Government Websites Compromised in Armenia

anti malware, Cyber Attack, Cyber Security, Hackers, malicious websites, Plugins, Security Threats, , , ,
07
Apr 2020

You would like to think that governments know a thing or two about cyber security. But a recent hack in Armenia has proved otherwise.

European security experts ESET have confirmed that numerous websites belonging to the Armenian government have been targeted and compromised by hackers.   The compromised websites have been infected with malware and pose a nasty security risk to visitors. It’s suspected that the hackers behind this attack are Turla, a Russian hacking group.

We’ve discussed malicious websites before, but this latest attack is a little different. Therefore, it’s crucial that you understand the unique methods behind the infection.

What’s the Story?

The suspected hackers have targeted several websites that come under the control of the Armenian government, but the same fingerprints have also been found on a few non-government websites. Regardless of which website is infected, the methods employed are the same. However, where this attack differs from normal is its selective nature. Rather than attacking every visitor that accesses the infected websites, the malware only targets high-ranking visitors. So, for example, a civilian visitor is likely to remain uninfected, but a government official will not be so lucky.

It’s intriguing that the malware is only interested in high-ranking officials and indicates that there could be a political angle to the attack. Speculation aside, what is known for certain is how the attack unfolds. Once a visitor has been established as ‘high-value’ a command-and-control server generates a malicious JavaScript code. This code is used to deliver a popup window prompting the user to download a Flash update. But while this does, in fact, install a genuine version of Flash, it also contains PyFlash. And this backdoor application allows hackers to gain full access to the infected PC.

How Do You Protect Yourself?

Naturally, the security risk of compromised government PCs is considered high. And, while it is unlikely to affect smaller organizations at present, the selective nature of the attack is troubling. Therefore, it’s important that you safeguard your business against similar attacks. This can be achieved by following these best practices:

  • Use Website Filters: One of the best ways to protect your organization from infected websites is by integrating website filters into your IT setup. These filters are backed up by huge databases, which are regularly updated, and will prevent your users from accessing websites considered a security risk. 
  • Prevent Software Installation: The majority of applications that your employees will want to install are likely to be genuine and safe. But, as with fake Flash updates, this is not always the case. And this is why it makes sense to enforce a complete blanket ban on unauthorized installs. Accordingly, any install requests should be submitted to an IT professional who can evaluate the risk of each proposition.
  • Block Popup Adverts: It’s rare that any PC user welcomes the appearance of a popup advert. And, with the risk of malicious popups so prevalent, it’s the last thing that an IT professional wants to see as well. Therefore, it makes sense to minimize this risk by installing a popup blocker. Not only will this reduce the risk of malware being installed, but it will also provide your PC users with an enhanced experience.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Windows Hit by New Enabler Malware

Cyber Security, malware, Ophtek, Security, Security Threats, , , ,
20
Aug 2019

Malware is well known for infecting systems and causing major problems from the second it’s executed. But certain strains of malware act as an enabler.

Security researchers have recently discovered one of these enablers and dubbed it SystemBC. It’s important to stress that SystemBC isn’t an immediate attack. However, it’s just as dangerous as your everyday malware. If not more dangerous. And this is why understanding how an enabler works is crucial for the security of your organization.

It’s always important, where PC security is concerned, to be proactive. So, to help you enhance your organization’s defenses, we’re going to run over the principles of the SystemBC malware.

What is the SystemBC Malware?

The simplest definition of SystemBC is that it enables other malware to unleash attacks. But how does it do this? The answer lies within SOCKS5 proxies. The average PC user will be unaware of what SOCKS5 proxies are, but this doesn’t mean they are impossible to understand. SOCKS5 is a method of internet communication that takes place between a client and a server. And it’s most commonly used in authorizing access to servers.

SystemBC takes advantage of these SOCKS5 proxies to overcome security systems and exploit vulnerabilities. The main method of exploitation is to illegally access a server and then install a command and control (C&C) server. With this C&C in place, SystemBC has the ability to cloak traffic and activity from other malware which can then spread outwards through the server.

How is SystemBC Distributed?

SystemBC has, at the time of writing, been discovered in both the Fallout and RIG exploit kits. These kits allow hackers to package together several different exploits in one product. These assorted exploits can work in synchronicity with each other or independently. And this makes them very dangerous. The Fallout and RIG exploit kits tend to focus on vulnerabilities in Flash and Internet Explorer, an approach which is exceptionally common when it comes to hacking.

Protecting Your Organization from SystemBC

The key to protecting your server from the threat of SystemBC is by being vigilant. Software patches remain the number one preventative measure when it comes to combating vulnerabilities. Software developers release these on a fairly regular basis, but also in emergencies when major vulnerabilities are discovered. And they need to be installed immediately. An exposed entry point to your network is a major threat to your security and plugging it is crucial.

One of the major problems facing organizations, in terms of IT security, is the use of legacy systems. These are systems which no longer receive support from their developers. If a vulnerability is discovered in such a system then it will remain there. It will not be resolved. Therefore, it’s vital that your organization regularly assesses the suitability of your PC systems for engaging with the internet. If a particular part of your network is no longer supported then it’s time to replace it. Otherwise you could soon find malware such as SystemBC making its home on your server.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

6 Reasons Why You Should Invest in Cyber Security

Cyber Attack, Cyber Security, Hackers, Hacking, malware, Ophtek, Password Security, PC Security, Secure Website, Security, Security Threats, , , ,
23
Jul 2019

Cyber-attacks are on the rise, so protecting your business has never been more important. But what exactly are the benefits of cyber security?

We all know about the need for firewalls and anti-virus software. They provide us with a layer of defense from the legions of hackers itching to access our data. Those who are new to the world of IT, however, are unlikely to know why they need cyber security. What can it deliver? Well, let’s run through six reasons why you should invest in cyber security:

  1. Protects Your Data: Businesses work with huge amounts of data in the 21st And, whether its employee or customer data, it’s going to be sensitive. This needs to be protected to prevent identity theft or financial damage. A professional approach to cyber security will reduce this threat and protect the integrity of you data. 
  1. Maintains Productivity: While the headlines regarding cyber-attacks always focus on data and costs, they fail to look at the impact on productivity. If, for example, a ransomware attack hits your network then critical files are going to be out of action. This means that your employees will be unable to work. And the impact that this can have on your organization’s productivity can be devastating. 
  1. Financial Damage: Cyber-attacks can hit a company where it hurts: the bank balance. Ransomware demands are, naturally, the most obvious cause of financial distress, but there are others. A drop in productivity can soon lead to a drop in sales which can significantly impact your revenue streams. And there’s also the chance that irreparable damage could be caused to your hardware resulting in the need for new purchases. 
  1. Protects Your Website: One of the cornerstones of a successful marketing strategy in the 21st century is a website. Whether it’s being used to promote your services or sell them it needs to be running 24/7. It’s a crucial communication channel, but it’s also one that’s regularly targeted by hackers. With the correct level of investment in cyber security you can limit the risk of it being compromised. This keeps your website running and ensures that your marketing strategies can run smoothly. 

  1. Keeps Malware Out: Malicious software, better known as malware, is the bane of all security professionals. Capable of causing massive damage to IT infrastructures, malware is a form of hacking which embraces subterfuge and results in untold problems for the victims. It can steal data, it can slow down systems and even set up attacks on other businesses. But if you invest in cyber security then then the chances of malware activating its payload is reduced. 
  1. Provides Customer Confidence: Consumers are wary of data security more than ever in the digital age. Therefore, inspiring trust in your IT systems is essential. If you can demonstrate that you’re working with professionals to protect your customers’ data then you can inspire this trust. Not only will you be able to protect your customer’s data, but you will enhance their loyalty to your brand.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Lowdown on Good Passwords and How They Work

Best Practices, Cyber Security, Ophtek, Password Security, Security, , ,
25
Jun 2019

We all use passwords on a daily basis, but do we know how they work? And how do you go about creating the best and most secure passwords?

Every day, in our home and business lives, we use an assortment of passwords to gain access to systems that are important to us. Entering passwords is such a regular occurrence that it soon becomes automatic. This regularity means that we pay little attention to the process. But we should. Passwords, after all, are what protect our data. And, in an age of huge data breaches, it needs protecting.

This protection can be enhanced with good passwords. For a good password to provide security, however, you need to understand how a password works.

What is a Password?

Passwords have been used since the dawn of time to gain access to secure areas. In ancient times, a visitor to a king’s palace would have gained access in exchange for a password. Fast forward several hundred years and very little has changed. Accessing a king’s palace may not be a major requirement in your life, but passwords are crucial in the digital age. Using a series of numbers, letters and symbols, a password helps you to gain access to computer networks, databases and social media.

How Does a Password Work?

It’s easy to enter passwords all day long, but understanding the process is another matter. What is it that allows a series of characters to grant you access to shielded content? Let’s take a look.

When you set up a password it’s not stored in the same form as it’s typed. Instead it’s stored as a hash. Using advanced cryptography, a hash takes your password and converts it into a number. These hashes tend to be 128 or 256 digits long depending on the encryption method. Either way they’re more complex than a 10-character password. These hashes are then stored in a file as a reference guide to verify the password entered. If the password matches the corresponding hash then access is approved. Otherwise, access is denied.

What Makes a Good Password?

Now you know how a password works you need to make sure you have a good password. The stronger your password is the less chance there is of a hack taking place. To strengthen your passwords make sure you:

  • Keep it Long: A longer password adds complexity. Hackers tend to target passwords through brute force attacks, so a longer password is more time consuming. Aim for around 15 characters as this isn’t too difficult to remember, but it also provides complexity.
  • Avoid Obvious Passwords: Many IT users go for simple passwords such as PASSWORD. And when that expires they add a number on the end. While these passwords are very easy to remember they’re as easy to guess. These types of passwords will be the first ones that hackers try. More often than not they’ll pay off. And that’s why you need to create a unique password.
  • Don’t Use Personal Information: Another common mistake with passwords is to use personal information such as your name or date of birth. This may feel unique, but it’s information that is researchable. Hackers are cunning and it won’t take them more than a few minutes to get this data. So, make sure that nothing contained within your password can be connected to yourself.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 4 5 6 7 8