Ransomware the next big threat to data 0 751

Ransomware ESET East Africa

You wake up with bloodshot eyes after banging on your keyboard in the wee hours of the night to beat the deadline for a grand project. But on powering your computer the following morning, suddenly a red banner flashes on your screen coaxing you pay Ksh50,000; you are warned that failure to do so, your treasure trove of data is lost forever.

Welcome to the world of Ransomware and it is just beginning. That is ominous warning experts have given both private and public sector organisations in Kenya pointing to an imminent rise in Cyberattacks in the form of Ransomware.

The underground criminal world has devised a way to lock your data and get you to part with a tidy ransom for it. Ransomwares viruses are often disguised as innocuous emails, links or pop-ups, thereby easily hoodwinking gullible users to grant access to their system for infiltration and eventual takeover for ransom. “Anyone is vulnerable”, says Bruce Donovan, Regional Manager for ESET East Africa, a security solutions firm.

There are now multiple ransomware viruses floating around the internet. Though they typically operate like Trojan horses, infecting your computer without you knowing, only in this instance, the bugs aren’t corrupting your files, they are encrypting them.

For law enforcements agencies, governments, small and large enterprises among others, lack of access to critical data can be disastrous in terms of the loss of sensitive important information, the interference with regular operations, financial losses suffered for data restoration, and possible reputational crisis.

The TeslaCrypt ransomware has been in widespread among cybercriminals since it was launched last year. But in an unforeseen turn of events, criminals behind the ransomware released the master decryption key for TeslaCrypt. Security vendor ESET has used that key to develop a decryptor tool for TeslaCrypt and recently made free to public.

However, this does signal the end of Ransomware, criminals are increasing accessing new and more effective Ransomware. According ESET East Africa, “It is important to note that ransomware remains one of the most prevalent forms of internet threats and prevention is essential to keep users safe. Therefore, users should keep their operating system and software updated, use a reliable security solution with multiple layers of protection, and regularly backup all important and valuable data at an offline location.”

Donovan explains that just like with many maladies plaguing human kind, prevention is often the best medicine to tackle the threat of Ransom Attacks. “This calls for continuous and earnest education of ICT services consumers”, he says.

Cybercrime remains a lucrative enterprise. To keep ahead of their game, criminal gangs invest a lot of time in research and development to contrive new forms of attacks, with Ransomware becoming their favourite pass time.

This is particularly so, in this age of social media where through Social engineering techniques, criminals are able to evolve faster than the markets. Social engineering refers to the psychological manipulation of people into performing actions or divulging confidential information.

And herein lies the dilemma, as the East African region forges ahead economically, and continues to attract new investments and interest from global companies, hackers are following the money.

This calls for added vigilance by private sector organisations and governments and who are more likely to fall victims of a ransom attack. Critical is to be aware of the vulnerability in the first place, since many attacks are disguised as legitimate links and prompts.

“In our experience we have found that very few organizations invest in testing out risk scenarios as well as back up and disaster management and recovery solutions – the best tool available in response to ransomware threats, other than data encryption technologies,” says Mr. Donovan.

Previous ArticleNext Article

5 Surefire Ways To Create a Cybersecure Home Office Experience 0 407

Man working on computer at home

For the next few weeks, you will probably find yourself working from home due to the coronavirus. Make sure you don’t forget about cybersecurity best practices that can help defend you against a cyberattack.

It’s no longer a secret that the current upsurge of the Coronavirus pandemic has disrupted normal operations in a lot of companies. An increasing number of workers are being forced to work from home or any other convenient places away from their company premises.

However, due to a sharp increase in the search volumes for the term Coronavirus, malicious developers are updating their toolkits with malicious links, sites, and Coronavirus-themed scams to capitalize on unsuspecting victims.

Therefore, as an employee working from home, you need to enforce adequate measures to counter such cybercrime threats. In this post, we take a look at five sure tips that can help you secure your home network. Let’s dig in!

1.     Check the default settings in your home router

Your home router is the engine of your home network. Without it, your PC can’t communicate with others on the net. This makes them a primary target for any cybercriminal out there.

In most cases, hackers will try to hack into your home router, and if successful, hijack your Wi-Fi traffic and finally have access to your network.

To prevent such an occurrence, you need to check your router’s settings and change the defaults. This means that you will first need to gain access to your router’s control panel before you make the changes.

Here are the steps:

  1. Open your browser and switch on your home network
  2. Type something like http://192.168.1.1 in your browser
  3. From the router configuration center page, you will be directed to change all the settings that can affect your security. For instance, your default user-names and passwords currently in your router. 
  4. Change your SSID (name of your home network), which stems from the fact that cybercriminals can use it to launch an attack. Case in point, taking a look at the SSIDs of Wi-Fi networks detected from my apartment shows that many of my neighbors are using Huawei routers; which can be free fodder for an attacker.
Screenshot of wi-fi networks on home laptop

To create strong and unique passwords, you can utilize the ESET password manager. One significant advantage of using such is that you don’t need to remember a lot. A single long phrase can be used to manage all your other account passwords with a few clicks.

Screenshot of ESET Password Manager on home laptop

2.     Kick-off any unwanted devices from your home network

Unrecognized devices hovering around your home network pose a significant threat to your system, as they can access your vital documents and credentials without your knowledge.

To fix this situation, you can subscribe to ESET Smart Security Premium, where you’ll enjoy the services of a home connected scanning tool, which can identify pesky neighbors who have been secretly using your Wi-Fi connection. After which you can flush them out from your network and finally change your passwords.

Screenshot of ESET Smart Security Premium on home laptop

3.     Get the latest firmware for your home router – or purchase a new one in case you have a legacy router

A recent discovery by the ESET team of how Wi-Fi chips are vulnerable to attacks brings to the fore, the importance of continually updating your home router’s system software to the latest manufacturer’s standards.

If you discover that you’re utilizing a legacy router, then it’s time you should opt for a new home router.

As a rule of thumb, grab one that has better security measures; such as those from the Gryphon brand that integrates threat intelligence.

This impressive technology provided by ESET enables the router to detect and block malware, phishing sites, as well as other threats that might invade your home network system.

For more information about the current configuration options for your home router, you can check out this blog post.

4.     Communicate through a virtual private network

To discreetly pass information over public networks to evade the ever-present prying eyes, you can enlist the services of a VPN.

It provides a safe tunnel for communication by encrypting your data and sending them in small packets across the network. Decryption only happens at the end of the tunnels, which ensures that your data is safe. 

5.     Make use of the two-factor authentication (2FA) to secure your remote access

Factually, the Remote desktop protocol (RDP) responsible for the security of remote systems has often been prone to attacks, especially where no proper protection is in place.

Cybercriminals, for instance, can hack a system’s RDP through brute-forcing their way in or social engineering passwords out of employees.

Fortunately, with technology such as the ESET Secure Authentication or ESET’s two-factor authentication (2FA) solution, you can secure doubly remote access technologies such as the RDP and VPN, as well as employee credentials.

The double layer of protection emanates from the fact that a 2FA solution requires an employee to enter a one-time code that is delivered to them through an authentication app or SMS, in addition to the usual corporate user-name and password.

As a result, an attacker can not have access to your information or credentials even if they compromise your password.

Final thoughts

Having a cyber secure home office is the way to go if companies are to realize their end goals without suffering significant setbacks due to the prevalent data security threats. ESET has been here for you for over 30 years. We want to assure you that we will be here to protect your online activities during these uncertain times, too. Protect yourself from threats to your online security with an extended trial of our award-winning software.

Try our extended 90-day trial for free.

Ransomware Protection Crucial to Enterprise 0 742

Ransomware

Ransomware is by far the biggest threat among Enterprises.  So what is Ransomware? It is a malicious code that blocks or encrypts the contents of a device and demands a ransom to restore access to the data.

According to research done by ESET,  Companies named ransomware their number one concern.

In response to customer needs and concerns, ESET integrated Ransomware Shield into its security solutions. ESET has long been providing its customers with very good behavior-based malware detection and also with Host-based Intrusion Prevention System (HIPS) that allows users to set custom rules for the protection against ransomware. However, should something slip past the 11 other security layers, Ransomware Shield will be automatically activated.

While ransomware infection often starts with clicking a suspicious link or a fictitious invoice, ESET found that email remains the most common distribution method.

To combat these scenarios, enter ESET Dynamic Threat Defense (EDTD). EDTD provides another layer of security for ESET products like Mail Security and Endpoint products. It utilizes a cloud-based sandboxing technology and multiple machine learning models to detect new, never before seen type of threats. In result, attachments that were classified as malicious are stripped off the email and the recipient gets information about the detection.

To learn more about how ESET can protect your business, and to book a FREE in house Cybersecurity Training Session for your employees, please sign up below.

Free Training