Posts Tagged ‘computer’

Help The FBI Find A Defense Against Ransomware

Monday, September 19th, 2016
Help Fight Ransomware - Ohio CPA Firm

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Keep reading to find out how you can help the FBI combat the threat of Ransomware.

The FBI recently released a public service announcement urging victims of Ransomware attacks to come forward and report these cyber infections to federal law enforcement. Doing so, the FBI said in a statement, will “help us gain a more comprehensive view of the current threat and its impact on U.S. victims.

Read Also: Could Your Company Be Ransomware’s Next Victim?

A Closer Look At Ransomware

A computer infection that has been programmed to encrypt all files of known file types on your computer and your server’s shared drive and making them inaccessible until a specified ransom is paid; Ransomware is a very real threat to all businesses nationwide. Once a computer is infected, which usually happens once a user clicks on a malicious link, opens a fraudulent email attachment or unknowingly picks up a high-risk automatic download while surfing the web, it’s all but impossible to regain access to the data that has been infected. Upon discovering that your computer has been infected, you have two choices. You can either:

1)     Restore the machine by using backup media, or

2)     Accommodate the hacker’s demands and pay their ransom.

And both options are less than ideal.

What To Do If Your Company’s Network Becomes Infected

Ransomware infections were at an all-time high in the first several months of 2016, according to various cybersecurity companies, and because new Ransomware variants are emerging regularly, the FBI needs your help to determine the true number of Ransomware victims.

“It has been challenging for the FBI to ascertain the true number of Ransomware victims as many infections go unreported to law enforcement,” the agency stated in its recent announcement. “Victims may not report to law enforcement for a number of reasons, including concerns over not knowing where and to whom to report; not feeling their loss warrants law enforcement attention; concerns over privacy, business reputation, or regulatory data breach reporting requirements; or embarrassment. Additionally, those who resolve the issue internally either by paying the ransom or by restoring their files from back-ups may not feel a need to contact law enforcement.”

Read Also: How Much Is Your Data Worth To Criminals?

Reporting a Ransomware attack on your company’s network is not only beneficial for you, the information you provide will help the FBI as it works to identify ways to prevent future attacks. Your reports will:

  • Provide law enforcement with a greater understanding of the threat
  • Help justify Ransomware investigations
  • Contribute relevant information to ongoing Ransomware cases

Help Arm The FBI With Information

The recent PSA released by the agency requests that all Ransomware victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center. Be sure to have the following details available and ready to provide to the respondent when prompted (if applicable).

  1. Date of Infection
  2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
  3. Victim Company Information (industry type, business size, etc.)
  4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
  5. Requested Ransom Amount
  6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
  7. Ransom Amount Paid (if any)
  8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
  9. Victim Impact Statement

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Click here to read the FBI’s complete announcement.

To learn more about protecting your business from cybercrime, download the free whitepaper, “Cybercrime: The Invisible Threat That Haunts Your Business.”

Share Button

Who’s Fishing For Your Data Today?

Monday, February 23rd, 2015
Computer company Lenovo informed the public that  desktop and laptop devices it sold between September 2015 and January 2015 may have arrived to users loaded with an extra (and unwelcome) feature - SuperFish.

Computer company Lenovo informed the public that desktop and laptop devices it sold between September 2015 and January 2015 may have arrived to users loaded with an extra (and unwelcome) feature – SuperFish. Users should not enter secure information on their device until they are certain that their security was not compromised.

If you purchased a Lenovo desktop or laptop between September 2014 and January 2015 you could be susceptible to “SuperFish” – adware that can be found lurking in the depths of your device.

Capable of hijacking Internet traffic data typically used for securing Internet transactions, SuperFish was installed on Lenovo devices by the manufacturer per an agreement with Superfish Advertising, a third-party software developer based out of Palo Alto, Calif.

“In our effort to enhance our user experience, we pre-installed a piece of third-party software … on some of our consumer notebooks. The goal was to improve the shopping experience using their virtual discovery techniques,” said the company in a prepared statement. “In reality, we had customer complaints about the software. … We stopped the preloads beginning in January. We shut down the server connections that enable the software (also in January), and we are providing online resources to help users remove this software.”

Until you are certain that your Lenovo system is safe from adware, refrain from online banking, making online purchases or engaging in any other online activity were security is critical.

To determine if SuperFish is present on your device and how to remove it, Lenovo released step-by-step SuperFish Uninstall Instructions on its website.

Unfortunately, in his article about the Lenovo crisis, Zack Wittaker cites ZDNet’s Chris Duckett as saying that “the only confirmed way of completely removing SuperFish appears to be reinstalling Windows … or moving to another operating system entirely” as simply uninstalling the adware may not remove the root certificate authority.

According to reports from IDC Worldwide Quarterly PC Tracker and Gartner, Lenovo shipped more than 16 million desktops and notebooks worldwide during the fourth quarter of 2014. Lenovo’s statement indicates that following models may have been effected:

  • G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45, G40-80
  • U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
  • Y Series: Y430P, Y40-70, Y50-70, Y40-80, Y70-70
  • Z Series: Z40-75, Z50-75, Z40-70, Z50-70, Z70-80
  • S Series: S310, S410, S40-70, S415, S415Touch, S435, S20-30, S20-30Touch
  • Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 Pro, Flex 10
  • MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11, MIIX 3 1030
  • YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11, YOGA3 Pro
  • E Series: E10-30

Email Rea & Associates to learn more about the importance of protecting your virtual assets against cyber threats.

By Joe Welker, CISA (New Philadelphia office)

 

Related Articles

Could A Cyber-Attack Cripple Your Business in 2015?

How Prepared Is Your Business For A Potential IT Disaster?

How Can I Protect My Business From A Data Security Breach?

Share Button