The latest threat to computers is harder to spot than ever. Presenting itself as a critical Windows update, Fantom ransomware will encrypt all your files and demand a ransom. With threats like this becoming increasingly sophisticated, protecting your business is essential.

IT Security - ransomware threat

What is ransomware?

One of the most prevalent cyber-attacks businesses encounter is known as Ransomware.

Commonly, this is spread through infected email attachments or links to malicious websites, that go on to run “malware” – short for malicious software – which then encrypts your data and files.

Next, you’re asked to make a payment within a given time to recover these. This doesn’t always work. Sometimes your information is lost completely.

IT Security - Cryptolocker
Cryptolocker ransomware demand

Recently, there have been several new strains of the Cryptolocker Ransomware virus – Locky and Zepto are just a few of the types among many.

How does Fantom ransomware differ?

The first defence against computer threats combines a number of vigilances, including keeping software up-to-date.

IT Security checklist

Fantom hijacks this requirement by disguising itself as a Windows update to trick unsuspecting users.

Very convincing in appearance, it will ask you to allow the update to encrypt all your files. Whilst the encryption takes place, you may see this decoy screen below:

IT Security - malware
Fantom ransomware – fake Windows update screen

Clicking “cancel” will hide Fantom, but this will still launch the malware program and encryption will begin. Next, you will get the demand for payment.

IT Security - ransomware demand
Fantom ransomware demand

The results of successful attack

Loss of reputation is commonly an indirect consequence and a typical attack could disrupt business operations for three days or more.

The more dependant your organisation is on technology the greater are your direct risks.

You might be tempted to pay a ransomware demand. These can range from hundreds to thousands of pounds and it is not advised to do so.

What must you do?

You need several layers of protection, including:

  • Awareness and Vigilance

Employees must be cautious when it comes to opening unexpected emails. Similarly, social media should be used responsibly – largely due to malicious online links.

  • Security Software

You should have up-to-date anti-virus and anti-spam software and use security systems such as Unified Threat Management (UTM).

A UTM sits between your office and the Internet. It prevents unauthorised access, in addition to Web content filtering and other security features.

OpenDNS is another option. This web-based security service works across all of your network devices, wherever they may be, boosting your overall levels of protection.

  • Backups

It’s more important than ever to have frequent backups, preferably stored in more than one location. This is the last resort when prevention fails.

  • Up to date technology

Ultimately, updates are necessary – even with the risk from Fantom. The important point is to use a system or a managed IT service provider like ourselves, that only install verified, safe updates for you and don’t allow on screen prompts to your staff.

You should also ensure all operating systems, servers and applications are fully up to date and running the latest versions.
If you’re running unsupported software such as Windows XP, Microsoft Office 2007 or legacy servers such as Windows Server 2003, you should consider upgrading these straight away.

  • Passwords

You should also enforce a strong user password policy.

Login credentials should use complex passwords and where possible use a second layer of security such as two factor authentication.

What you should be doing next

If your business is unprotected, you should act immediately.

Air-IT’s Managing Director, James Healey comments:

The cyber landscape changes rapidly and threats are becoming harder to spot. Layering the right combination of security solutions goes a long way towards protecting your business and offers increased peace of mind.

Need help or advice?

At Air-IT we have years of experience and close partnerships with industry leading security and threat management vendors to help keep your systems safe and secure.

So, if you need help, advice or more information on our cyber security services, including Cyber Essentials Plus, please contact us on 0115 880 0044 and we will be more than happy to advise you further.