PCI Services Blog

Held to Ransom Without a Masked Gunman in Sight

Posted by Richard Common on 23-Dec-2016 10:07:51
Find me on:

The new year is now upon us and even in the space of a 1-2 week holiday period, things have changed. New types of fraud will have been devised when everyone's guard is down.

Before that let us draw your attention to the most prevalent threat: Ransomware: The fast-growing new kid on the IT security block.held-to-ransom-without-a-masked-gunman-in-sight-computer-security-pci-services.jpg

You may not have heard of it, but it’s just waiting for an opportunity to take you hostage and hold you to ransom.

Here’s how it works: You innocently get infected with something known as malware using your desktop, laptop, tablet or smartphone. You probably won’t even notice that this has happened....until you get the ransom demand, that is. All of your data has been encrypted by someone else who holds the "unlock" key. They will want payment in the form of bitcoins which means you will never find out who they are.

And it can be a lot of money – hundreds of thousands of pounds in some cases.

You’ve been taken hostage and are being held to ransom without a masked gunman in sight.

Clever, if you’re one of the ever-increasing band of cyber-criminals. Devastating, if you’re a business owner.

But it is avoidable.

So minimise your risk of being taken hostage; read this article instead.

8 Ways to Avoid Malware Infections

Of course, prevention is better than cure. This is especially true with malware, such as ransomware.

In order to help protect your organisation from malware, we have listed 7 strategies that any organisation can employ to help prevent malware.

1. User knowledge and education is key to the prevention of malware infections. By simply training all users in the basics of IT and data security, many inflections can be avoided. Need help with this ? Contact us

2. Email Awareness is absolutely crucial, as email is a prime source of infection. This includes taking simple steps such as treating all emails with caution; scanning the domain name of senders and challenging the legitimacy of hyper-links.

  • Did your CEO / Managing Director really ask you to pay a new supplier unexpectedly? ALWAYS double check this request.
  • Did your bank really want you to complete a form which has come through as a .zip email attachment. Click this file and you are in trouble.

3. Email Security / Anti Spam Systems build upon the above user-led steps, providing an intelligent software-led solution that helps to identify possible threats before they even reach a user inbox. These also work for outbound emails. Consider a Managed AntiSpam service.

4. Anti Malware is another technological solution that any business can implement. Consider a Managed Anti-Virus service where the provider will make sure the service is always running optimally. A lot of users will simply download a free edition, install it and forget about it. This is no longer sufficient.

5. Mobile Awareness is now a critical concern as mobile is frequently the point of entry for infections. It’s more easily done than many think. Something as simple as downloading an app from an unknown source can lead to a malware infection. More people now browse the web using a mobile device than a traditional desktop. Consider a Mobile Device Management (MDM) policy and enforcement process.

6. Network-Wide Security and Protection is a must in the line of malware prevention, as malware is very much like the dreaded office cold. Once one person gets it, soon everybody ends up being infected. A network security policy needs careful consideration and design as it will impact every area of the business.

7. Beware the phone-bandits. You may get a call from someone purporting to be a Microsoft technician. They claim they have spotted suspicious activity on your computer and need to take remote control to investigate. Simply hang up before the conversation goes any further. Let them take over and you will be in trouble.

“Remember, Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.”

https://www.microsoft.com/en-us/safety/online-privacy/avoid-phone-scams.aspx

8. Robust Backup procedures will help in the event of a malware infection, as it provides a ‘pre infection’ reference point for restoration and recovery. Need help with this? Contact us

Don’t Wait to Be Taken Hostage!

Of course, our expert team are able to help you too.

We can provide a full audit and review in order to identify potential weak points and on the basis of this, recommend a full solution that’s tailored to you and to suit any budget.

Book a Free Assessment

This way, you’ll have the peace of mind of knowing that you have minimised the risk of being taken hostage.

Related resources:

 

Topics: IT Services Provider, Security

Leave a reply