Ransomware has been trending lately with the recent WannaCry outburst. The rate of infection is definitely on the increase due to cyber criminals’ illicit methods of attack.
READ OUR RELATED ARTICLE: MANAGED IT RANSOMWARE DEFENCE CHECKLIST
The 10 methods of attack either exploit human weaknesses through social engineering or spread from computer to computer via automated methods or using human intervention.
1. Phishing
A method we see all too often, from small businesses to large corporations, phishing has been a relativity successful attack method. This social engineering technique has been giving IT services’ firms a headache for years. We often warn our customers of the latest techniques including fake emails and fake attachments. However, the attacks are so well disguised that even the experts have difficulties differentiating the fake from the authentic.
2. SMSishing
This technique is when a user receives an SMS message containing a URL link. The link navigates to fake portals where the user is instructed to enter personal data – the fake portal is usually built around a users’ bank or a service provider such as internet or water. Most effective on Android and iOS mobile devices – as well as stealing users personal information, the ransomware gains access to your contacts and sends them the same message.
3. Vishing
Using automated voicemails, a user is instructed to call back a number regarding a fake computer problem that they will potentially encounter. Upon calling the number the user will be instructed to, unknowingly, install ransomware on their computer. The setup will appear to be very professional in a sense that the background noise will sound like a call centre setting, and in some cases the attackers will have information about the user in order to gain their trust. A common tactic is, for example, the caller to claim that they are from a ‘managed it services Brisbane company’ or ‘it solutions Sydney company’ calling in to fix an issue with your computer.
4. Social Media
Fake news. Fake posts. Fake friend requests. All of those may follow the same pattern as the rest. Upon clicking on a fake news article, fake photo or even a fake friend request email, a user will be redirected to a fake website containing a ransomware downloader which downloads itself onto the computer.
5. Instant Messaging
Like SMSishing, instant messages are frequently hacked by cyber criminals. Chats originating from ‘bots’ are also likely to provide cloaked ransomware-filled links which then goes onto spread itself to a users contacts list. Initial versions of this method came about during the MSN Messenger days where it was frequent to receive messages from random people containing a link.
READ OUR RELATED ARTICLE: 10ZIG ZERO CLIENT SOLUTIONS
6. Drive-By
Malicious websites (and some legitimate websites too) containing malicious codes in images so that when a user visits the website and the browser automatically downloads the images, a ransomware down-loader will extract itself onto the victims machine.
7. System Vulnerabilities
Exploiting IP addresses for vulnerabilities, certain types of ransomware can breach IP defences and install itself on devices connected to the network. The same applies to home routers with little to no security – easy targets for expert cyber criminals.
8. Malvertising
Using Ads from search engines and social media, cyber criminals use a drive-by method where upon clicking on an Ad, the ransomware will extract itself on the machine. Like some of the above, this method is difficult to differentiate from the authentic as the Ad looks and feels the same as an original Ad.
9. Network Spreading
Once inside a network, ransomware can spread itself from one computer to another within a network. More worryingly is that the ransomware can access company file servers which as we know all too well can shut a company down and hold them for financial ransom. Managed IT firms usually have this covered but user interaction accounts for a large percentage of ransomware attacks so it is essential to educate and train yourself and other employees to prevent such attacks.
10. Cloud Service Spreading
Even though most cloud-based applications and software can distinguish the good from the bad, a person who uploads ransomware to Dropbox from Australia can share the folder with someone in Canada who then falls victim to ransomware in a matter of seconds. Most cloud storage can host malicious files and it is important to perform a scan on files straight after you download them and before using the files.
IntelliTeK is one of the fastest growing IT service providers that you will find on any list of managed service providers in Australia. We are always up to date with the latest threats to emails and IT security which is why we only partner with the best in the industry.
If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.