For beauty business news, beauty store owners turn to Beauty Store Business. Beauty business trends, beauty business profiles and more!
Issue link: http://beautystorebusiness.epubxp.com/i/536106
104 August 2015 | beautystorebusiness.com "This is the next generation of ran- somware—and you can expect this new version to spread like wildfire," says Stu Sjouwerman, CEO of KnowBe4 (knowbe4. com), an IT security firm that specializes in IT security awareness training for small- and medium-size businesses. Adds Michael Batt, president of Phila- delphia-based Beans Beauty (beansbeauty. com), "I am very frightened about the rise in malicious hacking. I'm convinced that this is one of the biggest problems we are facing as an economy and a soci- ety. This is the ultimate way to terrorize our society by compromising our privacy and the security of our savings." David Monahan, research director risk and security management at Enterprise Management Associates (enterpriseman agement.com), an IT security firm that tracks and secures against hackers tar- geting businesses, agrees. "Today's threat actors are smarter than ever, morphing their attacks multiple times to achieve the goal of undermining existing security defenses," says Monahan. HOW IT WORKS Cyber crooks trigger the ransomware- extortion scheme by slithering past a PC's defenses and delivering software onto the computer that auto-encrypts every file on the hard drive. The malware also infects all the external hard drives connected to the PC. Generally, the software is inadvertently downloaded by victims after they click on what appears to be a legitimate banner ad. They can also pick up ransomware when they visit an infected website or click on an infected attachment in an email, according to the Dell report. Unfortunately, it's easy to be tricked by such schemes since the crooks often send ransomware- infected emails that carry innocuous titles like "missed fax" or "voicemail," according to the Dell report. When a user clicks to download the item, the ransomware immediately invades the PC, executes and begins encrypting all the data on the system. Once encryption is complete, a message pops onto the victim's PC screen, inform- ing him that there has been a hostile takeover of the machine and demand- ing a ransom. Often, crooks demand ransoms ranging from $200 to $2,000. By design, it's an amount that's painful to pay, but low enough for many busi- nesses to tolerate in the hopes that the ransom seekers will actually restore a machine once the money exchanges hands, according to the Dell report. Moreover, businesses that delay paying a ransom—usually more than four to seven days—often face threats of being forced to pay even larger ransoms, according to the Dell report. In one case, a victim was forced to pay $10,000 for the release of encrypted files, according to the Dell report. All told, Dell estimates that during a six-month period in 2014 $1.1 million in ransom was paid to thieves using just one variant of ransomware, CryptoWall. IT GETS WORSE Ironically, the advent of new digital cur- rencies is also helping promulgate the criminal activity. Ransomers often demand to be paid in Bitcoin, a Web-based currency that can be easily—and anonymously— exchanged over the Web. And while ransomware is often associated with visiting sketchy areas of the Web—the digital equivalent of venturing into a bad neighborhood—it has also been found on some extremely high-profile websites. In late 2014, for example, ransomware was found embedded in ads on a number of highly trafficked websites—including Yahoo, Match.com and AOL, according to an October report by Proofpoint (proof point.com), an IT security firm. Using infected ads on those high-profile websites was a clever move in that the thieves did not have to overcome the formidable security defenses of major sites such as Microsoft.com—or even the ad networks servicing those sites, according to the Proofpoint report. Instead, the crooks simply stole legit- imate ads, infected them with ransomware payloads and then fed those ads back into the ad networks used by the previously mentioned highly trafficked websites. With this tactic the criminals were able to bypass the formidable defenses of major websites such as Bing. Many businesses aware of the ransomware scourge and similar malware scourges already have education programs in place to train employees how to detect and guard against the most common sources of ransomware. But the extortionists are always finding ways to up the ante in the never-ending game of cat-and-mouse. Sjouwerman notes, "Most people are aware that they should avoid clicking on executable files. However, seemingly innocuous documents such as Microsoft Word files can be infected with malware. It's essential for employees to identify and avoid social-engineering red flags." Leslie Phillips, owner of Houston-based Obsid- ian Beauty (obsidianbeautysupply.com), stays current on all threats posed by the Internet and has advised her employees to be extremely careful when working with anything cyber. "In my store we have poli- cies about downloading anything online to protect us from exposure," she says. HOW TO PROTECT YOURSELF Sadly, the nightmare of the takeover soft- ware evolves with the digital revolution. Newer variants of ransomware are pop- ping up on mobile technologies such as Android phones, according to an October report from F-Secure (f-secure.com), an IT security firm. With the mobile technologies, the ransomware payload often comes in the form of apps-for-download, according to the F-Secure report. The bottom line is this: Unfortunately, there is no way to completely safeguard any business against ransomware 24/7. But there are a number of deterrents beauty retailers can put in place, including these: • Bring in pro protection. Services such as MailProtector place a security buffer between a business incoming email and it's computer network. • Block executable files—such as .exe files—and compressed archives— such as .zip files—that contain executable files before they reach a user's inbox. • Keep operating systems, browsers and browser plug-ins—such as Java and Silverlight—fully updated to prevent compromises resulting from exposure to ransomware. "Patch browsers as soon as possible, and keep the amount of plug-ins as low as you can," adds Sjouwerman. "This diminishes your attack surface." • Once infected, try disconnecting your computer network from the Internet. This can sometimes temporarily neuter ransomware until it can be discovered and removed. • Program hard drives on your computer network to prevent any unidentified user from modifying files. • Regularly back up data with so-called "cold" offline backup media that does not and has never been connected to the Internet. "Make regular backups and have a backup offsite," says Sjouwer- man. "Test your restore function regu- larly to ensure your backups actually work." Backups to locally connected, "In my store, we have policies about downloading anything online to protect us from exposure," says Leslie Phillips, owner of Obsidian Beauty in Houston. Newer variants of ransomware are popping up on mobile technologies, according to a report released by F-Secure, whose CEO is Christian Fredrikson. Software is inadvertently downloaded by victims after they click on a seemingly legitimate banner ad. Top left photo courtesy of Leslie Phillips; top right photo courtesy of Christian Fredrikson