In years gone by hijackers were the things of legends and folk stories but they are very much part of everyday culture in 2014 – in a digital sense. The recent global press around the Heartbleed bug, resulting in vulnerabilities in OpenSSL, highlights the need for companies to be vigilant of potential data security risks.
OpenSSL is the cryptographic library that secures most of the internet’s websites. It is used by many popular sites including Yahoo to send sensitive information. According to NetCraft 53% of web servers, hosting more than 500 million websites, use the software which relies on OpenSSL.
OpenSSL is primarily used to keep information secure. Due to the flaw in the OpenSSL, hackers are able to send messages to web servers to access sensitive data. This is predominantly passwords, emails and credit card details. Heartbleed has certainly posed the question as to whether private data is really safe in cyberspace.
Digital hijacking is when software is uploaded remotely to computers, servers and other devices which will encrypt your data. CryptoLocker is another potential hijacker companies need to be aware of as it restricts access to some or all of your information and data. You will then normally be contacted for a payment in exchange for free access to your information. However, once payment has been made, the encryption remains in place and your data is held hostage.
CryptoLocker is a Trojan hijacker and first surfaced in 2013 although it has ramped up its visibility in recent times and even the Guardian have warned PC users to be vigilant. CryptoLocker only affects Windows users and usually comes as an email attachment which then encrypts certain types of files stored on local and mounted network drives.
The tricky bit is that the problem attachment comes with a legitimate-looking email. The most recent email carrying CryptoLocker was from Royal Mail warning that there was a parcel waiting for collection at your local depot.
The payment required for this particular encryption was $300 or €300 and if people didn’t pay within 100 hours, they were warned their data would not be recoverable ever again as the hijackers would destroy the privacy key.
Here are a few tips to keep you safe from these modern-day hijackers:
- Back up your files
- Ensure you antivirus software is the best you can afford – you get what you pay for!
- Ensure your antivirus software is completely up-to-date
- Familiarise yourself with the Data Protection Act as it requires companies to take reasonable precautions in protecting their own (and customer) data
- Encrypt the files you feel are particularly valuable or vulnerable
Eliminate business downtime
Prevention is always better than cure and ICU have taken this a step further to develop their Planned Preventative Maintenance to maintain the protection and performance of your existing systems and to advise you on a regular basis of industry developments and best practise to keep you as secure and efficient as possible.
ICU always recommends a robust back-up process is in place for all data and information within your business. This ensures your data is always recoverable and won’t cause any downtime if you are targeted by CryptoLocker or any other malware or Trojan which could cause damage to your data.
Do you want to learn more about how our experienced IT support team can protect your business?
Call now on 01332 513333 or 01158 240516 to find out.