Everything You Need To Know About Turla Malware

Of all the places on the internet you’d expect to find hackers coordinating their next attack, Britney Spears’ Instagram account isn’t likely to factor high on your list. And yet, the security firm Eset has confirmed that the comments section of the pop star’s Instagram account has been used to spread and control malware. Despite these seemingly innocent associations, the Epic Turla malware attacks have been described by Kaspersky Lab as “one of the most sophisticated ongoing cyber-espionage campaigns.”

It is thought that Turla, as it is more commonly known, is controlled by Russian hackers, and they’ve been using the comments section of Britney Spears’ Instagram account to test their Advanced Persistent Threat (APT) virus. On the surface, the comments look like spam but are actually used to direct infected users to other sites. The virus works by creating a backdoor into a user’s computer and then “phoning home” to the malware’s command and controls servers.

How does Turla malware work?

The comments will often direct users to compromised web pages that will prompt them to install fake Adobe Flash Player or other fake software. From the infected websites found so far, the attacks appear to be targeted at government websites. Once a system is infected, the attacker will receive a summary of the victim so they can decide how to proceed. This might include installing a keylogger on the system or RAR archiver that will allow the attacker to collect more information.

How do I stay safe from Turla malware?

Installing a sophisticated anti-virus software package from a reputable supplier is essential. The only way that your antivirus will stay effective is if you keep it updated, so make sure you don’t put off updating your software for any reason. You should also keep frequently-used third party apps, such as Microsoft Office, updated.

It’s also important to be aware what you are installing on your computer and double check you have the correct version before hitting install. If a browser prompts you to install something, it doesn’t take long to search for the name and install from a trustworthy source.

Be wary of clicking on shortened links generated by websites like bit.ly. If you receive a bit.ly link in an email or on social media, you can put it through a URL expander in order to check where it is taking you.

And finally, this information should be circulated throughout your organisation, as it is important that everyone is aware of the threat and has a basic understanding of how it works. Often, people are the weakest link in an IT security plan and can find ways to circumnavigate anti-malware controls put in place to protect everyone. Educating your workforce is the best way to mitigate the threat of malware to your business.

Survey Reveals IoT is Now Biggest Security Risk

A report from the ISACA found that the Internet of Thing (IoT) is now the biggest cybersecurity threat. According to the 2017 State of Cyber Security Study, IoT recently surpassed mobile as the biggest security threat to organisations.

This increased threat comes on the heels of increased adoption of the new technology. According to the study, 97% of organisations that responded to the survey have seen IoT usage increase over the past year. However, this increased uptake in technology has not been matched by an increase in security.

The Internet of Things refers to the growing network of interconnected devices or smart devices. These devices are able to collect and exchange data in an automated process in order to help perform tasks or to learn from a process. In healthcare, this might include devices for remote monitoring or to keep track of inventory. In manufacturing, connected devices can be used to make decisions to streamline processes.

While adoption of new technology may be increasing, there are concerns from security professionals about the readiness of companies to deal with IoT security threats. According to the report, 62% of respondents experienced ransomware attacks in 2016, but only 53% developed a plan to address future ransomware attacks. Similarly, only 31% reported that the test their security controls on a routine basis, while 13% said they never test them.

Security attacks aimed at IoT device vulnerabilities are on the rise, although are less prevalently reported. In November 2016, cybercriminals successfully managed to gain control of the heating controllers for two buildings in Finland. By causing the smart thermostats to continually reboot, the heating was never able to turn on. Since the weather in Finland is frequently below freezing at this time of year, this was a significant security breach.

A lack of funding and investment in cyber security was identified as one possible reason for the increased threat. According to the survey, 48% of respondents don’t feel confident in their staff’s ability to deal with complex security threats. And rather than increase security spend, around half of those surveyed said they will see an increase in their cyber security budget this year, down from 61% in 2016.

As we have mentioned in previous blog posts, increased transparency and a willingness to learn from past mistakes are essential to ensuring security for businesses. If the industry is ever able to fully benefit from the opportunities offered by the Internet of Things, the threats to these smart devices must also be taken into consideration.

VMware Announces General Availability of Latest VMware Cloud Management Solutions

Purpose-Built Cloud Management Solutions Help Customers to Enable IT-as-a-Service

BlueCoffee Networks’ virtualization and cloud infrastructure partner, VMware, have announced the general availability of new and updated offerings to the industry’s leading portfolio of management solutions purpose-built for the cloud era – VMware vCloud Automation Center 6.0, VMware vCenter Operations Management Suite 5.8 and VMware IT Business Management Suite. In addition, VMware also announced that it has updated the automation and management capabilities of VMware vCloud Suite 5.5.

“Providing cloud management solutions that simplify and automate how IT is managed is key to helping our customers on their journey to deliver IT-as-a-Service,” said Ramin Sayar, senior vice president and general manager, Cloud Management, VMware. “With the availability of new products and enhancements across our management portfolio, customers can take advantage of the business opportunities that exist whether it’s increasing business agility, enabling cost transparency of IT services or expanding to the hybrid cloud.” read more

To find out how Vmware products can benefit your business, contact us on 0845 095 7000 or sales@bcn.co.uk.

The Essential Components Of A Disaster Recovery Plan

If you’ve ever corrupted a file and had to start over on a complex document, you’ll know how frustrating it can be. Now imagine that happens to every file on every computer in your business. If your business relies on IT to function, then your business is at risk of IT failure. IT downtime and data loss can cost businesses hundreds of thousands. A study by EMC revealed that data loss and downtime cost businesses around £1 trillion in 2014. With more and more companies adopting digital technologies, the risk can only increase.

The process of planning for such a catastrophe within your business is known as disaster recovery (DR) planning. Disaster recovery planning is relevant for businesses of all sizes, yet is often overlooked by small businesses. Disaster recovery in a more general sense can cover things like fire or flood, but IT disaster recovery looks specifically at loss of data or system downtime. If you arrive at work on a Monday and your website is down and your company computers are infected with malware, would you know what steps to take? This is precisely how a disaster recovery plan can help you. Here are the essential components of a disaster recovery plan for business continuity.

Define disaster

Every company will have a different threshold for downtime or data loss. If you run a shop that relies on an EPOS to make sales, then downtime of anything more than an hour is likely to have a huge impact on your business. However, if you run an online shop, then anything longer than a few minutes of downtime would be unacceptable. Define at which point an inconvenience becomes a disaster so your employees know when to act.

Gather your contacts

It’s not uncommon for the person who discovers the problem to have no idea who to get in touch with first. Compile a list of IT contacts and their emergency backup contact so that you’ll know exactly who to get in touch with in an emergency. Review this every time you review your plan to make sure everything is up-to-date.

Create an inventory

When talking about continuity planning in terms of a natural disaster, many disaster recovery plans will include things like creating an inventory of all office equipment. The same should happen for your IT services. Create an inventory of all hardware and software and mark which components are essential. Each software package should have a provider contact which will need to be added to the contact list.

Make sure everyone is aware

One of the biggest problems with disaster recovery plans is that they are written, tested, placed in a folder and then forgotten about. Everyone in your business should be aware of the disaster recovery plan and everyone should know how to access it.

Cloud hosting can help to minimise the impact of data loss by creating a backup of your entire business setup on the cloud. Not only does this protect against data loss and downtime from security breaches, but it can also help to keep your business running seamlessly if your physical office is inaccessible or damaged.