Could Your system be infected with malware?

Drive-thru:

  • A recent FBI malware notice warns that your computer system may be at risk.
  • Malware can render your computer system inoperable.
  • There are definite steps you can take to protect your company computer system.

The FBI recently released an alert—the cyber-equivalent of a hurricane warning.

Malware originating in Russia has infected U.S. business and private computers. The culprit is known as VPNFilter and has contaminated the routers people use to connect to the Internet. In order to minimize damage, the FBI urges businesses and individuals to perform some vital computer tasks.

According to Adam Levin, founder of CyberScout, a cybersecurity and identity management company, “The FBI has not made many statements with this level of urgency regarding cybersecurity. Take this very seriously.”

Malware originating in Russia has infected U.S. business and private computers.

What is Malware?

Linguistically speaking, the prefix mal means bad, and ware refers to software.

“Malware essentially means destructive software intrusion,” says Penny Garbus, co-founder of Soaring Eagle Database Consulting and co-author of Mining New Gold—Managing Your Business Data.

“Malware is an attack on the data in your system or an attack on your system. The attack may result in not being able to access the internet or use your equipment. The malware may steal your customer or financial data or lock you out of your system.”

The malware can also use your computer’s internet connection and processing power to commit illegal activities, notes Levin, who wrote Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves.

Malware as a Cybersecurity Threat

With this latest malware threat, “cyber actors” working overseas—including in Russia—have infected hundreds of thousands of routers and other networked devices.

The malware enables hackers to monitor traffic moving through routers. While this occurs, they can steal information, block network traffic, and execute harmful commands. The hackers can even “brick” up a computer or device, leaving it inoperable.

Here is a sampling of the harm VPNFilter can do:

  • Shut down your company router—which means no internet.
  • Overload your system so it becomes inoperable. This is done with a DDoS (Distributed Denial of Service). The attack could also be directed outward: Hackers hijack your routers and launch an attack on another company or organization without your knowledge.
  • Traffic can be redirected to malicious sites. Once there, fraud is committed against your computer system and company.
  • You could have cyber hijackers demand ransom from your company, based on these various scenarios.

Is the Construction Industry Vulnerable?

You betcha.

“Hackers find it profitable to launch malware and phishing attacks on the construction industry because they can access a treasure trove of data,” says Levin.

Hacking is often done through BEC (business email compromises). “You get an email and assume it’s coming from someone at your company or a customer or vendor, but in reality it’s a phishing email containing malware designed to steal proprietary information and data,” explains Levin.

VPNFilter malware lurks in your system, waiting for commands for malware downloads. Click To Tweet

If you’re thinking your company is small potatoes and cybercriminals won’t bother—think again.

“No company is too small to be attacked,” says Garbus. “Simply conducting business makes your construction company vulnerable.”

Protecting Your Computer System from Malware

Basic updates don’t necessarily protect your computer system. The malware actually circumvents some common protections on computers. Most construction owners don’t update their router firmware, which allows for hacking.

The VPNFilter malware attacks in three stages.

  1. It lurks in your system, waiting for commands for malware downloads.
  2. After downloads, the malware exploits your system and devices, doing potentially far-reaching harm.
  3. If things go unchecked, the malware becomes hard to track and does an even better job of stealing information.

When your computer system is in stage one, rebooting your router disrupts the next two stages. To reboot, contact your Internet service provider (ISP) or consult the company’s website for rebooting instructions.

After rebooting, disable remote management settings on all devices. Also ensure that the router has new passwords. Update the router with the latest firmware version, and enable encryption, if possible.

Other protective measures:

  • Use hardware and software firewalls and anti-virus and anti-malware software.
  • Practice excellent cyber hygiene. Use strong, unique passwords, log out of websites when not using them, and keep software on your devices up to date. Also be wary of downloads. Levin advises not to click anything “unless you’re sure the information is from a credible source.”
  • Back up daily and reboot weekly.
  • Get expert help. If a lot of this is Greek to you, protect your computer system by consulting with an IT specialist.

Sign up. Stay fueled.