Month: December 2016

You have heard a lot about ransomware but do you know what it is and how to defend against it?

Cyber attacks have been happening at an increased rate all over the country. The most common type of cyber attack these days is ransomware. Ransomware is not a new form of hacking but it was not so successful in its early years. Now, cyber attackers have found ways to make it more profitable for them and that has lead to increased cyber attacks involving ransomware.

What is Ransomware?

You may be wondering exactly what ransomware is. Ransomware is a type of cyber attack where cyber criminals gt into your system and take some of your files “hostage.” They likely will encrypt your data files so that you cannot gain access to them. In order for you to get your data files back, the hackers demand payment. In exchange for the payment, which is generally in bitcoins, a technology form of payment, you will be given an decryption key so that you can decrypt the data files and gain full access to them. This is generally how a ransomware attack plays out but there are different variations, including one called Popcorn Time when instead of paying the fee for the decryption key, you can provide the information of two other people or businesses for them to hack.

Where the Majority of Ransomware Attacks are Focused

While you may think that ransomware attacks happen to individuals more often than not, you would be incorrect. In fact, 88 percent of all ransomware attacks are focused on hospitals and healthcare organizations. More than any other sector or industry, hospitals and healthcare organizations lose the most data. On the black market, patient data sells for more money that anything else, which is likely the main reason why the industry is hit the hardest from cyber criminals. One reason why they may also be the most vulnerable is because hospitals use so many different systems and devices to get the work done. There are more entry and pivot points that cyber criminals can exploit and gain access to the system. 94 percent of the 88 percent of attacks were linked to a specific variant of software named Cryptowall. In fact, the hospital data breaches that have been high-profile enough for them to make headlines have been due to ransomware. This is becoming more and more of an epidemic, not only within the healthcare system but also in other sectors, even though they are not being hit as hard.

How to Protect Your Business

Whether or not your business is in the healthcare sector, you need to begin taking steps now to better protect your business against these types of attacks. They are occurring more and more often due to increased technology and experience in the hackers. This problem is not going to go away on its own and there needs to be a way for businesses to protect themselves. While it is impossible to eliminate the attackers at this point in time, there are ways you can better protect your business.

• Backup all of your files regularly. One of the biggest mistakes that companies make is not backing up their files. If you have a back up available, you will not have to pay the attackers to get your files back. You will already have them. Just be sure to keep them on a separate server and back them up regularly. The frequency of your backups will depend on how often your data changes. For some companies, it makes sense to back up once per week. For others, you will need to back up your files every hour. Figure out what works best for you and set it up accordingly.
• Install and maintain security software. Backing up your files should be done as a precaution. However, you need to have security software installed on all devices and keep them updated. This will help protect you against viruses and malware that you may be susceptible to.
• Educate yourself and your employees. Even with the best protection, hackers can still get in. Protect yourself and your company by taking the time to educate your employees on what to look for and what to do if they have noticed a virus or attack. The early reaction could be critical in slowing down or stopping the attacker.

New Popcorn Time Ransomware Demands Cash Unless Infected User Agrees to Spread the Virus to Friends

We’re Urging Local Individuals and Businesses to be Informed about Latest and Most Sophisticated Cyber Scam

The need for cyber security has been on the radar and in the playbooks of serious companies and their executives for some years. However, recent advancements in a particularly virulent strain of software called “ransomware” has made even forward-thinking CIOs sit up and take notice. Ransomware attacks are hitting individuals, institutions and businesses hard, right here in {city}. Ransomware attacks are defined by their demand for incredibly high ransom fees simply to restore access to information and reinstate productivity.

As if that wasn’t bad enough, the newest form of diabolical ransomware floating around the internet is through a software called Popcorn Time. Popcorn Time is deviously named after but unrelated to the bittorent piracy app and quickly infects a user’s machine and demands a 1 bitcoin ransom (over $700), to reinstate access to data held hostage. However, the particularly daunting aspect of this strain of ransomware is the alternative escape option it offers. If an infected user can’t afford the bitcoin payment, they can have their files released for free on one condition: send the malicious link to two friends, have them download the infection and pay the ransom.

Reminiscent of a B-rated Hollywood horror film or a bad pyramid scheme, this new method of spreading the virus and seeking out more victims is incredibly hard to track, prevent and slow down. The frightening new software was discovered by cyber-security researchers, MalwareHunterTeam, and the malicious program is still in development. However, researchers claim that if left to develop fully, the innovative method of distribution could make Popcorn Time one of the most dangerous and widespread cyber-scams on the internet.

So what can individuals do to stay protected? And what does one do when they find themselves faced with paying a ransom or selling out their friends? The cyber-security experts at {company} want to make sure {city} individuals and businesses are well-versed in how to proactively keep data protected before nasty ransomware like this takes hold of data. The most important point of defense is securing reliable back-up solutions where an emergency copy of all important data is stored and protected on a separate machine or in the cloud.

Through proactive and strategic planning and preparedness, the {company} team is committed to ensuring that their client base is equipped with comprehensive back-ups in case of attack or disaster. Because of this foresight, {company} clients wouldn’t have to pay the ransom to retrieve their files in the case of an attack, nor would they have to consider selling out colleagues or friends to avoid the bitcoin payment.

Even with backups in place, damage-control and restoration time to get business back on track can be costly. Though the {company} team is equipped to help clients recover from disaster quickly, there is a cost associated for the man hours needed to restore data. Not to mention the lost productivity and wage expenses that businesses suffer because their employees are unable to work for a certain amount of time. Furthermore, ransomware attacks like Popcorn Time are getting increasingly sophisticated and malicious and can manifest in ever-evolving ways. Therefore, it’s critical to have a variety of cyber-security measures in place to ensure protection.

Investing in the correct preparation and protection mechanisms may seem time consuming or costly, however, the cost pales in comparison to the potential damages that a ransomware attack can cause. As the prevalence and sophistication of ransomware continues to rise, the potential cost and productivity savings of enlisting IT support is becoming increasingly evident.

If you’d like to connect your business-minded audience with more information about this nasty new strain of Ransomware, other daunting cyber-security threats and tips for staying informed and protected, please don’t hesitate to reach out to at (469) 635-5500.

Keeping the masses informed is the first and most important step against beating cyber criminals.

Cyber attacks can happen at any time and the bug discovered in the Windows program is one example of how attackers can enter your system.

Google has a Threat Analysis group that is constantly looking for any vulnerabilities in systems. The group recently discovered one such vulnerability in Windows and Microsoft is not very happy about it. Google went so far to say that the bug that has been discovered is being exploited by cyber criminals.

About the Bug

Google is categorizing the bug as critical even though it is very specific. It is allowing attackers to escape from security sandboxes. The escape path is through a flaw in the win32k system. The description of the bug is basic but Google did release data that allows the public to be able to recognize an attack. However, they did limit the information provided so they do not make it an easy attack for cyber criminals to use to their advantage.Strontium, a Russian group, is attributed to the exploitation of the bug.

Why Google Released the Data and Not Microsoft

Google had originally notified Microsoft of the bug 10 days prior to bringing the news to the public. The information was released before a patch could be developed and used in the Windows program. At the time of the release of data, Google had already developed a way to protect all Chrome users while Microsoft had yet to fix Windows. Microsoft did promise to have a patch for the big on November 8. Google does have the right to release this information about the bug in a vendor system and has technically not stepped on many toes but Microsoft does not agree.

Why Microsoft is Not Happy

Many people would look at the situation and think that Microsoft is not happy with the release of information because it may make them look as though they are not trying to fix it. However, Microsoft has released a statement to explain why they are not happy with Google for releasing the information. They have said that Google is putting customers at risk by releasing information that can be used against them. Microsoft has also recommended that people use Windows 10 as well as the Microsoft Edge browser to better protect themselves until the bug has been fixed.

The Grace Period Enforced in 2013

According to a Google policy, there is a seven day grace period where any vulnerabilities cannot be disclosed. This accounts for seven days after they have notified their vendor. In this circumstance, Google did not report anything until 10 days after reporting it to Microsoft. There have been many people, before this incident, to say that this grace period is not enough time to fix any vulnerabilities and that companies should have more time. While this was only a concern in the past, this is the first time that the company has had to use the policy to inform the public. Google also said that it was important to release the data because the bug was actively being exploited at the time, leaving many customers vulnerable to an attack.

Importance of Applying Patches and Updates

It has been said before and this incident is even more proof that the rule needs to be reiterated. In order to ensure you are protected as possible, you must install any system updates and patches as soon as they become available. The updates may be small or they may protect you from an attack like this one.