Is your business under attack from ransomware?

The use of technological devices has increased on a global scale. As a result, one of the fastest growing online crimes, ransomware, has become a large threat to businesses and their data. After locking you out of your systems, a hacker will proceed to hold your data for ransom before allowing access once again.

In the event of a data leak, you may lose your data. BUT, you could also lose your client base and reputation as well. Businesses need to ensure they can identify the signs that indicate you are under a ransomware attack. This is vital to protect your business and safeguard your data.

If you can stop an attack early on, you have more chances of recovering data more quickly and limiting the damage. Is your business under attack?

Here are some signs you should look out for:

Look for unexpected software 

One method used by hackers is taking control of your system through certain software tools. Software auditing tools, such as Qualys, can give you an up-to-date inventory of the software you have installed. You can then compare this against your approved list of applications to quickly see if anything has been added without your approval.

Whether malicious software can take control of a PC directly or steal passwords and log in credentials, using a network scanner is imperative. This helps to identify exactly who and what is running the unexpected software.

Identifying whether cybercriminals are attempting to infiltrate your network early on may prevent the ransomware attack from happening. This will limit the harm to your business and its data. Contact your IT support partner if you notice software present that your IT provider hasn’t installed. This could be a sign of a bigger problem. Having awareness of what should be installed versus what shouldn’t be will go a long way.

Most ransomware is run as a script, which runs in memory as such, so you wouldn’t find it as part of your installed programmes. More recent large attacks have been focused on those companies such as IT providers, Solarwinds & Kaseya for example. These provide legitimate monitoring tools that sit on the machines of end user’s machines to help monitor and mange them. These installed agents have been compromised and allowed thousand of machines to fall victim to ransomware.

Suspicious emails 

Ransomware often attacks begin with a phishing campaign. This is when a legitimate looking email is sent to your business. Although they do not look suspicious, they have been embedded with malicious links or attachments. It is best practice to stay informed about the different phishing techniques that are currently in use to reduce the risk of falling victim to the crime.

These emails tend to have a sense of urgency around them. They may encourage the reader to forgo the usual safety checks. They may appear to come from a colleague that needs help. This is what makes them so dangerous: they tend to prey on these human traits, compassion, and greed.

You may wish to undertake security awareness training and simulated phishing to gain even more knowledge on the topic. SupPortal can offer suitable training to help with this. This will help you spot the signs of ransomware immediately. One of the best things you can do is think before you click! Clicking on random links that appear in junk emails can easily be avoided. Take a moment to look properly at the email, who it has come from. Then apply what you know about phishing to avoid falling into the trap. Then take the appropriate steps to get rid of the email.

Use firewalls

Monitoring incoming and outgoing network traffic will also significantly reduce the risk of being hacked. These firewalls monitor and filter the traffic and act as a barrier between your computer, and outside intruders. With two different kinds: a desktop firewall which is a type of software and a network firewall that is a separate hardware device, you are drastically reducing the odds of both hackers and phishers infiltrating your business’s important data.

Verify a site’s security 

When disclosure of sensitive financial information is necessary and you are feeling a little wary as to whether you are amid a ransomware attack, make sure you confirm the site’s URL. It should begin with ‘https’ and you should see a closed lock icon near the address bar to show the site has an SSL certificate. If you receive a message claiming the website may contain malicious files, do not proceed!

You can also use the web browsers ‘smart screen’ filter can help to highlight dangerous sites. Ensure you are extremely thorough when it comes to checking the validity of a website and don’t submit your financial information straight away. Being cautious and aware of suspicious content within an email or a site will help you take a step back from the situation and identify any malicious activity straight away.

Using a safe DNS provider, such as OpenDNS powered by Cisco Umbrella, can keep you away from malicious sites. Ensure you have anti-malware software actively scanning webpages as you browse them.

Have you noticed any open RDP links?

An RDP link, also known as remote desktop protocol, is one of the ways cyber criminals can gain access into your network. With remote working on the rise, this can become a very real threat for businesses. Avoid using RDP to directly connect your business machines over the internet. You should only use RDP in combination with a VPN (virtual private network). Should you use them, your IT service provider can ensure your RDP links are closed off by scanning regularly.

Who are your administrators?

Your administrators have the authority and power to authorise applications for download to your network. Keep an eye on what your administrators have changed as cyber criminals can disguise themselves and download apps without you even realising. It is important to note that these tools can also be used by an IT service provider. So, keep up to date with your administrators, and if you’re ever unsure of unfamiliar software, just ask!

It is also important that logins or passwords are not shared, especially for admin accounts. This will make it easier to pinpoint any potential breaches connected to individual logins. Maintain a list of who has admin access and regularly check this against the system. This will ensure you can identify any additions that may have been added. This is part of the guidance given to those undertaking Cyber Essential Certification.

Has anything been disabled?

It can be hard to identify whether your systems have been disabled if you don’t know what to look out for. By completing cybercrime training, users will be more aware of what to look out for in the event of a ransomware attack, and what to do next.

Nobody wants to fall victim to a ransomware attack, especially when they own a business that handles both important and sensitive data. Not every malicious attack has to become a cautionary tale, so follow these crucial tips today and protect your business from harm. If you need further advice about how to protect your business from cybercrime, get in touch with SupPortal today.

‘Debunking IT security jargon’ – what does it all mean?

it jargon

Cyber threats can be confusing for those with limited IT knowledge. It’s hard enough to understand how to protect your company, without being overwhelmed by all the jargon too. However, with these threats continuously on the rise, it’s vital that you are doing what you can to protect your business infrastructure.

A cyber threat attempts to disable computers, steal data, damage data or to generally disrupt digital life – is a malicious act. With the average cost of a data breach standing at $3.86 million in 2020 and the average cost of a malware attack increasing rapidly over a five-year period, it’s no small matter.

Cyber attacks don’t just cost money either. The practical impact of data breaches are an important consideration, not to mention the time spent dealing with the aftermath. Plus, let’s not forget the potential damage to the company’s reputation, which could take far longer to rectify.

In this latest blog, we’ll walk you through the top five cyber threats you ought to be aware of (without the jargon).

1. Ransomware

Ransomware is a form of malware (malicious software) that blocks access to a computer system until you have paid a sum of money. Usually cyber criminals encrypt, or scramble (to avoid more jargon!) your data and then demanding a ransom to release it.

Ransomware is an illegal money-making system. Scarily, a 3rd party can install ransomware without your knowledge The installation occurs when clicking on deceptive links in emails, social media messages or websites. As soon as you click the link, the ransomware can infiltrate your network, locking up your files causing devastating effects.

Why do you need to be aware of ransomware? It’s unpredictable, difficult to detect and near impossible to prevent except by avoiding the risk in the first place. In the last year, 40% of businesses across the UK, U.S., Canada, and Germany have experienced ransomware attacks. Of these victims, more than a third lost revenue and 20% had to stop their business completely (Spectrum Internet).

2. Phishing

Phishing is a type of cyber attack where victims are misled into handing over sensitive information or installing malware on their own systems. This can happen using email, phone or text message and involves a person posing as someone they are not. They usually pose as a legitimate company or an individual in need of help.

The level of sophistication being used in these attempts has increased recently, over half of cyber attacks in the UK in 2018 involve phishing (PWC).

3. Data Leakage

Data leakage is also known as slow data theft and is most commonly caused by criminal hacking. It occurs when unauthorised individuals access sensitive data. It can also be caused by poor data security practises or worse yet, by accident! This tends to be the type of incident that reaches the mainstream press.

Cyber criminals often look for personal information they can use for identity theft. They can also identify confidential information such as product details or patents that are vital for a business to be competitive in its market. Credit card fraud is another common use of leaked data.

Risk Based Security (2020) reported that in the US a whopping 36 billion records were exposed through 2020. This is over four times the number of records exposed through 2019. This shows that data breaches are a real problem.

4. Hacking

Hacking is a method whereby criminals look for security weaknesses in a computer system or network. They then expose, change, destroy, disable, steal or gain information from the computer system or network.

The reasons for hacking can vary. Criminal hackers can hack to gain profit, to gather information, to protest or even just for the thrill. They often install malware onto a computer system. Sometimes so-called ‘ethical hacking’ is used (with permission) to test security systems to see how robust they are.

5. Insider Threat

This type of threat involves someone from within the targeted organisation intentionally abusing their credentials to steal information. This could be a former employee, board member or business partner. Surprisingly, it doesn’t necessarily mean they still work as an employee for a company.

Insider threats can be difficult to prevent. Many security systems may be designed to keep purely outside threats at bay. However, with some big-name companies recently targeted such as Facebook and Coca-Cola, it is an increased worry for businesses.

Now you’ve deciphered the jargon, how can you stay protected from these five types of cyber-attack?

As our society becomes ever more dependent on technology, it’s likely that cyber security threats will continue to rise. Prevent attacks and save money by making sure that you have the best security procedures in place.

Here at SupPortal, we won’t bombard you with jargon. Our goal is to work with you implement clear cyber security strategies to help protect your IT infrastructure. Take action today to take preventative measures for your business. Get in touch with SupPortal today.