Cyber security facts and fiction: part 3

Cyber security facts and fiction: part 3

Issue: A new ransom-ware, Locky, is up and about, crawling the Internet for the next prey. It is brilliant. It’s persistent. And it won’t go without taking some of your money.

Locky virus encrypts your computer files (rendering them unreadable). It then demands a ransom from you [the victim] to your files back. OR to get the decryption key.

Fact: The attack vector is simple and the usual approach: If you are a target, you will receive an email with a subject line that goes like: “ATTN: Invoice J-98223146”. A word document is attached. Sometimes the file is a .zip file, which has a word or excel document. You may be wondering how would hackers get your email address? Whenever you download a software or register on-line on sites that are not legit, you leave your email. It may be harvested and used for such purposes. It is critical you become careful where you leave your email. Once you click on the email in the attachment, a new document will open which looks unclear. The document will ask you to “enable Macros.” If you click enable, that will be your end. As you enable the macros, in the background, Locky will install in your computer and all your documents will be encrypted. After which, a message will appear asking for a ransom so as to get your files back. That could be a cool US$500 plus!!!

Fiction: No one is 100% secure. Locky is very genius. You may delete the email on the first attempt. However, on the second attempt, you may end up accidentally installing it.

Fix: Train all your staff. Keep your anti-virus definitions up to date. Do not use predictable email nomenclature. Ask your staff to avoid using company emails to register on any website online. Do not give average users Admin accounts. And do not connect critical servers to the Internet

About M. B. Mugisa

Mustapha Barnabas Mugisa is one of those rare people who provides business consulting and advisory to professionals and corporate entities who demand the very best. He is a prolific speaker and governance (strategy and risk) expert. His speaking involves making key notes at major conferences and business events on both technical subjects and leadership skills. A change agent and motivational speaker. Mustapha provides tools and proven methodologies to remarkable results through making people appreciate change. Visit Mustapha's LinkedIn profile to know more. Mustapha is the architect of #WinningMindset Leadership and #WinningTheGame strategy approach that combines Harvard Business strategy Playing To Win, with the Blue Ocean Strategy and Balanced Score Card to deliver a strategy that is easy to execute and monitor. Visit www.mustaphamugisa.com for special insights to improve your condition. Are you too good to be great?

Entries by M. B. Mugisa