If you own a computer that seems to have slowed to a crawl, you may be thinking about replacing it. But what about all the files on your old dinosaur? You may be thinking about transferring them to an external hard drive, a time-consuming and tedious process, or you may have heard of the far simpler process known as “cloning.”

Cloning is the act of creating a direct, one-to-one copy of a hard drive. Like the term suggests, cloning a computer will leave you with an identical copy of all the particular apps, files and settings on the device, which a user can then install onto a new one or keep as a backup in case something disastrous happens to the original.

Cloning is a pretty simple procedure and there are a lot of free tools to help you do it. But one problem it won’t help you solve is data bloat. Bloat is unwanted data that slows down a computer. This unwanted data can come in all types of different forms. It could be music, photos, games and apps, spreadsheets or text documents. One specific type of bloat, known as “software bloat,” occurs from successive updates to a computer program as they’re layered over one another time after time.

Generally, bloat is the result of the steady accumulation of more and more data as it’s added to your computer. Bloat eats away at the available memory on your hard drive and can lead to performance issues, most notably, slowing it down. If you’re experiencing frequent crashes, it may also be a problem with a corrupted file trying to execute.

You can’t clone the bloat away

Here’s where the problem with cloning comes in. Since a slow computer is a common reason for getting a new one, and cloning simply replicates all the data already stored on a device, it may not be the best strategy for getting existing files from an older computer onto a new one. Given that you’ve also probably updated your hardware, it won’t slam the breaks on your processing speeds immediately, but it’s an added burden right out of the gate.   

An alternative strategy is to back up your old device to the cloud and migrating files to the new one as needed. When done this way, all the old and unnecessary files you don’t think to update yourself aren’t taking up space on your shiny new laptop. When automatic cloud backup is installed, all the latest files from the initial computer exist online, ready to be pulled down to your device whenever a local copy is needed.

Transferring data piecemeal can also help identify anything problematic that’s causing a device to crash. Once isolated, it can be easier to uninstall or delete.

By storing the majority of your files in the cloud, you ensure free space remains on your hard drive log into the future. It’s less taxing on your device, and you’ll notice better performance as a result. There are also organizational benefits to having old files stored in one convenient location. If you’re combing for tax documents from previous years, for instance, you know where to grab them from your old drive. Without having to having to watch an old laptop inch along.

So, when it comes time to replace an old computer, think twice about cloning. Choosing cloud backup from Carbonite could help extend the life and improve the performance of that new device.

Threat actors are becoming more sophisticated, agile and relentless in their pursuit of stealing personal information for financial gain. Rapid and evolving shifts in the threat landscape require the knowledge and solutions to prepare and prevent threats that could spell disaster for organizations’ reputations and operations.

Organizations of all sizes remain at risk. Small to medium-sized businesses (SMBs) and managed service providers (MSPs) are especially vulnerable to the stealth efforts of bad actors. With fewer financial resources, a ransomware payment demand could mean the difference between staying in business and closing up shop.

Government entities are also prone to attack. In December 2021, Belgium’s Ministry of Defence experienced a cyberattack exploiting the Log4j vulnerability that paralyzed the ministry’s computer network. Within the same month, Australia’s utility company, CS Energy, experienced a ransomware attack involving the well-known ransomware Conti.

Evolving cyber threats can be unpredictable, but that doesn’t mean businesses have to tackle them alone. A robust security stack can help businesses stay protected and prepared. Establishing this level of resilience involves partnering with a provider that has human-powered threat hunting resources.

What is threat hunting?

Threat hunting involves actively searching for adversaries before an attack is carried out. Threat hunting involves the use of tools, intelligence and analytics combined with human intervention. Threat hunting centers around the proactive containment and identification of potentially damaging files before malicious vectors can cause severe damage to an organization’s operations.

What does a threat research analyst do?

“At Webroot, we focus our efforts on analyzing customer data. Our threat research analysts examine this data to determine if malicious files are present. Our analysts are constantly looking for files that possess certain characteristics that make up various types of malware. If we identify and determine that critical elements of a suspicious file are present, we classify and block them. Making determinations can be approached in different ways. One avenue of determination is carried out by creating isolated conditions to run the suspicious file to see what results it presents,” says Marcus Moreno, manager, threat research at Carbonite + Webroot, OpenText companies.

“Since our database is comprised of mass quantities of SMB and MSP data, we can continue to make determinations from a large and evolving data set. This is why SMBs and MSPs can derive value from partnering with Webroot,” adds Moreno.

Take your security stack to the next level

Cyberattacks will continue to be a concern for businesses, governments and individuals. Combatting cyber threats means adopting a cyber resilience approach. Cyber resilience is the ability to remain operational in the face of threats – whether human or maliciously-based. One important element of a solid cyber resilience strategy is to remain in a pre-emptive and proactive stance. Avoid costly ransomware payment demands, bolster customer confidence and minimize downtime for business operations by investing in a solutions provider backed by threat hunting capabilities.

Discover how Webroot’s solutions can protect your business.

Phishing attacks sustain historic highs

In their latest report, IDG and the pros behind Carbonite + Webroot spoke with 300 global IT professionals to learn the current state of phishing. We learned that 93% of IT executives are still concerned about phishing – and it’s no wonder, as companies averaged 28 attacks each over the previous 12 months.

Luckily, the report details how to fight back. With the right preparation and the right protection, companies can prevent all but 0.3% of attacks.

Phishing capitalizes on COVID

Phishing attacks have been part of the cybercriminal arsenal for years. But it’s only recently that phishing has flourished into the scourge it is today. That’s because cybercriminals have found success by targeting COVID-19 fears with their schemes.

In fact, phishing attacks spiked by 510% from just January – February 2020, according to the 2021 Threat Report. These increases leveled off by the summer, but phishing attacks still increased 34% from September – October 2020. Overall, 76% of executives report that phishing is still up compared to before the pandemic.

COVID-based tactics might purport to have new info on a shutdown, to share COVID stats or even suggest info from your doctor. But in each case, cybercriminals are looking to steal your information.

Who’s getting attacked?

IT departments are feeling the brunt of these attacks, with 57% of them targeted by phishing. Carbonite + Webroot Sr. Security Analyst Tyler Moffitt says, “Even if malware targets someone with lower-level access, the attack will move laterally to eventually find an IT administrator.”

He goes on to say that attackers can then linger for a week or more to find valuable data or steal a balance sheet that gives an indication of how much ransom to charge.

Because they often have important credentials, top executives and finance groups are also common targets. Public-facing customer service employees also offer easy access.

Consequences of phishing

75% of global IT executives say they’ve suffered negative consequences from phishing attacks. That includes:

• 37% suffered downtime lasting more than a day
• 37% suffered exposure of data
• 32% lost productivity
• 19% had to pay legal or regulatory fines

A layered approach to security

But it’s not all bad news. Yes, phishing is using new tactics to target businesses. But there are ways to fight back.

The report cites training as one of the most effective tools. But the frequency of training varies greatly, and 25% of those who use it don’t include phishing simulations. By using security awareness training that offers regular simulations, you can reduce phishing by up to 70%.

But even with great training, the report notes that people will still click some of the time. That’s why a multi-layered approach gives peace of mind that not all is lost if one person messes up.

No layer is 100% effective, but taken together many layers get very close. A defense in depth security posture utilizing DNS and endpoint detection as well as a sound backup strategy can give you confidence that you’re prepared to withstand even a successful phishing attack.

Ready to start protecting yourself and your business? Explore how Carbonite + Webroot provide a full range of cyber resilience solutions.

Download the IDG report.

Malware leaps from the darkness to envelop our lives in a cloak of stolen information, lost data and worse. But to know your enemy is to defeat your enemy. So we peered over the ledge leading to the dark web and leapt. The forces we sought are disruptors – without warning, they disturb our businesses and our connections to family and friends.

And darkness we found – from million-dollar ransoms to supply chain attacks, these malware variants were The 6 Nastiest Malware of 2021.

How malware disrupted our lives

These days, every major ransomware campaign runs a “double extortion” method, a scary prospect for small businesses. They steal and lock files away and they will absolutely leak data in the most damaging way if a ransom settlement is not reached.

Phishing continues to be key for these campaigns and it’s typically the first step in compromising a business for the nastiest malware.

This highlights the importance of user education – training users to avoid clicking these phishing lures or preventing them from enabling macros from these attachments are proven in stopping malware in its tracks.

While the list below may define payloads into different categories of malware, note that many of these bad actor groups contract work from others. This allows each group to specialize on their respective payload and perfect it.

This year’s wicked winners

Lemonduck

• A persisting botnet with a cryptomining payload and more
• Infects via emails, brute force, exploits and more
• Removes competing malware, ensuring they’re the only infection

REvil

• The Nastiest Ransomware of 2021 that made headlines with supply chain attacks
• Many attempts to shutdown the REvil group have so far failed
• Their ransomware as a service (RaaS) platform is on offer to other cybercriminals

Trickbot

• Decade old banking and info-stealing Trojan and backdoor
• Disables protections, spreads laterally and eventually leads to ransomware like Conti
• Extremely resilient, surviving numerous attacks over the years

Dridex

• Banking and info-stealing Trojan and backdoor
• Spreads laterally and listens for domain credentials
• Eventually leads to ransomware like Grief/BitPaymer/DoppelPaymer

Conti

•  Longstanding ransomware group also known as Ryuk and likely linked to LockFile ransomware
• TrickBot’s favorite ransomware
• Will leak or auction off data if victims don’t pay the ransom

Cobalt Strike

• White hat-designed pen testing tool that’s been corrupted and used for evil
• Very powerful features like process injection, privilege escalation and credential harvesting
• The customizability and scalability are just too GOOD not to be abused by BAD actors

Victimized by malware

The good news (I guess) is that last year’s average ransom payment peaked at $200,000 and today’s average is just below $150,000.

The bad news is that hackers are spreading the love and targeting businesses of all sizes. In fact, most victims are small businesses that end up paying around $50,000. Ransomware actors are getting better with their tactics, recruiting talent and providing a streamlined user experience.

The whole process is terrifyingly simple and for every one that gets shut down, two spring up to replace it. To top it off, supply chain attacks are becoming a massive issue.

Protect yourself and your business

The key to staying safe is a layered approach to cybersecurity backed up by a cyber resilience strategy. Here are tips from our experts.

Strategies for business continuity

• Lock down Remote Desktop Protocols (RDP)
• Educate end users
• Install reputable cybersecurity software
• Set up a strong backup and disaster recovery plan

Strategies for individuals

• Develop a healthy dose of suspicion toward messages
• Protect devices with antivirus and data with a VPN
• Keep your antivirus software and other apps up to date
• Use a secure cloud backup
• Create strong, unique passwords (and don’t reuse them across accounts)
• If a download asks to enable macros, DON’T DO IT

Discover more about 2021’s Nastiest Malware on the Webroot Community.