Emotet…beware of the latest virus threat
Emotet is here… and you should be aware
Viruses and malware often go by bizarre names and Emotet (most likely a play on the ancient Egyptian priest Imhotep) is no exception, but don’t let the strange names fool you. Emotet is here to steal your details.
Whilst Emotet has been around since 2014, one of the more alarming items that has come to light is the fact that Emotet is able to change its identity and appearance making it harder for anti-virus software to detect and destroy.
How does Emotet work?
Emotet is distributed thorough spam campaigns and phishing attacks. These emails will typically say they have an invoice attached, but you will need to login to get it. Once Emotet has got a set of credentials, a download will start on the computer and it will install itself.
Emotet will not only go through your contacts and email them to start the process again, it will also scan your network and try to gain access to other computers and servers and spread itself across the network, replicating everything it does.
What does Emotet do?
One of the primary functions of Emotet is to capture online banking details, meaning that an attacker can seriously damage your business. Emotet also could let other viruses and malware onto your system, making not only your bank, but also your internal systems available to a myriad of attackers. Other negative consequences may include:
- temporary or permanent loss of sensitive or proprietary information,
- disruption to regular operations,
- financial losses incurred to restore systems and files, and
- potential harm to an organisation’s reputation.
Should I be concerned?
Everyone should be aware of the impact that infections like Emotet pose. Downtime from the result of such an infection can be expensive- the loss of funds from a bank account is just one of the issues that arise after an attack, especially if you don’t find out for some time. Unfortunately, there is no silver bullet when it comes to IT security. There is, however, the concept of layered security that can make it more difficult for an attacker to gain access to your systems (and your bank)
How can I prevent this sort of attack from happening?
Using a layered security approach, you can minimise the risk to your company by taking the following steps:
- Use a fully-managed anti-virus and anti-malware to scan computers on not just a regular basis, but also when files are opened.
- Employ a mail scanning service to protect against spam, phishing and other mail-borne attacks.
- Use a remote monitoring solution to monitor computers and deploy patch management for the operating system and 3rd party applications.
- Use a firewall between your network and the internet and between computers on your network to control what traffic can flow across your network.
- Ensure that user permissions are only extended to what is required to do their job and that users can’t install software on company computers, preventing malware from being installed and sensitive data.
- Make sure that network devices such as firewalls and switches are updated.
- Use strong passwords, to prevent automated password cracking compromising your systems
Consider implementing the best practices outlined by Cyber Essentials. If you’re unsure about what technology is currently in use to protect your network, contact MDI Networks and we can review your options to keep you secure.