Bad Rabbit: How To Protect Yourself From The Ransomware Attack

13th Nov 2017

The economies worldwide are increasingly progressing towards digitalization with large number of business organizations marking their online presence. Everything and almost anything is there on the web which had made businesses more prone to cyber security threats. No industry seems to be immune, which is clearly evident in reports of Kaspersky Lab that states that every 40 seconds a company is hit by a ransomware.

Bad Rabbit is the latest of all and has hit over 200 organizations and consumers all across Russia, Bulgaria, Turkey as well as some parts of Europe. It started off on October 24 and has mainly targeted news and media websites. However, the real name of bad rabbit is Diskcoder.d and the malware is quite similar to Petya which was caused by Diskcoder.c.

How Does It Spread –

The malware enters the user’s network when the user installs Adobe Flash Player from a website that is hacked. Soon after the fake flash installer corrupted with malicious malware is run on the system and all files are encrypted.
A ransom note then appears on their screens and the users are asked to pay 0.05 bitcoins within 41 hours to get the decryption key. If the payment is not made on time, then the ransom amount increases and the user is forced to pay more.

Also the hackers behind Bad Rabbit seem to have great interest in Games Of Thrones as one can find trails of Viserion, Rhaegal, Drogon and the other characters based on the servies in the code. Also they select their targets and infect only intended systems.

How To Protect Yourself –

  • Create Shadow Copies – It is possible to recover the files if the shadow copies exist, as the malware does not delete or encrypt them. The files can be recovered through 3rd party utilities or by using Standard Windows Mechanism.
  • Password Protection – Do not use too simple usernames and passwords as they pose a serious threat to cyber security.
  • Software – Ensure that you have Windows Security Bulletins installed on your system.
  • File Extension – To save themselves from the malware users must block the execution of the file ‘c: \ windows \ infpub.dat, C: \ Windows \ cscc.dat.’
  • Anti-Virus – Install Anti- virus that can protect you against such malevolent malwares.
  • Back Ups – It is important to maintain back-up of all your important files which can be kept either offline or online. Also make sure that you update your systems every now and then.
  • Download From Trusted Sources – Do not execute or download any updates from an untrusted source. Often the ransomware is disguised as an Adobe Flash update but is actually a malware which is injected in the user’s system when once it is downloaded.
  • Restrict User Privileges – Grant minimum user privileges and give administrator rights to trusted employees only.
    It is advisable to take necessary preventive steps well in advance to avoid such cyber-attacks at the first place.

We at Centex Technologies, provide complete IT Infrastructure Security Solutions to Corporates. For details, call Us at (254) 213-4740 .

,

Privacy Concerns Surrounding Big Data

30th Oct 2017

A lot of information and data is there on the web, and even more inundates into the network each day. For organizations collecting data from individuals, it is of vital importance that proper security measures should be in place to prevent misuse of information. International Data Corporation (IDC) has predicted that that by 2020 more than 1.5 billion people would be affected by data invasion, which is indeed worrisome.

For individual victims, data breach can result into loss of confidential information. Whereas for companies, data breach or loss of valuable customer information can erode business image and result into loss of market share as well as customers, owing to mistrust and lack of confidence.

Here we have listed certain privacy concerns surrounding big data that you need to be aware of.

Privacy Breaches – Organizations collect a large volume of data each day. This data is generally analyzed by businesses to provide customized services to their clients or to have better understanding of customer segments. The results can be catastrophic if this data, which may include personal or financial information of customers is compromised. There have been instances in past where hackers invaded the data sources of large firms and exploited it, which thereby brought in a lot of embarrassment to the company.

Favoritism /Discrimination – Big data analytics can be used for discriminating or favoring a particular person which is ethically wrong. It impedes the true objective of big data.

Defeat The Purpose Of Data Masking – Data Masking refers to creating a proxy version of an individual’s data. It is to protect the actual data by decoding or hiding it with random characters. However, if this is not done properly, the actual purpose of data masking is defeated altogether as privacy can easily be encroached.

Unauthorized Use Of Information –  Big data analytics is a common phenomenon today, which on one hand has helped quite a few industries, and on the other has increased the potential for large- scale thefts and unauthorized use of sensitive data. It is important to safeguard vital information by taking proper security measures.

Loss Of Control Over Private Information – Once there is a data breach, your private information does not remain private anymore. If the information is floated over, there are chances that there would be absolutely no way to retain its spread over the web.

Unwanted Data Inferences – Data collected from various sources is contemplated to make data inferences. The documented information from different sets of data is co-related to discover hidden patterns which may reveal certain behavioral inferences of individuals involved in the data study.

Today, we cannot boycott technology, even if we do it does not guarantee us that our private information shall stay secure and protected. The only way is be aware of the potential risks we are exposed to, so that necessary preventive steps can be taken well in time.

,

Top Cyber Security Threats

View Full Image

,

Most Commonly Clicked Phishing Email Subject Lines

18th Oct 2017

Phishing emails with clickbait subject lines are increasingly being used to elude security filters and gain access to computer systems. According to Verizon’s 2017 Data Breach Investigations Report, two-thirds of all malware were installed via email attachments in 2016. 60% of malware were packaged in JavaScript attachments, while 26% were packaged in malicious macros embedded in Microsoft Office documents.

To avoid any phishing attacks you need to keep pace with the hackers who are coming up with dynamic new ways for launching a cyber-attack.  Email is the most widely used channel for a phishing attack because it is relatively easier to dupe people by sending fraudulent emails and trap them. They disguise as legitimate persons or companies and through fraudulent emails, direct users to a fake website in order to request for sensitive information and credentials.

These phishing emails, generally use subject lines, which encourage users to open email and click on link in it. Here we have listed some commonly clicked phishing email subject lines for you to take notice.

Social Media Email Subject lines –

  • Free Pizza – Who wouldn’t want one, but it comes at the cost of security breach. Hackers tend to play with human psyche as the word FREE is always appealing, and when the receiver opens the mail, they exploit it for their own benefits.
  • A message from your friend – Hackers sometimes use social engineering tactics to find out names of your close friends and relatives. They impersonate your acquaintances and send you an email which contains malware, to access your private information.
  • Reset Password
  • New message
  • Login alert
  • Unread Message
  • New Voice message
  • Account Validation Required

General Email Subject Lines –

  • Security Alert
  • UPS Label Delivery 1ZBE312TNY00015011
  • Urgent Action Required
  • BREAKING: United Airlines Passenger Dies from Brain Haemorrhage – VIDEO
  • A Delivery Attempt was made
  • All Employees: Update your Healthcare Info
  • Unusual sign-in activity
  • Your Bank Account will be Deactivated: Online Banking ALERT
  • Ready for your beach vacay?
  • You have won a Lottery
  • Direct Deposit of payment in your account
  • Bank transfer of 75000 USD
  • Your order #335515 placed on Sunday is paid.

What are the ways to avoid Phishing emails?

Educate yourselves and your employees about the phishing techniques and cognize them about ways to identify dubious mails. Do not click on random links sent in an email from an unauthorized sender, and to verify a site’s security, ensure that the site’s URL begins with ‘https’. Also avoid entering any personal information unless you are cent percent sure that the mail is sent by a trusted sender. Also make sure that you install an antivirus software on your system and use high quality firewalls.

,

Locky Ransomware: How It Infects Systems And How To Stay Safe From This Virus

12th Oct 2017

Albert Einstein’s quote, “Our Technology has surpassed our humanity” truly represents the repugnant condition of our society today with cyber-attacks taking a toll on the entire world. Each day hackers are coming up with sophisticated technologies and malwares to counterfeit the security solutions being launched by the companies. A recent malevolent program that has hit the cyber industry is Locky ransomware that literally LOCKS away your files, until you pay ransom to decrypt them. It came forth in February 2016 and has been active since then.

How It Infects Systems

Usually sent through an email containing infected word or excel attachments, it is a malware that affects almost all versions of Windows. The malicious email contains a balderdash word document in encrypted form. Further the user is asked to enable macros to encode the incorrect data and that is when the real trouble starts.

Then actual encryption Trojan is downloaded with an intent to encrypt all the targeted files using AES encryption algorithm. All the filenames are converted into .locky file extension. These files cannot be operated by normal programs when once enciphered. The user is then sent ransom notes demanding 0.5 – 1 bitcoins in return of a decryption key.

Email: The Most Preferred Channel

Locky malware is generally sent via a word document attached in an email because it is the easiest way to trap and dupe the users. AppRiver, email and web security experts in one of their reports about it quoted, “In the past 24 hours we have seen over 23 million messages sent in this attack, making it one of the largest malware campaigns that we have seen in the latter half of 2017.”

How To Stay Safe From This Ransomware –

  • Regular Backups – The best way to safeguard yourself is to take regular backups either online or offline. Keep your backup data in encrypted form to ensure that it does not fall into wrong hands.
  • Be Wary About Suspicious Attachments – If you are sent an unusual email from an unauthorized sender make sure you do not open it. Attackers can masquerade and send you unsolicited emails containing malware. Beware of files with double extensions ending with .exe as there are higher chances of it containing virus.
  • Do Not Enable Macros – Ransomware is usually sent to the user in the attached encrypted file, which persuade them to enable macros resulting in files bring encrypted by locky. Make sure you do not enable macros for emails send by an unknown source. Also permanently keep the default Microsoft macros disabled.
  • Update Your System – Regularly updating and patching your system and applications can help you to prevent the attack to some extent.
  • Microsoft Office Viewers – Install the app on your system, as it allows you to view what documents look like without actually opening them.

It is important to adopt all security measures well in advance and educate yourself and your employees about Locky ransomware attack to prevent it in the first instance.

For more tips on preventing Locky Ransomware, feel free to contact Centex Technologies at (855) 375 – 9654.

,