Cryptolocker, other types of ransomware and malware generally, are nothing but a pain. An infection can impact a business for hours or days depending on how far it spreads. For unprepared businesses, the downtime or data loss can mean disaster.
Ransomware spreads in a variety of ways but there is increasing recognition that one factor is consistently to blame: people.
Human error is increasingly being identified as a key element of successful ransomware attacks.
Almost everyone is aware there are dangers online, yet many people go unaware of how malware spreads. Few can point to the latest threats and tactics used by criminals. Informed users are less likely to be tricked compared to uninformed users.
How malware spreads
Malware can spread in many ways. It is generally found in suspicious emails. The email itself will not infect your machine with malware. Instead it's the attachments, images and links that are dangerous. Here are some examples:
- Attachments and links in an email
- Spreading from one infected computer on a network
- Malware infected USB drives
- Opening a webpage containing a malware-containing ad
- Fake mobile apps (particularly on Android)
- Fake social media pages/apps (think JB Hi-Fi/Qantas/Coles/Woolworths giveaways)
- Fake Microsoft Windows Support
- Malware infects your machine and causes fake Windows errors. Posts a notice telling you to call Microsoft Support for help. The number posted is fake and actually the scammer.
The reality is, popular software is targeted by malware creators. Adequate anti-viral software, router-level firewalling, and keeping software up-to-date is essential to avoiding dangerous software.
Learning what to trust
So when malware spreads in lots of ways, from different sources, how can you know which emails or websites will be safe?
Trusting content online can be scalable. Take a contact you regularly communicate as an example. Each communication frequently references previous conversations (from online and the real world). Naturally, you will spend little time scrutinising their emails before interacting. This is logical.
Take a few steps back, a contact you communicate with only every few months. They include details from your last conversation. While likely safe, you may want to consider the aspects of each email a bit more closely. Do they mention anything you've discussed in conversation outside email (phone, text, in-person)? Did you request a PDF attachment or are they sending it out of the blue? If in doubt, contact them in a different format.
Now let's take a few more steps back, you receive an email from a brand or contact you recognise. There is nothing in the email from past communications. The email is trying to get you to make an action, by calling a number, clicking a link or opening a file. Alarm bells should be sounding.
What can you do? Allocate a period of training for all employees on computer safety, particularly if they've never had a session before. Even 15 minutes can make a difference.
Here are a few resources that can help:
- Our gallery of current email security threats (these have targeted or are a high risk to our clients)
- Scamwatch (from the ACCC)
- Microsoft Malware Protection Center - Definitions and Current Threats
- Our Hosted Disaster Recovery/Backup solutions to mitigate malware infections
Tip: When forwarding or replying to an email in Outlook, you do not have to click yes to download pictures. You can still click through to draft an email, albeit with images from the original email removed.