Ransomware has been causing trouble for businesses for many years, so it’s clearly a form of hacking which needs greater understanding to avoid its wrath.

The name ransomware sounds a little threatening and, as with all hacks, it’s hardly the friendliest of exchanges. However, whilst most forms of malware – which ransomware is a strain of – tend to disrupt day to day operations of your IT equipment by either stealing data or putting a strain on your network through DDoS attacks, ransomware is different. Not only does it disrupt your IT operations, but it also delivers a financial threat to your organization.

Due to the double whammy contained within ransomware, it’s crucial that you understand the basics of ransomware, so let’s take a quick look.

What is Ransomware?

Believe it or not, but the very first recorded ransomware attack dates back to 1989 when a hacker was able to hide the files of an infected PC on its hard drive and encrypt the file names. And, to be honest, modern day ransomware still operates in a similar, if not more sophisticated, manner.

Ransomware is a form of malware which, when executed on a user’s PC, is able to take over the victim’s system and encrypt their files. Naturally, files are essential for any organization to operate efficiently and to their maximum productivity, so this is clearly a very debilitating attack. However, to add insult to injury, the hackers then demand a ransom fee to release a key which can decrypt the files and return them to a usable state.

How is Ransomware Executed?

The most common method employed by hackers to execute ransomware on a user’s PC is through phishing emails. These emails, which appear to be genuine, are highly deceptive methods of communication which convince the recipients that they need to open an attachment bundled with the email. However, these attachments are far from genuine and the most likely result of clicking them is that malicious software such as ransomware will be executed.

How Can You Combat Ransomware?

With the average ransom fee demanded by ransomware totaling around $12,000, it’s clearly an irritation that your organization can do without. Thankfully, there are a number of actions you can take to protect your business:

  • Regularly Backup Your Data: As long as your data is regularly backed up, there should be no need to pay the ransom fee. With a comprehensive backup route in place you will be able to easily retrieve your files from an earlier restore point when they weren’t encrypted. 
  • Work with Anti-Malware Software: Most ransomware can be detected by anti-malware software, so it stands to reason that installing this software should make a significant difference to your defenses. Updating this software as soon as any patches or upgrades become available, of course, should be made a priority as it could make a real difference to falling victim to newly released ransomware. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


The Internet of Things (IoT) has revolutionized the way we connect and interact with physical devices, but is this new technology as secure as it should be?

Clearly, with around 26 billion associated devices estimated to be in use during 2019, the IoT needs to be secure due to the amount of data being transmitted. However, as the IoT is a relatively recent phenomenon, it’s no surprise that so many headlines are warning against the dangers of this technology. Naturally, this kind of scenario can cause concern for organizations that are looking to get on board with the numerous IoT benefits on offer, but should you really be worried about the security risk?

What is the Internet of Things?

The basic premise of the IoT is a lot simpler than you would imagine: using internet connections, physical devices can communicate with one another while also being remotely controlled and maintained. So, for example, if you want to control the lighting in your office, you could use a remote application to adjust the lighting from, if necessary, from anywhere in the world. And all you need is an active internet connection for the app to connect to the device.

What are the Safety Risks of IoT Devices?

As we’ve mentioned, there are certain dangers attributed to IoT devices that can seriously threaten the security of your devices and any data transmitted by them. Some of the more pressing risks include:

  • Default Login Credentials: Many IoT devices are sent out with default login credentials, so this means that the username and password details will be exactly the same for every single one of those devices sold. And it doesn’t take long for hackers to begin sharing details of this vulnerability with their fellow hackers. Accordingly, changing default login credentials to a more unique configuration should be the first thing you do before connecting such a device to your networks.
  • Unnecessary Features: Sometimes, IoT devices are packed with a wide range of features that are completely unnecessary for your organization’s needs. The most common example of this is the option of remote access which, for many in-house IoT devices, simply isn’t necessary as all it does is open up a pathway to your network for hackers. Therefore, make sure that only the most relevant features are activated on your IoT devices.
  • Patching IoT Devices is Difficult: Due to the wide variety of manufacturers making IoT devices, many of these companies simply don’t have the technical knowledge to release regular and effective patches. And this represents a major security risk due to the constant efforts of hackers to exploit security vulnerabilities. In these instances, the best way to prevent a breach is to monitor these less secure devices for any unusual network activity. This approach should, at least, indicate if there is a potential security breach in progress. 

Final Thoughts

Although there are a number of very real security risks associated with integrating IoT devices into your organization’s IT network, these don’t have to convert into a major security breach. Instead, these risks can be significantly reduced by following the advice listed above which will protect your network and keep all your IoT devices interacting with it seamlessly.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


The terminology used to describe various hacks and security threats usually includes the terms malware, ransomware and virus, but what exactly are these?

It can get a little confusing when discussing the various security concerns that are floating around and this confusion can lead to a lapse in security. After all, if you’re reading about malware, but don’t know exactly what it is you’re reading about, then you’re going to be unable to act against it. And that’s why we’re going to take the time today to explore each particular category in a little more detail.

What is Malware?

Malware is very much an all-encompassing term for any form of malicious software, so this can include ransomware and viruses. However, we’re going to cover those two categories in depth later, so for now we’ll look at some other types of malware:

  • Spyware: Installed on a user’s PC without their knowledge, spyware is software that can be used to track user activity and then transmit this to a remote server e.g. keystrokes can be recorded to determine and steal login details.
  • Bots: Capable of bringing entire networks to a halt, bots are a particularly troubling form of malware that can easily harness the power of an infected PC to carry out spam email campaigns or DDoS attacks.
  • Rootkits: Highly conspicuous and deceptive, rootkits allow hackers to take control of infected PCs from a remote location. Usually installed at a root level, hence the name, rootkits provide privileged access to the victim’s PC.

What is a Virus?

Much like the common cold, a computer virus is an infection which can spread quickly and effectively. Exposure to a computer virus usually occurs when the PC encounters an infected website or file. Following this exposure, the virus is downloaded to the PC and executed. And this can generate the following results:

  • The PC startup process can become corrupted and leave users unable to log on to their workstation.
  • Performance levels can suddenly drop as your PCs processing power is handed over to the virus’ tasks.
  • PCs can find themselves spammed by numerous popup adverts which, if they’re particularly virulent, can soon crash the computer or slow it down significantly.

What is Ransomware?

Ransomware has grabbed countless headlines over the last few years and it remains a pressing concern for any business. Most commonly spread through phishing emails, ransomware’s main objective is to extort a ransom in exchange for the release of files it has encrypted.

Once the ransom has been paid then the hackers should, in theory, supply a key to decrypt the files. However, it’s becoming increasingly common for hackers to take the ransom, which is usually demanded in untraceable cryptocurrency, and leave the compromised files encrypted.

Final Thoughts

Whether you find your PCs affected by malware, a virus or ransomware, it’s clear that they spell danger for your organization. It may sound a little clichéd, but when it comes to malicious software then prevention is the best cure. And one of the best ways to prevent your PCs from falling foul of infection is by educating yourself on exactly what you’re up against.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Cloud storage and infrastructure is the way forwards for organizations due to the massive range of benefits it offers, but how secure is your cloud?

Security is the single most important factor when it comes to an organization’s IT operations, so it’s essential that it’s treated with the utmost attention. However, cloud networks are a relatively new platform and, as a result, the level of security knowledge behind these platforms is lacking compared to more traditional networks. Hackers, of course, are keen to this fact and invest substantial time and effort in uncovering security vulnerabilities that they can exploit. Combating this threat, therefore, is paramount to your organization’s security.

As I’ve already stated, cloud networks are a new phenomenon and the wider community generally isn’t as clued up on them as they perhaps should be. And this leads to common mistakes that can cost dearly. However, by taking a look at the biggest cloud security mistakes you can make, you can hopefully avoid them.

Multi-factor Authentication is Vital

Administrative accounts on cloud networks have significantly more privileges than your standard employee’s privileges. Mostly, this is down to the amount of IT knowledge required to carry out these system admin tasks. A non-IT employee simply doesn’t need these privileges. Accordingly, an administrative account is much more attractive to a hacker, so security needs to be tightened. Any cloud platform that understands security risks should have an option for multi-factor authentication, so make sure this is rigorously enforced for all administrative accounts.

Limit the Use of your Admin Account

The root account is the first account you create when you sign up with a cloud provider. It’s a highly privileged account as it contains access to every aspect of your cloud network. If this account is compromised then your entire cloud network is at the mercy of hackers. And this is why you need to limit usage on this account to only the most necessary tasks e.g. do not use the root account for general day to day tasks that put you more at risk of being infected by malware etc.

Check the Encryption Methods

Security moves at a rapid pace and the level of encryption that is now available on cloud networks such as TLS-based encryption is fantastic. Unfortunately, there are also plenty of cloud networks that still operate with less security encryption methods such as the SSL protocol. To minimize the risk of your cloud account becoming compromised, you need to investigate the encryption method used on your network. If it’s even slightly outdated, then it’s time to upgrade.

Restrict the Availability of Sensitive Information

The beauty of cloud storage is that it can be accessed from anywhere, so this opens up your data to a much larger audience if you grant them access to it. While this allows you to collaborate with other organizations and remote employees much more easily than ever before, it also puts your data at risk. Your organization needs to bear this in mind and access controls need to be thoroughly thought through to prevent sensitive data being accessed outside of your organization. Ensure that your employees are aware of the open nature of cloud networks when saving data to such public drives.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


One set of malware is bad enough for most organizations to deal with, but what should they do when they’re hit with two sets at once?

Hackers are constantly trying to breach the defenses of PC users, but it’s not easy for them to succeed. Defenses are constantly improving and PC users are becoming more technically minded when it comes to hacking. Attacks, therefore, need to be cleverer and more aggressive for hackers to succeed. And one of the newest threats to PC defenses is a combined attack which teams up multiple forms of malware to pack a devastating punch.

In particular, reports are coming in that hackers are combining the data miner Vidar alongside the GandCrab ransomware to maximize their chances of success. And it’s proving to bear fruit for the hackers, so it’s crucial that you understand the risk.

The Double Whammy of Vidar and GandCrab

The combined attack of Vidar and GandCrab was identified by Malwarebytes Labs who observed that the hack first installs Vidar and then proceeds to strengthen the attack with GandCrab. Using malicious advertising software, the hackers expose users to an exploit kit (usually Fallout) which targets vulnerabilities in specific apps. Once this exploit kit has been executed, Vidar is installed on the infected PC and proceeds to mine user data such as communications, digital wallet info and login details.

This attack is bad enough, but the victim things are about to get worse as Vidar is capable of downloading additional malware. Using a command and control center to receive and transmit data, Vidar will, after a minute of its own installation, download and execute the GandCrab ransomware. It’s true that Ransomware has, to a degree, fallen out of favor with hackers over the last year, but it still has the potential to cause severe disruption for organizations. Encrypting files and then demanding a ransom will stifle the productivity of any organization effected, even if backup copies are available.

Protecting Your Organization from Vidar and GandCrab

It’s clear to see that the two headed attack of Vidar and GandCrab is particularly nasty and one to watch out for. In order to understand how to protect your organization from this threat, you need to understand how this attack is able to take place. As ever, that age old favorite of unpatched software is squarely to blame and, on this occasion, it’s Adobe’s Flash Player and Microsoft’s Internet Explorer.

Anti-malware software is now capable of detecting Vidar when it’s found within your PC, but the easiest option for any organization is to avoid allowing it access in the first place. One of the keenest security practices to adhere to is the installation of software patches as soon as they become available. Sadly, this task is often superseded by more immediate, pressing matters and this grants hackers more time to detect and exploit these vulnerabilities. However, with what is usually just a few clicks of a mouse, protection from potential security threats can be implemented by immediately installing patches.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More