A guide to all the latest cyber criminal tricks, and how to beat them
Written by Jonathan Parkyn
When it comes to defeating security threats, awareness is one of the most effective weapons in your arsenal, and our chief aim is to continue providing you with the knowledge and the defences you need to stay one step ahead of the hackers and scammers.
Below we run through the latest security threats and show you new ways to beat them. The overall message here is: don't be complacent. The techniques used by crooks and hackers are always evolving, so you need to keep evolving your security strategies, too.
The trick: Ever-evolving ransomware
We can all agree that 2017 was a bad year for ransomware, thanks to devastating widespread outbreaks like WannaCry and NotPetya. But in its 2018 Malware Forecast, security firm Sophos reveals that cybercriminals may have only been "experimenting" with recent attacks like these, and predicts that the worst is yet to come. "We're expecting cybercriminals to build upon WannaCry and NotPetya and their ability to replicate," says SophosLabs researcher Dorka Palotay.
How to beat it: Back up – the right way
In addition to preventative techniques, such as using an effective antivirus tool, backing up can be one of the most effective way of preventing a ransomware infection - but only if you do it right. Do it wrong and a ransomware attack could end up scrambling your backups along with your originals.
The best backup method is actually to use multiple methods simultaneously. Run a daily backup to an external hard drive using Windows File History (found under Start, Settings, 'Update & security', Backup) or a free tool, such as EaseUS Todo Backup Free. The key thing is to disconnect the drive once each backup is complete. Leaving it attached to your PC allows ransomware to lock you out of its contents, along with the files on your system drive.
Secondly, also back up 'to the cloud' - that is, to an online-storage service. Even cloud-based files can be claimed by ransomware, however, so make sure you use a service that employs versioning, which means previous versions of your files are kept as shadow copies. That way, if ransomware infects any of your cloud backups, you can simply restore the previous version of the file to remove the encryption.
Both Dropbox and Google Drive support versioning, though Dropbox will only keep previous versions for 30 days unless you pay for Dropbox Business (from £10 per user per month). To restore a previous version in Dropbox, log in and browse for the file, then click the three dots button on the right and select 'Version history'. You'll see the latest version at the top and earlier versions below, with the newest first.
Move your mouse to the right of a previous version and a Restore button will magically appear.
The hack: Hiding malicious activity in image files
Cyber-crooks are starting to use image files to cover their tracks, according to Kaspersky. This deception technique is inspired by an old espionage trick called steganography, which involves concealing hidden messages within pictures (and even tattooed on to people's bodies). An attacker could infiltrate a computer using malware, then send stolen data back to their server disguised as an innocent-looking image file. Current security software is unlikely to detect this suspicious activity.
The fix: There isn't one... yet
The news isn't great on this one. Kaspersky admits that the security industry has yet to reliably detect this threat. Most steganography attacks so far have targeted large companies and financial institutions, rather than individuals. However, Kaspersky says that it has seen these techniques being used in updated versions of common Trojans, which could be a sign hackers will soon attack the public.
The trick: New ways to scam you
Phishing is always evolving, with scammers constantly employing fresh tricks to hoodwink their victims. Among the latest scams to watch out for, according to Police cybercrime reporting centre Action Fraud, are fake online job adverts and bogus RSPCA websites advertising fake premium-rate numbers for their cruelty line.
Another recent scam emails Netflix users to tell them their accounts have been suspended. The link to restart your membership takes you to a fake site that steals your account and billing information.
In smishing (or 'SMS phishing') scams fraudsters send you messages or texts to your phone, hoping you'll click the link contained within. They are an increasing danger says Kaspersky, which saw a 300% rise between April and June in 2017. Many scams target bank customers with texts suggesting that suspicious activity has been detected on their account. They urge you click a link to confirm your account, but doing so leads to a fake site, from where scammers can steal your online-banking credentials details - and then all your cash.
The fix: Don't trust ANYTHING
Sadly, these latest scams simply highlight the need to be hyper-vigilant when it comes to spotting fakes, whether they appear online, in an email or on your phone. You should never assume any unexpected communication is genuine until you've been able to verify it independently. Call your bank if you receive a text message, for example.
Never click links in emails, never disclose any personal details and don't reply to any suspicious texts you receive. Also, remember that unencrypted text messages can be intercepted by just about anyone. It's much safer to use messaging tools that employ end-to-end encryption, such as WhatsApp. Just make sure you install the real WhatsApp, not the recent fake one – cleverly named 'Update WhatsApp Messenger' on Google Play – which tricked more than a million people into downloading it, then bombarded them with ads.
Yes, this is another type of scam to watch out for, and worrying proof that not all Google Play apps are safe.
The trick: Malware goes mobile
Ransomware and other threats are predicted to thrive on phones and tablets in 2018, according to experts. SophosLabs processed 10 million suspicious Android apps in 2017 (up from 8.5 million in 2016), 77% of which turned out to be malware.
"In September alone, 30.37% of malicious Android malware processed by SophosLabs was ransomware," warned the security firm's Rowland Yu in a November blog post.
Apple devices won't be immune from the threat of infection next year. At a recent phone-hacking contest run by Trend Micro, contestants showed off a vulnerability in the latest version of iOS (11.1), that allowed them to run install a rogue app called KeenLab on an iPhone 7 over a local Wi-Fi connection. Details of how this was achieved are sketchy, but Apple is said to be working on a fix.
How to beat it: Update your OS
We realise we're beating a pretty old drum here, but it's essential to apply the latest operating system updates for your mobile device as soon as they become available. It's also worth noting that, with mobile devices, the vast majority of infected software arrives via apps obtained from non-official sources. Most – though not all – mobile malware can be avoided by ensuring you only install apps from the Google Play Store and Apple's App Store.
The trick: Hacking into your home Wi-Fi
Proving that there really is no room for complacency, security researchers at KU Leuven University in Belgium recently discovered a whopping great flaw in the very encryption used to protect many wireless networks.
Until now, WPA2 has been considered one of the safest wireless encryption protocols. But its newly revealed vulnerability to something known as a Key Reinstallation Attack (or Krack) means any would-be hackers within range of your wireless network could gain access to and steal your data or inject malicious files, such as ransomware, on to your devices via your own home Wi-Fi connection. There are no reports of the exploit being used yet, but it's only a matter of time.
How to beat it: Update all your devices
It's important to keep using WPA2 to protect your wireless network – switching it off will only make you more vulnerable. And you'll need to do more than simply change your Wi-Fi password. In fact, the only way to protect against Krack is to wait for manufacturers to issue updates for your devices. Most manufacturers are racing to release fixes for Krack, and many, including Microsoft, have already done so – Windows was patched via an automatic update back in October.
The vulnerability affects all your wireless devices – PCs, phones and tablets – but it's especially important to protect your router. If you're not sure whether your device has received – or needs – a patch against Krack, then contact your router's manufacturer.
The trick: Hijacking your accounts
Though account hijacking itself is nothing new, recent research commissioned by Google, in collaboration with the University of California, Berkeley, revealed how billions of passwords are stolen every year.
The research, which tracked activity on the web's black markets over the course of 12 months, discovered that around 788,000 logins were stolen via malware, such as keyloggers, while 12 million passwords were obtained via phishing scams. A staggering 3.3 billion logins were obtained via big-scale data breaches, such as the recent Computer Exchange hack, which affected two million customers of the tech trade-in store.
How to beat it: Switch to a password manager
Sadly, passwords will continue to be how most of us we protect our services and data in 2018. More secure biometric log-in methods, such as 3D facial recognition, are reserved for expensive devices like the £1,000 iPhone X – and these potentially have their own vulnerabilities, if a recent claim to have beaten Apple's security measures using a mask is to be believed.
Google's own conclusion from its research is one we'd agree with – using a password manager or two-factor verification (or, preferably, both) is the only way to minimise the threat. Two-factor verification is a pain because it adds an extra log-in step, such as typing a code texted to your phone. But it does make it virtually impossible for hackers to get into your account without the code. To set it up on your Google account, sign in here and click Get Started.
Our password manager of choice, meanwhile, remains LastPass.
Microtechs 24/7/365 Support
Most of our customers approach us as they are looking for a fully UK based extension of their support team. This is normally to help with covering support overnight and weekends, because they want to free up their senior staff to work on project or development duties, because of issues with staff retention or because they have already outsourced overseas and have experienced a high number of complaints.
We have a mixture of clients which use our helpdesk and monitoring services which include;
- · 1st /2nd line remote support calls
- · 24/7/365 or office hours
- · Incident management services with third party escalation
- · Proactive monitoring NOC services
- · Catch and dispatch only monitoring services
- · Fully inclusive services with an average 80% resolution rate
- · 15-minute response times
- · Completely white labelled to your brand
- · Desktop / Network / O365 / Mac / Telecoms / Bespoke software
- · Pricing from £500 per month
We are all based from one office in Surrey and tailor our service to dovetail to your requirement.
I guess that’s why we are different to other companies. We spend time to learn, develop, sculpt and continually improve our service to your customers.
If you need overflow during the day or a whole support desk from scratch or just some monitoring services overnight, please drop me an email or give us a call.
Please contact us for further information on 01483 407417