Opinion, Ransomware

Ransomware the next big threat to data 0 1426

Avatar
Ransomware ESET East Africa

You wake up with bloodshot eyes after banging on your keyboard in the wee hours of the night to beat the deadline for a grand project. But on powering your computer the following morning, suddenly a red banner flashes on your screen coaxing you pay Ksh50,000; you are warned that failure to do so, your treasure trove of data is lost forever.

Welcome to the world of Ransomware and it is just beginning. That is ominous warning experts have given both private and public sector organisations in Kenya pointing to an imminent rise in Cyberattacks in the form of Ransomware.

The underground criminal world has devised a way to lock your data and get you to part with a tidy ransom for it. Ransomwares viruses are often disguised as innocuous emails, links or pop-ups, thereby easily hoodwinking gullible users to grant access to their system for infiltration and eventual takeover for ransom. “Anyone is vulnerable”, says Bruce Donovan, Regional Manager for ESET East Africa, a security solutions firm.

There are now multiple ransomware viruses floating around the internet. Though they typically operate like Trojan horses, infecting your computer without you knowing, only in this instance, the bugs aren’t corrupting your files, they are encrypting them.

For law enforcements agencies, governments, small and large enterprises among others, lack of access to critical data can be disastrous in terms of the loss of sensitive important information, the interference with regular operations, financial losses suffered for data restoration, and possible reputational crisis.

The TeslaCrypt ransomware has been in widespread among cybercriminals since it was launched last year. But in an unforeseen turn of events, criminals behind the ransomware released the master decryption key for TeslaCrypt. Security vendor ESET has used that key to develop a decryptor tool for TeslaCrypt and recently made free to public.

However, this does signal the end of Ransomware, criminals are increasing accessing new and more effective Ransomware. According ESET East Africa, “It is important to note that ransomware remains one of the most prevalent forms of internet threats and prevention is essential to keep users safe. Therefore, users should keep their operating system and software updated, use a reliable security solution with multiple layers of protection, and regularly backup all important and valuable data at an offline location.”

Donovan explains that just like with many maladies plaguing human kind, prevention is often the best medicine to tackle the threat of Ransom Attacks. “This calls for continuous and earnest education of ICT services consumers”, he says.

Cybercrime remains a lucrative enterprise. To keep ahead of their game, criminal gangs invest a lot of time in research and development to contrive new forms of attacks, with Ransomware becoming their favourite pass time.

This is particularly so, in this age of social media where through Social engineering techniques, criminals are able to evolve faster than the markets. Social engineering refers to the psychological manipulation of people into performing actions or divulging confidential information.

And herein lies the dilemma, as the East African region forges ahead economically, and continues to attract new investments and interest from global companies, hackers are following the money.

This calls for added vigilance by private sector organisations and governments and who are more likely to fall victims of a ransom attack. Critical is to be aware of the vulnerability in the first place, since many attacks are disguised as legitimate links and prompts.

“In our experience we have found that very few organizations invest in testing out risk scenarios as well as back up and disaster management and recovery solutions – the best tool available in response to ransomware threats, other than data encryption technologies,” says Mr. Donovan.

Previous ArticleNext Article

3 Ways Scammers Are exploiting Coronavirus Fears 1 2561

Avatar
Types of Scams

From malware-laden emails to fake donations, these are some of the most common cons you should watch out for amid this public health crisis

It’s beyond reasonable doubt that the COVID-19 disease has transformed itself into a pandemic that has thrown the world into a tailspin. Panic is palpable than ever before, and as a result, has led to market closures, travel bans, lockdowns, and panic buying.

Unfortunately, cybercriminals are taking advantage of this chaotic situation to defraud the vulnerable. With more than 60,000 deaths witnessed across the globe due to the virus, fraudsters are finding an opportune moment for launching their fraudulent campaigns, usually disguised as humanitarian interventions.

Therefore, the big question is, how do you sniff potential scammers a mile away? Fret not, in this post, we share some of the common despicable tactics (as identified by the ESET research team) that are currently being used by scammers to defraud innocent souls.

  1. Malicious News

To appear as convincing as possible, the current retinue of scammers have resorted to impersonating authoritative sources, especially those concerned with disseminating news regarding the virus. Such include the world health organization (WHO) among many other firms.

As such, they will send you emails purporting to come from these sources that contain “vital information” regarding the disease to hoodwink you into clicking on their malicious links. Usually, such links may steal your personal information, install malware on your machine, or try to capture your password and login credentials.

Nevertheless, the good thing is that most of these organizations are aware of such fraudulent activities. And in a bid to end them, have come to the open regarding the issue. For instance, the WHO, on its website, offers advice on how it communicates and also elaborates on what to expect from their official emails.

As an example, one of the significant points reads:

“Make sure the sender has an email address such as ‘person@who.int’. If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO. WHO does not send emails from addresses ending in ‘@who.com’, ‘@who.org,’ or ‘@who-safety.org,’ for example.”

What’s more, the organization advises that all its web content starts with https://www.who.int/ only, no other domain is used.  Therefore, be sure to check on the URL of the email sent to you before clicking on it. If in doubt, input the address directly onto your browser to get the results. Most importantly, the WHO cannot start sending you emails without your subscription or prompt. 

On the other hand, if you wanted the real news regarding the pandemic, you can visit the dedicated WHO site or head to your national health care institution’s website. For instance, the National Health Service if you are a United Kingdom resident or Center for Disease Control and Prevention if you live in the US.

Alternatively, you can get real information from your usual trusted sources, but not from unsolicited emails.

In another case (as shown in the image below), the fraudsters are trying to impersonate the wall street journal by establishing a visually similar site (phishing site).

From the image, you can notice that the URL starts with ‘worldstreet’ while the wording on the webpage indicates ‘world street,’ which is a red flag.

By creating such a site, they trick people into believing that they are the real wall street journal, therefore gain some revenue from the advertisements placed there. Though the site may not track your credentials, the money generated goes to the wrong hands.

2. Appeal for donation

In another attempt to outsmart the would-be victims, cybercriminals are now packaging themselves as “genuine souls” out there to help in the war against the virus.  For instance, in a recent scam, fraudsters were attempting to persuade their audience to contribute towards the development of a vaccine for children in China.

An interesting fact about this example is that the perpetrators are riding on the popularity of an existing campaign by re-purposing its content with Coronavirus details. In another 2019 publication, we talked about how criminals were threatening their victims in an attempt to extort money from them.

Often, such corona themed scams will request you to send your donations in the form of bitcoins to a particular fraudster’s wallet. Though the trick might work on a few people, if done on a global scale can rake in colossal sums of money, which makes it attractive to the criminals.

3. Dubious purchases

The increasing demand for particular products such as face masks and hand sanitizers due to the pandemic has resulted in their short supply. Naturally, this has attracted fraudsters who, according to Sky News, have conned around £800,000 (US$1 million) from United Kingdom residents within February alone.

In an attempt to steal your money, the fraudsters will send you spam emails purporting to help you secure face masks. In case you unwittingly click on the provided links, your financial and personal credentials will be revealed to the fraudsters.

Therefore, you should always be on the lookout for such claims, and only purchase such items from a trusted dealer.

Final thoughts

These are examples of a few tactics currently being used by cybercriminals in their attempts of defrauding people their hard-earned money as a result of the current confusion brought about the COVID-19 stalemate.

Thus, as a business or individual, you need to remain vigilant regarding such antics, not only during such emergencies but also during other times.

As a way of minimizing your chances of falling victim to such schemes, you can always practice some of the following basics:

  1. Be worrisome of emails containing alarming messages regarding the pandemic and the need for immediate action; for instance, ordering for a vaccine or cure via the provided links.
  2. Avoid replying to unknown messages requiring your credentials; for example, those needing your bank details and identification number, among other sensitive information.
  3. Be proactive at identifying potential crowd-funding or fraudulent campaigns.
  4. Utilize well-known multi-layered security software, which includes protection against phishing.

More Importantly, ESET has been here for you for over 30 years. We want to assure you that we will be here to protect your online activities during these uncertain times, too.

Protect yourself from threats to your security online with an extended trial of our award-winning software.

Try our extended 90-days trial for free.

5 Surefire Ways To Create a Cybersecure Home Office Experience 0 1221

Avatar
Man working on computer at home

For the next few weeks, you will probably find yourself working from home due to the coronavirus. Make sure you don’t forget about cybersecurity best practices that can help defend you against a cyberattack.

It’s no longer a secret that the current upsurge of the Coronavirus pandemic has disrupted normal operations in a lot of companies. An increasing number of workers are being forced to work from home or any other convenient places away from their company premises.

However, due to a sharp increase in the search volumes for the term Coronavirus, malicious developers are updating their toolkits with malicious links, sites, and Coronavirus-themed scams to capitalize on unsuspecting victims.

Therefore, as an employee working from home, you need to enforce adequate measures to counter such cybercrime threats. In this post, we take a look at five sure tips that can help you secure your home network. Let’s dig in!

1.     Check the default settings in your home router

Your home router is the engine of your home network. Without it, your PC can’t communicate with others on the net. This makes them a primary target for any cybercriminal out there.

In most cases, hackers will try to hack into your home router, and if successful, hijack your Wi-Fi traffic and finally have access to your network.

To prevent such an occurrence, you need to check your router’s settings and change the defaults. This means that you will first need to gain access to your router’s control panel before you make the changes.

Here are the steps:

  1. Open your browser and switch on your home network
  2. Type something like http://192.168.1.1 in your browser
  3. From the router configuration center page, you will be directed to change all the settings that can affect your security. For instance, your default user-names and passwords currently in your router. 
  4. Change your SSID (name of your home network), which stems from the fact that cybercriminals can use it to launch an attack. Case in point, taking a look at the SSIDs of Wi-Fi networks detected from my apartment shows that many of my neighbors are using Huawei routers; which can be free fodder for an attacker.
Screenshot of wi-fi networks on home laptop

To create strong and unique passwords, you can utilize the ESET password manager. One significant advantage of using such is that you don’t need to remember a lot. A single long phrase can be used to manage all your other account passwords with a few clicks.

Screenshot of ESET Password Manager on home laptop

2.     Kick-off any unwanted devices from your home network

Unrecognized devices hovering around your home network pose a significant threat to your system, as they can access your vital documents and credentials without your knowledge.

To fix this situation, you can subscribe to ESET Smart Security Premium, where you’ll enjoy the services of a home connected scanning tool, which can identify pesky neighbors who have been secretly using your Wi-Fi connection. After which you can flush them out from your network and finally change your passwords.

Screenshot of ESET Smart Security Premium on home laptop

3.     Get the latest firmware for your home router – or purchase a new one in case you have a legacy router

A recent discovery by the ESET team of how Wi-Fi chips are vulnerable to attacks brings to the fore, the importance of continually updating your home router’s system software to the latest manufacturer’s standards.

If you discover that you’re utilizing a legacy router, then it’s time you should opt for a new home router.

As a rule of thumb, grab one that has better security measures; such as those from the Gryphon brand that integrates threat intelligence.

This impressive technology provided by ESET enables the router to detect and block malware, phishing sites, as well as other threats that might invade your home network system.

For more information about the current configuration options for your home router, you can check out this blog post.

4.     Communicate through a virtual private network

To discreetly pass information over public networks to evade the ever-present prying eyes, you can enlist the services of a VPN.

It provides a safe tunnel for communication by encrypting your data and sending them in small packets across the network. Decryption only happens at the end of the tunnels, which ensures that your data is safe. 

5.     Make use of the two-factor authentication (2FA) to secure your remote access

Factually, the Remote desktop protocol (RDP) responsible for the security of remote systems has often been prone to attacks, especially where no proper protection is in place.

Cybercriminals, for instance, can hack a system’s RDP through brute-forcing their way in or social engineering passwords out of employees.

Fortunately, with technology such as the ESET Secure Authentication or ESET’s two-factor authentication (2FA) solution, you can secure doubly remote access technologies such as the RDP and VPN, as well as employee credentials.

The double layer of protection emanates from the fact that a 2FA solution requires an employee to enter a one-time code that is delivered to them through an authentication app or SMS, in addition to the usual corporate user-name and password.

As a result, an attacker can not have access to your information or credentials even if they compromise your password.

Final thoughts

Having a cyber secure home office is the way to go if companies are to realize their end goals without suffering significant setbacks due to the prevalent data security threats. ESET has been here for you for over 30 years. We want to assure you that we will be here to protect your online activities during these uncertain times, too. Protect yourself from threats to your online security with an extended trial of our award-winning software.

Try our extended 90-day trial for free.