How to prevent cyber-attacks in 2020
It’s clear that cybercriminals haven’t been resting over the festive period, as a spate of cyber-attacks have been announced in the past week.
UK-based currency exchange business Travelex has taken its website down in the wake of a cyber-attack. The organisation first discovered the malware on New Year’s Day, immediately taking down its systems in response.
The company has stressed that no customer or personal information has been breached, but rather its cybersecurity experts are working to contain the virus to prevent further damage.
At the time of writing, the cause of the attack or the strain of malware haven’t been confirmed, but there’s speculation that ransomware has once again struck. Ransomware is a particularly insidious type of malware that encrypts files. Hackers then demand a ransom payment in return for file decryption; but once you’ve paid, this almost never happens.
At this point in time, the company website is down and its services can only be delivered in person at its branches.
Travelex’s Chief Executive, Tony D’Souza, has assured customers that the organisation is actively trying to contain the damage and resume service, saying: “We regret having to suspend some of our services in order to contain the virus and protect data. We apologise to all our customers for any inconvenience caused as a result.
"We are doing all we can to restore our full services as soon as possible."
The downtime is sure to cause havoc for customers, many of whom have ordered currency or are in countries including France and the US. Additionally, Travelex partners including Tesco Bank and Asda have been unable to deliver online currency exchange services, which are powered by Travelex.
US maritime ransomware attack
In the past week, it has emerged a US maritime base suffered from over 30 hours of offline downtime because a ransomware virus attacked its systems.
The US Coast Guard (USCG) announced that the file-encrypting malware was able to penetrate its systems because an employee clicked a link in a malicious email. In addition to encrypting critical files, the ransomware virus “burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations”, incapacitating the organisation.
The variation of malware has been confirmed as Ryuk ransomware, a strain which has been prevalent since August 2018 and, according to the National Cyber Security Centre (NCSC), is not contained to the US. The NCSC published advice on dealing with Ryuk ransomware in June 2019, meaning UK businesses should sit up and take notice.
While we strongly recommend that businesses never pay a ransom demand because it’s very unlikely you’ll get your files back, The Register further revealed that Ryuk ransomware creators broke their own decryptor, meaning they definitely can’t stick to their promise of restoring your files.
The attack on the US Coast Guard highlights the fact that ransomware can do more damage than simply encrypting files; it can also take down business-critical operations.
How to prevent cyber-attacks in 2020
We’re just at the beginning of the year, but these cyber-attacks show that hackers won’t be slowing down in 2020 and therefore, you can’t afford to be lax with your cybersecurity.
We have some top tips on preventing your business from falling victim to cyber-attacks, and particularly ransomware:
Keep your software and systems up to date
This is critical. Too many businesses make the mistake of perceiving updates to both software and hardware as an expense rather than a business-critical project. Software and operating systems, for example your Windows 10 or your iPhone iOS system, are continually updated to ‘patch’ holes that cybercriminals could exploit.
Many old servers, like Windows Server 2008, will be unsupported by their providers because they’ve become too outdated and costly. This lack of support means they’ll no longer be patched against emerging threats, leaving your business vulnerable to cyber-attacks. And, let’s face it, older systems are also slow and clunky, which significantly impacts your productivity.
It’s no longer enough to install an anti-virus on your machines and think that’s a job well done. As hackers have evolved in their methods to take down your business, so have cybersecurity tools. We recommend the minimum of a secure firewall, endpoint and network protection and specific tools which defend your business against unique threats like ransomware.
Educate your employees
In a tale as old as time, the US Coast Guard was infected with ransomware because an employee clicked on a malicious email link. It’s almost a cliché at this point, but the stark truth is that this is still the most common entry method for hackers injecting your systems with malware. Your employees are your first and last line of defence, so they need to be able to spot threats easily. Thanks to new innovations, you can simulate phishing attacks to not only test your employees’ existing knowledge, but train those who fall victim to ensure it won’t happen again. Find out more about educating your people.
Use multi-factor authentication
Credential theft via phishing emails is also incredibly common; if these emails don’t contain links which surreptitiously install malware on your systems, they’ll include links to fake login screens – commonly fake Office 365 account logins – to steal login information. In addition to training your staff on spotting these malicious emails and landing pages, installing multi-factor authentication is a critical additional step which means if those details are stolen, hackers still won’t be able to access your systems. Our security expert Alistair Ward covers everything you need to know about 2-factor authentication protection in his blog.