A recent USA based Malwarebytes survey has found that cyber criminals are concentrating more on businesses than consumers these days. Overall, in Q1 2019, threats targeting businesses have increased by 235% compared to the same quarter in 2018. Consumer threats have reduced by nearly 40% from the previous quarter which is great news for us as individuals. But of course, most of us are employees and so still a target. It’s just that the channel has moved from your Gmail to your business email.
Cyber criminals are very targeted – money is a great motivator. They handpick organisations, in particular SMEs, they wish to attack and keep trying to gain access in different ways until they succeed. Another report from Hiscox found that number of small firms reporting an attack across the US and Europe rose from 33% to 47% and from 36% to 63% for medium-sized businesses in the last year.
Why are they attacking SMEs above big brands? It’s because SMEs generally
have smaller cyber security budgets compared to large companies and so are overwhelmingly unprepared for attacks.
Emotet trojan attacks
Emotet malware is one of the big trojan attacks with usage increasing over 200% over last year. It was originally a banking trojan that attempted to gain access to your computer to steal sensitive and private information. It evolved to become an industry agnostic spamming and malware delivery service – frequently hidden in Word and XML docs (which is opened in Word). It’s a particularly clever trojan because it can change itself every time it is downloaded, evading signature-based detection. It even is an ingredient of the malware-as-a-service business.
And of course, ransomware is still a hugely popular method of attack with a 195% increase in quarter 1 this year over quarter 4 last year in the USA. Numbers are falling dramatically in the UK. WannaCry (2 years ago this month) had such a great impact that UK-based businesses and the National Cyber Security Centre confronted ransomware head on. Ransomware and malware are also declining in Ireland according to a recent Microsoft report.
And those of you on Macs, well
you’re not as safe as you thought you were! There’s been a 60% increase in Mac
malware from Q4 2018 to Q1 2019.
So how do you avoid being tricked by these attacks?
it sounds too good to be true, it probably is!
is the English? Poor English and bad spelling are big giveaways
careful opening any attachment, particularly Word, Excel and PDFs
you know the sender?
you sure that the sender’s name is actually the sender?
the legitimacy of the email link and any URLs by hovering your mouse over them
you have any doubts, don’t reply – forward
anything looks dodgy, forward to your IT department
In this day in age a breach is inevitable. Downtime causes
most of the damage, so minimise this by having effective data recovery and
backup systems in place.