Category Archives: firewall

Ghouls of the Internet: Protecting Your Family from Scareware and Ransomware

scareware and ransomwareIt’s the middle of a workday. While researching a project, a random ad pops up on your computer screen alerting you of a virus. The scary-looking, flashing warning tells you to download an “anti-virus software” immediately. Impulsively, you do just that and download either the free or the $9.99 to get the critical download.

But here’s the catch: There’s no virus, no download needed, you’ve lost your money, and worse, you’ve shared your credit card number with a crook. Worse still, your computer screen is now frozen or sluggish as your new download (disguised malware) collects the data housed on your laptop and funnels it to a third party to be used or sold on the dark web.

Dreadful Downloads

This scenario is called scareware — a form of malware that scares users into fictitious downloads designed to gain access to your data. Scareware bombards you with flashing warnings to purchase a bogus commercial firewall, computer cleaning software, or anti-virus software. Cybercriminals are smart and package the suggested download in a way that mimics legitimate security software to dupe consumers. Don’t feel bad, a lot of intelligent people fall for scareware every day.

Sadly, a more sinister cousin to scareware is ransomware, which can unleash serious digital mayhem into your personal life or business. Ransomware scenarios vary and happen to more people than you may think.

Malicious Mayhem

What is Ransomware? Ransomware is a form of malicious software (also called malware) that is a lot more complicated than typical malware. A ransomware infection often starts with a computer user clicking on what looks like a standard email attachment only that attachment unlocks malware that will encrypt or lock computer files.

scareware and ransomware

A ransomware attack can cause incredible emotional and financial distress for individuals, businesses, or large companies or organizations. Criminals hold data ransom and demand a fee to release your files back to you. Many people think they have no choice but to pay the demanded fee. Ransomware can be large-scale such as the City of Atlanta, which is considered the largest, most expensive cyber disruption in city government to date or the WannaCry attack last year that affected some 200,000+ computers worldwide. Ransomware attacks can be aimed at any number of data-heavy targets such as labs, municipalities, banks, law firms, and hospitals.

Criminals can also get very personal with ransomware threats. Some reports of ransomware include teens and older adults receiving emails that falsely accuse them or browsing illegal websites. The notice demands payment or else the user will be exposed to everyone in his or her contact list. Many of these threats go unreported because victims are too embarrassed to do anything.

Digital Terrorists

According to the Cisco 2017 Annual Cybersecurity Report, ransomware is growing at a yearly rate of 350% and, according to Microsoft,  accounted for roughly $325 million in damages in 2015. Most security experts advise against paying any ransoms since paying the ransom is no guarantee you’ll get your files back and may encourage a second attack.

Cybercriminals are fulltime digital terrorists and know that a majority of people know little or nothing about their schemes. And, unfortunately, as long as our devices are connected to a network, our data is vulnerable. But rather than living anxiously about the possibility of a scareware or ransomware attack, your family can take steps to reduce the threat.

Tips to keep your family’s data secure:

Talk about it. Education is first, and action follows. So, share information on the realities of scareware and ransomware with your family. Just discussing the threats that exist, sharing resources, and keeping the issue of cybercrime in the conversation helps everyone be more aware and ready to make wise decisions online.

Back up everything! A cybercriminal’s primary goal is to get his or her hands on your data, and either use it or sell it on the dark web (scareware) or access it and lock it down for a price (ransomware). So, back up your data every chance you get on an external hard drive or in the cloud. If a ransomware attack hits your family, you may panic about your family photos, original art, writing, or music, and other valuable content. While backing up data helps you retrieve and restore files lost in potential malware attack, it won’t keep someone from stealing what’s on your laptop.scareware and ransomware

Be careful with each click. By being aware and mindful of the links and attachments you’re clicking on can reduce your chances of malware attacks in general. However, crooks are getting sophisticated and linking ransomware to emails from seemingly friendly sources. So, if you get an unexpected email with an attachment or random link from a friend or colleague, pause before opening the email attachment. Only click on emails from a trusted source. 

Update devices.  Making sure your operating system is current is at the top of the list when it comes to guarding against malware attacks. Why? Because nearly every software update contains security improvements that help secure your computer from new threats. Better yet, go into your computer settings and schedule automatic updates. If you are a window user, immediately apply any Windows security patches that Microsoft sends you. 

Add a layer of security. It’s easy to ignore the idea of a malware attack — until one happens to you. Avoid this crisis by adding an extra layer of protection with a consumer product specifically designed to protect your home computer against malware and viruses. Once you’ve installed the software, be sure to keep it updated since new variants of malware arise all the time.

If infected: Worst case scenario, if you find yourself with a ransomware notice, immediately disconnect everything from the Internet. Hackers need an active connection to mobilize the ransomware and monitor your system. Once you disconnect from the Internet, follow these next critical steps. Most security experts advise against paying any ransoms since paying the ransom is no guarantee you’ll get your files back and may encourage a second attack.

The post Ghouls of the Internet: Protecting Your Family from Scareware and Ransomware appeared first on McAfee Blogs.

Pukka Firewall Lessons from Jamie Oliver

Pukka Firewall Lessons from Jamie Oliver

In our office I’m willing to bet that food is discussed on average three times a day. Monday mornings will be spent waxing lyrical about the culinary masterpiece we’ve managed to prepare over the weekend. Then at around 11 someone will say, “Where are we going for lunch?” Before going home that evening, maybe there’s a question about the latest eatery in town. 

I expect your office chit chat is not too dissimilar to ours, because food and what we do with it has skyrocketed in popularity over the past few years. Cookery programmes like Jamie Oliver's 30 minute meals, the Great British Bake-off and Masterchef have been a big influence. 

Our food obsession, however, might be putting us all at risk, and I don’t just mean from an expanded waistline. Cyber criminals appear to have turned their attention to the food industry, targeting Jamie Oliver’s website with malware. This is the second time that malware has been found on site. News originally broke back in February, and the problem was thought to have been resolved. Then, following a routine site inspection on the 13th of March, webmasters found that the malware had returned or had never actually been completely removed. 

It’s no surprise that cyber criminals have associated themselves with Jamie Oliver, since they’ve been leeching on pop culture and celebrities for years. Back in 2008, typing a star’s name into a search engine and straying away from the official sites was a sure fire way to get malware. Now it seems they’ve cut out the middleman, going straight to the source. This malware was planted directly onto JamieOliver.com.

Apart from bad press, Jamie Oliver has come away unscathed. Nobody has been seriously affected and the situation could have been much worse had the malware got into an organisational network. 

Even with no real damage there’s an important lesson to be learned. Keep your firewall up to date so it can identify nefarious code contained within web pages or applications. If such code tries to execute itself on your machine, a good firewall will identify this as malware.