03-18-20 | Blog Post
It’s not a new tact for cybercriminals to be opportunists in times of global crisis or when workforce attention is focused on important national or regional events. Today, novel coronavirus and the resulting demands to decentralize workforces offers exponentially greater opportunities to lure the unaware and imbed the most dangerous and potentially costly malware. Dramatically increasing the number of remote workers and homeworkers creates many new opportunities for e-mail phishing and provides additional avenues for social engineering. Worst of all, decentralizing the workforce can drive employee searches, on company provided computers, for the latest news and information. These activities can deliver business users to seemingly innocent clicks on malware laden, malicious URLs.
Drilling down on the novel coronavirus example, AZORult malware has been in the news recently. AZORult is malware with several variants, including a downloader and information stealer. Discovered initially in 2016, it can be found for sale on international underground forums. Recently, AZORult malware was discovered on a host site offering a very detailed global map of the novel coronavirus outbreak areas, total confirmed cases, deaths, and recoveries by region and country. This malicious website was falsely attributed to a trusted US science and engineering university. Users that were anxious to find legitimate news and updates instead received a harmful AZORult .exe malware file from the website. Using this example, it’s easy to see the potentially dramatic increase in employee provided entry points to the corporate network for malware and ransomware.
It should also be expected that many state-sponsored cyber offenders, intent on damaging business and personal assets, will see today’s challenging environment as enhancing the pathways to success for their malicious intent. Recent global events, and even the upcoming US elections, provide the backdrop for targeted attempts to disrupt the business of large and small corporations. Couple these situations with the sudden surge in distributed workers and it becomes clear that immediate re-communication of policy and attention to systems and security is imperative. What can businesses do today to minimize potential threats?
While technology works every day to keep ahead of the threats presented by malware and ransomware, it’s an acknowledged race to the top between the forces of good and evil. The good news is today’s portfolio of security and advanced threat mitigation technologies, configured and updated appropriately, provide a powerful arsenal against even the most advanced threats. You can improve the effectiveness of that arsenal by considering some of the latest advances in threat mitigation, DR, and backup technologies for the prem, cloud or hybrid network. Finally, reinforcing common sense prevention is key to threat prevention.
If you’re looking to protect your organization against malware and other cyber attacks, Otava can help. Consider our secure, compliant hybrid cloud solutions managed by a team of experts trained in the latest security best practices. Call 877-740-5028 or contact us to learn more.
How to avoid spear phishing bait: In the war against cybercriminals, we’ve learned to block messages from people we don’t know and avoid emails that have an excessive amount of capital letters, exclamation points and bad spelling. But what if the email is from someone you know, with their email address, a normal-sounding subject line, and a reference to the new car you bought last month?
Ransomware preparedness with cloud solutions: According to a recent IDC survey, about 50 percent of organizations said they could not survive a disaster event, with 91 percent of respondents experiencing a tech-related business distruption in the past two years. Most organizations are already using cloud technology for their everyday business activities, but consider how it can help you prepare for a ransomware attack before it hits.
What is the difference between a cold, warm and hot disaster recovery site? We all know the importance of disaster recovery as it relates to business continuity and HIPAA compliance. However, not all disaster recovery options are created equal. Different kinds of disaster recovery are dependent on the needs of your business.