malware

IT terms you need to know

Jargon can be intimidating if you’re dealing with IT issues and you’re anything but techy. Running an anti-malware scan can generate auto pop-ups that leave you clueless with IT terms that sound Greek. Learning the basic concepts listed here will help you move on and not be surprised the next time that happens.

Malware

For a long time, the phrase “computer virus” was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as malware.

Ransomware

Don’t let all the other words ending in “ware” confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is “ransomware,” which is malware that encrypts valuable data until a ransom is paid for its return.

Intrusion protection system(IPS)

There are several ways to safeguard your network from malware, but IPSs are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.

Social engineering

Not all types of malware rely solely on fancy computer programming. Experts agree that the majority of attacks require some form of what is called “social engineering” to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.

Phishing

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value — always verify the source of any service requesting your sensitive data.

Antivirus

Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well-known malware variants.

Zero-day attacks

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyberattackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

Patch

When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest malware.

Redundant data

When antivirus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.
We aren’t just creating a glossary of cybersecurity terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out just how we can help you with your IT woes.

Published with permission from TechAdvisory.org. Source.

Warning signs your computer has malware

With the rise of eCommerce and online banking, cybercrime has evolved. Like criminals who pull smash-and-grab jobs, they go where the money is. However, unlike bank robbers, cybercriminals do their best to avoid detection by letting malware do the work for them. Viruses and ransomware sneak into PCs to quietly steal passwords, financial credentials, and other personal information to be sold on the black market for profit. Not all malware is stealthy though. Here are some telltale signs.

Slow computer

Are your operating systems and programs taking a while to start up? Is your data bandwidth suspiciously slow? If so, your computer may potentially have a virus.

However, just because your PC is running slower than usual doesn’t necessarily mean that it’s infected, as there could be other causes to your computer slowing down. First, check if you’re running out of RAM. For Windows, open task manager (press Ctrl + Shift + Esc) and go to the Performance tab and check how many gigabytes of RAM are used up under the Memory section. For Mac OS users, you can open the Activity Monitor app and, under System Memory, you should be able to find out your RAM usage.

Other causes could include lack of space on your hard drive or even damaged hardware. Once you’ve ruled out other possible causes, then malware may have infected your device.

Blue screen of death (BSOD)

If your PC crashes regularly, it’s usually either a technical problem with your system or a malware infection. You might not have installed the latest drivers for your device or the programs you’re running could possibly be incompatible with your hardware. If none of these problems are apparent in your PC, then a virus could be clashing with other programs and causing your crashes.

To check what caused your last BSOD, go to Control Panel > System and Security > Administrative Tools > Event Viewer and select Windows Logs. Those marked with “error” are your recorded crashes. For troubleshooting solutions, consult forums or your IT department to figure out what to do next.

Lack of storage space

There are several types of malware that can manipulate and corrupt the files saved on your computer. Most tend to fill up your hard drive with suspicious files. Ransomware, for example, is a notorious type of malware that denies you access to your data until you pay a so-called ransom. There are more aggressive forms of ransomware, like NotPetya, known for exploiting security holes to infect computers without needing to trick users.

If you find any unknown programs that you have never installed before, notify IT personnel in person immediately (do not email them) and have them handle the situation for you. Your device might not be the only one in your network that is infected with suspicious programs.

Suspicious modem and hard drive activity

Combined with the other warning signs, if your hard disk is working excessively while no programs are currently running or if you notice that your external modem is always lit, then you should scan your computer for viruses.

Pop-ups, websites, toolbars, and other unwanted programs

Pop-ups come from clicking on suspicious pages, such as those where users are asked to answer survey questions to access a website’s service or install free applications. While they’re inherently harmless, they could be downright annoying. Refrain from clicking pop-up pages and just close them instead. Run malware scans and update your browsers.

You might think that downloading free applications is harmless, but the installation process can inject malware into your device. When you’re installing a program from the internet or even app stores, it’s easy to just skim over the terms and conditions page and repeatedly press next. This is where they get you. In the process of skipping over certain installation steps, you might have agreed to accepting a new default browser and opening unwanted websites and other programs filled with viruses. Be cautious when downloading something for free.

You’re sending out spam

If your friends are telling you that you’ve been sending them suspicious messages and links over social media or email, you might be a victim of spyware. Warn your friends not to open anything that appears to be spam and make sure to reset your passwords across all your devices and enable multifactor authentication.

Knowing how malicious software affects your computer can help you take the necessary precautions and steps to rectify the situation as soon as possible. Regardless of whether or not your system has experienced these symptoms, it’s always smart to perform regular malware scans to ensure your business is safe. To find out more about malware and IT security, contact us today.

Published with permission from TechAdvisory.org. Source.

Cybersecurity for small- and medium-sized businesses

Has your organization been hit with a data breach or ransomware recently? This happens more often than you might think to businesses of all sizes. Given the frequency, complexity, and increasing number of threats, a multi-level, agile, and cutting-edge cybersecurity strategy is the only response that will protect businesses from massive losses. Fortunately, managed IT services providers (MSPs) are filling this gap with solutions and expertise that even small businesses can afford.

The numbers

According to the Ponemon Institute’s 2018 State of Cybersecurity in Small & Medium Size Businesses (SMBs) survey, cyber attacks on SMBs have increased from 61 percent in 2017 to 67 percent in 2018. Only 28 percent of these SMBs evaluated their ability to mitigate threats, vulnerabilities, and attacks as highly effective. 58 percent of SMBs in the study experienced a data breach in the last year.
Most SMBs in Ponemon’s research said attacks against their companies had severe financial consequences. For instance, the report cited that many of them spent an average of $1.43 million because of the damage or breach of IT resources, a 33 percent increase from 2017. Disruption to operations also cost an average of $1.56 million, a 25 percent increase from 2017.

The attacks

So what types of cyberattacks on SMBs were prevalent last 2018? According to the study, the order from most to least common are as follows: phishing/social engineering, web-based attacks, general malware, compromised/stolen devices, denial of services, advanced malware/zero day attacks, SQL injection, malicious insider, cross-site scripting, and uncategorized attacks.

Why managed services?

Partnering with MSPs is the most effective way to prevent attacks and protect your business from these malicious threats. They include a full range of proactive IT support that focuses on advanced security, such as around the clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection, security awareness training, and more.
Not only that, but because managed services are designed to identify and fix weak spots in your IT infrastructure, you’ll optimize the digital backbone of your business processes. You’ll have faster network performance, a business continuity and disaster recovery strategy, as well as minimal downtime. One of the best things about managed services is that you get a dedicated team of IT professionals ready to assist you for any technology problems you may encounter. This is much more effective and budget-friendly than having in-house personnel handling all your IT issues.

Being proactive when it comes to cybersecurity is the only way to protect what you’ve worked hard to build. If you’d like to know more about how managed services can benefit your business, just give us a call, we’re sure to help.

Published with permission from TechAdvisory.org. Source.
a-closer-look

A closer look at fileless malware

To avoid detection by antimalware programs, cybercriminals are increasingly abusing legitimate software tools and legitimate programs in systems to steal data or ruin its integrity. They use fileless malware to infiltrate trusted applications and issue executables that blend in with normal network traffic or IT/system administration tasks while leaving fewer footprints. Ultimately, your business could be at risk. Let’s see why.

What is fileless malware?

Fileless malware is stored in random access memory (RAM) instead of on the hard drive. In a typical fileless infection, payloads can be injected into the memory of existing software or applications by running scripts within whitelisted or authenticated applications such as PowerShell, which is designed to automate system administration tasks such as view all USB devices, drives, and services installed in the system, schedule a series of demands, or terminate processes (i.e., Task Manager).

Because there are no files to trace, fileless malware escapes detection from most antimalware programs, especially those that use databases of precedents. Furthermore, most automated sensors cannot recognize illicit scripts, and cybersecurity analysts who are trained to identify them usually have a difficult time establishing where to start looking. Fileless malware isn’t as visible compared to traditional malware. They employ a variety of techniques to stay persistent, and can adversely affect the integrity of a business’s process and the infrastructures that run them.

Fileless malware by the numbers

Cybersecurity firm Kaspersky Lab first discovered a type of fileless malware on its very own network a couple of years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

In November 2016, attacks using fileless malware saw an uptick of 13% according to a report. In the same quarter, attacks surged 33% compared to the first quarter. During the first quarter of 2017, more PowerShell-related attacks were reported on more than 12,000 unique machines.

Kaspersky Lab uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyberattackers to withdraw undisclosed sums of cash from ATMs.

In 2018, cybersecurity firm Trend Micro detected a rising trend of fileless threats throughout the first half of the year.

Is your business at risk?

It is unlikely your business would have been targeted in the earliest stages of this particular strain of malware, but it’s better to be safe than sorry. Businesses should practice defense in depth, where multilayered safeguards are implemented to reduce exposure and mitigate damage. But apart from cultivating a security-aware workforce, what actionable countermeasures can organizations do?

While your business might not be in immediate danger, you should employ solutions that analyze trends in behavior. It is also wise to invest in a managed service provider that offers 24/7 network monitoring, proper patches, and software updates. Call today to get started.

new-scam

New scam freezes Chrome to panic users

Con artists have created a new method of deceiving Chrome users by freezing their browsers and displaying a security notification with bogus tech-support contact details. Their ultimate goal is to scare potential victims and trick them into dialing the fake hotline number on the screen.

The End Game

The scam works by displaying an error message indicating a bogus security breach incident that renders a browser unusable. These scammers capitalize on the fact that a serious crash can’t be solved by simply closing the site, thereby sending the users into a panic. This encourages them to dial the number listed on the warning message.

On the other end of the line, the scammers would pose as Microsoft or Apple representatives to convince users into surrendering their credit card details to repair a non-existing security issue. The scams are generally carried out through legitimate sites or malicious ads that have been hacked.

The Ingenious Process

This new scam operates against Chrome by corrupting the window.navigator.msSaveOrOpenBlob programming interface, which basically uses it as a form of distraction. The hackers manipulate the browser and force it to save a random document on a disk repeatedly at super fast intervals that are impossible to notice. After five to 10 seconds, Chrome will be completely unresponsive.

The Easy Fix

To recover, Windows users simply have to open Windows Task Manager (press ctrl + shift + esc keys) and stop the process there. On the other hand, macOS users just need to wait until a system message prompts them to close the unresponsive Chrome tab. Typically, the latter is a more appealing option since users would have the freedom to close only the corrupted page. Manually closing the whole browser means possibly losing unsaved files in any open Windows.

When faced with IT-related issues, you need to determine how you can approach them calmly. The threats in the digital world may be terrifying and intimidating, but causing a panic in your workplace isn’t the answer. Call us as soon as any problems arise, and we’ll help you as soon as we can. We can even hook you up with other security measures to beef up your network security.