State-sponsored hacking remains a serious problem for PC users around the world, and the latest headline grabber – with links to North Korea – is EarlyRAT. 

A remote access trojan (RAT) is nothing new in the world of cybercrime, with the earliest examples believed to have been released in the late 1980s. However, their impact has grown significantly over the last 30 years, and this means they need to be taken seriously. There’s a culture of evolution in the world of hacking and, as a result, new RATs are always more powerful than the previous generation. And that’s why the emergence of EarlyRAT has got so many IT professionals concerned. 

What is a Remote Access Trojan? 

You may not be familiar with the ins and outs of a RAT, so we’re going to take a second to explain what they are and why they are so dangerous. A RAT is a malicious software program designed to provide unauthorized remote access and control over a targeted PC. They tend to be disguised as genuine files – this is why RATs are often distributed through phishing emails – but are nothing short of digital chaos. 

Once installed, a RAT allows attackers to gain control of the victim’s computer, and this is all carried out remotely. This allows the threat actors to steal sensitive information, monitor user activity, execute commands, and even activate the webcam or microphone to carry out surveillance. All of these dangers put the victim at risk of data theft and further cyber-attacks. 

How Does EarlyRAT Work? 

EarlyRAT was first detected by security experts at Kaspersky, who were analyzing a hacking campaign from 2022. The attack was made possible due to a flaw discovered in Log4j, a Java library used to log error messages generated by applications. This vulnerability was exploited by the Andariel hacking group, a team believed to be sponsored by North Korea. Once Log4j had been compromised, Andariel was able to download malware to the victims’ PCs. 

Part of this initial attack also included a phishing campaign, and it was here that EarlyRAT was first detected. Phishing documents, once activated, would download EarlyRAT from servers well known for having connections to threat actors. EarlyRAT’s first objective was to start logging system information and, after this, it would begin downloading additional malware, affecting the productivity of infected machines and stealing user credentials. 

Keeping Safe from EarlyRAT 

It’s important that you protect your IT infrastructure and your data, so staying one step ahead of threats like EarlyRAT is vital. To achieve this, make sure you always practice the following: 

  • Identify malicious websites: a large number of RATs are located on malicious websites, so it’s important that you know how to spot one of these. With this knowledge at your disposal, you will be able to not only identify a malicious website, but you’ll be able to realize a link is malicious before you even click it. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More


At the start of March 2023, a new National Cybersecurity Strategy was launched by the Biden administration. And it promises big things. 

The previous National Cybersecurity Strategy was released by the Trump administration in 2018. However, since then, the world and the internet has changed significantly. An updated strategy makes sense. But what exactly does it seek to change about the way in which we access and navigate our way through the internet? Well, for one thing, it starts by stating that the Biden administration will be investing $65 million in order to provide every American with access to high-speed internet. 

In terms of cybersecurity, however, the 2023 strategy tackles a much broader range of problems

The Ins and Outs of the 2023 National Cybersecurity Strategy 

The paper which outlines the 2023 National Cybersecurity Strategy is 35 pages long. It’s also a complex read. But this doesn’t mean the main takeaways are exclusive to high-level IT experts. This is why we’ve decided to help you by breaking down the five pillars that the paper covers: 

  1. One of the major priorities of the 2023 strategy is to secure our critical infrastructures. This means that essential systems and networks – such as energy grids and water supply systems – are at risk from cyberattacks. And, just imagine, if a group of threat actors disrupted power supplies, it would result in a major catastrophe. Therefore, the Biden administration is aiming to foster collaboration between government agencies and other stakeholders to identify and protect against any vulnerabilities. 
  1. Strengthening our cyber defenses and disrupting threat actors has been identified as a major area for the 2023 strategy to cover. This involves developing strong cybersecurity policies, ones which can quickly detect and respond to cyber-attacks. Once developed, these policies need to be implemented as seamlessly as possible to protect our networks. Naturally, investment in technology and skilled staff will feature heavily in the success of this second pillar. 
  1. The third pillar of the new National Cybersecurity Strategy seeks to make market forces drive security and resilience. This means that companies which own personal data will be expected to develop more secure storage systems, and existing laws will be updated to protect users against the risk of software vulnerabilities. The aim of this pillar is to ensure that developers need to foster higher standards of care. The result will be a safer digital landscape. 
  1. Investment is crucial in any area seeking to make improvements, and the internet always needs improvements. Accordingly, the Biden administration is seeking to improve three key areas: computing technology, clean energy technology and biotechnology/biomanufacturing. This pillar is also concerned with strengthening the US cyber workforce through enhanced education and digital awareness. 
  1. The final pillar in the 2023 strategy focusses on the importance of international partnerships to pursue shared goals. After all, the US alone cannot stop the rise of cybercrime. Common threats need to be addressed by sharing resources and pooling knowledge. The end objective is to deliver higher levels of assurance that digital systems and platforms are safe and secure. 

The latest National Cybersecurity Strategy continues the excellent foundations put in place over the last two decades. It’s a responsible step for the Biden administration to take and, at the very least, will provide peace of mind that the internet remains, on the whole, safe to use. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More



Cyber-crime remains a major threat to any organization that works with IT, but the basics of IT security are often the best way to counter this threat.

It’s difficult to avoid the fact that cyber-attacks are reaching record levels. IT systems are less secure than ever and need protecting. And that’s where your organization needs to take up the baton. Protecting these systems may sound like a monumental task, but it’s a lot easier than you think. Key to success is following the basics of IT security. The simplicity behind these processes is remarkable and can make a significant difference.

It’s crucial that you know what these are, so let’s take a look at the very basics of good IT security

Understanding the Basics

The complexity of IT systems often means they’re difficult to work with. And from this complexity comes flaws in security. The good thing is that IT security doesn’t have to be difficult. The best way you can help protect your IT system is by following these basics:

  • IT Inductions: You should never assume that new employees have a solid understanding of IT security. And that’s why your staff should always have to complete an IT induction. Not only will this familiarize them with the technology you use, but it allows you to run through the basics of cyber threats. This knowledge can make a real difference in strengthening your defenses. 
  • Disable USB Ports: The level of damage that USB devices can cause is shocking and unbelievable. Your employees are unlikely to be aware of this threat. To them, a USB port is simply a handy device for charging their mobile device. The truth is much different. This threat can be extinguished by disabling the USB ports. This can be achieved by adjusting the USB settings for your employees. 
  • Use Antivirus Software: It may feel like a simplistic step in IT security but antivirus software remains essential. Good antivirus software can recognize malware within milliseconds and flag it. A manual scan will never be able to match this. And your employees wouldn’t know what they were looking for. The vast databases in use and the speed in which they operate ensures that antivirus software is a must have in business. 
  • Assign Privileges Accordingly: Different employees will need different network privileges. These variations arise from the different tasks they perform within your IT system. Certain departments, for example, will need access to one drive whilst another department will not. Understanding these differences is critical. Once the necessary privileges have been identified then you can minimize the risk of cyber-attacks spreading through the entire system.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


USB flash drives have been in use for two decades now and have proven highly popular due to their accessibility, but do you know how dangerous they can be?

Perfect for people on the move, flash drives allow people to carry data with them and, if necessary, they can be used to boot up PCs. As a result, even 20 years on from their initial launch, millions upon millions of flash drives are sold every year. However, this popularity has made them a target for hackers and allowed them to add yet another weapon to their arsenal.

Due to the debilitating effect that a rogue flash drive can have on your organization, we’re going to run through the dangers of USB flash drives.

Understanding the Danger

As we’ve already stated, USB flash drives can be used by hackers to help spread their chaotic attacks and that’s why you need to be aware of exactly how they do this. Here are some of the major ways they can utilize flash drives in their attacks:

  • Installing Malware: A USB flash drive is more than capable of holding various strains of the most dangerous malware currently available. Naturally, it only takes one of these to take down your IT infrastructure, so you need to be exceptionally careful when plugging a flash drive into your network. This threat is made much worse by the fact that flash drives are capable of automatically running their contents once plugged into a USB port, so proceeding with caution (and the advice of an IT professional) is crucial. 
  • Stealing Data: Although a flash drive may look insignificant, it’s still capable of running applications that can log keystrokes. While this may sound relatively simple, when you look a little deeper you’ll realize that this means everything you type is recorded. This includes login details, secure communications and customer data. This can either be saved back to the flash drive or transmitted to a remote server. Either way, the impact of data theft can have severe ramifications for your organization. 
  • Malicious Damage: Not every hacker is out to steal data or take over the processing power of your PC, but you can rest assured that they want to cause some form of damage to your business. And, sometimes, this can be as simple as damaging your PCs beyond all repair. Achieving this may sound dramatic, but the means are rather simple. It’s possible to buy devices such as the USB Killer which essentially fry the electrics of any PC it’s plugged into.

 

Are USB Flash Drives Safe to Use?

You’d be forgiven for thinking that flash drives are to be avoided at all costs, but the truth is that they are safe to use. However, it’s important that you always treat them as a potential security risk. Therefore, make sure that you only ever use trusted flash drives and, ideally, get these checked before installing them to your network. And, most importantly, if you find a flash drive out in the car park, make sure that it never goes anywhere near your network!

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More