Skip to content

Your staff are the weakest link for ransomware

Josh Bradley Jul 21, 2016 12:00:00 AM
Confident business experts a work. Top view of group of young business people in smart casual wear working together while sitting at the large office desk

Crypto Locker has been widely reported in the South West and as malware goes, it’s as sinister and damaging as they come. Since last year, the National Fraud Intelligence Bureau issued a warning for the whole region that the scam was actively targeting businesses in the area. It’s still around and catching people out, so be on your guard.

Malware and Strange Emails – Protect Yourselves and Your Business.

It works by extorting money from victims by holding their computer’s documents ransom, ‘locking them in’, with a ticking timer that counts down to zero before the documents are destroyed. If you pay before it reaches zero – you are given a unique access key that stops the timer and destruction of the documents. The usual asking price is around 300 Euros. Some versions of the Trojan computer virus punish you for delaying and so you get a sort of ‘early bird’ reduction on your payment if you do it straight away.

Tricks of the Trade to Teach Your Staff

It is extortion – plain and simple but via software instead of mugging you on the street with threats of violence. Here’s the thing, it can only get on your computer if you let it and that’s why you need to ensure your staff aren’t careless and they are aware of the tricks that malware uses to manipulate users to open the file.

For instance, there was a round of emails being sent out which looked like they were from the Royal Mail but were in fact the virus in disguise. The messages claimed that a particular response was necessary for a parcel to be redelivered to the business address. Other trick email headers have been in the guise of HMRC – so the fraudsters are using services that businesses would be keen to check on if they were genuine.

Hidden files that bite

The user is led to believe they have to open a .ZIP file and then a PDF within it. To open the .ZIP file they are required to enter a password given to them in the message. Once they attempt to open the PDF that’s the point of no return and the malicious hidden .EXE extension is activated.

If there is any doubt about an email you see, it’s advisable not to go clicking on it or anything in it. If you are worried it might be genuine you can always call the real business to check – and chances are they will be aware of malware being sent out falsely in their name as they may have had complaints already.

Forewarned is forearmed – Guidelines for Unsolicited Emails

It would be wise to tell everyone in your business to follow some guidelines with unsolicited emails:

  • Double check the email address looks right (you can hover over it without opening it).
  • Were you expecting the message, is it threatening, trying to scare you into opening it with legal threats? It might be all part of the scam.
  • Don’t open or download anything from an email that has come out of the blue, that you are uncertain of.

One option available is to get security awareness training for your employees via a service like Knowbe4, where they will even test people post training, to see who is still prone to phishing scams.

Make sure you have a strong firewall and virus checking software. It’s in your best interests to have an ‘advanced persistent threat’ scanning firewall to reduce the chances of picking up a damaging virus. WatchGuard provide a good example of the kind of enterprise level protection you can get that works.

Being fully backed-up to the cloud can save your business if you do make the mistake of opening ransomware.

These kinds of e-threats will only evolve and get smarter, so to protect your company you need to be uncompromising and incorporate an effective mix of staff training, firewalls and protective software solutions and you need to know you can rescue your data from a recent automated save point from the cloud, should a virus somehow break through all your security measures.

If you are concerned about cyber threats and how to guard against them, contact the team at Netitude and we can protect your computers and network against the known malware in circulation.