Having a computer virus may seem like an incredibly inconvenient but relatively minor issue… until it affects an entire city’s computer system. That’s exactly what happened in Portsmouth, New Hampshire earlier this year. The town was hit by a Trojan horse malware called Emotet, which ultimately cost them over $150,000 to remedy.
The problems first started cropping up in mid-March when users began reporting emails that looked like they were coming from government departments demanding money. It turns out that the Emotet malware, which is quite intrusive, had infiltrated the city’s computer network and was sending emails unbeknownst to any of the end-users. In response, the town eradicated the malware, and then worked to significantly increase their network security.
For it’s part, the Emotet malware is quite advanced. Because of the way it infiltrates a system and can propagate throughout an entire network undetected, users don’t typically encounter any of the typical warning signs - like a strange download or a suspicious link - that are generally synonymous with viruses and malware. Instead, once the Trojan has made its way onto a network it starts burrowing, making its way through the other systems and workstations. The subject lines of the emails sent by the virus - generally alluding to an invoice being attached - entices users to open it, and the file or link where they will supposedly view their invoice quickly infects their computer with a virus, thereby spreading it to a new network.
Additionally, Emotet deploys a brute force password cracking method, which means users may end up locked out of their workstations due to failed access attempts that weren’t made by them.
How Can We Prevent Email Security Threats?
As always, the very first line of defense should be end-user education. End-users should be reminded to never open a suspicious looking document/download or click on a strange link. If something seems out of place - for example, use caution when you receive an invoice that’s coming from an organization or entity that generally doesn’t send invoices, or at least wouldn’t be sending it to that particular email address.
Next, although Emotet uses brute force password hacking which can end up locking users out of their accounts after failed attempts, a locked computer is much better than a hacked network. Therefore, strong passwords containing a combination of upper and lower-case letters, numbers, and symbols that are hard to guess should be mandated, and two-factor authentication should be strongly considered as a security measure if it isn’t already in place.
Ensuring that each workstation has up-to-date anti-virus and malware software is also critical, as is ensuring that all patches and updates are deployed and installed immediately throughout the entire network. Manufacturers deploy updates and patches to help address security issues, and a delayed deployment - even if it’s just by a few days - may be enough time for your organization to fall victim to a hack.
Finally, be certain that your company is regularly backing up data and storing it securely. Should your organization fall victim to a hack it could be brought to its knees without a way to regain access to uncompromised data.
To determine whether or not your organization can withstand a disaster - of either the manmade or natural variety - take our business continuity quiz.