Ransomware continues to cause chaos for organizations with the latest story to hit the news concerning a Scottish brewery infected by the Dharma ransomware.

While it has been reported that ransomware attacks have fallen by 30% in the last 12 months, the fact remains that they’re still capable of causing significant disruption. In the case of the Arran Brewery on the Isle of Arran, Scotland, the organization had to accept that they would lose around three months’ worth of sales data due to the effects of the attack. This, of course, is the last thing that any business wants and acts as a fine reminder that we need to be on guard against ransomware.

To help provide a little background and demonstrate how the attack unfolded, we’re going to take a closer look at what happened.

Attacking the Brewery

What’s most interesting about the attack on the Arran Brewery is that it would appear the attackers deliberately targeted the brewery. Instead of a scattershot approach which targeted multiple organizations, the hackers focus was clearly on the Arran Brewery. Just before the attack, multiple adverts for a job at the Arran Brewery (which had already been filled) appeared on recruitment sites all over the globe. Naturally, the brewery received a sharp increase in the number of CVs being emailed in but, unfortunately, one of the emails contained a malicious payload.

The payload was contained with a PDF attachment which, when opened, initiated the attack and infected the entire network. Following the encryption of the Arran Brewery’s files, a ransom demand was issued which advised that the encryption keys would only be released in exchange for 2 bitcoin (roughly $14,000). Thankfully, an IT consultant was able to retrieve a significant amount of the encrypted data from backups and rid the system of the infection. However, certain files couldn’t be restored and, due to it not being economically viable to pay the ransom, the Arran Brewery decided to write off three months’ worth of sales data.

What is Dharma?

Dharma is a strain of ransomware which was first released in 2016 and has regularly been updated ever since due to the emergence of Dharma decryptors. In September 2018, for example, three new variants emerged which are resistant to previous decryptors. When files are encrypted by Dharma they will automatically append a new file extension onto the existing file and these extensions can include:

  • .dharma
  • .cesar
  • .onion
  • .wallet
  • .zzzzz

Final Thoughts

If anything acts as a reminder that organizations need to be vigilant against ransomware then it’s a current and contemporary threat. Dharma could easily hit your organization next, so you need to ask yourself whether you can afford to lose three months’ worth of data. I’ll let you into a little secret: no one wants to lose three months’ worth of data. Therefore, it’s crucial that you reiterate the importance of email security to your employees in order to maintain access to all your data at all times.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Thanks to the power of social engineering, phishing remains a powerful method of hacking organizations. Reducing this risk, therefore, is crucial.

Phishing has been active since the early days of the internet and, unfortunately, it doesn’t appear to be going anywhere soon. Thankfully, you don’t have to fall victim to these deceptive attacks as there is plenty that any organization can do to protect its data. And, don’t worry, it doesn’t involve investing millions in state of the art technology. All it takes is a little bit of common sense and an understanding of how phishing attacks work.

To get you started we’re going to show you how to reduce the risk of phishing attacks.

Antivirus Software is Key

One of the best ways to reduce phishing emails is by working with antivirus software. Capable of scanning attachments and analyzing links contained within emails, a good antivirus software can easily target the two main ways that phishing attacks unleash their payload. However, as with all software, it’s important that you update it regularly and install updates immediately. Phishing attacks can spread round the world very quickly, so you need to stay one step ahead of them.

Keep Up to Date with Phishing Attacks

Hackers are constantly developing their techniques and tweaking their methods, so it’s vital that you keep an eye on what’s happening in the world of phishing. New attack methods can be launched very quickly and be in your inbox within a day, so make sure that you’re regularly monitoring IT news sources to prepare yourself for any incoming threats.

Educate Your Employees

The main targets of any phishing attack against your organization will be your employees, so they have to be educated in order to prevent any data breaches. The basics of phishing are relatively simple, so the training doesn’t need to be too in-depth. All you have to do is ensure that these basics are hammered home so that employees know how to spot a phishing email and how to deal with it.

Practice Phishing Attacks

A popular method for reducing the risk of phishing attacks is by running regular exercises to test your employees. For example, fake phishing emails can be randomly emailed to your employees that test whether they are susceptible to phishing scams or not. Usually, these emails will contain a fake link that urges them to complete something on behalf of the company – such as IT training – but the actual URL contained will be a ‘malicious’ one. Those employees that fail to spot the ‘malicious’ link can then be asked to take a refresher training course.

Combine All Your Preventative Methods

The key to reducing the risk of phishing attacks is by combining all of the above into one multi-faceted security approach. An amazing antivirus software solution, for example, isn’t effective enough on its own. Instead, you need a firm knowledge of the phishing landscape, amazing employee training and regular tests to guarantee that you can tackle phishing on all fronts.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


You’ve read the headlines and you may even have been a victim of phishing, but what is it and how does it work?

Phishing is a highly dangerous form of hacking which can compromise sensitive data and cause significant disruption to the running of a business. One of the main reasons that phishing has become such a successful method of wreaking digital havoc is down to a lack of knowledge on the behalf of PC users. While phishing is far from the most complex hacking technique, the average PC user is unlikely to know the ins and outs of phishing.

As we know that time and productivity is a valuable asset for your organization, we’re going to take a look at the basics of how phishing works.

What is Phishing?

Let’s get one thing straight, phishing is nothing like sitting by a lake and peacefully fishing. In fact, it’s far from enjoyable, but there is one element that remains the same. And that’s the use of bait. You see, phishing thrives upon the use of bait to obtain information out of an innocent party. The most common way to phish, in the digital landscape, is through an email. And, within this email, will be a piece of bait with which the hackers plan to land a prize catch.

Leaving the world of fishing behind, a phishing email is one which uses a number of deceptive techniques to extract sensitive data such as login details, bank details or even secure data such as customer database spreadsheets etc. Essentially, phishing is one big con and, as with all cons, gaining the trust of the victim is crucial to success. That’s why hackers are so keen to appear genuine when they send their phishing emails.

The classic example of a phishing email is one that claims to have been sent from a bank to verify your login details. A scare tactic will usually be employed, such as a report of unusual activity on the account, in order to encourage a swift response which foregoes any rational thought. A link will be included in the email which the user is advised to click in order to go through a series of security checks. However, clicking this link will take you to a malicious website – even if it looks genuine – where your data will be harvested to help fuel identity theft or, in extreme cases, a loss of funds.

Why Does Phishing Work?

You may be wondering why people fall for phishing scams and the simple truth is that it’s down to a lack of concentration and analysis. Phishing takes advantage of these weaknesses on both individuals and security software. By planting a seed of trust, such as promising to safeguard your personal data, the hacker can, in fact, do the complete opposite and use this trust to harm you.

Key to successful phishing emails is the use of social engineering to convince recipients that the emails are genuine. Phishing emails will be packed full of official company logos and it’s even possible for hackers to spoof official email addresses in the From: section of an email. And, for people busy at work, it’s easy for them to take their eye off the ball for just a fraction of a second. As a result, links are clicked that shouldn’t be clicked and hackers land their prize catch.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Phishing is now so prevalent and sophisticated that even the biggest organizations on the planet are likely to be duped by phishing scams.

Immunity from such attacks is a difficult privilege to secure, so any organization that wants to remain productive needs to understand the threats out there. While you would expect most phishing attacks to target smaller, less secure organizations, this couldn’t be further from the truth. Instead, many hackers are taking on high profile organizations due to the challenge on offer and the publicity that such attacks bring.

Understanding how these businesses have been phished is crucial as it helps you to understand exactly why you need good security. To provide you with a foundation of knowledge, we’re going to look at some high profile organizations that have been phished.

Facebook and Google

Two of the biggest names in business on the planet, Facebook and Google found themselves at the center of the same phishing scam a couple of years ago.

Evaldas Rimasauskas, from Lithuania, used a simple phishing campaign whereby he posed as the head of a Taiwanese parts manufacturer called Quanta. Key to this scam was that Facebook and Google both used the genuine Quanta company to conduct business with. Through a combination of compromised emails, forged invoices and a lack of suspicion on the two tech giants’ behalf, around $100 million was paid out to Rimasauskas between 2013 – 2015.

Anthem

Anthem is one of the largest health insurance companies in the US and, as you can imagine, they hold a substantial amount of private and confidential data. However, in 2014 they lost nearly 78.8 million consumer records due to a phishing attack.

It’s believed that a foreign government was behind the attack, but the method employed was still ridiculously straightforward. An employee at an Anthem subsidiary opened a phishing email which allowed malicious content to be downloaded to the employee’s PC. Once these files were executed, hackers were able to take control of the PC by remote access and start making their way deep into the Anthem network. One of the sections that were of most interest was Anthem’s data warehouse where the hackers had access to customers’ medical histories, social security numbers and address details.

Snapchat

The popular social media app Snapchat found one of its employees being targeted by a spear phishing scam in 2016 which compromised confidential data.

A seemingly innocuous email was sent to Snapchat’s payroll department in February 2016 which claimed to have been written by the company’s CEO. The email requested that employee payroll information was forwarded on for internal reference. Unfortunately, one of the payroll employees did not realize this was a less than genuine request. A significant amount of personal information about former and current employees was then emailed to an external party. Due to the nature of the data obtained, hackers then had the potential to use it to engineer identity theft.

RSA Security

Even IT security companies aren’t safe from the threat of phishing emails as RSA security discovered back in 2011.

Hackers designed two separate emails which were sent to four employees at RSA’s parent company EMC. The emails, which appeared to be from a recruitment website, contained an attachment referred to as ‘2011 Recruitment plan.xls” in the email’s subject line. However, this was a malicious attachment and, upon clicking it, a zero-day vulnerability in Adobe Flash would be exploited and lead to the download of a backdoor virus onto the user’s PC. The hackers were then able to access RSA’s network where they had access to 44 million employee records.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Phishing is big business for hackers and you can rest assured that it’s a niche they’re keen to exploit, but how do you know when you’re being phished?

Kaspersky Lab reported around 246 million phishing attempts being executed in 2017, so it’s fairly clear that phishing is taking place on a monumental scale. And, to provide a little perspective, those 246 million phishing attempts are only the ones that were picked up by Kaspersky’s software. If you factor in all the other security providers’ data then you’re left with a staggering amount.

Phishing, therefore, is something that you’re likely to encounter and, the truth is, your organization is likely to receive a significant number of phishing emails every day. Thankfully, protecting your business from the dangers of phishing emails is relatively easy. And, to help boost your defenses, we’re going to show you four ways to tell if you’re being phished.

1.  Analyze the Email Address

While it’s straightforward to mask an email address with a false one, many hackers simply don’t bother. And that’s why you’re likely to find that most phishing emails are sent from unusual email addresses. Say, for example, you receive an email from your bank asking you to provide sensitive information regarding your account, it’s not going to come from a Hotmail address, is it? However, many people fail to check the sender’s email address and, instead, become distracted by the seemingly genuine contents.

2.  How’s the Grammar?

A tell-tale sign of a phishing email is poor grammar and even worse spelling. Hackers, after all, aren’t too bothered about honing their command of the written word. All they want to do is hack and hack big. Accordingly, their emails will fail to contain the type of language you would expect to receive from a work colleague or another organization. So, remember: if they can’t spell your name in their opening introduction then you should be highly suspicious.

3.  Did You Ask For Those Attachments?

Hackers love to catch their victims out with attachments that contain a nasty payload, so any attachments should always be treated with caution. Sometimes these attachments can be easily identified as malicious, but it’s not always simple. First of all, ask yourself whether the attachment is relevant to your job. If you work in the service department and you’ve been sent a spreadsheet relating to company finances then there’s no need for you to open it. Secondly, keep an eye out for file extensions you don’t recognize as opening these could easily lead to executing malware.

4.  Deceptive Links

One of the main objectives of a phishing email is to take the recipient away from the security of their PC and onto dangerous websites which are riddled with malware. And the best way they can do this is through the use of a deceptive link. While a link may look genuine on the surface, it can easily direct you somewhere else altogether. The best way to verify a link’s true destination is by hovering your mouse cursor over the link to reveal the true URL address.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More