Cyber Threats

How to Protect Against Ransomware

Image result for ransomwareThe NHS has suffered a major cyber-attack that hit hospitals across the country, leading to patients being turned away from A&E.

The attack used a form of ransomware and targeted thousands of organisations in as many as 74 countries. Ransomware is a kind of cyber-attack that involves hackers taking control of a computer or mobile device and demanding payment.

Much like malware and viruses, ransomware can get onto your PC from nearly any source.

Below are some actions you can take to protect yourself from ransomware:

  • Beware of malicious websites, look at the logo, colours, is there anything suspicious about this website?
  • Opening emails and email attachments from people you don’t know, or that you weren’t expecting. If you’re unsure of the content, do not open it.
  • Clicking onto malicious links on social media sites such as; Facebook, Twitter, Instant Messenger chats such as Skype.
  • Often fake emails and webpages have bad spelling, or just look unusual. Look out for strange spelling and punctuation in company names/email addresses.
  • Ensure that no data is stored on your PC only, make sure that data is stored in a central server based location and backed up to external devices/cloud providers regularly. Data should be backed up daily, where possible. Your backups should also be checked and tested regularly.
  • Ensure that you have the latest Operating System (PC or Server) or at the very least having an Operating System which is supported by the supplier, and has security updates applied. Ideally, your OS should be Windows 7 or above.
  • Anti-Virus products are at the latest levels and frequently updated.
  • Users should only have access to the files that they need, ensure that permissions are set correctly.

If you would like to discuss ransomware and cyber-attacks further, please feel free to contact a member of our team on: 020 8249 7000

Hackers Predicted to Take Ransomware to the Next Level in 2017

The arrival of new methods of Ransomware such as Locky and Cryptowall has caused experts to title 2016 as the year of ransomware. Professionals are now predicting that ransomware will continue to grow in sophistication in 2017.

Image result for ransomwareA recent CSO online article featured predictions on what to expect from ransomware in 2017. In the article, Watchguard CTO, Corey Nachreiner, predicts that 2017 will see the first ever ‘ransomworm’ causing ransomware to spread even faster:

“Years ago, network worms like CodeRed, SQL Slammer, and more recently, Conficker were pretty common. Hackers exploited network vulnerabilities and tricks to make malware automatically spread itself over networks. Now, imagine ransomware attached to a network worm. After infecting one victim, it would tirelessly copy itself to every computer on your local network it could reach. Whether or not you want to imagine such a scenario, I guarantee that cyber criminals are already thinking about it.”

Read more about ransomworm in the full article here.

Stay Safe Online this Christmas

With Christmas being one of the busiest times of the year for online shopping – Cyber criminals are taking advantage of this and looking for their next online victim.

Below are some helpful tips to help you stay protected online this year:

Image result for christmas online shopping1. If you receive an email from a shop you don’t know or trust, do not open the email or any attachments that may have been include

2. Don’t click onto any Phishing links that may be sent to you via text message or SMS app

3. Make sure your passwords are complex – a minimum of 12 characters and do not contain any dictionary words

4. When you are buying gifts online using your mobile phone, before inputting your payment details, ensure you switch your phone to cellular

5. Ensure that when you are in a public place, do not use public WiFi to make payments online

The CEO Email Scam

CEO email attacks are becoming very well known now and there have been numerous recent cases reported in the media.

The emails are clearly being produced manually,  by individuals who are probably using Social Media to track when suitably high level persons within a department are away on holiday or otherwise. They are not automated attacks, but a manual, intelligent attack by a person doing a fair amount of research on the company. They will often find out the CEO’s name, email address and the names and email addresses of key people within the company. The CEO email is the key to this scam, it adds authenticity and authorisation to the fraudulent email.

So what do the attackers usually include in the email? The basic premise of the scam is where the attacker sends an email, pretending to be the CEO of the company or a high level person and requests sensitive information or money transfers. Attackers are known to fully interact with the targeted staff member with multiple emails flying back and forth before the scam is completed.

We work with providers such as Mimecast who are able to offer CEO protect services, TTP and URL protect. Please get in touch with us to find out how we can help to protect you and your business against CEO email scams.

https://www.mimecast.com/resources/press-releases/Dates/2016/3/mimecast-tackles-growing-security-threat-from-spear-phishing-and-previews-new-whaling-protection

https://www.mimecast.com/content/ceo-fraud

 

How to Recognise Phishing

Phishing can come in the form of email messages, websites or phone calls – they can email you, call you or convince you to download something from a website. All of these methods are designed to steal money.

Image result for phishing

Cyber criminals will often install malicious software onto your computer or steal personal information from you, so it is crucial to know what to look out for:

  • Spelling and bad grammar. Professional companies will often have staff or copy writers who would not allow a mass email to be sent with spelling errors.
  • Beware of links in emails. If you see a link in a suspicious email message, ensure that you hover over the link first (without clicking) and check to see if the hover text matches that of the link.
  • Threats. Cyber criminals will often use threats that your security has been compromised in order for you to action the email / phone call.
  • Spoof websites. Be aware of any fraudulent websites – website addresses that resemble names of well known companies but are slightly altered.

For further information, please feel free to get in touch with our of our cyber security experts: 020 8249 7000

 

SMEs – Cyber Security

It’s hard to keep up with the cyber criminals and threats, so organisations must do more to protect themselves.

Image result for cyber securityUp to 74% of SMEs suffered a cyber security breach in 2015. The attacks on businesses include; phishing, malware viruses and ransomware. These attacks are on the rise, and could stop businesses from accessing their own data or leave them vulnerable to valuable data being stolen.

It’s important to remember that up to 10% of security breaches are caused internally therefore, it is crucial that all staff should be made aware of the potential threats.

To speak with one of our experts about cyber security, please contact us on: 020 8249 7000