With business starting to reopen after the summer holiday break, a renewed warning has been issued to business operators to be even more vigilant and on guard against cyber attacks.
The potential for attack increased with the emergence of Meltdown and Spectre – two major security flaws affecting nearly every modern computer processor and billions of IT communication systems worldwide.
The two significant vulnerabilities have been discovered within modern computing hardware which could allow hackers to steal stored data — including passwords and other sensitive information — on desktops, laptops, mobile phones and cloud networks around the globe.
The more pervasive flaw of the two – dubbed Spectre – leaves the world’s supply of microprocessors potentially vulnerable to attack. Researchers had warned that although hackers would find it harder to take advantage of Spectre, it was also proving more challenging for computer manufacturers to overcome.
Right now there is no complete software patch for Spectre. The long-term solution may rely on a hardware redesign with software patches acting to monitor and stop malicious behavior.
The other flaw, called Meltdown, affects most Intel processors made after 1995. Although security patches exist for devices running Linux, Windows, and OS X, researchers have advised that the ’fix’ may slow down their performance by as much as 30 percent.
In addition to the latest threats, past trends indicate that at this time of year there is an increase in ransomware campaigns impacting business in Australia and globally. Ransomware is the fastest growing malware threat and makes data and IT systems unusable until victims pay a demanded ransom.
After the initial infection, the ransomware attempts to spread to shared storage drives and other accessible systems. If payment demands are not met, the IT system or encrypted data remains unavailable, or data may be deleted.
Ransomware infects computers the same way as other types of malware, for example it can be attached or linked to a malicious email or hidden on websites.
It doesn’t matter how big or small your business is, or whether you hold valuable information, ransomware stops you accessing the files that are important to your business.
We would advise business not to pay the ransom if they fall victim to such an attack, but rather to seek expert technical help. There is no guarantee that paying the ransom will recover the affected data or IT systems, and it could make you vulnerable to further attacks.
The mitigations for ransomware are well known, criminals do not discriminate, and no business or organisation should be unprepared for when it hits them.
To mitigate against such an attack, Think Technology Australia advises business to:
- Patch/update all software and operating systems immediately
- Ensure that your data is backed up regularly and that offline and/or offsite backups are available
- Ensure your antivirus software is up-to-date.
There are two main types of ransomware:
- Crypto-ransomware: encrypts your files with an unknown password. The password is randomly generated by the attacker to make it impossible for you to guess. You won’t be able to access your files until you pay the ransom and get the password to unlock them from the attack
- Lockscreen ransomware: locks your computer or files. A message will appear on your screen telling you that you need to pay a ransom before you get access back. You won’t be able to remove the message or access your desktop, apps, or any files.
In the first six months of 2017, there were two large ransomware outbreaks that affected individuals and businesses across the world; in May a variant dubbed ‘Wanacry’ affected over 300,000 computers, followed by the variant ‘Petya’ in July that affected 16,500 devices.
If you would like to find out how we could keep you protected from Ransomeware, give us a call today 1300 920 866