users... The list goes on but the above are the most notable. It's not just big companies that get hacked though, everyone is at risk and personally I have seen 3 instances of Ransomware attack in the past year (all data was recovered).

Most Notable Threats In The News:

Locky and other Ransomware - in our opinion the most prevalent and worrying viruses around at this time are those dubbed as "Ransomware". Have you or your staff received a slightly odd yet real looking email with a Word document attached? Or for that matter a PDF or Excel file? If you have and you opened it then your system is probably infected. Ransomware can come in all sorts of guises so it is difficult to pinpoint a tactical defense mechanism.

MazarBOT - A nasty virus affecting Android phone users that is capable of displaying false pages at the top of banking apps to try and trick you into handing over your financial credentials.

Linux Mint - if you happen to have downloaded this very popular version of Linux on or around February the 20th you may have been infected. Hackers had redirected the link to the ISO file to their own servers handing out an infected distro.

"Won't my Anti-Virus and Malware protection software stop Ransomware?" I hear you say...

The truth is that any very new virus won't be picked up by any AV software because it is not yet in their database.

Once infected Ransomware will start to encrypt your files so you can no longer access them. Then, at some point (and this could be several weeks later after all your backups are infected too) you will get a popup asking for a variable but not inconsiderable sum of money for the privilege of accessing your now hijacked data. Locky Ransomware is spreading at the rate of 4000 new infections per hour, which means ~100,000 new infections per day.

So are we all up the creek?

Well in a way, yes, we all have to be very careful. We all have to remain vigilant and be very aware that these attacks are out there, even to the point of training your staff so they know what to look for, and what NOT to do.

We wouldn't be surprised if cyber security even became part of the curriculum in the near future. There are some defences and practices we can adopt to minimise our risk though.

The Main Defenses

 

  1. Use a modern browser that is updated consistently, for example Chrome.
  2. Use a popup blocker extension with the browser, for example AdBlock Pro.
  3. Make sure your Anti-Virus software is up to date, we recommend Kaspersky as it is Russian; the majority of hackers are Russian thus it should have the most up to date protection available.
  4. Consider using Anti-Malware like MalwareBytes
  5. Don't open "dodgy" looking emails.
  6. Train your staff on what to look out for.
  7. Protect your data! Create a backup system which is designed to resist this type of threat. Most are only designed with mechanical failure in mind.

Other Hacking Vulnerabilities For Your Delectation

Do you have a wireless mouse/keyboard? For example the signal between your mouse and the computers receiver (usually a USB dongle) may be unencrypted, thus the receiver will accept any seemingly correct command, this is known as Mousejacking. The same goes for some wireless keyboards.

"With the use of around $15-$30 long-range radio dongle and a few lines of code, the attack could allow a malicious hacker within 100 meters range of your computer to intercept the radio signal between the dongle plugged into your computer and your mouse". Ref: thehackernews.com

Poor Passwords: We see this all the time! An example of a poor password is Dave12 since it is too short and could be guessed fairly easily. Strong memorable passwords are difficult to generate so use a free web service like SafePassword.

They should include a mixture of numbers, letters and symbols and be at least 10 characters long. NB: An 11 character password is not able to be hacked by brute force by any computer in the world.

 

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Critical Issues in Office 365 Implementation
Unified Comms, Skype for Business, PSTN Calling. ...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 23 March 2019
  • FREE IT STRATEGY SESSION

  • At Bongo IT, we know that technology is increasingly dominant and crucial to maintaining business performance and productivity.

    Organisations should make sure they are making the right IT decisions for their current needs, whilst also planning for the future with flexible and scalable solutions.

  • As a special offer, we are offering a FREE one hour consultation to address your current IT setup and recommend an effective strategy for your future requirements.

    Addressing issues such as computer hardware, broadband, data security, file sharing, compliance and more, we’ll help you build a plan and ensure you deploy the most cost-effective IT strategy for your company’s needs.

CONNECT WITH US

READ OUR BLOG

A new study performed by ISE and funded by the Washington Post has found that many of the top Windows 10 password managers are vulnerable to malicious atta...
As businesses grow and develop, failure with IT systems will inevitably occur and qualified assistance will be needed to fix the problems. Unfortunately, many I...
All SMEs and smaller charities rely on IT, but do not always have the time, skills or knowledge to fix problems when they occur, which can have a negative impac...
With single devices or small networks, it can be easy to set up additional devices, but this piecemeal approach can be dangerous as businesses grow. Over time, ...
All SMEs and smaller charities rely on technology for maintaining digital records and systems, but small businesses are unlikely to have ready access to in-hous...