Ransomware to begin self-propagation

One of the biggest fears security experts have may be coming true: self-replicating ransomware. Viruses that have the ability to copy and spread themselves to new systems are nothing new, but until now ransomware attacks have been targeted campaigns. The best way to protect your network from a security threat is to understand it, here’s everything you need to know about this latest development.

Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”

And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.

Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.

Although previous ransomware iterations like Alpha Ransomware had the ability to find and encrypt files on shared network drives, security experts believe this is the first time a ransomware variant has included self-replication via removable drives into its framework.

When it was first detected in May, Microsoft found ZCryptor singling out 88 different file types for encryption. However, later on a security expert analyzed the ransomware and found 121 targeted file types — inferring that creators of the malware were continuing to develop its source code.

It’s commonplace for ransomware to demand payment to be made in Bitcoins as they’re an almost totally untraceable online currency. ZCryptor is no different, demanding 1.2 Bitcoins (500 USD) unless payment is more than four days after infection — then it increases to five Bitcoins (2,700 USD).

Compared to other more complex security threats, ransomware is still relatively easy to avoid. Always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.

Still concerned about security at your SMB? It doesn’t have to be as difficult and draining as you may think. Contact us today for advice on keeping your network protected around the clock.

Published with permission from TechAdvisory.org. Source.

The different types of malware: explained

Ever been infected by malware or a virus? For most internet users, the answer is probably yes. But what is the difference between all the cyber threats out there? What makes a virus different from a trojan or worm? And how can you protect your critical data and your business from these threats? If you’ve never been able to answer these questions, here’s the explanation you’ve been waiting for.

Malware

Malware is the short version of the word malicious software. And this is a general term that encompasses many types of online threats including spyware, viruses, worms, trojans, adware, ransomware and more. Though you likely already know this, the purpose of malware is to specifically infect and harm your computer and potentially steal your information.

But how do the different types of malware differ from one another? How can you protect your business from them? Let’s take a look at four of the most common forms of malware below.

Virus – like a virus that can infect a person, a computer virus is a contagious piece of code that infects software and then spreads from file to file on a system. When infected software or files are shared between computers, the virus then spreads to the new host.

The best way to protect yourself from viruses is with a reliable antivirus program that is kept updated. Additionally, you should be wary of any executable files you receive because viruses often come packaged in this form. For example, if you’re sent a video file, be aware that if the name includes an “exe” extension like .mov.exe, you’re almost certainly dealing with a virus.

Spyware – just like a spy, a hacker uses spyware to track your internet activities and steal your information without you being aware of it. What kind of information is likely to be stolen by Spyware? Credit card numbers and passwords are two common targets.

And if stealing your information isn’t bad enough, Spyware is also known to cause PC slowdown, especially when there is more than one program running on your system – which is usually the case with a system that’s infected.

A common mistake many people make is they assume their antivirus software automatically protects them from Spyware. This is not always true as some antivirus isn’t designed to catch spyware. If you’re unsure if your antivirus prevents Spyware, get verification from your vendor. And for those that are already suffering from Spyware infestation, two programs that work wonders to clean it out are Malwarebytes and SuperAntiSpyware.

Worms – similar to viruses, worms also replicate themselves and spread when they infect a computer. The difference, however, between a worm and a virus is that a worm doesn’t require the help of a human or host program to spread. Instead, they self-replicate and spread across networks without the guidance of a hacker or a file/program to latch onto.

In addition to a reliable antivirus software, to prevent worms from infecting your system you should ensure your firewall is activated and working properly.

Trojan – like the trojan horse from ancient greek mythology, this type of malware is disguised as a safe program designed to fool users, so that they unwittingly install it on their own system, and later are sabotaged by it. Generally, the hacker uses a trojan to steal both financial and personal information. It can do this by creating a “backdoor” to your computer that allows the hacker to remotely control it.

Similar to the other malware mentioned above, antivirus software is a dependable way to protect yourself against trojans. For further safety, it’s wise to not open up suspicious attachments, and also ensure that your staff members aren’t downloading any programs or applications illegally at the office – as this is a favorite place hackers like to hide trojans.

Curious to learn about other common malware that can cause trouble for business owners? Want to upgrade your existing network security system? Give us a call today, we’re sure we can help.

Published with permission from TechAdvisory.org. Source.