On June 27, 2018, Australian web and IT services provider Cyanweb Solutions experienced a data terrorist attack: the stuff of business nightmares. A coordinated attack against the Perth-based company deleted all but 12 percent of the client data stored on its cPanel administrative server.
As a company that not only designs websites but acts as an in-house IT department and online marketing advisor to its business customers, the attack’s speed and sophistication is a reminder that even the savviest technology companies are at risk.
What happened to Cyanweb?
Cyanweb explained the attack to customers on what remained of its website. Unlike many attacks, this one intended to destroy data, not steal it. The attackers began by bombarding the server in a Distributed Denial of Service (DDoS) attack. While the server administrator was preoccupied with the DDoS, the hackers infiltrated the server and executed a privilege upgrade attack to make themselves administrators, then uploaded “wiper” malware endowed with worm capabilities. This nasty piece of attack software encrypted customer files as well as backup archives and deleted database tables, effectively crippling Cyanweb’s business.
The Cyanweb Solutions attack is only the latest in a continuous string of breaches affecting businesses. According to NBC’s Today Show, Microsoft’s cloud services are targeted by 167 malware attacks, 4,000 ransomware attacks and 30 million fraudulent login attempts daily. The continuous bombardment and the 24-hour news cycle’s reporting can create a sense of helplessness.
Thankfully, you have more control over your information than you realize.
What You Can Do To Protect Yourself
In the same way that you lock your doors to protect your home from theft, you can protect your data with a few proactive measures.
- Update your software. Hackers constantly scan for operating system and application vulnerabilities. While installing software updates takes time and feels like a burden, the process is your way to fix the broken lock. The Equifax breach that leaked the personal information of 145 million people occurred because a single employee forgot to update their web application development framework software to the most current version.
- Make a full image backup. A full image backup makes a copy of your entire hard drive. You might think that copying your document, music, and image files to a cloud is enough, but protecting your data also means being able to get your operating system, applications, and system settings up and running again. A full image backup gives you a way to restore your entire hard drive to a moment in time before the attack.
- Keep your anti-malware software up-to-date. Traditional anti-virus software identifies and blocks malware threats through the use of signatures, essentially fingerprints of every process already identified as being malicious. As AV vendors identify new malware threats every day, it is important to keep your signature files up-to-date
- Understand how malware gets onto your computer. The most common infiltration methods for malware include malicious links within or attachments to phishing emails, or visiting malicious websites that surreptiously download malware to any machine that visits them. Connecting to unsecured Wi-Fi networks pose a threat because hackers can insert malware into your computer as the information travels between your device and the router. Avoiding these attack vectors can help minimize the chance you’ll get infected.
Finding the Right Protection
Hackers increasingly use sophisticated methods to steal or destroy information. As the Cyanweb attack proves, they can infiltrate a system while you’re working to protect the information. Cyanweb detected an attack, but the hackers opened a second front simultaneously. As the IT admin worked to protect the organization from one threat, the attackers got in through another door.
Attackers update their methodologies constantly, which can make it feel as though they are always one step ahead of your threat detection methods. Artificial intelligence is the future of anti-malware protection. Using historical attack data, machine learning can predict new threats before they happen.
Final Thought
Whether you’re concerned about data theft or data destruction, protecting your systems against threats means staying ahead of attackers. That means home users and businesses of all sizes need to find ways to thwart hackers.
Acronis Cyber Backup offers the most secure backup solution for businesses of all sizes. In addition to comprehensive backup and recovery tools, including flexible, secure cloud storage, it includes the backup industry’s only AI-based anti-ransomware technology, which monitors your systems in real time to instantly detect and stop attacks.
We also provide a solution for home users with Acronis True Image 2018. The same AI-based anti-ransomware software protects your personal devices from being locked while simultaneously enabling subscribers to create a cloud backup in as few as two clicks.
About Acronis
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.