5 Ways to Stay Safe From Emotet

How’s your cybersecurity?

Cyber attacks are continually on the rise, and one of the top threats is back on the scene in a big way.

Emotet attacks have surged recently, and it’s bad news for network admins, business owners, practice managers, and all other professionals who depend on computer networks.

It’s such a threat that the Cybersecurity & Infrastructure Security Agency released an alert regarding Emotet. From the alert, they state:

Since July 2020, CISA has seen increased activity involving Emotet-associated indicators. During that time, CISA’s EINSTEIN Intrusion Detection System, which protects federal, civilian executive branch networks, has detected roughly 16,000 alerts related to Emotet activity.

CISA observed Emotet being executed in phases during possible targeted campaigns. Emotet used compromised Word documents (.doc) attached to phishing emails as initial insertion vectors.

What is Emotet?

Well, what is this big threat?

Emotet is a malware that typically gets a foothold in an IT system via malicious email. Because of sophisticated social engineering – deceptive tactics designed to make emails and communication seem legitimate – this malware can actually bypass traditional signature-based security measures and breach your network through what’s oftentimes the weak link in your organization: your people.

Yes, clicking on a malicious link or opening a malware-infused attachment can lead to bad news for your network and data.

“What makes Emotet even more dangerous than your run-of-the-mill malware is it’s hard to identify because it’s a polymorphic virus, one that has ever-changing code,” said Aaron Allen. “This can make it a nightmare to clean up because there’s no set-in-stone file or code to look for.

Emotet also has worm capabilities, which can allow it to spread across a network without any input from other users. Once Emotet is in, it can cripple your IT system quickly.

“Among other things, Emotet can steal passwords and sensitive information, install other malware like ransomware, cover up its tracks, and even use the victims’ computing power to send out spam.”

“How can I keep my company safe from Emotet?”

“Emotet can do a lot,” explains Brian Walker. “And the authors are constantly working on new modules and enhancements. It can seem daunting, but there are potent ways you can protect your company and data.

“Here are 5 ways to stay safe from Emotet and other malware.”

1. Use multi-factor authentication.
Multi-factor authentication adds an additional step or two to authentication (such as a confirmation on your smartphone), making it harder for someone to get into your accounts.

2. Block certain email attachments.
By not allowing certain files to even get in to your network (.exe, .zip, .doc, etc.), you can greatly reduce the amount of attachment-based attacks.

3. Be careful with removable media.
Ask your network users to exercise caution when using removable media such as USB hard drives and flash drives.

4. Keep things updated.
Putting off that update? Don’t! Keeping your software, firmware, and security updated is just a baseline security task that just needs to be completed. Oftentimes, these updates shore up vulnerabilities. Along the same lines, don’t continue using deprecated software and operating systems. Don’t make it easy for the bad guys.

5. Think before you click.
Yes, it sounds obvious. But it really is an important concept and can seriously mitigate risk. Before clicking on a hyperlink or opening an attachment, take a moment to process things. Do you have a funny feeling? Does the message seem out of place or untimely? Are there rough edges or blatant grammatical errors in the message? When in doubt, get with your IT department or managed security provider on next steps.

“Cybersecurity and digital hygiene are incredibly important these days,” continued Walker. “We’ve seen cases where one wrong click literally led to a network outage and thousands in recovery.

“Need a cybersecurity tune-up? Perhaps you’re just starting out and want to get a good security foundation. Contact us today for a free consultation.”