You might be thinking to yourself “Why would anyone want to hack me? I’m a tiny company with no valuable data.” Most people and businesses don’t believe this will ever happen to them.
With the rise of the latest NotPetya ransomware variant, absolutely NO ONE is safe. In fact, many companies had a proper patch management system in place and updated 99.999% of their infrastructure, while purposely maintaining a few unpatched servers in order to test software builds.
Well, NotPetya was able to get into the infrastructure, find the unpatched servers, steal all the user and system credentials from it, and log into the 99.999% of the servers and infect them with ransomware as well. In September 2017 we all got a rude awakening when we found out a software kit called CCleaner – a vital tool that most IT companies use – was hacked and was distributing Trojans and backdoors into millions of customer systems via their trusted channel.
2018 promises even more chaos with new variants of ransomware that will infect both consumer and business IoT (Internet of Things) devices. Cyber criminals are also developing a ransomware that will hold your email system hostage as well. The question I get asked all the time is – How can we protect ourselves from this?
Here’s something you need to pay close attention to. Sometimes you might receive a file called “account_statement.txt.doc” for example. You need to understand that this is not a text file, it’s actually a word doc file. File Extensions are the last three letters of a filename after the period. The reason this is so important when it comes to ransomware is because often times your computer is set up to hide file extensions of known types. Therefore your email client will show the file extension, but when you download the file, you may not see the extension anymore. The “account_statement.txt.doc” file is actually ““account_statement.doc””. This is a simplified example, since there are other ways to get around this.
A hacker may include a Zip file called “fedex.zip” that contains multiple files inside with altered extensions. Your email program only sees a Zip file, but in reality the Zip file contains a single file called “fedex.zip.exe”.
The latest ransomware are extremely hard to detect and are so very well designed. The worst part is, the executable .exe files are not the only dangerous type of files out there. You might see files with extensions such as .bat, .cmd, .com, .lnk, .pif, .scr, .vb, .vbe, .vbs, .wsh, and .jar for example.
As an Ethical Hacker, I often get called by companies to legally try to hack them, show them where all the holes are, and help them fix it before the malicious hackers turn their world upside down causing large financial liability to the shareholders.
A vulnerability assessment followed by a penetration test will give a real world view of the security posture of a company by leveraging the same techniques that malicious hackers use. We also test your first line of defense – your employees – by phishing them to gage their level of cyber awareness. In rare occasions, we find out that an employee was given too much rights in the network and was abusing those rights to fraud the company.
Leveraging SIRCO’s team of forensics experts and investigators, these cases can often lead to criminal search and seizure orders. If you would like more information on SIRCO’s Cyber Security assessment services, please contact your Millenium Micro affiliated reseller.