It is undeniable that in the last couple of years the words “cybersecurity” and “cyberattack” have become part of everyone’s IT culture and that cyberattacks have often made the news, especially after the pandemic forced all businesses to go as digital as possible.
It is therefore essential for everyone to have a clear understanding of the difference between the two and that is why the Italian Chamber of commerce in New Zealand invited Ricardo Deiana, manager of a globally operating IT managed service provider, to their latest monthly aperitivo at Non Solo in Parnell, Auckland.
For those that could not attend the event and as a recap of what has been discussed, here is a handy summary. Of course, feel free to get in touch with us or directly with Ricardo should you want to dig deeper into the IT security world!
Malware: what is it, what it does, how to protect against it!
Let’s start by saying that “malware” is a general term to describe any kind of malicious software designed to damage or harm a computer system.
So, this malware is also known by their specific names as “spyware”, “adware”, “trojan”, “worm”, “virus”, and so on, based on their specific goals, targets, or way they enter the host system.
Basically, they all aim to go unnoticed, access and control the host (your computer system) profiting by recording, stealing, or encrypting sensitive data and/or information, or using the host to launch other attacks.
As this is a software that needs to be installed within the computer system, the only way of being infected or at risk of being infected by malware is by directly downloading it from the internet, maybe while looking for legit software or files and, for example, not noticing to have been redirected to a fictitious webpage, via email through attachments or links to malicious webpages, through an external drive, i.e. a USB key, directly connected to the computer system, or even over the internal network if another computer is infected.
Malware is easier to prevent than it is to fix. So, to efficiently protect a computer system against malware we must:
- Install all updates and patches for both the operating system and any software we use
- Install an antivirus software and keep it up to date
- Scan for viruses regularly and take any needed action against infected files
- Install a firewall to monitor and filter network traffic
- Be cautious when connecting to untrusted networks (such as public ones)
- Be very careful when sharing portable drives
- Be very careful when downloading any file from the internet as well as when following links
- Keep an updated backup of your files somewhere safe
DoS attack: what is it, what it does, how to protect against it!
Although it can originate from a malware, a DoS, short for Denial-of-Service, attack is not a malware but a threat.
It aims to restrict or impair access to a computer system or network and it typically targets servers such as those used for websites, emails, cloud services, etc., preventing legitimate users from accessing the online information or services that they need.
The way it works is very simple: the target server gets flooded with fake requests in an attempt to overload the system that can only serve a certain number of requests at once. So, when genuine requests come from legit users, the server will be busy and so unable to serve those requests. Hence the name “Denial-of-Service”.
This type of attack does not access or control the victim’s computer system and so it does not steal or encrypt any data. Also, it is more likely to target and directly affect a business or organization rather than an individual; but individuals are, of course, indirectly affected because of the server unavailability.
Think of all the times you visit a website to access your emails, look for information, or even to use a service such as invoicing from a service provider of the like of Xero or MYOB or think of your files being stored in the cloud and retrieved only when you need them. These are surely commodities of the modern days but if those servers were to be victims of a DoS attack, you won’t be able to conduct your businesses as usual causing downtimes with all the consequences that will follow.
As an individual, the only thing that can be done to prevent a DoS attack is checking with the Internet Service Provider whether they protect your internet connection from this type of threat; if not, better ask them to or think about countermeasures such as a network firewall. As a business with on-premises servers, an antivirus software along with a network firewall are basic requirements to mitigate the impact of a DoS attack.
Clearly, having an incident response plan in place and possibly an IT support team to whom to refer to should your business be a victim of a DoS attack are the only extra layers of security you could implement to secure your business continuity.
Ransomware: what is it, what it does, how to protect against it!
As much as ransomware fall completely into the malware category, they, unfortunately, deserve to be discussed separately due to their constantly increasing fame, simplicity, and the potential damage they can cause to both businesses and individuals.
Ransomware does not steal or delete any of the victim data or information, but it “simply” encrypts the files making them unusable by anyone that is not in possession of the encryption algorithm and key(s) unless they pay a ransom.
Should you be a victim of ransomware, the first signs would be either your own computer system notifying you that things cannot work correctly due to files not being accessible, or you noticing that you are unable to open your own files, or even a popup or email with instructions on how much and how to pay to get your files decrypted.
This type of attack can literally target anyone for any reason, or even for no reason (may it be just a random mass scale attack), and ransomware can infect your system in the same way any other malware does. So, to protect your computer system from a ransomware attack you can follow the same rules described for any malware but here a particular step can be a game-changer should you be the unlucky victim of a ransomware attack: having an up to date backup copy of your files!!!
That’s right, having a backup copy of your files is the most important thing to minimize the impact of a ransomware attack. In fact, the only ways to get your files back are:
- Paying the ransom requested by the attacker without guarantees the attacker will then decrypt your files, making you a target for future attacks (the attacker knows you are willing to pay to get your files back).
- Engaging with a legit service provider specialized in data recovery that will, of course, need to be compensated for the time spent to decrypt your files (this time is unknown until they start working on those encrypted files and can be months)
- Waiting for someone else to “solve the problem” and hopefully release a solution to the public (this could be as easy as installing a software or as difficult as still needing a professional to avoid possible data loss)
- Restoring the most recent backup of your files ignoring the other options and concentrating on tightening the security of your computer system to minimize the likelihood of another attack.
It goes without saying that restoring your files from a backup would be the quickest, cheaper, and most efficient solution to contain any damage caused by a ransomware attack and to ensure you are BACK UP as soon as possible!
So, like it or not, cyberattacks will always be there and will always evolve around new technologies and business strategies. The same goes for cybersecurity that reacts to any new threat as well as proactively researches computer systems vulnerabilities aiming to minimize the likelihood of cyberattacks and so to contain their damages.
It is time for everyone, individuals and businesses, to stop looking at these attacks as IT issues and start considering them as real-life and business issues that can cause real damage and in most cases a huge loss of money.
Ricardo Deiana – Infonet Solutions