TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

2022: The Year Of Malware, Hacks And Phishing

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Much of our time this year has been spent working with our clients, making sure they’re ready to fend off newly emerging cyber threats or malware strains.

So to look back at the year, we thought we’d round up what many experts agree has been the nastiest malware of 2022.

At the top of the list is Emotet. Chances are you haven’t heard of it by that name, but it’s a trojan that’s spread by spam email. It usually looks like a genuine email with familiar branding, but it tries to persuade the recipient to click a malicious link (using language like ‘your invoice’ or ‘payment details.’

It may also look like it’s from a parcel company. This malware goes through your contact list and sends itself to family, friends, colleagues, and clients. Then it looks less like spam, because it’s come from your email account.

In second position is LockBit. This is ransomware that’s designed to block access to your files and systems when cyber criminals encrypt them.

They ask you to pay a ransom for the decryption key (which they often still don’t hand over, even when you’ve paid). If you don’t have a solid backup strategy, it is highly likely you’ll experience data loss.

This is a targeted attack that spreads itself once it’s infiltrated one device on a network. In fact, it can ‘live’ for weeks inside a network before the attack is launched.

In third place is Conti, another form of ransomware, and in fourth position is Qbot, a trojan designed to steal banking information and passwords.

It may all sound scary, but there’s plenty you can do to give your business greater protection from these threats:

  • Keep your entire network and all devices updated
  • Don’t download suspicious attachments or click links unless you’re certain they’re genuine
  • Practice strong password hygiene, including multi-factor authentication, password managers, biometrics, and passkeys where available
  • Give your people access to only the systems and files they need. Remove ex-employees from your network immediately
  • Create and regularly check back-ups
  • Educate your people regularly

We can help with all of this – just get in touch!