Malwarebytes Labs recently released a report finding that cybercriminals are moving away from ransomware toward trojan, spyware, and backdoor attacks. Instead of trying to get a ransom, these types of attacks focus on long-term gains of banking information, personal data, and intellectual property.
The report states that trojan attacks and backdoor attacks are now the most detected types of cyberattacks against businesses. Between 2017 and 2018, these attacks increased 132 percent and 173 percent, respectively. Spyware attacks increased 142 percent over the same period.
By contrast, ransomware attacks stayed fairly constant, increasing only nine percent between 2018 and 2019, according to the report.
Two of the biggest trojan threats of 2018 and 2019 are Emotet and TrickBot. Emotet steals data, monitors network traffic, infiltrates networks, and infects systems with other trojans. TrickBot steals sensitive data, including passwords and browser histories. Danny Palmer "Trojan malware is back and it's the biggest hacking threat to your business" zdnet.com (Jan. 23, 2019).
Commentary and Checklist
Today's staff uses computers to order goods and supplies for the family; to communicate with each other and family vendors; and to perform other work. Because of their access to your system, your staff can become an access point for criminals to your sensitive personal data via a trojan, spyware, or backdoor attack. Therefore, family employers must train staff on all types of cyber risks so that they know how to identify them and prevent them.
Train staff that most cyberattacks originate with a phishing email or fraudulent online link. Train them to never click on a link or attachment in an email unless they are certain of what it is and are expecting to receive it. Even so, it is best to confirm by phone or some other method, an email with an attachment, even from a trusted and expected source. Remind staff that hackers routinely break into individuals' email accounts, so being from someone they know is not a guarantee that a message is safe.
Staff should never click on links in pop-ups or download free software in response to an ad. Prohibit them from visiting unsafe websites on organizational devices.
Require staff to keep all operating systems and other software updated with the latest patches. Have them routinely scan for viruses using the cybersecurity software you install on all staff computers and devices. Prohibit them from accessing the network with their personal devices, which could be insecure or infected with malware. Require staff to use unique, strong passwords on all accounts and devices, and to immediately report any lost or stolen mobile devices. Have a system for staff to routinely backup their computers and devices onto a hard drive that is stored offline.
During staff cybersecurity training, emphasize that not all malware infections will announce themselves like ransomware does. Staff must watch for subtle clues that their computer or device is infected. Changes in performance, such as running more slowly or draining the battery more quickly, and taking actions that you did not initiate, such as sending an email you did not write, can signal an infection. Teach staff that if they notice anything odd, even something subtle, they should disconnect from the internet and take their computer or device to your IT technician to scan for malware.
Here are some additional steps family employers can take to protect themselves from cybercrime:
- Equip all computers with the latest security software and turn on full-disc encryption.
- Install a firewall on internet connections.
- Encrypt your Wi-Fi network and require staff to only use a secure Wi-Fi network if working elsewhere.
- Enable encryption on security cameras and other network connected devices that have an encryption option. Use strong passwords to protect your network-connected IoT devices.
- Work with banks and other financial institutions to make sure your accounts are equipped with the best anti-fraud tools available.
- Only allow staff access to the data that they must have to carry out their jobs.
- Prohibit staff from keeping data when they leave the organization and revoke their access to your online accounts.