Ferrum Technology Services Blog

How quickly could your business recover if it were suddenly hit by a Distributed Denial of Service, or DDoS, attack? Are you protected against the effects they could have on your operations? If asked these questions, most businesses should want to say yes, but in reality, over half lack the means to defend against DDoS.

We have no problem going on the record as saying that there are more than enough strains of malware to go around. As such, it’s important that you know what to do if your workstation is struck by an infection.

Ransomware remains a very real threat, and is arguably only getting worse. Attacks are now able to come more frequently, and there are opportunities for even relative amateurs to level an attack against some unfortunate victim. However, this is not to say that there is nothing you can do to keep your business from becoming another cautionary tale.

Imagine that, despite the extreme care you took to avoid threats from infecting your devices, they turned out to be infected anyway. However, what if the device had been infected before you had even gotten your hands on it?

There are billions of devices that now connect to the Internet, even devices that may seem to not have any practical reason to do so. However, there is a new type of malware that uses these devices to perform attacks on the networks of all types of organizations: Mirai.

A previously known malware called Ghost Push now has a component that has caused countless problems for over a million Android users. This component, called Gooligan, is the source of the trouble, and it adds to this chaos by infecting over 13,000 new devices every day.

Doing business on the Internet is a dangerous gambit, and not one which should be taken lightly. Every small business uses some kind of sensitive information that is valuable to hackers. Most think that preventative measures are enough to ensure their security, but the fact remains that only through threat detection and elimination can you guarantee that all issues are promptly handled.

The threats to your organization’s infrastructure are numerous and plentiful, and while some will make themselves known immediately, others will hide in plain sight. These threats are designed to either leak information or provide new outlets for hacking attacks. Regardless, it’s important to identify attacks that have weaseled their way through your defenses before they have been around long enough to cause damage.

Breaches are Inevitable
To truly understand how threat detection is just as important as threat prevention, you need to come to grips with the worst-case scenario. It’s not an uncertainty that you’ll be hacked at some point--in fact, it’s very likely, and as such, you need to make sure that you’re prepared for any and all situations, including a data breach. Even large organizations and enterprises that pride themselves on security can experience data breaches. Consider the high-profile hacks of Sony and the United States Office of Personnel, as well as the health care provider Excellus BlueCross BlueShield. If these organizations had anticipated data breaches, perhaps they may have been able to prevent them--or at least mitigate the damage.

This is why you absolutely need to expect the worst in order to keep it from happening. While preventative solutions can help, it’s also imperative that you implement ways to detect intrusions, as well as ways to eliminate threats. Only then can you be ready to tackle any and all threats that want to hurt your business.

What You Can Do
CIO recommends what they call a preventative “triad” of sorts. This includes protection, detection, and reaction. You’ll need both security solutions like a firewall, and monitoring tools that allow you to check (and eject) threats from your network.

Ransomware is a dangerous online entity that continues to cause problems for businesses of all sizes. Thanks to its ability to encrypt workstations and even entire networks, ransomware has made its way to the top of the threat food chain, and it’s your responsibility to protect your business from it. Since infections are (more or less) impossible to remove, your best option is to prevent infections from happening in the first place.

There are countless threats out there that can mean danger for your business, but one of the most innovative to date utilizes a malicious Twitter account to administer commands to a botnet made up of infected Android devices. In fact, this is widely considered the first threat to actively use a social network in this manner, making it a wake-up call for security professionals and social media users alike.

Ransomware might be a relatively new player in the battle for the Internet, but its short history shouldn’t belittle the damage that it can do to both businesses and users of personal computers. Perhaps you’ve had the misfortune to encounter it for yourself, and your files were locked down because of it. Regardless, ransomware is now a prevalent part of the online crime scene, and people are using it to extort money from innocent users, making it a considerable threat.

First hackers created a formidable ransomware. Then, when word got out about how to avoid this ransomware, they began to bundle a second ransomware to create an encryption catch-22. Now, the developers of the Petya and Mischa ransomware have adopted a Ransomware-as-a-Service model and have opened their nefarious malware up to distribution.

If your employees are given an Android device to use for work, or if they bring in their own as a part of a Bring Your Own Device strategy, you may want to pay special attention to what follows.

Ransomware is a major problem in both the personal and private sectors of computing, but up until very recently, Apple users had little to fear from potential ransomware hacks. Security researchers at Palo Alto Networks have discovered what’s known to be the first completed ransomware on an Apple device. The threat, called KeRanger, is officially “in the wild,” and is a danger to any Mac user.

Today’s various versions of ransomware are dangerous. By forcibly locking down important files on a victim’s computer, threats like CryptoLocker and CryptoWall are posing significant threats to both businesses and ordinary computer users. However, a new type of ransomware has appeared called CryptoJoker; and we assure you, there’s nothing funny at all about this one.

Cyber security continues to be a major pain point for small and medium-sized businesses, even if they’re taking the fight to the latest threats with solutions like antivirus and firewalls. Significant progress has been made, yet new threats are born every day. In fact, you might be surprised to find out that a monstrous 27.3 percent of all malware in the world was created just last year. 

Any business worth their gigabytes will practice extreme caution when surfing the Internet. Hackers tend to make users’ lives more difficult, even for those who are part of a small or medium-sized business. Teaching your employees security best practices in hopes that they’ll avoid suspicious websites isn’t a foolproof strategy, and thanks to malvertising, ensuring that your organization stays secure is more difficult.

Computer users, beware; there’s an intrusive malware spreading across the Internet that’s capable of locking users out of their web browsers and redirecting them to fake IT support phone numbers. The hacker’s goal is likely to steal sensitive information from users, so it’s especially important that you don’t call this fake phone number.

ATMs are probably everyone’s favorite kind of computer. You swipe your card, enter in your PIN, and withdraw cash immediately. Many people forget that an ATM is simply a computer in disguise, though; one that can be infected with malware just as easily as any old PC can. A new type of ATM malware, GreenDispenser, is making its rounds in Mexico, and could potentially make its way to other countries if left unchecked.

Malware and viruses are so common nowadays in the technology world that it’s no surprise when new ones are created. Thus, it should come as no surprise that hackers are looking to spread smartphone malware to unsuspecting users around the world. Kemoge, a new malicious adware for the Android mobile operating system, has spread to 20 countries, and is taking the mobile device world by storm.

In the wake of a ransomware takeover, it seems like the world can’t go a few months without some sort of data loss disaster occurring. The antics of hackers grow more dangerous and difficult to dodge, and IT departments have their hands full dealing with the fallout. What’s keeping you from contracting this ransomware, and how can you keep your business from suffering its consequences?