{"id":5049,"date":"2020-09-10T09:59:20","date_gmt":"2020-09-09T21:59:20","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=5049"},"modified":"2020-09-10T09:59:20","modified_gmt":"2020-09-09T21:59:20","slug":"how-does-a-ransomware-attack-start","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=5049","title":{"rendered":"How does a ransomware attack start?"},"content":{"rendered":"

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”4.16″ global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row admin_label=”row” _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.16″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||” theme_builder_area=”post_content”][et_pb_text admin_label=”Text” _builder_version=”4.16.1″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” hover_enabled=”0″ global_colors_info=”{}” theme_builder_area=”post_content” sticky_enabled=”0″]\"\"<\/a>When you read about the ransomware attacks, such as those on Honda, Garmin, Toll, Fisher and Paykel and Lion, it\u2019s easy to think these attacks only target large enterprises. Unfortunately, that would be a mistaken view. The reality is that all businesses are under ever increasing attacks \u2013 not just more attacks but also more sophisticated attacks.<\/p>\n

Naturally, you wonder where these attacks start. Recent reports such as the Verizon 2020 Data Breach Report<\/a> tell us that 65% of all breaches come from hacking\/email phishing attacks.<\/p>\n

We were alarmed to read that over 200 of the world\u2019s most prominent brands are being spoofed by hackers setting up fake login pages to collect credentials. 5% of these pages are polymorphic making them very hard to isolate. These pages have slight changes such as detail of the content, layout or so on to make it harder for protective software to identify them \u2013 in particular the emails sent to you and your colleagues can be subtly different to try and fool your mail washing software.<\/p>\n

 <\/p>\n

Most of these pages are financial, governmental, or large tech like Google, Facebook and Microsoft. The stats we saw showed 11,000 fake PayPal login pages and 9,500 fake Microsoft pages. All of these businesses have security teams looking for these fake pages and trying to get them taken down but it will be like \u201cwhack-a-mole\u201d and the hackers will do anything they can to get your colleagues to enter their details on these pages and even try to collect your MFA credentials for a quick minute \u2013 just long enough for them to login to the real site and inject some malware or the like.\u00a0 What that means is that even MFA (multifactor authentication) isn\u2019t fool proof. It makes it harder for a criminal to hack against you, but nothing makes you immune.<\/strong><\/p>\n

There are layers of security and the measures that seemed excessive even a year ago, like KARE for Security<\/a>, are now the minimum and actually we have to keep adding additional layers as they become available.<\/strong>\"\"<\/a>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

When you read about the ransomware attacks, such as those on Honda, Garmin, Toll, Fisher and Paykel and Lion, it\u2019s easy to think these attacks only target large enterprises. Unfortunately, that would be a mistaken view. The reality is that all businesses are under ever increasing attacks \u2013 not just more attacks but also more […]<\/p>\n","protected":false},"author":5,"featured_media":5051,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"\"\"<\/a>When you read about the ransomware attacks, such as those on Honda, Garmin, Toll, Fisher and Paykel and Lion, it\u2019s easy to think these attacks only target large enterprises. Unfortunately, that would be a mistaken view. The reality is that all businesses are under ever increasing attacks \u2013 not just more attacks but also more sophisticated attacks.\n\n[wow_spacing size=\"20px\"]\nNaturally, you wonder where these attacks start. Recent reports such as the Verizon 2020 Data Breach Report<\/a> tell us that 65% of all breaches come from hacking\/email phishing attacks.\n\nWe were alarmed to read that over 200 of the world\u2019s most prominent brands are being spoofed by hackers setting up fake login pages to collect credentials. 5% of these pages are polymorphic making them very hard to isolate. These pages have slight changes such as detail of the content, layout or so on to make it harder for protective software to identify them \u2013 in particular the emails sent to you and your colleagues can be subtly different to try and fool your mail washing software.\n\n[wow_spacing size=\"20px\"]\n\nMost of these pages are financial, governmental, or large tech like Google, Facebook and Microsoft. The stats we saw showed 11,000 fake PayPal login pages and 9,500 fake Microsoft pages. All of these businesses have security teams looking for these fake pages and trying to get them taken down but it will be like \u201cwhack-a-mole\u201d and the hackers will do anything they can to get your colleagues to enter their details on these pages and even try to collect your MFA credentials for a quick minute \u2013 just long enough for them to login to the real site and inject some malware or the like.\u00a0 What that means is that even MFA (multifactor authentication) isn\u2019t fool proof. It makes it harder for a criminal to hack against you, but nothing makes you immune.<\/strong>\n\n[wow_spacing size=\"20px\"]\n[wow_colorme]There are layers of security and the measures that seemed excessive even a year ago, like KARE for Security<\/a>, are now the minimum and actually we have to keep adding additional layers as they become available.<\/strong>[\/wow_colorme]\"\"<\/a>","_et_gb_content_width":"","footnotes":""},"categories":[4,5],"tags":[],"class_list":["post-5049","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/5049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5049"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/5049\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5049"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5049"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}