The UK’s National Crime Agency (NCA) has recently warned of a major cyber attack in the form of powerful malicious software. These threats are likely to target UK businesses and individual’s computers imminently.

The NCA recommend checking IT security to protect against the latest threats named GOZeus and CryptoLocker.

 

IT Security

It is said that if a PC is compromised by GOZeus, the software is designed to search and retrieve bank log in details, if it fails to find any financial information it could then install Crytolocker, which is known as ransom-ware.

The ransome-ware encrypts a computer’s hard drive and the only way to decrypt it is to pay a fee. The release fee can be avoided by re-installing the computers operating system but if no backups are available, all data on the PC will be lost.

 

Is your business doing enough to protect against these type of threats?

To help, we’ve put together these top tips to reduce the risks of attack:

  1. Never document passwords – Never store documents that contain log-in names or passwords – that is what the virus searches for!
  2. Backup important data – Generally all data should be stored on a server and regularly backed up.  If you have important data on your local PC ensure you take regular backups to external media
  3. Suspicious emails – If you receive an email that you are unsure of – delete it!  Even if it’s from someone you know, if the tone is slightly odd, delete it!  If there is a link in the email, DO NOT CLICK IT!
  4. Examine email links – Although most emails look genuine, some are not.  Question every email you receive.  If it is from an official body i.e. a bank or the Government – delete it as they never email, especially if there is a link in the email!  If you are unsure about a link from a trusted source, hover over it to reveal the entire link address, this will identify if the address looks suspicious –  links normally read in the context of the website that its being sent from
  5. Preview emails before opening  – Most emails let you review the content before clicking on it to view fully, this window will allow you to work out if the email is safe or not.  Remember, if you are in doubt, delete it!
  6. Be extra vigilant surfing the web – If you are surfing the internet and click a site that looks suspicious, close it immediately and do not investigate it further.  This could be a hacked site that contains links to infections
  7. Windows Updates – Update all computers on your business network with the latest Windows security patches, this should happen automatically unless the function has been disabled.  To be safe manually run a Windows update check.  Remember to restart your computer regularly to ensure Windows updates are installed correctly
  8. Do away with unsupported software – Replace or upgrade old computer Operating Systems and software, such as Windows XP and Microsoft Office 2003.  These are no longer supported, making it vulnerable software that is exposed to hacks
  9. Anti-virus – Ensure that anti-virus software is installed on your computer and that it’s working with up-to-date virus definition files
  10. Password IT security policy – Change your passwords regularly, ensure passwords contain numbers, capital letters and at least one ASCII character, such as #!&+.  Having just one password for all website is very risky!
  11. Enhanced firewall security – Invest in a business security device such as a Dell SonicWALL Network Security Appliance with Comprehensive Gateway Security Suite. This device acts as a secure gateway for business networks, it monitors traffic for threats, exploits and malicious items coming from the internet.  The TZ series of the SonicWALL devices offer the same level of protection and security features required by banks and global companies at prices affordable by small and medium businesses
  12. Beware of mobile threats – mobile phones and tablets infections are on the rise, ensure you don’t ‘jailbreak’ your phone and always use a PIN to lock the screen. Do not perform confidential transactions using public Wi-Fi’s and avoid storing important of sensitive data on your mobile devices
  13. Education – One of the most important tips to reduce the risk of cyber-attacks is to educate staff. Ensure they are aware of the above tips and are always cautious and observant of potential threats when using computers.

It is estimated around 15,000 UK computers are already infected with the GoZeus virus.  These people will be contacted by their ISP with details on what to do next.

The tips in this blog along with vigilance will help reduce the risk of falling victim to cyber-crime.  If you have any questions regarding cyber threats and computer security please contact our team of IT security professionals on 01903 786 287