The attack is a “file infector” type of malware that is marked by its aggression and complexity, with Australia being one of the main global targets. Cybercriminals have set up a botnet – made up of many infected computers and controlled by a remote server – in Australia and more than 3,000 firms have been targeted so far.
In addition, Australian SMBs are the first in the Asia Pacific region to experience a new ransomware attack. Supposedly originating from the “Anti Cyber Crime Department of Federal Internet Security Agency” or ACCDFISA, the malware takes over a user’s Windows server and tries to extort money from them.
“The threat landscape is rapidly evolving and small to medium businesses are increasingly under fire. For cyber-criminals, they make an attractive target. SMBs often lack the IT resources and skills of larger enterprises, and can be a weak link in the supply chain that leads into larger enterprises,”
“SMBs are low-hanging fruit for cyber-criminals that offer an effective return on investment for minimal effort. We’re also seeing more sophisticated attacks – such as targeted attacks and Advanced Persistent Threats, or APT - enter the SMB space,” said Mr Mehta.
The risks to SMBs are significant:
The Australian Federal Police’s recent bust of an international criminal syndicate underlined the growing nature of the threats. Targeting small businesses, the gang generated Australia’s largest data breach investigation and theft of credit card data, gaining access to 500,000 Australian credit cards, with around 30,000 cards used for fraudulent transactions amounting to more than $30 million.
The latest malware attack is an example of the growing challenge. Targeting multiple endpoints, today’s malware can morph into hundreds or thousands of variants and can propagate across multiple devices in just a few minutes.
The current file infector malware striking at Australian SMBs is hard to detect. Controlled by a command-and-
The virus aggressively mutates or propagates via mapped drives or shared folders, potentially infecting the whole network.
“This latest virus represents a new breed of complex, harmful and very aggressive malware that has been tuned for an SMB network. Mutating quickly, it takes only one infected computer to spread like wildfire on a network,” said Adam Biviano, Senior Manager, Strategic Products, Trend Micro ANZ.
“If a small business suspects an infection within their network, it must be dealt with as quickly as possible. They need to reduce the potential for losses and spreading it to other companies,” said Mr Biviano.
Trend Micro has created a tool named Trend Micro Rescue Disk to clean systems infected with this particular variant of the file infector malware.
TOP SECURITY TIPS FOR SMBs
Every business is a prime target for cybercrime. SMBs should follow these tips and best practices:
- Stay vigilant. Ensure that you and every one of your employees—technical or not—stay abreast of the latest in cybercrime. Be educated about the newest fraud schemes and apply best practices, such as not responding to unsolicited email messages or opening attachments and clicking suspicious links embedded in them.
- Enforce internal security policies. It’s also wise to enhance your network security and banking protocols.
- Plan ahead. Always be on the lookout for suspicious online activities and prepare contingency plans for any instance of actual compromise.
- Secure your devices. Make sure your devices or endpoints are secure.
- End -
About Trend Micro
Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cloud security (http://cloudsecurity.trendmicro.com/
Additional information about Trend Micro Incorporated and its products and services are available at Trend Micro.com. This Trend Micro news release and other announcements are available at http://NewsRoom.TrendMicro.com and as part of an RSS feed at www.trendmicro.com/