“Don’t Let Your Independence Be Hacked”

  • 0

“Don’t Let Your Independence Be Hacked”

Dear Blast Readers,

 

From everyone here at FDS Global we would like to wish you a Safe and Happy Fourth of July! As we celebrate this national holiday, Cyber Threats are continuing to get more advance.

 

The recent outbreak of the ransomware known as “Expetre” is not really a ransomware attack. It is really a form of malware known as a “Wiper Attack”, which can disguise itself so its victims are unaware of how serious it is.

 

A “Wiper attack” is a type of attack that sabotages PC computers. It is different from ransomware because it was created to destroy the data that is located on the computers disk.  While ransomware is a form of malware that blocks data, and threatens to delete or publish the data unless the user pays the ransom.

How does a “Wiper Attack” destroy data?

It destroys the data on the disk by overwriting the Master Boot Record, also know as the MBR. This form of malware is called a “Wiper” because it wipes part, if not all, of the drive.

 

It can be mistaken as a ransomware because the infected computer displays a message on the screen. This message states that the user’s files have been encrypted, and if the users pay a ransom then the encrypted files will be decrypted and returned. The user is then provided with an email address to send their payment information to.

 

But, little does the user know the ransom will have no affect when it comes to decrypting their files.

 

Why will the ransom have no affect?

The ransom will not have any affect because the email address provided to the user is inactive. Unfortunately, even if the email was active and the ransom could be paid in full, recovery of the MBR is impossible once wiped.

 

So, how are you supposed to protect yourself and/or your organization from this type of malware attack?

Here are a few tips:

  1. Any crucial and confidential information should be stored in hardened systems. Systems that can only be accessed one way, through privileged connections.
  2. Important data should be backed-up and stored somewhere offsite.
  3. It is important to institute and test an emergency recovery & response plan.

 

If you have any questions about Ransomware, Malware, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global. Enjoy your holiday!


  • 0

“Cyber Extortion”

Dear Blast Readers,

 

As the number of companies and enterprises whose companies rely heavily on the Internet rises, so does the number of opportunities that the cyber extortionist have. The Extortionists now have more chances to get inside a company’s/enterprises systems and extort their data for money.

cyber-extortion

“Cyber Extortion” can be described as a crime that involves an attack or threat of attack with a demand for money to stop the attack. Cyber Extortion can take on many forms, including then following:

  • Denial of Service Attack, also known as a DoS attack. (A DoS attack is a cyberattack where the cybercriminal looks to make a machine or network unavailable to the intended users. This happens when the cybercriminal temporarily to indefinitely interrupt or suspend services of an internet connected host
  • Ransomware (Ransomware can be defined as a malicious software that has been created to block access to a computer system until the cybercriminal(s) are paid a sum of money.)

 

Most Cyber extortion efforts are started because of a malware infested email and/or compromised website. The website/Email/Email attachment has been infected before the user has opened it. Once the victim has opened the infected URL, Email and/or Email attachment then the device that it has been opened on is infected.

 

Cyber extortion is quickly becoming a permanent feature in the cybercrime community, and it is a feature that can potentially affect any organization, enterprise or business. Even the companies that are best defended do get breached. Those that work with the thought that they are going to be targeted sooner or later, and adapt their techniques are less likely to suffer greatly.

 

The following are suggestions for how your Business, Company, Organization and/or Enterprise can prepare for a Cyber Extortion Attack:

  • Understand the evolving cyber threat your organization faces at granular level. (Who is likely to attack you?, What would they attack?, What is their capability to do so?)
  • Have systems in place that allow you to detect attacks. (If you can stop them this system will allow you to get on the front foot terms of response.)
  • Ensure your critical data is regularly and securely backed up (So you can restore from recent backups if hit with ransomware).
  • Ensure corporate response plans are fit for purpose for likely extortion scenarios. (Make sure these plans are tested and exercised so they operate smoothly if/when there us a crisis.)
  • Do not deal with an extortion attack as an IT Incident. (Make sure you manage the business crisis too.)
  • Ensure that you are able to call a specialist in the event of serious extortion.

 

If you have any questions about “Cyber Extortion” feel free to visit our website at www.FDS.Global, or give our office a call at (954) 727-1957

 

 

 

 

**Relate Material**

To lessen to risk that comes with Cyber Extortion, experts believe (and recommend) for users to educate themselves about Phishing Exploits and back up their devices regularly.

  • To Read FDS Global’s Blast on Phishing, Click Here To Watch—http://bit.ly/2eDfYww
  • To Read FDS Global’s Blast on the importance of backing up your devices, Click Here To Watch—http://bit.ly/2e7MtCj
  • Watch as Robert Moody takes a cell phone and retrieves hundreds of contacts that were thought to be lost, as well as talk about the importance of device backups on “Help me Howard”. Click Here To Watch—http://bit.ly/1XO0iWR