Hacktivism: Why it Matters for Small and Medium Businesses

The surge in activist hackers (hacktivists) that we saw in 2012 continues unabated in 2013 and can no longer be dismissed as a fringe threat to corporate America. Hactivists are no different from traditional cyber criminals and although their motives may be considered ideological or altruistic, the damage that can be inflicted can often be worse. This is particularly the case if your business has been identified as a target by an activist group.

The Verizon Data Breach Report identified the following common hacking actions: SQLi  (access to the backend database is obtained by
“injecting” code into URLq queries), Stolen credentials, brute force attack (when an algorithm runs through all possible permutations to crack a password) and RFI (Radio Frequency Identification chips that are used in some payment cards) as well as backdoor malware. The targeted assets are web applications, databases and mail servers.

What you can do to protect against hacktivists

The number one thing to deter a hacktivist attack is to focus on cyber-prevention. Prevention is not just about IT – it’s about the whole organization: people, process and technology.

• Update anti-virus software and scan for malware and web application vulnerabilities

• Put in place policies to protect credentials, customer data, etc.

• Train employees with access to sensitive information

• Limit access to sensitive information and ensure credential information is changed so that departing employees can no longer access systems

SMB organizations vulnerable to Zeus Malware

We’re seeing a resurgence in the number of the Zeus/ZBot data stealing malware infections. Zeus is a trojan horse malware that is spread through phishing schemes and drive-by downloads. There has also been a surge in infections linked to fake Facebook links. Zeus has been reformulated with a number of new features and is technically more advanced that previous versions.

Small and Medium Businesses are a juicy target for cyber criminals because they generally lack the security protocols that larger companies have in place.

How does it work?
The victim receives a legitimate looking email from their recognized financial institution. The email contains a link that requires him or her to enter the company’s banking information including user name and password. This type of information in the hands of cyber criminals is used to quickly transfer large amounts of money. Another version of Zeus is a malware that infects the user’s computer and monitors for banking relating transactions.

What can a SMB do to protect against Zeus?
1.    Limit the number of people with access to sensitive banking information
2.    Train employees about the danger of cyber-attack and how to detect malicious activities
3.    Actively scan for malware using malware scanning technologies
4.    Consider designating a highly secured machine for online banking alone
5.    As with other online security, select a financial institution which offers two-step verification

New Ransomware Strain Threatens Victims

TechNewsDaily is reporting about a new and malicious ransomware that can wipe out a PC’s Master Boot Record (MBR), thereby preventing the PC from starting up. The BKDR_MATSNU.MCB ransomware, contains a “backdoor” which an executable file that reports a user’s data back to a command-and-control server. What makes BKDR_MATSNU.MCB stand out is that it a vindictive malware. If people who refuse to pay the phony fine or ransom, the computer no longer has instructions on how to boot up Windows, leaving the computer unusable.

The good news is that your PC may well be salvageable. If you have not acquired the backdoor and your computer is still usable, then most of the commercially available antivirus programs can be used to sweep and identify it for removal. Try rebooting your PC in safe mode. In the worst case scenario that your PC won’t reboot insert your Windows disc and Repair the Windows Installation. You are then able to reboot in Safe Mode and run the antivirus software.
If you do acquire the backdoor, and it hasn’t completely locked your computer yet, it’s also quite easy to get rid of the program with a simple antivirus or malware sweep. If possible, rebooting your PC into Safe Mode will provide your greatest chance at success.