Ransomware – Here’s all you need to know about this dangerous malware

Blog - laptop image with 'help' sign

Ransomware is fundamentally the automation and monetisation of exploiting existing security vulnerabilities. An organisation will take a position on security and typically those with a more mature security posture have fared much better in ransomware attacks, whilst those with poor security have struggled to recover after an attack, and will usually attempt to implement proper “security” measures after the incident, but by then, it is too late.

Interestingly, a recent poll conducted by CRN in 2017 on what is stopping Australian’s from preparing for cyber-attacks found that 69% attributed it towards complacency, 18% towards awareness, and 12% towards cost. However, that’s not to say that revenue considerations should take a back seat, as from this graph on the cost of cybercrime in Australia, repercussions could be enormous, depending on the business size of the victim.

infographic - cybersecurity costs in Australia - long version

Ransomware uses three primary delivery methods to ruin your day. 

Firstly, email is by far the most common method of ransomware penetrating your systems, with cunningly designed emails to trick you into clicking a malicious link, or opening a malicious document. Email security has been an industry problem for a long time. The challenges are well understood, but they are difficult to solve. We’ll be going into more detail about email security in a future post.

The second is through compromised or malicious websites (e.g. advertising networks). Often, the user is enticed to click on these through a phishing email. These attacks exploit vulnerabilities in browsers, or more commonly, browser plugins, with flash and java being the most common targets.

The third entry point is through brute force attacks. Anyone who enables remote access and pays attention to the log files will see that within minutes, there are large volume of login attempts trying to guess legitimate user credentials. Once the attacker gains entry they can launch a manual attack. This is often the most damaging as the attacker can take some time to identify backup systems and other high value internal targets, then attack those as well, resulting in the victim being more likely to pay the ransom. If your data and backups are gone, you have no other choice but to pay the ransom in order to be able to retrieve your data again. In some instances, even after payment, companies will still not be able to access their systems and/or documents.

What to expect?

An observation from following the evolution of ransomware has been that today’s sophisticated attack is tomorrow’s automated ransomware. We have seen with Petya/Not Petya that the lateral movement techniques used by attackers have been automated to devastating effect.

Modern ransomware will obliterate a network, as WannaCry and Petya have demonstrated. A successful attack will no longer be restoring a few file shares and a single infected PC, it will be a rebuild of every single vulnerable system on a network. This has played out recently with large organisations being offline for days and their IT teams working around the clock to restore services.

How to protect your business

There are many different types of ransomware that attack different vulnerabilities – you need to protect your business against all of them.

The Australian Signals Directorate published a very useful guide to mitigate threats, most of these are relevant to almost all organisations, but will require investment of time and resources. This should form the basis of an information security policy. Anittel can help you identify what is suitable for your business.

Robust and regularly tested backups are extremely important for a healthy and secure business. Many ransomware victims fail to get data back after paying the ransom and restore is often the only choice. You hope to never have to use it, but will be thankful if you do. Patching systems to close vulnerabilities is also crucial, this can assist with preventing the spread of worm type ransomware that has appeared recently.

To protect against common ransomware threats today, there are three easy, cost effective but important controls you can implement. They are email filtering, web content filtering and a modern, effective endpoint security package. Learn more about these controls here.

Anittel Managed IT Services includes password management, patching and backups. Our team will work with you to develop a technology strategy that includes secure remote access and cloud technology as appropriate.

Do you know how vulnerable your business is? We can show you, and we can help you.

Ransomware has historically been an issue that’s not pre-empted until it’s too late. With the recent global WannaCry and Petya attacks, a spotlight has been shone on Ransomware, highlighting it as one of the biggest upcoming cybersecurity threats in the technology landscape. However, it seems that most people are still unaware of its basic features: what it is, how it attacks, and how it can be prevented.

Anittel and Cisco have compressed all the information you need to know about Ransomware into a free 30-minute webinar. In this short and simple session, we will be covering what you need to know about Ransomware (and how seriously it can affect your revenue, reputation, and regulatory obligations), and how we can help you be more prepared.

Interested? You can learn more about the webinar or simply register yourself by visiting this page.

Have a question? Send us an enquiry here and we’ll get back to you as soon possible.

 

Joel Bruce

Engineering Manager, QLD

Why You Need to Protect Your Business From Cyber-Attacks

two women looking at computer screen

Cyber-attacks are becoming increasingly common, with malicious software such as Ransomware lurking in the shadows of the Cloud. Being attacked can lead to serious consequences that can damage your business’s revenue and reputation, so there is an increasing need to understand that precautions are required to avoid falling victim to cyberattacks. To evaluate what kind of risk your business is facing, download our free Ransomware checklist which will advise you in a few simple steps just how susceptible you are to a ransomware attack.

There is good news though. There are many secure and strategic business IT solutions to protect your business. Below, we cover off three important reasons why you need to consider implementing defense mechanisms against the increasingly dangerous internet landscape.

Revenue

Think about it. How much would it cost your business to be down for an hour, a day or even a week? Statistics by the Australian Government has shown that the average time to resolve an attack is 23 days. We tend to think things like this only happen to others, but according to a survey by Symantec, 1 in 5 Australian small and medium businesses (SMBs) have been impacted by a cyber-attack.

Reputation

Having your customer and other sensitive data hacked and shared can severely damage your brand and reputation. John Stewart, CSO of Cisco claims that a data breach is inevitable if you’re not protected. “You’re eventually going to be hit. It’s not worth the effort of thinking you won’t be hit. It’s no longer a relevant conversation.”

Google and McAfee estimate that there are 2,000 cyber-attacks every day around the world, costing the global economy approximately $400m a year. That’s a lot of data breaches and a lot of unnecessary costs.

We all know reputation matters a lot. It’s something that takes an investment of time and effort to build, but can be irreparably damaged in one swift cyberattack. While it’s true that companies have multiple reputations and not all stakeholders will be concerned about the same risks, it’s crucial to learn from mistakes (yours, and others) because repetition is not an option. Your company’s reputation will depend on the longevity of the incident, which will be determined by the size of the breach, the number and type of stakeholders, and the speed of response.

Regulatory

Earlier this year, Australians saw the passing of the Notifiable Data Breaches Bill. This means that in the future, any organization that is accountable to the Privacy Act will be required to inform the Australian Information Commissioner and members of the public if their data has been breached. This legislation applies to any business that turns over more than $3m.

As Chris Ford, CTO of Inabox Group has mentioned, “As custodians of their customers’ data, businesses shouldn’t need to be regulated into best practice, but the history of how people have handled breach notification would tell us otherwise. However, now that people will be forced to disclose in a timely manner, they can no longer ignore risks to privacy within their organisations.”

The implementation of stricter cyber security has been long overdue, and the passing of the legislation is a big step forward for consumers.

 

Not entirely convinced about a security product suite to protect your business and want to learn more about what security protection programs can do for you? Anittel is currently running a ‘14-day Free Trial’ for Cisco Umbrella, which is a component of Managed IT Security product suite. This trial will provide you with experience with a cloud-delivered network security service that blocks malware and phishing attacks on any device. Contact us to speak to one of our knowledgeable staff about how you can take advantage of this great offer. Or, if you want to learn more, or simply register yourself, click here.

 

The Anittel Security Team

Why Migrate to Microsoft Office 365 and How You Can Benefit From Using a Managed Service Provider

blog image - birds eye view of office workers using technology

Life is busy for everyone and businesses face these same challenges. One of the most compelling products available for businesses in today’s market is Microsoft Office 365, with an ever-increasing number of applications that make up the advanced suite of packaged software that is targeted to today’s businesses. Providing industry leading applications that can handle email, calendar reminders and sharing, project management, spreadsheet manipulation and so much more, it is a clear leader in introducing cloud computing to the masses.

But with all the options that this great new product offers, where do businesses start when they have decided to move forward? Most businesses are choosing to partner with a managed services provider to organise the migration, data transfer, data backups and all the other components that are requirements for moving to a new platform.

What makes Microsoft Office 365 the right solution for your business?

Anyone with a computer can Google what Office 365 is, but that will not tell you why it’s the right choice for your business. There are a number of factors that businesses will take into consideration when selecting a new application or software package and few are as important as the suitability of the productivity tools being considered.

Suitability is one of the most important considerations that a business must make and when you have one of the largest office application suites in the market, that is available as a monthly operational expense, then there is nothing that compares to Microsoft Office 365 suite of products. Bundled into the packages offered by Microsoft are downloadable Microsoft applications such as Outlook, Word, Excel and all the other common Microsoft applications that most businesses rely on, many of which are able to be installed on multiple devices, while also offering web based versions of most of the applications for staff who may share devices or work remotely to use from a browser on almost any device.

There are packages to accommodate almost any office environment. Whether that is a sole trader with the simple requirement to send and receive email securely or a large corporation that needs to work on shared spreadsheets and documents, there are options that are supported by this platform. All of this is provided from some of the most secure data centres that are located on Australian shores, meaning that even businesses with strict data sovereignty requirements are generally catered for when implementing Microsoft Office 365.

It really is one of the most versatile productivity tools for a business to have and it’s that reason that it’s important to configure Office 365 to suit your business requirements to meet your business outcomes.

The right Professional Managed Services provider can make the journey painless

Every business has its strengths and many that are considering the migration and implementation to Office 365 generally will not have the resources available in house to plan, manage and execute a seamless migration to Microsoft Office 365. It is for that reason that businesses should partner with an experienced managed service provider for the journey, to minimise issues that may arise during the process of moving to the new platform.

Having the right migration partner is key to a quality deployment and staff satisfaction, which will impact on the staff uptake on the businesses new productivity suite. Many businesses have found that poor planning and execution of new applications has led to poor staff adoption and affected the businesses ability to deliver its core services. This is a serious consideration for any business, as lost productivity, staff satisfaction and poorly configured tools will generally affect the business as a whole.

How do you move forward and know that you are making a business decision that will guarantee that the migration to Office 365 is a pleasant experience for all? Easy. You partner with a professional managed service provider that has a proven track record of seamless migrations to Microsoft Office 365, that takes the time to plan and understand what the business requirements are. Most importantly though, make sure the managed service provider has a plan and communicates how they intend to migrate your business to Microsoft Office 365.

Why partner with Anittel for Office 365

Anittel has years of experience that will guarantee a seamless transition to Office 365 by utilising their proven product suite. Find out more about our services for Office 365 here. By focusing on the business outcomes and genuine approach, Anittel have proven that they are the right partner for businesses that are ready to make the move to Microsoft Office 365 and promise a smooth transition.

To find out more about Anittel, enquire about our customer focused services today.

 

Duarne Bernhagen

Cloud Sales Assist Manager, QLD