fbpx

News

Tech Talk – November 20 Edition

It’s that time again, the latest edition of Tech Talk has arrived.  In this edition:

  1. What is the cloud?
  2. The 3 things your IT Support partner wishes you did
  3. Win a $50 JB Hifi Gift Card

Ransomware Attacks On The Increase During Covid-19

Ransomware attacks surged during the first half of this year, as cyber criminals looked to spread their file-encrypting malware while many people are working from home.

WannaCry ransomware attack - Wikipedia

Analysis of malicious activity throughout the year published in Skybox Security’s 2020 Vulnerability and Threat Trends Report says ransomware has thrived in the first half of the year, with a 72% increase in new samples of the file-encrypting malware.

Read more on ZD Net

There’s never been a better time to enable 2FA

The Australian Government is currently aware of a sustained targeting of Australian companies by a sophisticated state-based actor.

Whilst web server and the like are a primary target there also has been spearphishing attacks on companies. This spearphishing has taken the form of:

  • links to credential harvesting websites
  • emails with links to malicious files, or with the malicious file directly attached
  • links prompting users to grant Office 365 OAuth tokens to the actor
  • use of email tracking services to identify the email opening and lure click-through events.

Once initial access is achieved, the actor utilised a mixture of open source and custom tools to persist on, and interact with, the victim network. Although tools are placed on the network, the actor migrates to legitimate remote accesses using stolen credentials. To successfully respond to a related compromise, all accesses must be identified and removed.

Now is a good time to ensure that all your company email accounts have Two Factor Authentication enabled.  In the event that you accidentally click on a suspicious link and then enter in your username and password, the secondary authentication will reduce the likelihood of the attacker gaining access to your email account.

More information can be found on the ACSC website

1 2 3 4