Australian based Managed IT support offices in Melbourne, Sydney and Brisbane
Powernet Colour a VITG Company POS

Urgent: How to ensure data protection in australian ransomware outbreak

Last year saw a massive rise in cybercriminal activity, targeting businesses and civilians alike. For instance, according to Q4 year-in-review threat report by Proofpoint, ransomware attacks increased by a massive 3000% over the course of the year. Even though we’re only a few months into 2017, there are already distinct trends and upswings in ransomware threats to private and corporate data security.

Recently, many Australians have fallen victim to TorrentLocker – a particularly nasty strain of ransomware – that has been spread through fake AGL websites.

So before you click through on any suspicious-looking sites or download any mysterious attachments, read through this blog post to learn exactly how this attack works, and what you can do to ensure your data protection.

First, let’s start with the basics.

What is ransomware?

Ransomware is a type of malicious software that, once activated, blocks access to your system and data until the attacker’s conditions are met. In some instances, if the information being held for ransom is highly valuable or sensitive, the criminal will also threaten to leak or publish the data. The ease with which a criminal can get their hands on ransomware Trojans is one of the primary reasons there has been such an spike in ransomware activity.

What’s special about TorrentLocker?

The technology behind the TorrentLocker Trojan is very similar to a previously notorious ransomware variant called CryptoLocker, which was effectively neutralised by the FBI and Interpol in late 2014 after causing more than 27 million US dollars in damages. It can only target Windows machines, and needs to be installed manually onto the victim’s device. This is achieved through phishing emails with downloadable attachments or, in the AGL case, having the user input a CAPTCHA code that triggers the download. Once active, TorrentLocker scans the system for all files and programs, and then uses Advanced Encryption Standard (AES) encryption to restrict user access. The ransom amount varies, but usually starts at around 500 US dollars and can only be paid in Bitcoin into a unique account.

What can you do to ensure data protection?

It’s important that you take a proactive approach to data protection, both as an IT professional and as an Australian citizen. In light of the recent TorrentLocker threat, perhaps the most effective preventative measure is to never enter any CAPTCHA information on any AGL affiliated website. The specific domain used as a fake AGL site is “hxxp://aglbill-server.net”, but any number of variants can theoretically be used. Additionally, make sure that every device is equipped with antimalware software that’s updated with the latest malware definitions.

Your company firewall should also actively block activity from known threat locations, such as the fake AGL landing page (hxxp://aglbill-server.net). Above all, remain vigilant and be ready to adapt to the ever-changing face of cybercrime and data security threats.

While data protection is an ongoing struggle, it is substantially easier to handle when you’re informed and have the right tools at your disposal. We highly recommend implementing a comprehensive endpoint security solution that prevents the malicious spontaneous encryption of ransomware programs, such as  Intercept X from Sophos.

Powernet has been working with Sophos for over 10 years and is a Platinum partner, so we have full confidence in the quality and scope of their product offering. For a free trial 30-day trial of this new approach to endpoint security, simply head over to their site and fill out the form.

If you’d like to see how the security and efficiency of your internal IT systems measure up, take a look at our cyber security assessment.

Subscribe to our newsletter for the latest technology tips & tricks.

Recent Articles

Tags

Categories

Search the Powernet blog

How to delete a whole page in Microsoft Word

How to delete a whole page in Microsoft Word

If you want to remove that stubborn blank page at the end of your report or delete a page containing […]

Read more
How to Unsend an Email in Outlook

How to Unsend an Email in Outlook

How to Unsend an Email in Outlook “Have you ever experienced that sinking feeling in your stomach after accidentally sending […]

Read more
Customise Google Chrome with Colours and Themes

Customise Google Chrome with Colours and Themes

We all spend a great deal of time in our internet browser, searching, googling, so it makes sense to not […]

Read more

We are well awarded

Reach our team

We’re always happy to help you find the right solutions to your IT and technology needs. Here are some ways to contact us.

Give us a call

Chat with our team to discover the best IT solutions for your organisation.
1300 892 692

Our locations

Melbourne CBD

Level 15 / 565 Bourke Street, Melbourne VIC 3000

Eastern Melbourne

Level 2 / 74 Doncaster Road, Balwyn North VIC 3104

Geelong Region

East 4/13-35 Mackey Street, North Geelong VIC 3215

Sydney

U18 / 23-31 Bowden Street,
Alexandria NSW 2015
(02) 8214 8855

Brisbane

7/9 Archimedes Place, Murarrie QLD 4172

Send us an enquiry

This field is for validation purposes and should be left unchanged.

cross