Coleman Technologies Blog
Like many of the past few years, this year has witnessed a significant surge in high-profile ransomware attacks. If you haven't already strategized how to safeguard your business from these threats, now is the time to act. Fortunately, you can take several proactive measures to mitigate the impact of ransomware attacks, and it all starts with preparation.
2023 was definitely the year that AI became a household name. We’ve barely seen what artificial intelligence is capable of, and while industries are still coming up with more ways to use the technology, we’ve already seen countless examples of how people want to take advantage of AI for less savory purposes. 2024 is already shaping up to be the year that businesses need to protect themselves from AI-generated cybersecurity threats. Let’s take a look at everything you need to know as a business owner.
Chances are your business has a social media presence in at least some capacity, as it’s a good way to drive traffic to your business. However, hackers want to leverage this benefit against you. A new malware specifically targets Facebook business accounts to launch malicious advertisement campaigns using your own money against you.
The Internet is pretty great. You can watch videos of cats being weird, and then watch the London Philharmonic Orchestra perform Stravinsky’s Rite of Spring. Then you can go on Reddit and learn how to replace the drywall in your bathroom. Just another typical Sunday afternoon with the Internet, right?
Unfortunately, the Internet isn’t always perfect. It can be pretty dangerous, and we’d like to share some surprising terms that can lead to dangerous websites and malware if you search for them on Google.
It’s important to keep the software on your computer updated. If your operating system or web browser or some other important application is out of date, it could lead to things not working properly while also leaving you susceptible to threats. However, hackers are disguising malware to look like important web browser updates.
I hate to be the bearer of bad news, but when it comes to cybersecurity threats it’s kind of hard not to be. I used to look at it from two sides; one side is fascinated at the innovation and intensely brutal ways that high-end cyberattacks work, and the other side of me loses sleep at night worrying about these risks affecting our clients, prospects, and even my own business. This one particular classification of cyberattack, however, takes the cake for being especially frightening.
Ransomware is one of the more dangerous threats out there for businesses of all industries and sizes. To help emphasize just how dangerous it is, however, you have to look past the initial threat of having to pay a ransom and look at the other risks associated with it. We’re here to try to get the point across that ransomware is something your business should absolutely be taking seriously.
Ransomware is such a common occurrence these days that it has entered the public discourse, but we also want to note that it’s such an important topic to discuss with your team that you can never talk about it enough. We want to address some of the most common questions we get asked about ransomware and what can be done about it.
In today’s business, the more robust an IT network is the more risk there is of system failure. This comes down to what is known as Murphy’s Law, which states anything that can go wrong, will go wrong. That’s why when coming up with a defense strategy, you need to mix smart IT management decisions with overwhelming redundancy to have a chance. In this week’s blog, we will outline some of the most common reasons for system failure and why you need a data backup solution.
There is a lot made about ransomware, for good reason. It is quite simply one of the nastiest cyberattacks out there and it demands your attention. A lot of people understand what exactly ransomware sets out to do, but they don’t understand how it got that far and how to address the situation if they have the misfortune of being put in that position.
Ransomware is one of the more dangerous threats out there today, and since it is so prominent and dangerous, it is a popular choice amongst hackers. To combat this threat, a community has formed around the cause, encouraging users to not pay the ransom by providing free malware removal tools for the most popular ransomware threats.
WhatsApp is one of the world’s most popular messaging applications. With over 2 billion users, WhatsApp is known for its relative security, as it is one of the few messaging applications that offers end-to-end encryption. A modified version of WhatsApp, called YoWhatsApp, has been reportedly deploying malware.
This past year saw a dangerous 86% increase in the most dangerous types of malware out there, so we want to ask you an important question: are you ready to protect your business from the different types of threats you might encounter? We know a technology solution that might help this mission along, and we want to share it with you today: artificial intelligence.
Excessive Permissions
Data security is a priority for many people, but even amongst them, mobile applications often aren’t even considered a potential threat to their data. While you should ever only download applications from an official application store, some attacks can potentially slip through the vetting process to be distributed via these means. Therefore, it is important to carefully consider every application you have installed and the permissions that each one demands. If these permissions seem excessive for the application’s needs, reconsider if the app is necessary to use (chances are, it isn’t). This helps protect you against the tactic that many cybercriminals use: getting a harmless app to the store, and then turning it malicious with an update once it is downloaded.
Spoiler Alert: Macs Do, in Fact, Get Malware
Not to be juvenile about it, but duh. A computer produced by Apple can just as easily be infected by malware and ransomware, just as they can also experience any of the other problems that a PC user would. Hardware failure, slowing with age, crashes, data loss—these and so many other issues can be seen in a Mac.
Lock. Everything. Down.
Did you know there are entire websites out there, devoted to providing the default factory passwords for different devices? They aren’t on the Dark Web, either - this is on the visible, indexed Internet. Imagine if I were to come in with some idea of what brand of routers you had… if I had the right default credentials with me, I could easily access your router and wreak havoc in your business.
You need to consider every potential access point into your business and ensure it is properly secured. The same goes for any online accounts associated with your business, like cloud storage. Take the time to make sure that everything is secured with a password that meets best practices, and if memories are an issue, use a reputable password manager to simplify the task for your employees.
This also goes for your physical location. Many access control solutions exist that enable you to keep track of who accesses a certain area, and when, with the added benefit of keeping those without authorization out.
Keep Your Antivirus Updated
Many people may assume that, once they’ve installed an antivirus/antimalware solution, they are all set. The trouble is, more malware is being developed all the time, and there’s a good chance it is being developed to help the malicious software get past your antivirus. As it happens, the developers of the antivirus are aware of this, and frequently add new threat definitions to the software to make it more effective.
However, all the threat definitions in the world will do diddly-squat if your antivirus solution isn’t updated to include them. This is why it is important to keep an eye on your network’s health and take the time to check that you have the latest definitions included.
Keep a Backup
Finally, you have the nuclear option against malware… mutually assured destruction, that only you can recover from. That is, as long as you’ve been maintaining a proper backup.
If you should fall victim to a malware infection, completely wiping your devices and quite literally starting from scratch with them is your best hope of getting rid of it. However, in order to keep yourself from crippling your own business while doing so, you need to maintain an ace in the hole. By keeping a backup that passes best practices, you can be sure to have your data if you have to sacrifice your original copy.
Coleman Technologies can help you do all of this, and more. Reach out to us at (604) 513-9428 to learn more.
Meet xHelper, The Malware That Refuses to Go Away
As of right now, it is suspected that xHelper has infected around 50,000 devices, which is a big number, but relatively low when it comes to malware of this type. The big names in cybersecurity, Symantec, Malwarebytes, and the like, don’t have any clear answers on how to actually remove the threat. If that’s not enough, deleting everything on your smartphone and doing a factory-reset won’t remove the malware either. Once you set your device back up, the threat will be back.
What Does xHelper Do?
We have good news and some bad news. The good news is that right now, it seems that xHelper just gives you annoying pop-up spam and notifications. It’s goal? To get you to install more applications, and likely these applications could come with additional threats.
It is also suspected that xHelper can download and install apps on its own. It hasn’t been officially detected doing this in the wild yet, but if it could do that, then you would essentially lose control over your device.
Don’t Forget, You Can’t Get Rid of xHelper Once You Get It
As of right now, there is no way to uninstall xHelper, and even resetting your device to factory settings keeps the malware installed. There is essentially no help for you other than getting a new phone, or waiting for Google or one of the major players in cybersecurity to figure out a way to remove it. This could take a while…
For Now, All You Can Do is Avoid Getting xHelper
The malware seems to get installed from scammy websites. The app isn’t found on the Google Play Store (at least at the time of writing this). Only install apps from the Google Play Store, and never from any other website. Google has a vetting process that keeps most apps on the Google Play Store relatively safe (it’s not a perfect system, but it does weed out most of the danger).
When it comes to cybersecurity, the best place to get started is being aware of the threats and employing safe habits. That, and ensuring that your business data is thoroughly protected. Don’t wait for a problem to happen, give Coleman Technologies a call at (604) 513-9428 today.
Before we get too deep, we want to emphasize that there are two primary categories for threats to your business: external and internal.
External
External threats are those that come from outside your business’ network. The majority of threats will fall into this particular category, and it contains a lot of big names that you have likely heard in the past. Here are a couple of examples of threats to your business, as well as what they can lead to:
- Viruses/Malware: these are malicious bits of code or full-blown software programs that can be customized by hackers to perform a certain role. It would take far too long to list off everything that can be done with these kinds of threats, as the options are literally limitless.
- Ransomware: Sometimes malware will encrypt the user’s files and demand payment for the decryption key. Without access to important files, businesses might crumble under the pressure, losing both money due to the payment and a little bit of dignity in the process. In cases like this, it’s important to never pay the ransom, as it only serves to fund further attacks.
- Spam: Hackers like to send countless emails with threats attached to them, hoping that someone will download them and expose their organization’s network to threats. Spam can be prevented for the most part, but if left unchecked, your business could wind up installing threats on your network by accident.
Internal
Internal threats can come from the most unlikely sources, as even the most well-meaning employees could accidentally expose your business to potential threats. Furthermore, there could even be more sinister forces at work with employees potentially trying to actively sabotage operations. Here are some ideas for threats and what could happen from them:
- Phishing Attacks: Your users are your weakest link. While you might think that you have an understanding of adequate security practices, they may not, leading hackers to utilize underhanded tactics to leverage this to their advantage. Phishing attacks convince users to click links, download attachments, or provide credentials/sensitive information.
- Account Hijacking: Let’s say an employee’s account is hijacked by an external threat. You might see account activity from your employee, but how do you know that it’s not someone else using their account? Data could be stolen, or worse.
- Access Control: Have you ever fired an employee? Have they ever resented you for it? Chances are they may have felt the urge to go into their old accounts and cause some trouble. These internal threats could lead to embarrassing situations, as well as a loss of control over certain types of data. It’s up to you to cut off access as soon as you can.
Does your business need help maintaining security and keeping track of the countless threats out there? Coleman Technologies can equip you with the best security measures on the market. To learn more, reach out to us at (604) 513-9428.
What Is Phishing?
Phishing scams can be considered any digital attempt against your organization to extort credentials or other important information. The method doesn’t really matter, though it does change the way that phishing is identified. For example, more targeted attempts at specific individuals are called “spear phishing,” whereas impersonating a company’s CEO is considered “whaling.” Either way, the end result that the phishing attempt hopes for is that someone will fall for their tricks.
Vectors for Attack
The first thing to remember about phishing attempts is that they don’t happen exclusively through email. They can come in a variety of ways, including through social media applications, phone calls, and other outlets that you might not suspect without a little predisposition toward them. Here are some of the most common ways you might encounter a phishing attack:
- Email messages, where senders spoof addresses and try to convince users that they are someone important to your organization.
- Phone calls, where callers impersonate someone you know or someone of authority, like a government official or business leader.
- Social media messaging is a more personal method of phishing in which identity thieves try to impersonate people you know in your personal life.
The Giveaways
A good rule to keep in mind is that phishing attacks tend to be rather suspicious in nature. For example, if someone who doesn’t normally send you messages suddenly reaches out, and it’s seemingly uncharacteristic of them, be a little suspicious--particularly if they are using language that seems unlikely. Here are some other tips to identify phishing attacks before they have enough of a chance to be dangerous:
- Spelling and grammar errors: More often than not, spelling and grammar errors in phishing messages are quite commonplace, and they signify that something is not as it seems. If you see lots of these errors, you need to be very careful about navigating the messages.
- Immense sense of urgency: If the message prompts you to take action immediately, either out of fear or because it tries to convince you it’s in your best interest, approach it with an extra side of caution. Phishing attempts try to get users to take action as soon as possible; this means that users aren’t thinking things through or discovering that the message isn’t legitimate.
- Suspicious account activity: On social media, if you have a friend who you haven’t heard from in a very long time, chances are it’s not actually the friend reaching out to you if they need money or want you to click on a link. In cases like this, always use discretion.
To limit the damage done by phishing attempts, consider the following measures:
- Implement a spam blocking solution. While it might not help with more specialized phishing attempts, it should limit the most generic ones.
- Educate your employees--this point speaks for itself. If users know what to watch out for, they will be less likely to make mistakes that expose sensitive data.
Does your organization need a way to protect itself against phishing attacks? We can provide your business with the training required to best secure itself. To learn more, reach out to us at (604) 513-9428.