A Bandwidth of Thieves

Walking into the office in the morning, the day seems normal as usual. A hot cup of java
in one hand, maybe a TPS report in the other, you sit down to your PC and fire it up. That’s
when you see a quick message on screen:

“If you see this text, then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service. We guarantee that you can recover all your files safely and easily. All you need to do is submit the payment and purchase the decryption key.

Please follow the instructions:

1. Send $300 worth of Bitcoin to the following address: XXXXXXXXXXXXXXXX
2. Send your Bitcoin wallet ID and personal installation key to e-mail
XXXXXXXX@XXXXX.com”

This is the moment where you start to worry while asking yourself the usual frantic questions: How did I get targeted? Why did they choose my company? Is there any way to get my information back without paying? How could I have made my business safer so that this situation could not have occurred? Take a deep breath. The first step to combat against these cyber attacks is to understand how these thieves are attempting to gain entry to your network environments; followed by increasing methods of protection from your IT team or MSP. Although Microsoft has crafted some answers to the growing threat of viruses and malware in 2018, these answers alone are not enough. A combination of antivirus solutions, a secure IT environment, and the knowledge to combat against these trending threats is the only way to ensure you, and your business, do not become the next target.

Malwarebytes Labs, a trusted antivirus and data security firm, reported that ransomware attacks have increased by over 2,000% within the last two years; and forecast 2018 to be our worst year yet for cybercrime. The establishment and growth of digital currencies or cryptocurrencies have been fueling the growing threat of cybercrime. These currencies are untraceable and the ideal currencies for cybercriminals. With these currencies growing in strength and popularity, cybercriminals are using phishing techniques and applying malware to unsuspecting victims.

Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information or gain access to secure network environments. Phishing is ever constantly evolving to catch others unaware, such an evolution is the present danger of Zerofont; which is a new technique that involves inserting hidden words with a zero font size that makes a phishing attempt look non-malicious when in fact it is gaining trust in order to log your sign-in credentials or account information. The malware that may break your defenses could range from ransomware like Petya, ExPetr, and WannaCry which will either encrypt your valuable data as a hostage or it will act like a ransomware program that is in truth just a wiper; which will delete everything no matter how much you pay.

Microsoft Windows has been adamant about increasing defenses against these threats, but using Microsoft’s defenses is not a proactive protection plan alone. In order to have a proper defense plan in place, a business must have a multi-faceted approach that incorporates Microsoft’s updates and defense definitions, a robust anti-virus solution combo and backup data stored in an offline location away from the network.

We begin with an emphasis on Microsoft’s updates and definitions because this is the first line of defense. Microsoft updates their operating systems frequently to combat these growing threats, and the only way to help Microsoft defend your computer is to stay up-to-date on update versions and take recommended actions. We couple Microsoft’s solutions with a combination of robust anti-virus programs to solidify defenses against possible threats. Analytics Computers uses, and suggests, a combination of real-time active scan programs like Trend Antivirus and a thorough deep scanning program like Malwarebytes. The combination of these programs with a SPaaS (Security Protection as a Service) like SonicWall will ensure a safe business network environment.

Lastly to combat “the worst case scenario”, every business with vital information that needs to be kept safe should be backed up and stored in an off-site location away from the business network. Whether daily or monthly, a back-up of the business’s information should be made. Once made, these backups should be stored in an off-site location in case a breach in the network occurs. No need to pay ransoms for the information you have in duplicate or even triplicate.

The age of digital information has created a playground of possible ways for cybercriminals to attack and hold your information for their gain. Only through a combined knowledge of tools and information can a business owner or employee truly be able to protect themselves from these ever growing and adapting threats. Keeping up to date with Microsoft’s defense packages, employing a safety net of anti-virus programs, and having an up-to-date backup stored in a secure area is the only way to protect yourself. With the application of these steps, the thieves attempting to disrupt your success will only be met with their own failures.