SMEs believe they are not vulnerable to ransomware attacks mainly due to the fact that they think they are unlikely targets. This is however a dangerous misconception, writes BRIAN TIMPERELY Managing Director and co founder of Turrito Networks.
Over the past year, cyber security experts and analysts have been warning businesses and individuals about the growing threat of ransomware. Ransomware is a type of malicious software designed to block access to a computer system and data until a sum of money is paid (usually in bitcoin). On Friday May 12, all the doomsday predictions of crippling global cyber fraud became a rather frightening reality, as ransomware dubbed ‘WannaCry’ infected 114 000 Windows machines in just 24 hours. The attack quickly spread to over 150 countries, affecting hospitals, interior ministries and major corporations – with hackers demanding US$300 in bitcoin per machine, to unlock encrypted data.
As the global fallout from what has been called the worst ransomware attack in history continues, it provides a stark wake up call for businesses of all sizes to begin to take this threat very seriously….
1. Acknowledge that you are a target
Arguably, SMEs are currently the most vulnerable to ransomware attacks. This is simply because many businesses believe that they are unlikely targets. Indeed, there is a mistaken belief that banks and major multinationals are primarily the ones who have to worry about vicious cyber fraud. This is a dangerous outlook! Cyber criminality, and ransomware in particular, is about volume – it’s a numbers game. Attacks are conducted at random, on mass, and these criminals do not discriminate between size, sector, individuals, business, etc.
Worryingly, most local SMEs are taking a ‘wait and see’ approach to ransomware – and are consequently placing themselves at massive risk. They are just as vulnerable, if not more so, than the bigger corporations and organisations that have very publicly come under attack.
2. Partner with a business Internet provider
On a very practical level, one of the factors currently leaving many SMEs at risk is their choice of Internet providers. All too often, small businesses look to keep costs down by choosing a provider that specialises in consumer solutions – instead of choosing a provider that specialises in business solutions. By opting for cheaper consumer solutions, SMEs do not get the built in security features and support – such as automatic data backup, firewalls, cloud-based systems, etc – that business providers offer. The consequences of this decision can be disastrous. If an SME falls victim to ransomware (or other types of cyber attacks), the costs extend far beyond the initial ransom that has to be paid for the data to be released. The business will experience extended downtime, damaged brand equity and a considerable loss of trust in the marketplace. Added to this, a compromised business tends to overreact to the attack and then overspend on security solutions thereafter.
In reality, guarding against ransomware is both straightforward and relatively inexpensive. It does require, however, partnering with an Internet provider who will take a consultative (as opposed to purely transactional) approach to your business. The right partner will understand both your needs and risks as a business, and then provide solutions that protect your data from day one.
3. Call your provider (today)
Finally, understand that there are no symptoms or warnings that come attached to ransomware. If you are attacked, your data will be held ransom until the fee is paid. No one can unlock the data once it has been encrypted. This means that preventative action is everything. Either take the threat seriously, today, or run the risk of finding a ransomware note splashed across your desktop.
On the other hand, if preventative measures are in place, and your data has been properly backed up by a trustworthy provider, then a ransomware attack need not bother your business at all. You can simply refuse to pay the ransom, and call your provider for support. Your data will be safe, and immediately accessible.
The more businesses and individuals that take this approach, the less powerful and common ransomware attacks will be. Cyber criminals are getting their way because people and businesses have yet to attach real value to their data. But once this connection between money and data has been made, and preventative measures are put in place, ransomware will lose its power.
So call your Internet provider today. There is only one question to ask: Can you assure me my data is safe? If they are not able to help you here, immediately find another provider who can.
Hearables are the new wearables
Earworn devices were among the fastest growing categories of wearable in the last quarter, capturing almost half of the market
Global wearable device shipments grew 85.2% in the second quarter of 2019 (2Q19) as shipments totaled 67.7 million units according to new data from the International Data Corporation (IDC) Worldwide Quarterly Wearable Device Tracker. Earworn devices (hearables) were among the fastest growing categories, capturing 46.9% of the overall wearables market during the quarter, up from 24.8% a year ago. Driving that growth was a slew of new products and consumers who purchased their second wearable, a hearable, to use in parallel with existing watches or wrist bands.
“The growing popularity of the hearables segment is forcing existing brands to reconsider past designs when launching new products, as evident in Samsung’s popular Galaxy Buds, while also attracting new brands to market,” said Jitesh Ubrani research manager for IDC Mobile Device Trackers. “And though it’s still early days, the market is showing signs of emerging subsegments such as hearables dedicated to sports from the likes of Jabra, premium hearables from companies such as Bose, and ones dedicated to hearing loss such as those from Nuheara.”
“What has been driving the hearables market is the experience,” says Ramon T. Llamas, research director, Wearables. “Quality audio is still the hallmark of hearables, but additional features – ranging from adjusting audio to smart assistants and health and fitness – increase their value and utility. As prices come down and more features come on board, this next generation of hearables will become the new normal for earphones.”
Hearable Company Highlights
Apple led the market for hearables by capturing 50.2% share during the quarter. New products such as the refreshed AirPods and the latest from the Beats lineup helped the company grow 218.2% compared to last year. With the iPhone business facing challenges, Apple’s wearables business, particularly the popularity of the AirPods, is helping the company once again become the de facto standard though this time it’s for hearables.
Samsung, thanks to its self-branded devices and the JBL brand, captured the second position during the quarter. The highly publicized Galaxy Buds were one of the company’s most popular pair of hearables as the pair was bundled with the purchase of Samsung’s latest smartphone. Additionally, the JBL Tune 500BT managed to capture a large share as the low price and wide availability helped move a lot of volume.
Xiaomi’s AirDots (amongst other models) helped the company capture the third position. Though the company primarily sells its hearables in China, Xiaomi has already started to make inroads in other markets such as Europe and the Middle East with its smartphones and wrist bands. IDC expects Xiaomi to follow suit with its hearables.
Bose, a company with a long history of headphones and other audio products, ranked fourth in this market. The company’s long lineage in audio and premium offering has helped set the company apart from the remainder of the pack. The QC35ii and the SoundSport Free were two of its most popular products during the quarter. The latest Headphones 700 and upcoming Earbuds 500 should help the company maintain momentum in the upcoming quarters.
ReSound, the parent company of Jabra, rounded out the top 5 with 5.1% share and 132.9% growth. Jabra’s Elite Active 65t have been extremely popular as an alternative to Apple’s AirPods and have also been promoted heavily on Amazon’s store, allowing the company to pitch itself as a strong consumer brand in addition to its preexisting headset business that is targeted at office workers. At IFA 2019, Jabra announced the next version of the Elite Active series, which helps modernize the hearables and should provide healthy competition for others on the list.
Top 5 Wearable Companies, Hearable Devices only, by Shipment Volume, Market Share, and Year-Over-Year Growth, Q2 2019 (shipments in millions)
|2Q19 Market |
|2Q18 Market |
|Source: IDC Worldwide Quarterly Wearables Tracker, September 9, 2019|
Note: IDC defines Earwear/Hearables as the wearables that hang on or plug into the ear. The device must operate wirelessly and provide stereo sound while also including at least one of the following features:
- Track health/fitness (e.g., Samsung Gear IconX).
- Modify audio, and not just noise reduction (e.g., Nuheara IQbuds).
- Provide language translation on the device (e.g., Waverly Labs).
- Enable smart assistants at the touch of a button or through hotword detection even if the assistant is running on another device such as a smartphone (e.g., Apple’s AirPods and Google’s Pixel Buds).
Phishing attacks hook into iOS
The number of phishing attacks targeting users of Mac computers, iOS-based mobile devices, and the associated web services ecosystem to lure them into fraudulent schemes has reached 1.6 million in the first half of 2019 (H1-19) – proving that the growing number of users of popular digital devices is clearly attracting more and more cybercriminals!
While the volume of malicious software threatening users of macOS and the iOS mobile platform is much lower than those threating users of Windows and Android platforms, when it comes to phishing – a platform agnostic cyberthreat – things are quite different.
Phishing attacks rely on social engineering, which means most have nothing to do with software. In fact, Kaspersky’s recent Threats to Mac Users research highlighted that the number of cases where users faced fraudulent web pages utilising the Apple brand, as a decoy, has increased significantly in the first six-months of the year, reaching 1.6 million. This figure is around 9% greater than attacks experienced during the whole of 2018, when Kaspersky security solutions prevented more than 1.49 million attempts to access Apple-themed phishing pages.
What’s more, some regions had more macOS users hit by phishing than others, for instance, Brazil leads this list with 30.9% of users attacked, followed by India with 22.1% – and while not as prominent as other regions (and in proportion to the number of Apple device users), South Africa still sits at 17.5%.
The research is based on threat statistics voluntarily shared by users of Kaspersky Security Network – a global cloud infrastructure designed for immediate response to emerging cyberthreats.
Among the most frequent fraud schemes are those designed to resemble the iCloud service interface, aimed at stealing credentials to Apple ID accounts. Links to such services usually come from spam emails posed as emails from technical support. They often threaten to block user accounts should they not click the link.
Another widespread scheme is the use of scaremongering pages that try to convince the user that their computer is under serious security threat and it will only take a couple of clicks and a few dollars to solve those issues.
“While technically these fraud schemes are nothing new, we believe they pose an even greater danger to Apple users than similar schemes against users of other platforms – such as Windows or Android. This is because the ecosystem around Macs and other Apple devices is generally considered a far safer environment. Therefore, users might be less cautious when they encounter fake websites. Meanwhile the successful theft of iCloud account credentials could lead to serious consequences – an iPhone or iPad could be remotely blocked or wiped by a malicious user, for example. We urge users of Apple devices to pay more attention to any emails they receive, especially those claiming to be from technical support and requesting the user’s details or asking the user to visit a link,” said Tatyana Sidorina, security researcher at Kaspersky.
In addition to a rise in phishing, thereport also revealed other types of threats to users of macOS-based devices. The results have demonstrated some relatively positive tendencies: the most common threats for Mac users proved not to be critically dangerous malware, like banking Trojans, but instead AdWare threats, which are not-necessarily fatal and defined as ‘potentially unwanted programs’. Most are threatening users by overloading their devices with unrequested advertisements, yet some of these programs might, in fact, turn out to be a disguise for more serious threats.
Other findings of the report include:
- The total number of phishing attacks detected in the first half of 2019 (H1-19) on Mac computers protected by Kaspersky solutions was almost 6 million. The whole of 2018 saw 7.3 million hits.
- 39.95% of the detected attacks were aimed at stealing users’ financial data. That is 10%more than in the first half of 2018 (H1-18).
- Some regions had more macOS users hit by phishing than others: Brazil leads this list with 30.9% of users attacked, followed by India with 22.1% and South Africa with 17.5%.
- The most active malware to hit macOS users were variations of the Shlayer family, that succeeded in distribution by disguising itself as Adobe Flash Player updates.
To keep your devices safe, Kaspersky recommends:
- Keeping macOS and all your apps and programs up to date
- Using only legitimate software, downloaded from official webpages or installed from the Mac App Store
- Starting to use a reliable security solution like Kaspersky Internet Security that delivers advanced protection on Mac, as well as on PC and mobile devices.