Tag Archives: malware

Should You Pay for a Ransomware Attack?

Posted on by

RansomwareGetting hit with a ransomware attack is not fun, cybercriminals encrypt your data and you are left having to decide: should we pay to get them back? It is a scene that’s played out across the world with 70% of businesses saying “yes” in 2016 alone. Here are six factors to consider if you are ever in this situation.

1) Do you trust them?

Remember that they are criminals holding your data hostage, how confident are you that they will send you the decryption key and that the key will decrypt all your data? The attackers demand you send the payment via untraceable Bitcoin, so you have no recourse if you never hear from them again. You are also equally trapped if they decide to come back with increasingly higher demands. If they do send the decryption key, be aware they still have access to your systems and can hit you again at any time until your network is fixed by experts. Businesses don’t exactly want their breach publicised, so many don’t admit to paying the ransom, whether it went to plan or otherwise.

2) Can you manage the impact?

The best case scenario is that you can wipe the affected drives and restore from a clean backup without paying the ransom. You may even decide that the encrypted files aren’t that important and simply let them go and just wipe the infected machine. On the other hand, if your data management comes under any special regulations, like health or legal, you may find that the attack has a much wider impact. The attacker will also motivate you to pay the ransom quickly with a countdown and a threat of total deletion when it hits zero. Remember that if the data isn’t that valuable, or you have confirmed backups, this urgency should have no effect on your plans. T

3) How much do they want?

Cybercriminals rarely send out attacks with set amounts, instead, they prefer to customize the ransom based on how much they think you can pay. Large corporations and hospitals are hit with very high demands, while small business demands are more modest. Different countries or regions are also charged differing amounts. They may be “bad guys”, but they are smart people who know your financial limits. They also consider how much similar businesses have paid previously and expect you to follow suit.

4) Are your backups any good?

Always check your backup to confirm that they are working, that the correct data is being backed up and that you can recover the data from them. Many businesses are discovering too late that their backup systems are not robust enough. Either the backup has become infected too, they weren’t up-to-date or they backed up the wrong data. It is imperative that you at least do some quick backup checks to ensure you can recover all your data in case the unfortunate happens.

5) What are you policies?

Businesses are now adding ransomware to their disaster recovery plans and have predefined actions mapped out. Seemingly simple inclusions like who has final say over the payment decision can stop chaos in its tracks. Employees and management alike can then approach the situation calmly and make the best decisions for the business.

6) Stay safe in the first place

Ransomware is not slowing down and all factors say it will increase. As more businesses pay the ransom the cybercriminals are steadily launching new attacks and making it their full-time job. Most of the attacks come via phishing emails – those emails that trick employees into clicking a link – and they can be extremely convincing. While training staff helps, it’s no guarantee. We recommend using business-class spam filters to catch these types of emails before they land in your inboxes so that triggering a ransomware attack becomes something that happens to other businesses and not yours.

Secure your data systems and check your backups now. If you need help, contact us on 08 8326 4364 or

su*****@dp*********.au











.

Why Spam is a Small Business Nightmare

Posted on by

Why Spam is a Small Business NightmareFifteen years after the Internet world  united to crack down on spam emails, we are all still struggling with overloaded inboxes. All that unwanted email continues to flood the internet, much of it targeted towards small businesses and the impact goes wider than you might think. Here’s the breakdown of how modern spam works and how it is hurting your business.

What is spam?

Spam is any unwanted message that lands in your email, comes via text, social media messaging or any other communication platform. It might be sent to your main business account, eg your ‘contact us’ email or directed to your employees. Most of the time, spam are annoying but relatively innocent messages from another business inviting you to buy, do or see something. They are newsletters, reminders, invitations, sales pitches, etc. You may know the sender and have a previous relationship with them or they might be a complete stranger. Spam may even be part of a cyber attack.

Why you are getting spammed.

Maybe you or your employee signed up for a newsletter or bought a raffle ticket to win a car. Perhaps you got onto the mailing list accidentally after enquiring about a product, not knowing that simply getting a brochure sent through would trigger a spam avalanche. Often there is fine print that says they’ll not only use your details to send you their marketing, but they’ll share your details with 3rd parties so that they can send you messages too. That single email address can be passed around the internet like wildfire and before you know it, you are buried under spam. Sometimes your details are found through a hacked website, like the recent LinkedIn leak. More often though, your email is simply collected by a computer ‘scraping’ the internet – scouring forums and websites for plain text or linked emails and selling them to spammers. It is easy to see now, how individual office employees receive an average of 120 emails daily, over half of which are spam!

More than annoying.

We all know spam is annoying but did you know it’s also consuming business resources? Your employees are spending hours each week sorting their email, assessing each one for relevance and deleting the spam. Your email servers along with your Internet links are getting clogged with the spam flowing into your business. Too often, legitimate emails from clients and customers get caught up and are accidentally deleted. Plus the temptation to read the more interesting spam emails and productivity drops to zero. On the other side of the business, your email server might be dedicating storage and processing power to spam emails, occasionally to the point where inboxes get full and real mail is bouncing out. While most spam is simply an unwanted newsletter or sale notice, there is also the risk that any links may be a cyber-attack in disguise. Remember one click can open the door to viruses, ransomware, phishing or other security issues which a hacker can then take advantage of.

How to stop the spam?

The 2003 Can Spam Act (a global set of anti-spam laws) requires all marketers to follow certain rules – like not adding people to mailing lists without permission and always including an ‘unsubscribe’ link. So make sure you’re not accidentally giving people permission to email you – check the fine print or privacy policy. Next, look for the unsubscribe link at the bottom of the email. Unfortunately, not all of them include the link, or they hide it somewhere impossible to see. The worst spammers take that ‘unsubscribe’ click to confirm that your email address is valid/active and then sell it on.

Take control of your email and talk to us about your anti-spam protections. Call us at 08 8326 4364 or

su*****@dp*********.au











.

eBook: Spectre and Meltdown: How you’ll be affected

Posted on by

Spectre & Meltdown ExposedSevere design flaws in modern CPUs were recently discovered and made public. These flaws put users and businesses alike at risk of attacks known as Spectre and Meltdown, where private data can be called up and stolen.

Chip manufacturers including Intel and ARM have responded by working with software developers to correct the flaws, however these fixes are affecting computer performance. Discover exactly how this vulnerability works, how you’ll be impacted, and what you can do to protect your systems.

We have written a free Ebook that explains these vulnerabilities in more detail and also covers:

  • How these vulnerabilities works
  • The impact to your business.
  • What you can do to protect your systems

Click here to subscribe to our monthly newsletter and access your copy of this book. If you are already a subscriber and would like a copy please email

da***@dp*********.au











.

How To Stay Safe From Scams & Malware On Facebook

Posted on by

Facebook ScamsAt last count, Facebook has clocked up over 2.7 billion users, this makes the platform more attractive than ever for scammers and hackers. While you may be logging in to share your latest family photos or catch up with friends, the chances of accidentally triggering a scam or malware are increasing every day. Here are some tips on how to stay safe on Facebook and stop the spread of scams.

Look out for freebies and surveys

Everybody loves a freebie but when you see a giveaway for vouchers from a mega-store, alarm bells should ring. ‘Complete this survey and we’ll send you a $50 Amazon Voucher!’ – is too good to be true. Even one click can take you on a messy journey through the underbelly of the web, picking up trackers and malware at every step and then you are asked to share the post so your friends can get a voucher too…except nobody ever receives the reward. So stop it at the start and never click on these scam offers.

Check your permissions with games and quizzes

Whenever you access a new game or quiz, you’ll need to give it permissions to access your Facebook profile. Most people click the okay button without any thought, but if you review the permissions you are giving, you will often find they are asking for a massive amount of unneeded personal data; this data can include your public profile, friend list, email address, birthday and newsfeed. Do they really need access to ALL this information? Sometimes the shakedown is from necessity, but sometimes the apps are preparing to launch attacks against you both on and off Facebook. For example, when you call your financial institution bank they ask certain questions like your full name, birthday and maybe which high school you went to. All that information is in your Facebook profile and now shared with your permission to an unknown entity.

Don’t friend people you don’t know

Having lots of friends is always nice, but that friend accept may end up costing you. It might be someone pretending to know you, or a picture of a pretty girl to entice men (and vice versa). Once you friend them, they will get access to everything your friends can see. In this case, it’s more than the risk of someone knowing your personal data, you’ve just given them access to intimate details of your life. It’s exactly how romance scams start, and there are even cases where the victim finds photos of their children circulating the internet.

If it is weird, forget it

It doesn’t happen very often, but hackers find ways to take advantage of flaws in Facebook. A common hack that keeps popping up in various forms is to embed malware in a link. The virus then infects your machine and contacts all your friends with an enticing message, like asking whether a picture is of them. When they click to view the picture, the virus catches them and their friend list, and keeps on spreading. Facebook is pretty good at staying on top of these flaws, but they need time to fix it. Just like if you got a weird email with an attachment from a friend, use that same level of scrutiny in your Facebook and don’t open messages or links that seem out of place.

Need help securing your privacy? Talk to us. Call us at 08 8326 4364 or via email at

su*****@dp*********.au











Eleven Best Security Practices To Stop Ransomware

Posted on by

Ransomware and most malware attacks start in two main ways. A booby-trapped email with a malicious attachment or via a compromised website; which then work their way down to your endpoints and servers.To stop these attacks, it is critical that you have a multi layered approach to security.

This starts with a training your employees and patching your devices right through to cloud based malware filters, dedicated hardware firewalls and corporate grade security applications on each device.

The eleven best security practices to apply now are:

  1. Employee training
    Regular training for employees is essential. Employers need to inform their staff on what to look out for and don’t trust the contents of every email they receive.
  2. Patch early, patch often
    The sooner you patch Windows the fewer holes there are for ransomware to exploit.
  3. Backup
    Backup regularly and keep a recent backup copy off-line and off-site. Offline and off-site means ransomware can’t get to it. With recent backups data loss can be minimized.
  4. Implement corporate grade security software
    A free antivirus program might be ok for home use but do you really want a free program protecting your confidential business data and financial information?
  5. Install a firewall or UTM
    You probably don’t just rely on a cheap door lock on the front door of your house so why rely on a basic firewall on the electronic entrance to your business?
  6. Enable cloud based email filtering
    Don’t rely on your local antivirus software detecting and stopping malware within your email application. Block it before it even enters your network by using using a cloud based filter – one that uses multiple filters is even better.
  7. Enable file extensions.
    Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you.
  8. Disable Macros
    Don’t enable macros in document attachments received via email. A lot of infections rely on persuading you to turn macros on, so don’t do it!
  9. Be cautious about unsolicited attachments
    If you aren’t sure – don’t open it. Check with the sender if possible.
  10. Admin Login Rights
    Don’t have more login power than you need. Having administrator rights may bake things easier for administration but they also give malware free ranges on your computer and network. An infection which may be able to be contained to one device could become a network disaster is the malware exploits admin rights.
  11. Keep applications up to date.
    Stay up-to-date with new security features in your business applications
    For example Office 2016 now includes a control called “Block macros from running in Office files from the internet”.

How to Tell if Your Computer Has a Virus?

Posted on by

How to tell if your computer has a virus?Sometimes computers do crazy things that ring alarm bells and make users think it is a virus. Next thing you know the boss is telling everyone to run scans and demanding people come clean about their browsing habits. Fortunately, not all weird occurrences are viruses related – sometimes your computer is simply overloaded, overheating or in desperate need of a reboot.

Here are some of the tell-tale signs that your computer maybe infected with malware:

Strange Error Messages

Does your computer have messages popping up from nowhere that make no sense, are poorly worded or just plain gibberish. Take note of anti-virus and security warnings too, check that the warning is from YOUR anti-virus software and looks like it should occur. If a message pops up that isn’t quite right then don’t click it – not even to clear or cancel the message. Close the browser or shut down the computer, then run a full virus scan.

Suddenly Deactivated Anti-virus / Malware Protection

The best way past a security guard is to sneak it when they are not around. Certain malware infections are programmed to disable the security systems first, leaving your computer open to infection. If you reboot and your protections are not enabled you may be under attack. Attempt to start the anti-virus manually and if that doesn’t work, backup your data and try and reinstall your security software.

Social Media Messages You Did Not Send

Are your friends replying to messages you never wrote? Your login details may have been hacked and your friends could be tricked into giving up personal information or money. Change your password immediately and advise your contacts of the hack.

Web Browser Acting Strange?

Perhaps your homepage has changed, it is using an odd search engine or opening/redirecting your to unwanted sites. If your browser has gone rogue it is definitely malware which could be trying to steal your personal or financial details. Skip the online banking and email until your scans come up clear and everything is working normally again. Once you are certain your machine is clean, change all your passwords.

Sluggish Performance

If your computer speed has slowed, boot up takes an eternity and even opening programs takes forever, it is a sign that something is wrong. It is not necessarily a virus though. Run your anti-virus scan and if that resolves it, great, if not, your computer may have a hardware issues or your computer needs a tune-up or service.

Constant Computer Activity

You are not using the computer but the hard drive is going nuts, the fans are whirring, and the network lights are flashing like a disco? It is almost like someone IS using the computer! Viruses and malware attacks use your computer resources, sometimes even more than you do. Take note of what is normal, and what is not and seek help if it looks like something is amiss.

If you have a virus that you can’t get rid of or need a service on your computer give us a call at 08 8326 4364 or at

su*****@dp*********.au











.

Why Do People Create Viruses?

Posted on by

Why Do People Create Viruses?Writing a computer program is hard and writing a virus is even harder (BTW you don’t even need programming skills as viruses templates can be bought online), so why do people do it? In the majority of instances it comes down to 3 reasons:

  • Money
  • Bragging rights
  • Simply being a jerk.

While bragging or being a jerk is pretty self-explanatory, the money side is more interesting. Here are some of the ways people make money with viruses:

Bank account theft: As with real bank robbers virus creators are more than happy to help themselves to the money in your bank account. Once they have your login details (obtained via a key logger) they simply transfer your funds away or use your credit card details to go on a shopping spree. Sometimes they’ll leave the fun to another person by selling your details to the highest bidder.

Ransomware: Sometimes a virus will encrypt your files and demand money for a key to unlock you own data. Without a true backup procedure in place you are at their mercy.  Once you have paid the nightmare may not be over as they now know you are an easy target and request even more money.

Ad swappers: A very cheeky technique which you may never know is happening to you. This scam is when a virus puts annoying ads on websites you visit or places affiliate codes on pages. When you buy something legitimately – eg, from Amazon – the affiliate codes allow the hacker to get a percentage as a ‘referral fee’. Their kickback doesn’t make your purchase cost more and you may not even know you are infected.

Bitcoin mining: You have heard of digital currencies being used for payments but did you know you can also earn money via bitcoin mining? You can earn this money by running specialized software on your computer but sometimes this means paying more in running costs than you would actually make – unless you were very clever and sneaky, and used a virus to use the processing power on other people’s computers.

Botnets: If infected with a botnet, a computer can be remotely controlled to do whatever the virus creator wants. In most cases they’ll usually set the infected computers to overwhelm a target computer and blackmail the owners of that computer – the ‘Botmaster’ says “pay me thousands of dollars or I’ll crash your computer.”

Account stealing: Subscription accounts like Netflix and Hulu are often hijacked allowing other users a free ride by using your accounts. Gaming accounts open up another world of financial incentives with those digital items that people work hard for in the games worth a pretty penny on the black market.

These are just a few of the ways people make money through viruses and malware. If you know of any others please leave a comment below.

Give us a call at 08 8326 4364 to make sure your computer is secure and protected.

How Much Could A Ransomware Attack Cost Your Business?

Posted on by

How much is your data is worth? Information is probably the most valuable part of your business. Imagine if you lost your client database, accounting software, inventory management and any intellectual property you may own. How long will it take to recreate this data and how much money would you lose in lost productivity, staff wages and the time it takes to either recover or recreate the lost information?

Recently when the WannaCry ransomware spread through out the world, many businesses were suddenly forced to re-assess the value of their data: was it worth saving and what would be the ongoing costs of the attack?

If you don’t have a recent backup most ransomware attacks cost at least $US200 (if not a lot more) to get your files released and that is only IF the cyber criminals honor the payment and actually give you the decryption key (some even demand further payments). Meanwhile your business is still running and new client calls are still coming in and you may find yourself unable to operate with your systems down.

Paying the ransom may seem like a quick fix but:

  • There is still the downtime involved to restore your data resulting in lost productivity.
  • If word gets out that your data has been compromised you may find confidence in your business plummets and your existing clients head elsewhere.
  • The cyber criminals you pay, may now see you as an easy target and demand more money or target you for other scams and malware activity.
  • You may recover the data but is it compromised with other malware?
  • You may not get back all the data that has been lost.

So that $US200 ransom may end up costing many, many thousands of dollars!

How To Prevent Ransomware Attacks on your Business

Keep your systems up to date: Malware can take advantage of flaws in older versions of Windows and software – sometimes ones that have already been patched by Microsoft and third party vendors. To be protected businesses have to stay up to date with their patches & versions. To be up to date with Windows patches you need to be running a supported version of Windows. Delaying patches and updates puts your business at risk – we can help you keep you systems up to date.

Use corporate grade security software and firewall: Free software may be fine for low end home computers but if the worst happens you will get no support or help from a company providing free software. A firewall or UTM (unified threat management) device can also help block malware and ransomware infections. But whether it is a free or paid for solution the software (and any hardware devices) must be kept up to date.

Lock down employee computers: Very few staff will require full administrator access to your business network. With a higher level of permissions the more damage a person can do – either accidentally or by inadvertently installing malware. By locking down your computers you have a better chance of containing a malware attack to non-vital systems. Our expert computer technicians can design an access management plan that gives you best of both worlds – flexibility and security.

Educate your workplace: Most employees believe they are being cyber-safe but in reality it is quite different. Many malicious links and embedded malware have become harder to spot – and all it takes is a microsecond to click (and later regret it). We can work with your staff to establish procedures around checking links for authenticity before clicking, awareness around verifying the source of attachments and the importance of malware scanning and keeping systems up to date. We can help get the message through!

Have a solid backup plan: When ransomware hits, a connected backup = infected backup. Also a lot of cloud backup systems, such as Dropbox, immediately clone the infected files which also renders the cloud copy useless. The only safe backups will be the ones both physically and electronically disconnected. Our experts can set you up with a backup system that makes recovery simple.

Be proactive: The best way to avoid the costs of a ransomware attack is to prevent it from happening in the first place is with up to date antivirus software, regular systems updates and security audits. Remember, many businesses were able to watch WannaCry from the sidelines, completely unaffected and seized opportunities while their competitors were down.

Our regular maintenance plans can help protect your business against the next cyber-attack. Call us today on 08 8326 4364 or via email at support@dpcomputin g.com.au.

WannaCry Ransomware Explained: Is Your Business At Risk?

Posted on by


With all the media attention last week you would be hard-pressed to not of heard about the WannaCry cyber-attack. Businesses of all sizes and even hospitals and police departments found themselves crippled with out warning.

Here in Australia we looked to have missed a large part of the attack due to the time zone differences and the fact that a kill switch was found for the malware. We shouldn’t rely on these factors going forward though. This articles details what the malware is, why it caused so much damage and how to protect ourselves moving forward.

What is WannaCry?

The WannaCry cyber-attack was a type of malware (the collective name for malicious software which includes viruses, worms and spyware) called ‘ransomware’. Just like the name suggests, it actually demands money from the owners of the computers infected. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until payment is made –  in this case, the price was set at $300 payable with the internet currency Bitcoin (and you had 3 days to pay before it doubled). If you don’t pay the ransomware threatens to permanently delete all your files. It is not yet known how much money the WannaCry hackers have earned with their latest attack – but you can be sure that plenty of people have paid the ransom. Even the FBI recommends paying the ransom – especially if the ransomed files are of a sensitive nature or weren’t backed up.

How It Spread So Fast

WannaCry self-replicates and spreads. So far, no common trigger has been identified, as is normally the case with phishing links (a phishing attack needs to be activated – usually with a click). WannaCry moved rapidly from system to system, spreading out through the entire network, including all connected backups and storage devices. At the same time it infected other networks, who then spread it further and further. Given the nature of the internet it had spread widely within hours.

Why Some Businesses Were Safe

WannaCry took advantage of a specific vulnerability in Windows of which Microsoft patched months ago. Thus only systems that have fallen 2 months behind in their Windows updates were infected. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – which is no longer supported by Microsoft). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected as the virus literally had no way in

This outbreak shows the importance of staying up to date with security patches on your systems. We haven’t yet seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick Windows update could protect your business from weeks of downtime and lost revenue making attacks like this a non-issue.

With our regular maintenance plans we can make sure you stay up to date and protected. Give us a call today at 08 8326 4364 to discuss ways we can help your business stay safe.

Four Reasons To Use Anti-Spam Filtering In Your Business

Posted on by

Monitor screen showing spam in the mailbox

Remember the times when spam was obvious and unless you desperately needed a special blue pill they were easy to ignore and delete? The impact on your business was minimal as spam was just an annoyance rather than anything else. Unfortunately spam has now matured into an aggressive threat, marked by sophisticated attacks and rapidly evolving techniques. It is not just random electronic junk mail anymore and is putting a costly strain on your business resources.

How Spam Impacts Your Business

Hackers are now sending cleverly disguised emails to your business containing malware. Once clicked by an employee the malware can infect your computer system or steal your private data. The malware can spread across the entire computer network and beyond – including your clients and vendors. The fact that your employees must pause and examine every email adds hours of lost productivity. Some spam is so convincing that only an expert would be able to visually identify it. Employees are also more likely to miss an important email, either not seeing it arrive at the same time as a spam attack or becoming overwhelmed with the sheer number of emails.

How an Anti-Spam Filter Can Save Your Business

Spam emailEmail clients such as Outlook can perform basic filtering but to rely just on Outlook is not recommended. The best method is to implement a corporate grade filtering solution. Depending on whether you have an on premise or cloud based server an on premise or external filtering options are available. Even if you have an on premise mail server we recommend an external filtering option. An external option stops spam ever reaching your office saving precious bandwidth and server processing time.

Ways in which a spam filter will benefit your business includes:

  1. Block threats before they reach your inbox: The spam filter’s purpose is to block the spam from ever reaching your employees mailboxes. The threat is automatically identified and either held securely or immediately deleted. This is the best way to avoid activating any malware present in spam – as it’s so easy for you or an employee to click on a link in an email that seems authentic and / or important. The effects of that one click may be instantaneous or may lie hidden for months. Removing the email before it is in a users mailbox is a much safer option.
  2. Filter legitimate emails: Real mail needs to be able to stand out and avoid the trash. Anti-spam filtering has sophisticated recognition abilities which block spam only and allow real mail to land safely in mailboxes.
  3. Meet data regulations: Many businesses are subject to strict privacy and data storage regulations, some more so than others. To continue operation, they need to meet conditions including the use of spam filtering to reduce the risk of data breach.
  4. Protect your reputation: You can see how uncomfortable CEOs are when they go public to admit a breach. They must acknowledge that they failed to protect client data or that users may be infected with a virus. Not only do they then face financial loss but their business reputation takes a nosedive. Anti-spam filtering is a simple way to help reduce these types of scenarios.

Filtering has come a long way in recent years, with complex algorithms identifying and catching spam before it becomes a risk to your business. Real emails can now pass safely through without the classic catchcry of ‘check the spam folder’, and businesses can work with greater productivity and more safely than ever before. You need email, but you definitely don’t need spam or the chaos it can bring to your business.

We can block spam and keep your legitimate emails flowing. Call us at 08 8326 4364 or email

su*****@dp*********.au











 today!