British Snacks in Short Supply Due to Ransomware Attack

anti malware, Backup Strategies, Employee Training, Ophtek, PC Security, PC Training, Ransomware, , , , ,
22
Feb 2022

British shoppers have been warned to expect some of their favorite snacks to be in short supply following a ransomware attack on a major manufacturer.

KP Snacks has been producing snacks in Britain since the 1850s, but this production has recently run into a major obstacle: ransomware. Cyber criminals have successfully launched a ransomware attack on KP Snacks, and its effects are running deep. Due to the impact of the ransomware on their IT infrastructures, KP Snacks has had to advise stores that delays in production are expected. As a result, British shoppers are likely to be facing empty shelves when they head out to pick up their favorite snacks.

Snack food may not be crucial to society, but the impacts of this hack demonstrate why organizations need to remain vigilant.

The Story Behind the Snack Attack

Following an unexplained outage of their IT systems, KP Snacks investigated and discovered that they had fallen victim to a strain of ransomware. The exact details of the ransomware in question has not, as of yet, been disclosed. However, rumors are circulating that the attack was launched by the WizardSpider group, a gang of hackers who attacked the Irish health service in 2021. It’s alleged, according to leaked sources, that KP Snacks was given five days to pay a ransom fee, but clarification on this is lacking.

The response of KP Snacks has been to launch a defensive strike against the attack. Being a major organization, the snack makers had a cybersecurity response plan which was quickly put into action. Third-party security experts have also been drafted in to complete a forensic analysis of the firm’s IT infrastructure. Nonetheless, the disruption to productivity has hit KP Snacks hard. As well as their IT systems being compromised, their communications systems have been hit equally hard. In modern business, these two elements are essential for operating and, as a result, supply shortages are expected.

Protecting Yourself Against Ransomware

While a shortage of snacks may sound like a mild inconvenience, this is only the tip of the iceberg. Not only is there a financial risk for KP Snacks, but the company’s employees can also expect financial ramifications e.g. delayed payments due to compromised IT systems and even the threat of redundancy. Naturally, this is a situation that no organization wants to find itself in, so make sure you always follow this advice:

  • Always Backup: the main impact of ransomware is that it encrypts files before demanding a ransom fee to decrypt them. However, you can minimize the impact of this effect by ensuring you have a strong backup strategy in place. This will provide you with access to your data and provide you with business continuity.
  • User Training: ransomware can be activated in a number of different ways such as infected emails, malicious links and running outdated software. Thankfully, shutting these attack routes down is relatively easy with the correct training. Therefore, regular staff training is vital when it comes to securing your IT defenses.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

A Fake Windows 11 Upgrade Site is Spreading Malware

official upgrades, Ophtek, redline stealer, Suspicious links, upgrade software, Windows 11, , , , ,
15
Feb 2022

Windows 11 is Microsoft’s latest operating system and PC users should download it as soon as possible. But how do you know your download is legitimate?

Over the last few months, users of Windows 10 will have been prompted to upgrade their operating system to Windows 11. As the upgrade is free, it makes sense to take advantage of this. Not only are there new features and functionality, but there is also an enhanced level of security when running Windows 11. However, not everyone has taken the step of downloading and installing this new version of Windows. As a result of this hesitance, hackers have decided to throw their hat into the ring by setting up a malicious website which promises Windows 11, but delivers malware.

Malicious Promises

The malicious website at the center of the story was ‘windows-upgraded.com’ and, thankfully, it has now been deactivated. Nonetheless, it was live for some time and had the capacity to cause damage to any IT systems it managed to infect. Therefore, we’re going to look at how it operated and the tell-tale signs you need to look for.

By creating a genuine looking website, which used Microsoft’s trademark presentation style, the hackers were able to convince visitors that it was legitimate. A large “download now” button was prominently placed and, when clicked, it would appear to be downloading the Windows 11 upgrade files. However, while the file being downloaded was named ‘Windows11InstallationAssistant.exe’, the true identity of the download was very different.

Visitors who had gone through with the download would actually be downloading a malware tool known as RedLine Stealer. This piece of malware is a classic data thief and, as such, targets sensitive data including login credentials, credit card details and cryptocurrency data. All three of these data types have the potential to cause major damage when they fall into the wrong hands, so the ‘windows-upgraded’ website was considered a significant threat.

The link to this website was spread by several different campaigns. Spam emails, forum posts and instant messaging systems were all used to point potential victims towards ‘windows-upgraded.com’ and, as with all malware campaigns, the hackers knew that a small percentage would click the infected links without investigating further.

Protecting Your PC from Malicious Websites

Although the ‘windows-upgraded.com’ website has now been closed, it’s likely that similar websites will soon be set up to replace it. And, again, people will fall victim to it. But you don’t have to see the security of your data be compromised. By following the advice below, you should be able to remain safe:

  • Always Use Official Upgrades: if, for example, you are upgrading a Microsoft product, you need to make sure it’s an official upgrade. A new version of Windows will only be available through an official Microsoft website or the ‘check for updates’ section of Windows. Other sources may look genuine, but it’s likely their offerings are far from legitimate.
  • Check Suspicious Links: all links need to be double checked to make sure they are genuine. While a link may look as though it’s taking you, for example, to an official Microsoft website, the data contained within that link may be sending you somewhere else. But, if you hover your mouse cursor over a link, a popup window will display the true location of the link. Alternatively, if you are suspicious of a link, you can always copy and paste it into a Google search to identify any stories relating to its security credentials.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Windows Update Being Used to Deliver Malware

anti malware, Lazarus, Ophtek, Security, spear phishing, Updates, , , , ,
08
Feb 2022

Updates are crucial for protecting your PC, so Windows Update is a useful ally in this objective. But what happens when it starts downloading malware?

News has emerged that hackers have exploited the Windows Update system to execute malicious code on users’ PCs. It’s an attack which is typical of hackers as it’s innovative, deceptive and dangerous. Currently, the perpetrators of the attack appear to be Lazarus, a hacking group who are backed by North Korea. Dozens of cyberattacks have been attributed to Lazarus – such as the ThreatNeedle hack – over the last decade, so it should come as no surprise that this latest attack is a serious threat.

At Ophtek, we’ve always advised you that updates are the best way to protect your PC. And this remains the case. However, this exploit of the Windows Update service provides a cautionary tale, so we’re going to take a closer look at it.

Why is Windows Update Downloading Malware?

Lazarus have chosen the Windows Update client as a facilitator in its attack as it’s a highly trusted piece of software. After all, the main consensus of updates is that they protect your PC, so why suspect Windows Update of anything else? However, it’s this type of assumption which leads to threats developing.

This latest attack employs a spear-phishing technique which uses infected Microsoft Word documents, these false email attachments claim to be offering job opportunities at the aerospace firm Lockheed Johnson. However, far from containing opportunities for the recipients, these infected documents only contain opportunities for Lazarus. Once the Word documents are opened, users are prompted to activate macros. And this allows Lazarus to automatically install a fake Windows Update link in the PCs startup folder as well as downloading a malicious .dll file.

This Windows Update link is then used to load the malicious .dll through the Windows Update client. The hackers use this approach as it’s innovative and won’t get picked up by anti-malware tools. Lazarus are then free to download as much malware as they like onto the infected PC.

How to Protect Your PCs Against this Threat

You may think that the simplest way to protect yourself is by turning off Windows Update, but we do not recommend this. The best approach involves ensuring that Windows Update can’t be exploited by Lazarus’ attack methods. And this requires you to understand the techniques involved in spear-phishing, so make sure you practice the following:

  • Awareness: the most important step you can take in tackling spear-phishing is by introducing awareness to your employees. Make sure that regular training is provided to educate your staff on what spear-phishing is and the ways in which it can manifest itself on a PC.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Windows 11 Is Here and There Are Plenty of Changes

Microsoft, Microsoft 365, Ophtek, power automate, Security, teams, upgrade, upgrade software, widgets, Windows 11, Windows Task Scheduler, , , , , , , ,
01
Feb 2022

The latest version of Microsoft’s operating system Windows has now been rolled out; and Windows 11 comes with plenty of changes for PC users.

Windows 10 was released in 2015 and, since then, there have been many changes in IT. While Windows 10 is still more than capable of dealing with modern IT, there always comes a point where an overhaul is needed. And this is why Windows 11 has been released. It’s available as a free upgrade to anyone currently running Windows 10 and contains both updated applications and functionality.

Upgrading to a new operating system has always represented a major shift in the way that PCs operate, so it’s important to understand what happens when you hit that ‘install’ button.

Why Are Upgrades Necessary?

Taking advantage of operating system upgrades allows you to harness numerous benefits. Firstly, an older operating system is always up against a ticking clock of being discontinued. Once support has been discontinued, an older operating system is more at risk of security threats. Secondly, new operating systems are better positioned to cope with the demands of modern IT. Therefore, installing an upgraded version ensures you have a better user experience.

What’s Changed with Windows 11?

As with all previous upgrades on Windows, there are a significant number of changes. Many of these are unlikely to be noticed by your average PC user, but others will be more obvious. The most important changes are:

  • Microsoft Teams: during the Covid-19 pandemic, Microsoft Teams became a valuable tool for employees to communicate through. But it had never been an in-built part of the Windows operating system. Starting with Windows 11, however, it is now included by default.
  • Power Automate: Windows 11 has a new feature called Power Automate which allows PC users to program ‘flows’ which create automated tasks such as notifying team members when new files are added to a specific location.
  • Widgets: the interface of Windows 11 now allows you to harness the power of widgets, a type of software which has been common on mobile devices for some time. These new desktop widgets allow you to install widgets which provide information “at a glance” on a slide-out menu such as calendar updates.
  • Security: one of the major security features of Windows 11 is that it will only run on new machines. Therefore, if your hardware is starting to look even slightly old, it’s unlikely Windows 11 will run on it. This means that Microsoft is setting a strong baseline to ensure PCs running Windows 11 are as up to date as possible. Built on top of this security foundation are several background security processes including updated stack protection and enhanced bootup security.
  • Interface Design: the most notable changes in Windows 11 relate to the visual aesthetics of the interface. The start menu has been overhauled to provide quicker access to the apps you need, notifications are now grouped together to make accessing them quicker and File Explorer has been redesigned to look smarter and more intuitive.

Final Thoughts

Installing updated software is always recommended to ensure your PC is running with the best protection and functionality. And upgrading to Windows 11 is no different. It’s an essential upgrade and one which, although certain features will require some adjustment time, will provide you with enhanced productivity and a smoother user experience.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More