the state of ransomware

Why Small Businesses Should Be Very Concerned About Ransomware Attacks

the state of ransomwareIf you are thinking, “Oh, no. Not another article about ransomware,” you need to read the rest of this report.

CNN broadcasted a segment on July 27, 2017, informing viewers why small businesses in particular should be very concerned about potential ransomware attacks. The broadcast stemmed from the release of the “Second Annual State of Ransomware” study conducted by Osterman Research.

The Damage Is Often Worse Than the Ransom

In an earlier newsletter we shared the pervasiveness of ransomware. No one is immune from ransomware attacks.

The common mindset of small business owners is that ransomware protection is a priority for major enterprises as opposed to SMBs.

As it turns out, small businesses are at great risk and, proportionately, have much more to lose, according to the Osterman data. The greatest potential for SMB loss is not the ransom itself, but the damage resulting from the intrusion.

  • 16% of SMBs experienced operating downtime of 25 hours or more. Some were hobbled by more than 100 hours of downtime.
    • 93% of those (15% overall) suffered a loss of revenue due to the downtime.
  • 22% of SMB victims of ransomware attacks were unable to recover and subsequently had to close their doors.

Small Businesses Lack Adequate Reserves

“Cash reserves” is a standard business term that is seldom heard in the SMB realm. Small businesses typically operate on a small amount of capital. It is rare when small businesses include cash reserves in their budgets. The cash reserves set aside by their larger “cousins” do not make them less vulnerable to ransomware attacks, but they do help to mitigate the consequences of the aftermath of an attack.

Small Businesses Lack Adequate Resources

According to the report,

  • 27% of SMBs could not identify how their systems were accessed.
  • 33% reported the malware infection had spread to multiple network devices before being detected.
  • 64% of attacks in the U.S. were perpetrated by infected email attachments or links.

Small businesses seldom have the IT infrastructure of corporate discipline to ensure that their systems are adequately protected and that their employees are complying with company rules regarding internet security. For a variety of legitimate reasons, many SMBs do not have a disciplined way of keeping their digital security up to date.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

What in the World Are Hackers Thinking?

hackersWe already know what we think when our digital technology has been compromised by some &^%#$* hacker and her (yes, her!) virus, malware, ransomware, or phishing expedition. We get frustrated and downright angry. Have you ever wondered, what the hacker was thinking or what motivated her? We thought it might help to understand.

A recent report published by Government CIO indicated that,

“Most cyber criminals are motivated by the commission of a crime. It is a psychological issue that defines them as people with some super traits that cause antisocial behavior. Possibly, these people suffer from one or more forms of psychological disorders that seek to gain recognition or personal gain from illegal activities.

Other personality traits exhibited by the cyber criminals include “self-centeredness, grandiosity, callousness, and lack of remorse or empathy for others coupled with a charismatic, charming, and manipulative superficiality.”

Does that give you a warm, fuzzy feeling? We didn’t think so. Perhaps this will help. In late 2016 Digital Endpoint described eight common types of hackers along with some insights into what motives them.

TYPE PERSONA MOTIVATION
White Hat Good guys Companies employ them to test software, websites, and systems from criminal hackers.
Black Hat Guns for hire They get paid for stealing information by the people who want that information. They don’t care about the information per se.
Grey Hat Wolves in sheep’s clothing They test systems, but without permission. When they find a weakness, they try to sell their findings to their victims for a price.
Script Kiddies Trainees They use packaged software to disrupt systems and establish a reputation in the hacking community.
Hactivists Protesters They are employed by governments to gain information and/or attack foreign entities.
State Sponsored Warriors They hack to harass, expose, and exact revenge on entities to which they are opposed.
Corporate Spies Corporate Spies Corporate spies have existed for years. The internet and digital technology are just new tools.
Cyber Terrorists Terrorists They want to “spread fear and create chaos … by causing unrest.”

Did we mention that some hackers are women? Watch this video. It will give you even more insight in what in the world hackers are thinking.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

ransomware money

Five Things You Probably Did NOT Know About Ransomware

ransomware moneyOur mission at Tech Sentries is to help you “Guard Your Technology.” Part of helping you to “Guard Your Technology” is to keep you informed about threats to your computer system, like ransomware. We believe that keeping you informed is part and parcel of our commitment to you. We found this insightful information in a recent article in an online tech site.

Ransomware Lesson #1

It can be much easier to steal your business or personal information and hold it ransom than to kidnap someone in your family.

Holding information for ransom may be less lucrative per instance, but the crime can be perpetrated a virtual plethora of times with the potential capability of accumulating a great deal of ill-gotten gain from multiple sources. Although some criminals may take the short path to large sums of cash, the opportunity is now open to treacherous techies who are willing to commit the crime numerous times on a smaller scale.

Just because you are not a big business or personally wealthy does not exempt you from ransomware attempts.

Ransomware Lesson #2

Ransomware is not a virus. The computer term “virus” was coined because, like a live virus, it infects your computer files. Ransomware locks your files so that you cannot access them.

Ransomware Lesson #3

You do not have to click on anything in particular to be the victim of a ransomware attack. Although phishing is a method used in some ransomware attacks, it is not, by any stretch of the imagination, the only method of attack.

We always strongly advise our clients to be careful what you click. Understand, however, that this may not make you immune to a ransomware attack. It is, nonetheless, a good habit to develop to guard your technology.

 

Ransomware Lesson #4

You do not have to visit questionable websites to become a victim of ransomware. Although that may make you more vulnerable to attack, the masters of the ransomware craft tend to use the most innocuous of sites to carry out their schemes. Their whole point is to catch the innocent unaware.

Ransomware Lesson #5

You can guard your technology against ransomware. Although traditional antivirus software has yet to provide foolproof protection against ransomware, whitelisting has come to the forefront as one of the best defenses available. Read our recent blog post about whitelisting here. You will understand in more detail why whitelisting is so successful and why you should use it.

 

You should be concerned about ransomware, but you are not alone and defenseless in the computer world. Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

malvertising

Guard Your Technology Against Malvertising

malvertising

When you juxtapose “malicious” or “malware” and “advertising,” you get the portmanteau “malvertising.” Although malvertising has existed for about 30 years, it is not yet a household word, even among many computer techs. That is probably going to change following a malvertising attack discovered on Google June 2, 2017.

The attack caught users unaware as they innocently clicked on a sponsored AdWords search engine response to the big box retailer, Target. Expecting to land at Target’s website, users were unwittingly redirected to another URL where they were greeted with a Microsoft look-alike site that warned them to call a phone number to remove an infected file on their computer. The file itself was non-existent.

Malvertising typically works because the malware is not on your PC. It is propagated by inserting malicious codes into ads on trusted websites. Malvertising is particularly pernicious in that neither the site nor the advertiser are aware of the code that redirects users to a malicious server. According to the Center for Internet Security, “The software could allow the attacker to perform a number of actions including,

  • allowing full access to the computer
  • exfiltrating financial or sensitive information
  • locking the system and holding it ransom via ransomware, or
  • adding the system to a botnet so it can be used to perform additional attacks.

This entire process occurs behind the scenes, out of sight of the user and without any interaction from the user.” Because all of this activity takes place “behind the scenes” and because internet ads are changed at a rapid pace, malvertising is unusually difficult to combat. The New York Times and NFL websites have already been malvertising victims.

The best practices for guarding your technology against malvertising are to ensure that all of your software and extensions are up-to-date, disable the automatic use of Flash, and close windows not currently in use when connected to the internet.

Tech Sentries is always on duty helping you “GUARD YOUR TECHNOLOGY” at all hours of the day and night. Don’t wait. Contact us today. (843-282-2222).

ransomware statistics

Alarming Statistics About Ransomware

For some inexplicable reason, each of us tends to believe that we are immune to catastrophic events, including diseases, natural disasters, and crimes. Unfortunately, we carry that same naivete over to guarding our technology. Just as we think that no harm will befall us personally, even though it does, we believe that are computers are also immune – even though we have no reason to believe that they are.

Eye-opening Ransomware Statistics

ransomware statisticsSome people are motivated by statistics that evidence growing vulnerability. Others become motivated when disaster strikes someone they know. Still others do nothing until they have become infected or affected. We hope the following statistics will increase your awareness of the reality that you can become a victim of a ransomware attack.

  • There are more than 4,000 ransomware attacks reported every day.
  • It is estimated that less than 25% of attacks are report.
  • 30,000 to 50,000 digital devises are infected with ransomware each month.
  • The amount of money paid in ransom increased dramatically from 2015 to 2016.

 

Year Ransom Paid
2015 $24 million
2016 $850 million

 

Year Average Paid
2015 $294
2016 $679

More Convincing Statistics

Ransom paid is only part of the problem. Ransomware attacks cause expensive downtime for businesses.

  • 63% of business attacked by ransomware suffered downtime.
  • 34% lost money as a result of the downtime alone.
  • 20% were forced to close permanently.

Small Business Are Not Immune

Myth: “My business is too small for anyone to bother attacking.”

Fact: A recent survey reported that, on average, small businesses lose an aggregate of $8,500 per downtime hour. That is an annual total of $75 billion.

These statistics may not alarm you. They should. You need to take the necessary precautions to protect your business and your home computers from ransom attacks.

Yes, you should be concerned about your computer system security, but you should also know that you are not alone and defenseless in the computer world. Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Google Phishing Scam

Don’t Take the Google Docs Phishing Scam Bait

Google Phishing Scam

When your Daddy taught you to fish, he taught you how to bait the hook. The secret is to make the bait so alluring that the fish doesn’t sense the hook. Sometimes it works. Sometimes it doesn’t. Kind of makes you wonder if some fish didn’t pay attention when they were swimming in their schools.

When it comes to phishing online, we must realize that we are the phish. We have got to be “fin”nicky about what we bite on, especially if it looks really, really good.

Online scam artists – we’ll call them “phisher”men – know that not everyone of us is going to bite. They are happy to catch a few. The objective from our point of view is to not get fooled. When we get fooled, we get caught.

The Google Docs Scam

Here’s how the scam works.

  1. You receive a message from someone you actually know, inviting you to access a Google Doc.
  2. The trick is to get you to bite by clicking on an “Open in Docs” button. It’s not that the message is too difficult to pass up; it’s that it just looks so real.
  3. Once you bite, you receive a request for access to your Gmail account. At this point, you may as well jump into the boat. You been snagged.
  4. Once you have granted access to your Gmail account, the “phisher” sends a similar message to everyone in your contact list.
  5. What really gets your gills is that all traces of the messages sent from your Gmail account are removed.

The cycle keeps repeating itself over and over.

Now What?

As far as experts have been able to determine, no information was stolen and used in any way that smelled fishy. The scam was – or is – someone’s twisted sense of fun. Willie Sutton robbed banks because they were there. Seems to be the same motivation with the Google Docs scam.

We should be concerned because any “phisher” with the capability of pulling off this scam most likely has the ability to do great and widespread damage.

Very real threats exist. Even though you may not be able to see them, they could be lurking right before your eyes. Knowing this,

  • Be vigilant.
  • Think before you act.
  • Make sure you are protected from phish bait before it hits the proverbial water.

You can be vigilant and you can think before you act, but you are going to need help protecting yourself. Tech Sentries is the logical source of your protection. We guard and protect your PCs, laptops, and other connected devices against the dangers that lurk in cyberspace.

Don’t wait to get hooked. Contact us right now. Let us show you how we can help.

old methods cant stop ransomware

Why Old Methods Can’t Stop Ransomware

During the American Revolution, sentries guarding encampments reportedly shouted, “Halt! Who goes there? Friend or foe?” As far as we know, there are no statistics that indicate how many foes identified themselves as such – or lived to tell about it.

Ransomware is not easily identified

As of this time, conventional anti-virus software is about as effective at identifying ransomware as Revolutionary War sentry was at identifying friend or foe. We do have some statistics for the current day.

A recent survey of 500 companies found that

  • 33% had been attacked by ransomware in the previous 12 months
  • More than half of those companies were operating multiple anti-virus software at the time.

old methods cant stop ransomware

Think about that.

  • Of 500 companies,165 had been attacked by ransomware
  • Of those 165 attacked, 87 were employing multiple lines of defense.

That’s like having multiple perimeters of sentries, none of which would identify the foe.

There’s a reason for that.

The common approach is called blacklisting. Software already identified as “foe” is blacklisted. The problem is that the software cannot be identified as evil until it has permeated someone’s defense perimeter. Once identified as malware, conventional anti-virus publishes, in effect, “Wanted” posters so that computers can recognize software already known to be malicious.

There’s a solution for that

The solution is in implementing the opposite of blacklisting. Computer techies call it “whitelisting.” Instead of issuing wanted posters, a whitelisting approach allows only known friends to pass.

Pernicious thinkers amongst our readership might be thinking that ransomware can disguise itself by wearing someone else’s clothes. Not so. If ransomware producers think that they can masquerade as a friend, they will be sorely surprised to discover that they are wearing the proverbial Emperor’s New Clothes. The ruse will be discovered, and the attempt at ransom will fail.

Are you adequately protected against ransomware? Don’t think so. Know so. Contact us and let us show you how you can be sure that you are protected.

ransomware Myrtle Beach

Cerber Ransomware Kicks Into High Gear During Post-Holiday Shopping

ransomware Myrtle BeachAfter a relatively calm period, the researchers at Microsoft are warning that the ransomware known as Cerber has resurfaced stronger than ever. The target audience? Holiday and post-holiday shoppers. It also targets the data files of enterprise businesses.

Most of us are a little more aware of the need for cyber security during the holidays, but the need is equally important after the holidays! The Malware Protection Center at Microsoft has reported that the cyber attackers have amped up their game during this post-holiday season. One reason is the number of online shoppers looking for great deals after Christmas.

Top security researchers are now aware of a couple of new campaigns and spam that pinpoints all the consumer transaction during the post-holiday season. Cerber ransomware is constantly changing, causing user files to be encrypted while holding them for ransom. Just in the last several weeks the authors of Cerber ransomware are now attacking critical applications of major business files.

The newest version of this ransomware has been programmed to target the database files of Microsoft Acess, Oracle and MySQL. It’s not unusual for these files to be shut down as they are encrypted by malware.

As with so many other viruses, attackers are going straight for your inbox and flooding them with malicious links and downloadable attachments. As soon as you click on the link, the virus moves in, installing the ransomware. What’s worse is that it creates what looks like zip files that are password protected. The body of the email often contains the password, making this another huge red flag for malware. It usually states that order and delivery details are in the email.

Vulnerabilities found in previous Adobe Flash websites can also be used to exploit Cerber. If a person happens to be on this site, they will unknowingly download the malware to their computer. What’s more, any information on the version of Cerber ransomware has been scrubbed, which makes it even harder to track.

Unfortunately, an even wider net has been cast by Cerber and it’s now targeting dozens more types of files. Executing .exe, .cmd, and .msi files is now happening for the first time with Cerber ransomware.

Cyber criminals have to constantly be changing and updating their versions of ransomware in order to go undetected by antivirus software programs. Ramping up the malware complexities tells us how determined these criminals are to destroy and attack your personal files. Don’t become a victim—never click on unfamiliar links in your email! Use common sense and close out any ads or emails with suspicious links.

For more information on cyber criminals and how to stay safe from ransomware, call Tech Sentries today! (843) 282-2222.

Ransomware Myrtle Beach

Why Backups Aren’t Enough

Perfect backups will not always prevent the consequences of a ransomware attack, but backing up is vitally important.

Myrtle Beach Ransomware

 

The Problem with Ransomware:

A high-profile ransomware attack hit a well-known transportation agency over a recent holiday weekend.  This attack was a major eye-opening event, to say the least.  For the first time, a major transportation agency has been shut down by a ransomware attack.  To give you a few details, they estimated that approximately 900 of the computers in this agency were affected.  They were using backups and this provided them with the ability to restore data with no intentions of paying the ransom; so one would assume all was well.  Not exactly…

The transportation agency’s use of backups prevented them from losing all their customer and internal data.  The use of a simple backup prevented a major catastrophe for this agency.  Without the backups, they would have been faced with paying the ransom in this case, or been faced with heavy financial losses.  It took approximately 2 to 3 days in order for most of the computers to be restored and the rest followed within the week.  A large portion of their workforce was inaccessible for several days and some parts were down for almost an entire week.

The inability to work and work properly is going to cost any business money and valuable resources.  With the transportation agency’s computers inaccessible, they had to shut down the terminals and payment systems, allowing the public to ride the metro for free.  Many local articles stated that the systems being down was costing the agency $500K for every day that they were down and not working. This ransomware attack cost this transportation agency over a million dollars in the time they were down and not running.  Backing up a system can save data and is very important, but many times it is not quick enough to get you back online without losing valuable time.     

The Solution:

The story of the transportation agency demonstrates the vital importance of prevention when it comes to ransomware attacks.  In order to eliminate this problem before it begins, it’s important to put your emphasis on prevention instead of detection and recovery.  We believe that prevention is the only way to protect your business investment, and that is why we use global application whitelisting. Whitelisting allows you to avoid organized attacks and targeted areas because unknowns are always blocked no matter how new they are.  We have no way of knowing what antivirus protection the agency was using, but even with their backups they suffered huge financials losses due to downtime.

Prevention is key!  If you have any questions about ransomware attacks and how to keep your business protected, please give us a call at 843-282-2222 TODAY!

Jackware—What Is It?

Myrtle Beach JackWareHave you ever heard of jackware? In this day and age, we hear a lot about ransomware, spyware, adware and all kinds of other “wares,” but probably not jackware. However, it’s still malicious software that gets in and controls many devices whose main function is NOT digital communication. Your car is a perfect example of just such a device. Your car may have some communication abilities, but think of it like this: we’re looking at cars as simply a means to get from one spot to another.

Jackware is essentially a more specialized ransomware, which like its name suggests, gets in your software, encrypts your files and demands a ransom in order for you to unlock and get your files back. With jackware, it seeks to lock up your car’s ability to run until the ransom is paid.

The following is important to note!

 Jackware has not actually been defined as an active threat just yet. It’s still a bit theoretical in nature, although we here at Tech Sentries are a bit doubtful of jackware being stopped. There are people constantly coming up with new ways to hack into our everyday lives and create chaos through our computers, software, telephones, and now even our cars if something isn’t done. Brand new cars are essentially fancy computers on wheels and so they are very vulnerable to jackware after they have left their manufacturing facility to be shipped across the world.

All last year, we heard about the Fiat Chrysler Jeep problem where the design process wasn’t stellar and many of the systems were wide open for hackers. So, we now know that in order to stop this problem, protection must happen during the design process. Car companies need to ensure consumers that everything they do with the car’s onboard computer is safe. For instance, many people now can control systems in their homes, such as alarms, lights, etc., all from their vehicles. If jackware really does become a huge reality, then your car is one more portal from which hackers can work their evil. Many smart cars now come with Wi-Fi capabilities and this could be a big problem if it’s not completely secure.

 So How Do We Stop Jackware?

 This is the million dollar question. Unfortunately, the world has not done a good job at all of deterring cyber crime. Hackers just get better and smarter at what they do, so the risk of becoming a victim is huge. In order to stop jackware, it would have to involve changing policies within major manufacturers, as well as staying ahead of the technical curve. Gone are the days when clicking on a link in an email was the only way to get hacked by ransomware. Millions of dollars have been paid to cyber criminals by desperate people trying to get their files recovered. Companies need to be employing the best anti-malware security they can find. We also need to actually prosecute the criminals behind the ransomware!

The question remains if ransomware will actually spawn a branch called jackware. It absolutely seems certain that this will happen at some point. One of our biggest concerns is that of self-driving cars. Any vehicle that is equipped with onboard computers is at risk for jackware.

The best way to stay safe and protect yourself from ransomware attacks—including the possibility of jackware—is to have the best protection available today. Tech Sentries stays on top of all the latest threats so you don’t have to.

Call 843-282-2222 today for a free consultation.

1 2 3