Malware | Tech Sentries

14Sep2023

Alarming Statistics About Ransomware

September 14, 2023

For some inexplicable reason, each of us tends to believe that we are immune to catastrophic events, including diseases, natural disasters, and crimes. Unfortunately, we carry that same naivete over to guarding our technology. Just as we think that no harm will befall us personally, even though it does, we believe that are computers are also immune – even though we have no reason to believe that they are.

Eye-opening Ransomware Statistics

Some people are motivated by statistics that evidence growing vulnerability. Others become motivated when disaster strikes someone they know. Still others do nothing until they have become infected or affected. We hope the following statistics will increase your awareness of the reality that you can become a victim of a ransomware attack.

There are more than 4,000 ransomware attacks reported every day.
It is estimated that less than 25% of attacks are report.
30,000 to 50,000 digital devises are infected with ransomware each month.
The amount of money paid in ransom increased dramatically from 2015 to 2016.

Year	Ransom Paid
2015	$24 million
2016	$850 million

Year	Average Paid
2015	$294
2016	$679

More Convincing Statistics

Ransom paid is only part of the problem. Ransomware attacks cause expensive downtime for businesses.

63% of business attacked by ransomware suffered downtime.
34% lost money as a result of the downtime alone.
20% were forced to close permanently.

Small Business Are Not Immune

Myth: “My business is too small for anyone to bother attacking.”

Fact: A recent survey reported that, on average, small businesses lose an aggregate of $8,500 per downtime hour. That is an annual total of $75 billion.

These statistics may not alarm you. They should. You need to take the necessary precautions to protect your business and your home computers from ransom attacks.

Yes, you should be concerned about your computer system security, but you should also know that you are not alone and defenseless in the computer world. Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

14Sep2023

Five Things You Probably Did NOT Know About Ransomware

September 14, 2023

Tech Sentries

Malware, Ransomware

Our mission at Tech Sentries is to help you “Guard Your Technology.” Part of helping you to “Guard Your Technology” is to keep you informed about threats to your computer system, like ransomware. We believe that keeping you informed is part and parcel of our commitment to you. We found this insightful information in a recent article in an online tech site.

Ransomware Lesson #1

It can be much easier to steal your business or personal information and hold it ransom than to kidnap someone in your family.

Holding information for ransom may be less lucrative per instance, but the crime can be perpetrated a virtual plethora of times with the potential capability of accumulating a great deal of ill-gotten gain from multiple sources. Although some criminals may take the short path to large sums of cash, the opportunity is now open to treacherous techies who are willing to commit the crime numerous times on a smaller scale.

Just because you are not a big business or personally wealthy does not exempt you from ransomware attempts.

Ransomware Lesson #2

Ransomware is not a virus. The computer term “virus” was coined because, like a live virus, it infects your computer files. Ransomware locks your files so that you cannot access them.

Ransomware Lesson #3

You do not have to click on anything in particular to be the victim of a ransomware attack. Although phishing is a method used in some ransomware attacks, it is not, by any stretch of the imagination, the only method of attack.

We always strongly advise our clients to be careful what you click. Understand, however, that this may not make you immune to a ransomware attack. It is, nonetheless, a good habit to develop to guard your technology.

Ransomware Lesson #4

You do not have to visit questionable websites to become a victim of ransomware. Although that may make you more vulnerable to attack, the masters of the ransomware craft tend to use the most innocuous of sites to carry out their schemes. Their whole point is to catch the innocent unaware.

Ransomware Lesson #5

You can guard your technology against ransomware. Although traditional antivirus software has yet to provide foolproof protection against ransomware, whitelisting has come to the forefront as one of the best defenses available. Read our recent blog post about whitelisting here. You will understand in more detail why whitelisting is so successful and why you should use it.

You should be concerned about ransomware, but you are not alone and defenseless in the computer world. Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

23Apr2018

The Greatest Threat to Your Company’s Data And, How to Minimize It – Part 2

April 23, 2018

Data Protection, digital technology, insider threats, protect your technology, security attacks, security threats Malware

OOPS!

Oops! That’s the word you never want to hear from your barber, your surgeon, or your pilot.

Business owners are beginning to realize that it is not what they want to hear from any employee working at a company-owned computer – or a BYOD computer linked to the company system.

Last week, we shared some statistics that indicate that company employees may be the biggest threat to your digital data (click here for part 1). To underscore that foundation, we were stunned by one of the findings of a Netwrix 2017 IT Risks Report of government agencies:

“100% of government entities see their own employees as the biggest threat to security.”

Think about that for a minute. Not malware, not data breaches, not hackers, but employees.

The attacks may come from the outside, but the biggest threats are the employees on the inside. In fact, the report also revealed that 57% of actual security incidents among those agencies in 2016 we attributable to employee human error.

computer error Before taking comfort in “only 57%,” the remaining 43% had their root cause in “insider misuse.” In this case, insider means “employee.”

Obviously, we are trying to make a point here. It is not that you should consider your employees to be ill-intentioned culprits. It is that you should understand the reality that, although they are probably not the attackers, they are the actors via which attackers gain access.

ICU

Before we share some of the finer details and proven ways to protect your technology from damage by your own personnel, which we shall do next week, we want to emphasize and re-emphasize that the essentially cornerstone of security protection for your technology is having an ICU approach. Perhaps we should say an “I see you” approach.

We are talking about an approach in which activity is monitored for the ability to identify aberrations that typically point to security issues and better position your company to handle the potential threats to your systems.

SPY

Secure and Protect Your Technology

Other than the logistical and operational issues we will discuss in the next article, there are two important obstacles that business leaders must foresee prior to making a bona fide commitment to protecting your technology.

1. The rapid advance of digital technology is not going to stop or slow down to wait for you to catch up or keep pace.

2. Some employees will perceive monitoring as a violation of their rights.

In Daniel Boone’s day, advancing pioneers secured a position then developed their operational resources within. Today, new resources are coming at us at a furious pace that security often follows rather than leads. If you are going to commit to advancing technology, you must commit to guarding it.

Employees (those people whom government agencies see as their biggest security threat) must be groomed to understand that it is not their activity that must be protected. It is your data. And it is your digital technology. Reasoning to the next level, savvy employers must change to employee paradigm in such a way that they become protectors of your security rather than perpetrators of OOPS moments that could bring your business to its knees.

You don’t have to be a techie or a geek or understand all the ins and outs of cyberspace. We are here to help you guard your technology. The first step is raising your awareness of the need before the need becomes an emergency. The next step is raising your employees’ awareness.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
2105 Leopold Street
Johns Island, SC 29455
843-282-2222 Office/Fax
843-902-6885 Cell

26Mar2018

Move Over Ransomware – Here Comes Crypto-Jacking

March 26, 2018

computer security, crypto-jacking, ransomeware Ransomware

Just when you feel like you’ve heard about all the cyber threats and attacks that can compromise your digital technology, you learn that hackers have discovered new methods of intrusion and infection.

It doesn’t just feel that way. That’s the way it is.

Don’t let our blog title mislead you, the threat, danger, and cost of ransomware still exist. It’s just that when ransomware artists realize that crypto-jacking is much easier and much more lucrative, the scammers are likely to jump on the new wave of tech crime.

The Effect of Ransomware

The average likelihood that a hacker will obtain a ransom via a ransomware attack is about three times out of 100 attacks. The current success rate for crypto-jacking is 100 out of 100.

In fact, crypto-jacking is escalating rapidly and, with the current fascination with the crypto-currency market on the rise, it is likely that the trend in cybercrime will follow. A recent report indicated that there were about 15,000 crypto-jacking alerts in May 2017. By February 2018, that number had risen to 280,000.

By now, you are probably wondering what crypto-jacking is. We certainly hope so. That’s why we are writing this blog. Here’s what you need to know.

Crypto-jacking does not attack your system per se. It infiltrates and enlists your devices to attack others. But this is not a case of “no harm, no foul.” Complex codes installed on your digital assets operate in the background, sending results to a server the hacker is using.
The codes find their way onto your system devices using tried-and-true phishing and malware techniques, i.e., by getting you to click on links in legitimate-looking emails or on infected pop-up ads on a website you are browsing.

In effect, your computer is being hijacked via old techniques, not to attack you, but to do mine cryptocurrencies from others.

The problem your system is that crypto-jacking is like a debilitating disease on your system’s devices. You can’t see it. It is not eating your lunch, but it is eating your resources. While you are enjoying your pastrami on rye, the codes are eating up your processing resources. Eventually, your digital technology will be working more for the hacker than it is for you. You probably won’t notice a thing until your computer is no longer performing wonders faster than a speeding bullet but acting like it wants to take a nap.

We want you to be informed. But we also want you to know that we’ve got your back. Tech Sentries monitors and protects your systems, even from unseen parasites like the codes running at the behest of crypto-jackers.

All we ask of you is to be steadfast in doing your part to keep yourself and other users of your system away from suspicious links and intriguing pop-up ads that may have more to offer you than advertised.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
2105 Leopold Street
Johns Island, SC 29455
843-282-2222 Office/Fax
843-902-6885 Cell
https://www.techsentries.com

27Feb2018

Spear Phishing

February 27, 2018

Cyber Attacks, guard technology, phishing Malware

We’ve warned our readers in the past about cyber attacks identified as phishing. Yes, phishing is dangerous for unaware phish. We don’t want that phish to be you. Now the problem is more dangerous. Phishing has escalated to the even more pernicious spear phishing.

Phishing Reviewed

· You receive a message inviting you to access a website or other online document.

· You (the phish) bite by clicking on an “Open in Docs” button. Sometimes the message seems to be too good to pass up. Even if it doesn’t appear that good, it just looks so real.

· Once you bite, the hook is set and the phisher uses your contact list to infect the people and businesses on it.

Digital phishing works randomly, just like regular fishing. The phisher casts his line to where the phish are gathered, hoping that one bites.

Spear Phishing Is Targeted

There’s a reason we call it spear phishing: because it is just like spearfishing. The phisher has a specific phish in his crosshairs. Instead of waiting for a random fish to take the bait, the spear phisher has his eye on you or your business, and he is ready to stick it to you.

The spear-phishing cyber attacker already knows your name and enough readily available information about you to get your attention. The method of attraction is much more subtle and sinister. Using your known information, the attack typically comes cleverly disguised as a message from someone you know or some company you do business with and trust. Only it’s not.

If it weren’t for the phishing phrase already in use, we might be describing these attacks as wolves in sheep’s clothing. Your cyber attacker presents him or herself as innocuous and trustworthy.

Fear the Spear

The best way to avoid being spear phished is by exercising an abundance of caution. Be wary of invitations, offers, and surveys that might even possibly be cyber attacks. Even more important is ensuring that your technology is protected. Caution is good, but it now takes security technology to best guard your technology and to keep your computers free of spyware, malware, phishing, and other attacks.

Tech Sentries works diligently to keep you aware of potential dangers and how to take a few, common-sense steps to Guard Your Technology and to ensure the safety of your data and devices.

We are as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

20Feb2018

The Frighteningly True Cost of Ransomware Part 2 – A Hospital Infected

February 20, 2018

computer backup, protect data, ransomeware Ransomware

If you were amazed at the ransomware statistics in the first article in this series, you will be stunned to discover the actual costs of several real ransomware attacks in this and the next several posts.

Dateline: Buffalo, NY

It usually takes a massive snowstorm to bring Buffalo to a crawl. On April 9, 2017, all it took was a single ransomware attack to bring the entire operating system of the Erie County Medical Center, a Tier 1 Trauma Center, to its knees. That infection affected hospital operations for over six weeks.

The Cost of Ransomware is More Than You Think

The ransom request was only $30,000. You might think that’s not bad for a hospital. Think again. The total cost of recovery exceeded $10 million. That is precisely why it is so crucial for us to warn our readers of the need to prepare for the potential of a ransomware attack. More on the ransom below.

When the attack unfolded, ransom notes began appearing on computer screens throughout the entire facility. Once the IT Department ordered all computers to be shut down, the hospital was forced to operate substantially as it did more than two decades ago. Everything from medical records to memos had to be managed by hand. The computer system belonged in the hospital. It was, in effect, disabled.

Infection, Treatment, and Recovery

One virus – 6,000 computers infected that had to be cleaned and restored.
One virus – so big that IT specialists from other hospitals, the NY State Police and the FBI were called in to assist.
One virus – no email communication for two weeks.
One virus – no electronic communication in the hospital lab and radiology department for three weeks.
One virus – no electronic processing of prescriptions for more than four weeks.
One virus – All electronic records for the 602-bed hospital had to be updated after the system was recovered.

What About the Ransom?

ransomeware We don’t know the motives of the perpetrators. Frankly, when you are the victim, the criminals’ motivations don’t matter. What matters is the damage that they have caused. Think of, for instance, a patient in the ER with a heart attack. The cause of the attack is relatively unimportant. What matters most is that the person can regain his health and that steps are taken to ensure that it doesn’t happen again.
The hospital followed the same protocol as it would when treating its patients. Identify the problem. Fix the problem. Begin a regimen to prevent the problem from occurring again.

The hospital did not pay the $30,000 ransom. They recognized that the payment was not the priority. The priority was restoring their system to operational health. The cost of recovery was just as devastating as major surgery would be for a person without healthcare insurance – if not more.

Lessons Learned

Prevention is the only inexpensive alternative to ransomware. The staff of the hospital would likely suggest ways for us to guard against infections, but it failed to defend against infections caused by ransomware.

A ransomware attack may not cost your business $10 million, but it will have a cost. You can be sure that the expense will be commensurate with, and potentially able to destroy, your business.

Tech Sentries works diligently to keep you aware of potential dangers and how to take a few, common-sense steps to Guard Your Technology and to ensure the safety of your data and devices.

Keep up to date with us as this series continues to unfold and to reveal the realities of ransomware – and what it could cost you and your business.

We are as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

30Jan2018

The Frighteningly True Cost of Ransomware Part 1

January 30, 2018

block ransomeware, business data safety, ransomeware Ransomware

ransomeware You’ve heard the stories. You’ve seen the movies. Someone is abducted and held for ransom. From there the plot thickens and unfolds until, at last, the ransom is paid, the hostage is returned, and the criminals are caught.

However, by now you are beginning to understand that ransom in the 21st Century deals less with holding people hostage and more with blocking access to your computer and holding your data hostage.

Of course, that will never happen to you.

Or will it?

A Dose of Reality

People who think that they will never be attacked by ransomware are living in a fantasy world. Here is what is happening in the real world. Right here. Right now.

According to a report by Malwarebytes:

Companies, large and small, are attacked by ransomware every 50 seconds.
Individuals are attacked every 10 seconds.
Total ransomware damage is expected to exceed $5 billion dollars this year.
- That’s $5,000,000,000.
60% of all malicious cyberattacks in 2017 were ransomware.
- Advertising fraud comprise another 20%.
- Download, backdoor, botnets, and all other forms of attack combined made up the additional 20%
Ransomware variations have increased by 430% in the first quarter of 2017 compared to the same period in the previous year.
- One readily-available ransom software package releases new updates approximately every 8.4 days!
71% of companies targeted by ransomware have been infected.
72% of all businesses lost access to their data for 2 days or longer.
- 96% lost an entire day’s worth of data
- 61% lost 3 or more days’ worth
- 32% lost 5 or more days’ worth
66% of all ransomware attacks now use network file-sharing protocols to infect computers.
- These attacks do not require you or an employee to make an error in judgment.
- They simply attack weak passwords or other security points.
75% of corporate ransom attacks infect three or more employee workstations.
- 50% of corporate ransomware attacks infect at least 20 employee workstations.
The most favored variant of ransomware spreads like an infection. Once it is in your system, it spreads from device to device.

A Warning of Things to Come

There is no apparent decline in ransomware attempts. There is no reason to expect that there will be. Consider these two facts which we will embellish in a following article:

1. Ransomware has become a lucrative cybercriminal business, garnering multiple millions of ill-gotten dollars. By “business” we mean central figures operating with affiliates who split the take.
2. Ransomware has attracted amateur wannabes. These people are more likely to get caught, but that does not lessen the degree to which they can inflict damage.

Tech Sentries works diligently to keep you aware of potential dangers and how to take a few, common-sense steps to Guard Your Technology and to ensure the safety of your data and devices.

Keep up to date with us as this series continues to unfold and to reveal the realities of ransomware – and what it could cost you and your business.

11Sep2017

Why Small Businesses Should Be Very Concerned About Ransomware Attacks

September 11, 2017

Tech Sentries

Malware, Ransomware

If you are thinking, “Oh, no. Not another article about ransomware,” you need to read the rest of this report.

CNN broadcasted a segment on July 27, 2017, informing viewers why small businesses in particular should be very concerned about potential ransomware attacks. The broadcast stemmed from the release of the “Second Annual State of Ransomware” study conducted by Osterman Research.

The Damage Is Often Worse Than the Ransom

In an earlier newsletter we shared the pervasiveness of ransomware. No one is immune from ransomware attacks.

The common mindset of small business owners is that ransomware protection is a priority for major enterprises as opposed to SMBs.

As it turns out, small businesses are at great risk and, proportionately, have much more to lose, according to the Osterman data. The greatest potential for SMB loss is not the ransom itself, but the damage resulting from the intrusion.

16% of SMBs experienced operating downtime of 25 hours or more. Some were hobbled by more than 100 hours of downtime.
- 93% of those (15% overall) suffered a loss of revenue due to the downtime.
22% of SMB victims of ransomware attacks were unable to recover and subsequently had to close their doors.

Small Businesses Lack Adequate Reserves

“Cash reserves” is a standard business term that is seldom heard in the SMB realm. Small businesses typically operate on a small amount of capital. It is rare when small businesses include cash reserves in their budgets. The cash reserves set aside by their larger “cousins” do not make them less vulnerable to ransomware attacks, but they do help to mitigate the consequences of the aftermath of an attack.

Small Businesses Lack Adequate Resources

According to the report,

27% of SMBs could not identify how their systems were accessed.
33% reported the malware infection had spread to multiple network devices before being detected.
64% of attacks in the U.S. were perpetrated by infected email attachments or links.

Small businesses seldom have the IT infrastructure of corporate discipline to ensure that their systems are adequately protected and that their employees are complying with company rules regarding internet security. For a variety of legitimate reasons, many SMBs do not have a disciplined way of keeping their digital security up to date.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

6Sep2017

What in the World Are Hackers Thinking?

September 6, 2017

Tech Sentries

Ransomware, Security

We already know what we think when our digital technology has been compromised by some &^%#$* hacker and her (yes, her!) virus, malware, ransomware, or phishing expedition. We get frustrated and downright angry. Have you ever wondered, what the hacker was thinking or what motivated her? We thought it might help to understand.

A recent report published by Government CIO indicated that,

“Most cyber criminals are motivated by the commission of a crime. It is a psychological issue that defines them as people with some super traits that cause antisocial behavior. Possibly, these people suffer from one or more forms of psychological disorders that seek to gain recognition or personal gain from illegal activities.

Other personality traits exhibited by the cyber criminals include “self-centeredness, grandiosity, callousness, and lack of remorse or empathy for others coupled with a charismatic, charming, and manipulative superficiality.”

Does that give you a warm, fuzzy feeling? We didn’t think so. Perhaps this will help. In late 2016 Digital Endpoint described eight common types of hackers along with some insights into what motives them.

TYPE	PERSONA	MOTIVATION
White Hat	Good guys	Companies employ them to test software, websites, and systems from criminal hackers.
Black Hat	Guns for hire	They get paid for stealing information by the people who want that information. They don’t care about the information per se.
Grey Hat	Wolves in sheep’s clothing	They test systems, but without permission. When they find a weakness, they try to sell their findings to their victims for a price.
Script Kiddies	Trainees	They use packaged software to disrupt systems and establish a reputation in the hacking community.
Hactivists	Protesters	They are employed by governments to gain information and/or attack foreign entities.
State Sponsored	Warriors	They hack to harass, expose, and exact revenge on entities to which they are opposed.
Corporate Spies	Corporate Spies	Corporate spies have existed for years. The internet and digital technology are just new tools.
Cyber Terrorists	Terrorists	They want to “spread fear and create chaos … by causing unrest.”

Did we mention that some hackers are women? Watch this video. It will give you even more insight in what in the world hackers are thinking.

9Dec2016

Jackware—What Is It?

December 9, 2016

Joe

Jackware in Myrtle Beach, Jackware Myrtle Beach, Myrtle Beach computers, Myrtle Beach Jackware Malware

Myrtle Beach JackWare Have you ever heard of jackware? In this day and age, we hear a lot about ransomware, spyware, adware and all kinds of other “wares,” but probably not jackware. However, it’s still malicious software that gets in and controls many devices whose main function is NOT digital communication. Your car is a perfect example of just such a device. Your car may have some communication abilities, but think of it like this: we’re looking at cars as simply a means to get from one spot to another.

Jackware is essentially a more specialized ransomware, which like its name suggests, gets in your software, encrypts your files and demands a ransom in order for you to unlock and get your files back. With jackware, it seeks to lock up your car’s ability to run until the ransom is paid.

The following is important to note!

Jackware has not actually been defined as an active threat just yet. It’s still a bit theoretical in nature, although we here at Tech Sentries are a bit doubtful of jackware being stopped. There are people constantly coming up with new ways to hack into our everyday lives and create chaos through our computers, software, telephones, and now even our cars if something isn’t done. Brand new cars are essentially fancy computers on wheels and so they are very vulnerable to jackware after they have left their manufacturing facility to be shipped across the world.

All last year, we heard about the Fiat Chrysler Jeep problem where the design process wasn’t stellar and many of the systems were wide open for hackers. So, we now know that in order to stop this problem, protection must happen during the design process. Car companies need to ensure consumers that everything they do with the car’s onboard computer is safe. For instance, many people now can control systems in their homes, such as alarms, lights, etc., all from their vehicles. If jackware really does become a huge reality, then your car is one more portal from which hackers can work their evil. Many smart cars now come with Wi-Fi capabilities and this could be a big problem if it’s not completely secure.

So How Do We Stop Jackware?

This is the million dollar question. Unfortunately, the world has not done a good job at all of deterring cyber crime. Hackers just get better and smarter at what they do, so the risk of becoming a victim is huge. In order to stop jackware, it would have to involve changing policies within major manufacturers, as well as staying ahead of the technical curve. Gone are the days when clicking on a link in an email was the only way to get hacked by ransomware. Millions of dollars have been paid to cyber criminals by desperate people trying to get their files recovered. Companies need to be employing the best anti-malware security they can find. We also need to actually prosecute the criminals behind the ransomware!

The question remains if ransomware will actually spawn a branch called jackware. It absolutely seems certain that this will happen at some point. One of our biggest concerns is that of self-driving cars. Any vehicle that is equipped with onboard computers is at risk for jackware.

The best way to stay safe and protect yourself from ransomware attacks—including the possibility of jackware—is to have the best protection available today. Tech Sentries stays on top of all the latest threats so you don’t have to.

Call 843-282-2222 today for a free consultation.

1 2 3