Ransomware Driving Crime | Ransomware

Ransomware Driving Crime – Porsche SA Hits the Brakes After Faust Attack 

High profile cyber attacks on prominent companies continue with no end in sight, and the famous luxury sports car manufacturer Porsche has become their latest victim.

Known for its fast, high performance cars that combine speed and styling, Porsche South Africa saw its operations screech to a halt recently when the company’s critical information was held to ransom by cybercriminals.

Porsche headquarters in Johannesburg fell prey to the Faust ransomware variant which has been wreaking havoc in organisations around the world. Managers were shocked to find their company data compromised, encrypted, and inaccessible.

Porsche has declined to comment about what data was involved and whether it was fully recovered or not. Nonetheless, internet users and business owners in particular should be on high alert for the Faust ransomware variant.

why is Faust so dangerous?

Losing access to vital company information and computer systems can cost a business up to seven figures or more in no time at all.

  • Faust, the version of ransomware that was used to attack Porsche, is especially damaging because it’s difficult to decrypt files that have been encrypted using the system.
  • File names can also be changed by Faust, which modifies file data and extensions.
  • The usual MO of this highly effective type of ransomware is to encrypt the user’s data and then contact the company, demanding a ransom payable in bitcoin.

Unfortunately, cybercriminals can extort companies twice using Faust since the data that was compromised could have already been sold on the dark web by the time the ransom is paid in exchange for decryption.

To date, Porsche hasn’t said whether the company paid a ransom or not.

Cybersecurity best practices encourage companies to keep the details of the ransom private to deter cybercriminals from attempting repeat attacks on organisations that are more likely to pay up.

keep your data safe from Faust and other malware

Faust, like many other types of viruses and malware, often infiltrates company computer systems through malicious downloads. This makes it crucial for all staff to be trained in cybersecurity best practices and avoid downloading files whenever possible.

To avoid a scenario like Porsche has just experienced, your business needs to have a full backup of all important data with secure cloud storage and encryption to keep it safe. To learn how you can protect your vital information from cybercriminals, browse our range of cloud storage packages today.

Be Prepared for ransomware attacks | Ransomware

‘Tis the season to be careful: Avoiding ransomware attacks over the holidays

The festive season is upon us, and with it comes the unfortunate spike in crimes that accompanies the summer holiday season every year. Recently, cybercrimes have joined this trend with the number of ransomware attacks and other data breaches increasing in the December to January period.

As you prepare to close down for the summer and take a well-deserved break, cybercriminals are gearing up for a destructive holiday season. Here’s what SA families and business owners need to know in order to keep their data safe this year.

Africa: a prime target for cybercrimes

The African continent is ripe with opportunity, and internet adoption is running at double speed from Cape to Cairo – but cybersecurity is lagging, and that means huge vulnerabilities over the festive season and beyond.

  • The Interpol African Cyberthreat Assessment Report indicates that over half a billion internet users log on from locations in Africa. Internet penetration in countries like Kenya is over 80%, with SA approaching 60%.
  • Unfortunately, up to 90% of businesses in Africa are running sub-par cybersecurity protocols. This makes the continent a sitting duck for data thieves and ransomware hackers – and the festive season is the best time for them to strike.

Holiday season staffing opens vulnerability gaps

With many companies shutting shop for the festive season, skeleton crews will be taking the reins at IT departments around the country. That means fewer hands-on deck at a time of year when cyberattacks are at their peak.

South African companies typically have 50% of their cybersecurity staff on hand during the year-end holiday, compared with 80%-90% in other countries like Germany.

Securing your data during the year end break is essential, and it starts with secure passwords, cloud storage, and comprehensive backups. Making sure that these are in place before you close down for the holidays will let you rest easy as you enjoy a well-deserved rest.

Backup against ransomware attacks with Soteria Cloud

With reduced resources over weekends and during the holidays, assessing and assembling an incident response team in the event of a ransomware attack takes longer. Regular data backup is the best way to protect yourself against an attack at any time of the year.

We are an innovative cloud storage and backup service provider based in Cape Town. Learn more about what we offer and how it can keep your business data safe here.

Financial Services Ransomware Attack | Ransomware

Ransomware attack hits financial services firm Curo

Curo is one of the country’s best-known asset management firms with more than R2 trillion in its overall portfolio. The company was hit by a ransomware attack in early 2022 just as companies were returning from the festive season break, jolting the firm’s management and IT experts into action as they responded to the crisis.

Like many ransomware attacks, the Curo incident involved cybercriminals taking the company’s valuable data hostage and demanding payment in exchange for its release.

If your business found itself in a similar situation, your first instinct might be to pay and make the problem go away, particularly when you are unable to access your systems as a result of the attack. Surprisingly, Curo decided not to engage with the attackers and used IT specialists to regain control of its company data.

five days of downtime – how Curo weathered the storm

Financial services is an industry where every second counts. Fund managers need immediate access to investment data on an instantaneous basis in order to respond to changes in the markets, and clients expect regular updates based on the most recent and reliable financial information available.

When time means money and success and failure can occur in minutes, imagine being locked out of your data for five days. The potential for disaster was huge, but Curo averted a red alert situation with quick and responsible action.

Fortunately for the company, the ransomware attack didn’t affect highly sensitive customer information and Curo didn’t lose control of its financial assets at any stage of the incident.

This gave management some breathing room to strategise, and their final decision was to ignore the criminals behind the attack completely and focus on restoring their systems to full functionality.

Cyberattacks are sadly becoming daily occurrences in South Africa, as seen with the likes of Transnet, the Department of Justice and even African Bank who were all victims of ransomware attacks last year.

no business is safe from a financial services ransomware attack

Faced with a similar scenario, how would your business react?

Every business needs a response plan and a ransomware attack backup plan. It’s what you do in the hours and days following an incident that will enable to lessen the damage in just this kind of scenario.

save your data from a ransomware attack with secure cloud storage

Ransomware attacks can only target your business data if it’s vulnerable to being attacked in the first place. Secure cloud storage, implemented as part of an overall cybersecurity policy, can help keep your sensitive information out of the wrong hands.

If you’d like to secure your business data with a cost-effective and  highly secure cloud solution, our range of packages for individuals and businesses could be a great solution. To learn more about our services, contact us today.

Do You Have a Ransomware Backup Plan?

Let’s talk about data – your company data to be more specific, and of course your ransomware backup plan!

Your data is probably one of the most valuable assets your business will ever have; valuable to you and sadly, just as valuable to cybercriminals. The data your business collects can be used to make better business decisions, drive sales, and truly appeal to your target audience. But then there’s the reality of just how big a schlep it is to keep the stored data safe in today’s heightened risk of a ransomware attack.

your first line of defence

You can employ the most highly skilled IT specialists to work in your IT department and still a ransomware attack can bring your business to its knees.

For a business to stand a chance against the increasing number of daily ransomware attacks, it has to ensure that every staff member understands the risks and takes responsibility for their actions when using the company system, network, and devices. And we all know how hard it is to get everyone on board.

It’s also important to have the right tools to monitor systems and provide a good line of defence so that when staff members behave as trained to, the data remains completely safe; and when the business is faced by a threat, rapid reaction can be set in place.

so how does a business protect itself?

Prevention is a great option, but business owners should focus first and foremost on maintaining well-managed data systems.

A well-managed data system means data can be easily located and easily updated with the latest security features. One of the problems that many companies are faced with is how to store the data so that it can be used if there’s ever a ransomware attack that cannot be thwarted. This is where having a ransomware backup plan comes into play. What does a good ransomware backup plan look like? Read on to find out.

a good ransomware backup plan

Below are a few pointers for creating a reliable ransomware backup plan.

  • Implement an actual security policy that focuses on ransomware

You cannot expect staff members to be accountable for their data management if there’s no set of rules for them to follow. Make sure that there are very clear guidelines to how data is collected, how it is tagged and saved, how often it is backed up, and how staff should behave when faced with possible threats.

  • Eliminate weak links

A weak link could be anyone involved in the accessing and use of data in the business who doesn’t follow through with their responsibility to protect the data. It could be a manager who doesn’t enforce the company-wide security policies. It could be an IT professional who doesn’t train staff on their data security responsibility. It could even be the employee who simply doesn’t understand the importance of making weekly password updates, or the one who clicks on random email links having been advised not to. Regardless of how repetitive you have to get, you need to drive the message home that there are consequences to not following company security policies.

  • Isolate your backups

A multi-level backup strategy is the only way to ensure that once ransomware hits your system, it doesn’t infect the entire set up. Make the isolating of backups a top priority. What does this mean? It means that you use an external cloud backup service for the storage of your data. This service is separate from your network system and is updated with the very latest security policies.

  • Regularly replicate data

If you only have one copy of critical data and ransomware just happens to infect it, there’s no way you are going to get your data back without paying the ransom. Replicating your data regularly is a good way to safeguard against this. Keep one copy of the data offsite and two copies on two separate devices. If one or two of these copies are infected, you still have one more option to rely on.

  • Run encrypted backups regularly

It doesn’t help if you have all the tools and systems in place, but staff forget to back up their data. It goes without saying that the data must be encrypted as that’s the most secure option, but in addition to that, backups should run regularly with minimal effort required from staff members. You can automate backups on devices to save time and to provide you with peace of mind.

Last Word

Having a ransomware backup plan is essential, regardless of the size and nature of your business. Don’t be fooled – hackers don’t only go after the world’s biggest brands. Smaller companies are becoming an easy target for the ransomware attacker looking for a quick buck. Do the work – protect your business and you stand a greater chance of avoiding data hacking/encrypting hell.