Locky-type ransomware is attacking systems

A new, Locky-type ransomware is currently infecting tens of thousands of computers worldwide. It uses the same code from the 2016 version to encrypt users’ files and it looks poised to cause another massive cyber emergency. Here’s everything we know so far.

Quick facts

According to a threat intelligence report, the email-based ransomware attacks started on August 9 and were detected through 62,000 phishing emails in 133 countries in just three days. It also revealed that 11,625 IP addresses were used to carry out the attacks, with the IP range owners consisting mostly of internet service providers and telecom companies.

How it works

The malicious email contains an attachment named “E 2017-08-09 (580).vbs” and just one line of text. Like the original Locky authors, attackers responsible for the new variant deploy social engineering tactics to scam recipients into opening the attached .doc, zip, pdf, .jpg or tiff file, which installs the ransomware into their systems.

When an unsuspecting user downloads the file, the macros run a file that provides the encryption Trojan with an entry point into the system. The Trojan then encrypts the infected computer’s files.

Once encryption is completed, the user receives instructions to download the Tor browser so they can access the "dark web" for details on how to pay the ransom. To retrieve their encrypted files, users will be asked to pay from 0.5-1 Bitcoin.

What you need to do

This ransomware variant builds on the strengths of previous Trojans. In fact, the original Locky strain made it easy for cyber criminals to develop a formidable ransomware that could evade existing cyber security solutions. This is why adopting a "deny all" security stance, whereby all files are considered unsafe until proven otherwise, is the best way to avoid infection.

Here are other tips to avoid infection:

  • Don’t open unsolicited attachments in suspicious emails. Alert your IT staff, and most importantly disallow macros in Microsoft Office unless they’ve been verified by your IT team.
  • Performing regular backups guarantees you never have to pay cyber criminals a ransom. If all other security measures fail, you can always rely on your backups, which protect your business not just from cyber crime-related disasters, but also from natural and other unforeseen system failures.
  • Train your staff to identify online scams like phishing. This and other similar ransomware strains take advantage of users’ lack of cyber security training.
  • Update your operating systems as soon as updates become available to reduce, or eliminate, the chances of your system’s vulnerabilities being exploited.

Even with a trained staff and the latest protections installed, your IT infrastructure may still have unidentified security holes. Cyber security experts can better evaluate your entire infrastructure and recommend the necessary patches for your business’s specific threats. To secure your systems, get in touch with our experts now.

Showdown: Office 2016 vs. Office 365

Understanding how Microsoft 2016 and Microsoft 365 differ and deciding which one is right for your business can be difficult. After all, they both have similar names and come with just about the same applications. So how do you tell the two apart? Read on.

How they’re paid for Office 2016 is a stand-alone suite, and regardless of the quantity purchased, is described by Microsoft as a "one-time purchase.” You pay a single, upfront cost, meaning the entire purchase price must be paid before receiving the license to legally run the software for life.

By contrast, Office 365 is a subscription service requiring monthly or annual payments. Office 365 allows users to run applications only if payments are made. If you stop, you will have 30 days to continue operating after the previous payment's due date before the license expires.

How they’re serviced Another aspect to consider is the service and support offerings. Microsoft provides monthly security updates for Office 2016 applications, and these updates fix non-security bugs. However, you don’t get upgrades for improved features and functionality. If you wish to run the latest edition, you'll have to pay another upfront fee.

Office 365 users, on the other hand, get the same security patches as Office 2016 and also additional feature and functionality upgrades twice a year.

How they sync with the cloud Microsoft announced a major change this April: As of October 13, 2020, Office 2016 applications acquired through an upfront purchase are required to be in the "Mainstream" support period (the first five years of the decade-long commitment) to obtain cloud connectivity. Office 365 subscriptions won’t experience this problem.

In order to achieve measurable results and enjoy business growth, it’s imperative that your business is working with the right Office solution. Give us a call and let our team of experts assess your needs and determine the better option.

Simple security habits to protect your business

In a world where cyber threats are rampant, are your business’s defense systems up to par? Would cybercriminals succeed in accessing your critical data? But the hardest, most important question to ask yourself is: How confident are you that your business would survive a cyber attack? If you are unable to answer with confidence, that is not a good sign.

According to Juniper Research, it is estimated that the global cost of cybercrime will reach a jaw-dropping $2 trillion by 2019, a staggering fourfold increase from the 2015 estimate of $500 billion. Unless you want your business to become another statistic, it’s imperative that you fortify your security measures before it’s too late.

Small-business owners have even more reason to be cautious. Up to 43 percent of hackers target SMBs since they typically lack a robust network security system that can keep constantly evolving cyber threats at bay. Here are some of the industry’s best security practices that ward off external and internal attackers.

Get cybersecurity insurance

Security breaches are inevitable, so instead of waiting for them to happen, it might be better to have a cyber liability insurance in place when a security breach occurs. Think of it like an airbag that helps cushion your business from cyberattacks. If you are held liable, it will cost you more than an arm and leg in court, effectively crippling your small business. With cyber liability insurance, you won’t have to worry about this. Certain types of insurance will even cover your legal fees.

Implement a password policy

Cybercriminals are infiltrating data systems by exploiting a resource many businesses tend to overlook: weak passwords. While it might not prevent every single attack, implementing an effective password policy will certainly slow down even the most persistent hacker.

Train your staff to create passwords with 12 or more characters that include both upper and lowercase letters, numbers and even punctuation marks. If nothing comes to mind, try using the Bruce Schneier method: take a personal or memorable sentence, abbreviate the words and add special characters.

Use Virtual Data Rooms

A virtual data room (VDR) is an online repository where your company can store its data. Not only does a VDR protect your business’s sensitive information, but it also makes it easier for your staff to securely share data. Hackers find it nearly impossible to extract information stored in a VDR, which is why it is generally used for archiving financial transactions and sensitive data. Legal documentation, tax paperwork, and intellectual property information are ideally stored in a VDR as well.

Beware of internal threats

While it might be hard for business owners to accept the fact that they are likely to face more internal threats than external, they will rue the day they chose to neglect insider vulnerabilities. Up to 55 percent of all cyber attacks originate within the organization. Malicious employees are responsible for 31.5 percent, and the remaining 23.5 percent are employees who were none the wiser.

To prevent internal attacks, you should keep a closer eye on authorization requirements and be extra careful when deciding which staff should have access to sensitive data. Educate employees on steering clear of suspicious links or not opening emails from unknown senders. Don’t mistake monitoring your employee’s online activities for micromanaging. As a business owner, you need to protect your team as much as you would your bottom line.

Talk to an expert

If your sink were leaking, would you fix it yourself or call an experienced professional? Chances are you’d do the latter, because you don’t know the first thing about plumbing. The same principle applies to IT security. Not only will IT security experts take time to understand your business’s needs, they will also determine the best course of action to keep hackers at bay. They do so by identifying your system’s pain points and recommending solutions that will eliminate them.

Cybercriminals are growing in both number and sophistication, and merely keeping up with them is no longer enough -- you need to stay one step ahead. With OnTech Networks as your technological partner, we can handle all your network security needs with our Managed Security services. If you have any security or cybercrime-related questions, don’t be shy. Contact us by phone or email; our team is more than happy to help you.

CONTACT INFO

1233 The Plaza, Box# 189048
Charlotte, NC 28205

☎ 866.807.6624

LATEST POST

Featured
Steps to protect your business from cyberattacks
Steps to protect your business from cyberattacks