“Every case involving cybercrime that I’ve been involved in, I’ve never found a master criminal sitting somewhere in Russia or Hong Kong or Beijing. It always ends up that somebody at the company did something they weren’t supposed to do. They read an email, went to a website they weren’t supposed to” (Frank Abagnale, security consultant and ex-conman, inspiration for the film “Catch Me If You Can”)
Cybercrime is always in the news these days, mainly because more and more companies are affected by it. Lately, ransomeware has been the preferred weapon of scammers.
How does it work?
Typically, one of your employees gets an email with an attachment and as soon as the attachment is opened ransomeware begins encrypting files and shuts down your computer systems or a crucial part of your business. Emails aren’t the only threat – increasingly, infected popups and links to fake websites are being used.
You then receive a ransom email demanding payment in either Bitcoins or via an EFT within 48 hours. If the amount is not paid immediately, then the amounts are escalated by the cyber criminals. As regards the quantum of the ransom, in two recent cases for example R25,000 was demanded. Sometimes a nominal payment will be requested at first, followed by further (and larger) demands once you pay up.
When the ransom is paid you are supposedly given passwords to restore your computer operations. In many cases however you are not given passwords even after you cough up the cash, and you are then open to continuing extortion – making it inadvisable to pay the ransom.
Businesses have responded to this by instructing all staff to delete any unfamiliar emails that contained attachments. In response, cyber criminals upped the ante by getting profiles of senior executives and sending “management emails” to staff instructing them to follow what is contained in the attachment. Thinking the email came from a senior executive, the staff member would open the attachment. Immediately, the ransomeware kicks in …..
Don’t risk disaster: How to protect your business
Using up-to-date anti-virus software with a firewall is a must and many businesses have encrypted their sensitive information. Educate and instruct staff not to open links in emails or email attachments, not to visit suspicious websites, to keep anti-virus software fully updated, and to disconnect from the Internet immediately if anything suspicious happens. There are also reports of scammers using popups so make sure everyone uses a reliable popup blocker. Circulate the FBI’s latest 8 point protection list in “FBI Warns the Public About Ransomware Internet Scam” on their website https://www.fbi.gov/sanjuan/press-releases/2016/fbi-warns-the-public-about-ransomware-internet-scam.
Most important is to do daily backups. If you get infected then the most you can lose is a day’s worth of transactions which can be quickly re-captured. In the above cases where R25,000 was demanded by cyber criminals, the businesses used backups to restore their systems and didn’t pay ransom.
Be vigilant, back up and use the latest antivirus software. Remember, technology keeps changing and so will cyber criminals.