[metaslider id=2951] … Read More
Ransomware is the Biggest Threat for Small to Medium Businesses
Eighty-six percent Small to Medium Business (SMB) clients were recently victimized by ransomware and 21 percent report six or more SMB attacks in the first half of 2017 alone, according to Datto’s State of the Channel Ransomware Report.
Key findings from the ransomware report include:
- An estimated five percent of global SMBs fell victim to a ransomware attack from 2016 to 2017. According to 97 percent of managed service providers (MSPs), ransomware attacks are more frequent in 2017.
- According to 99 percent of MSPs, the frequency of SMB targeted attacks will continue to increase over the next two years.
- Less than one in three ransomware attacks are reported by SMB victims to the authorities, a marked improvement from one in four incidents reported in 2016. Additionally, 35 percent report SMBs paid the ransom, down from 41 percent in 2016. The total cost of ransom paid to ransomware hackers in 2017 is $301M. Of those victims that pay up, 15 percent still never recover the data.
- As a result of a ransomware attack, 75 percent of MSPs report clients experienced business-threatening downtime. Nearly 30 percent of MSPs report a ransomware virus remained on an SMB’s system after the first attack and struck again at a later time. One in three MSPs report ransomware encrypted an SMB’s backup, making recovery even more complex.
- Nearly 85 percent of MSPs who’ve dealt with ransomware report seeing CryptoLocker. Additional common variants include CryptoWall, Locky and WannaCry, which is a new addition to the list.
- Among those industry verticals who are targeted most by ransomware attacks are Construction, Manufacturing and Professional Services. SaaS applications continue to be a growing target for ransomware attacks with Dropbox, Office 365 and G Suite most at risk. Mobile and tablet attacks are also on the rise.
- While 90 percent of MSP respondents cited they are “highly concerned” about the business threat of ransomware, only 38 percent of SMB clients felt the same. This could be due to the lack of mandatory cybersecurity training across SMBs, which MSPs cite as the leading cause of ransomware infections.
Contact us to discuss protection against ransomware.
ThreatList: Top 8 Threat Actors Targeting Canada in 2019
Bad actors are looking to hit financial and banking firms in Canada with geo-specific campaigns touting malware like Emotet, GandCrab and Ursnif.
Banking and financial services in Canada are being targeted in geo-specific attacks looking to spread varying forms of malware, according to researchers tracking thousands of malicious email campaigns between January 2019 to May 2019.
In particular, campaigns are typically launched by financially-motivated cybercriminals, but can also be orchestrated by national, state-sponsored threat actors (such as Advanced Persistent Threat or APT groups), said researchers with Proofpoint.
“In 2019, threats specific to Canadian interests, whether abusing Canadian brands, or affecting Canadian organizations through specific geo-targeting mean that defenders at Canadian companies must be cognizant of threats far more targeted than ‘North America,’” researchers said.
CANADIAN POLICE RAID ‘ORCUS RAT’ AUTHOR
Canadian police last week raided the residence of a Toronto software developer behind “Orcus RAT,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. Its author maintains Orcus is a legitimate Remote Administration Tool that is merely being abused, but security experts say it includes multiple features more typically seen in malware known as a Remote Access Trojan.
If you read the latest Canadian Threat Report from Carbon Black, the Canadians have it bad… really bad. With increases across the board, Canadian organizations are needing to step up their security game. Cybercriminals don’t care what country their victim is in, as long as there is money to be made. And Canada is no exception. So, security vendor Carbon Black surveyed 250 CIOs, CTOs, and CISOs to better understand what the cyberattack landscape looks like and what trends are being experienced. According to the report, Canadian organizations have had it rough over the last 12 months: 76% reported an increase in attacks As nice as the Canadians are, they are not just sitting back and taking it. The report highlights a few responses to all of these attacks: 59% are actively threat hunting According to the report, the number one cause of successful breaches was phishing. This should come as no surprise, as phishing as long been sitting at the top of the attack vector food chain. The use of phishing means Canadian organizations need to take some of that increased security budget and spend it in a way that will materially decrease the success of phishing attacks. Employees are the weakest link in phishing attacks, being fooled by social engineering tactics, contextual details pulled from online intel-gathering, and a general lack of vigilance on the part of the employee. Organizations using Security Awareness Training along with phishing testing can elevate the employee’s understanding of why continual security awareness is necessary, what’s at stake, and how to protect themselves and the organization from phishing attacks that can result in malware infections, data breaches, and ransomware attacks. The Canadians have realized they need to get serious about cyber security. Adding Security Awareness Training to their strategy needs to be a primary part of the strategy. Signs of a DoS Attack Preventing DoS AttacksCanadian Companies See Increases in Attacks, Breaches, and Sophistication in the Last 12 Months
10% an increase in attacks of more than 100% over the previous 12 months
81% reported attacks have become more sophisticated
83% report being breached
The average number of breaches is 3.2
85% anticipate an increase in security spendingWhat is a Denial of Service Attack?
A denial-of-service, or “DoS” attack, is a type of cyber attack that prevents legitimate users from accessing computer systems, services, devices, or other network resources. Attackers make these resources inaccessible by flooding the network with traffic until it crashes. When malicious excess traffic comes from multiple sources, this is known as a distributed denial of service (or “DDoS” attack), which can be even more difficult to resolve and recover from.
The effects of a DoS/DDoS attack will depend on your perspective. For example, if you are a user of online banking and your institution’s network has been targeted, their website will likely stop responding. On the business side, the bank’s customer service representatives will find that the online systems they depend on to serve their customers cease to respond.
While DoS/DDoS attacks do not directly result in the theft of confidential information, organizations usually see a significant loss of productivity and money as a result of the downtime. While it is not possible to avoid becoming a target entirely, network security companies offer software that protects against network flooding by rerouting malicious traffic. Many firewalls also offer DoS detection functions and will help in restricting bandwidth usage to only legitimate users.