Category Archives: Data Loss

GameoverZeus and Cryptolocker: is your data protected?

A massive international anti-cyber crime initiative has recently made a breakthrough, with a wanted notice for Russian national Evgeniy Mikhailovich Bogachev issued by the US government.  Bogachev is thought to be the mastermind behind two of the most recent (and most infamous) internet phishing schemes, commonly known as Gameover Zeus and the Cryptolocker virus.

GameoverZeus is a piece of malware that, when deployed on a victim’s computer, is able to target and extract login information for a range of applications ranging from social media and email accounts to online banking details. A different type of Zeus malware can also be used to install the ransomware Cryptolocker if the Zeus trojan is unable to find what it’s looking for.

As the Zeus group of malwares are trojans, and are therefore not designed to be found, Cryptolocker has become slightly more well known to users. Its function is to demand a ransom for certain files which have been infected by Cryptolocker. Affected users then face the dilemma of losing what is potentially an important file, or submitting to the ransom demands, with no real guarantee that they will get their file back anyway.

The US Department of Justice has officially issued charges against Bogachev, thought to be a ring leader of cyber-criminals, after the botnet that was operating the phishing scams was brought down. The effort was a collaboration between law enforcers from the US, as well as the UK and private security firms from around the world. The team was able to take control of the “Command and Control (C&C)” servers which had orchestrated the criminals’ operation.

However, the UK’s National Crime Agency (NCA) were quick to point out that this intervention is only temporary, as it would only be a matter of time before the criminals acquired new C&C servers from which they can run their operation. The NCA stressed to users the importance of ensuring that their computers were free of malware and protected against future infection.

The affect of the Zeus and Crytolocker malwares has been huge, and on a truly global scale. The scams can affect both home users and businesses and highlight the need to have the proper security measures in place.

Here at Backup Technology we have seen many of our customers affected by Cryptolocker in particular. Luckily, the files affected were securely backed up in our data centres, and so were retrievable. Had they not been backed up, the affected customers would have suffered the inconvenience, and potentially damaging affect of losing important files.

If you feel you are vulnerable to either Cryptolocker or the Zeus trojan, why not make an enquiry about our Cloud Backup and Disaster Recovery services. They could end up saving you a huge amount of stress and money should the worst happen!

LinkedIn Email Addresses Exposed by Plugin

A Google Chrome browser plugin can be used to expose the email addresses of LinkedIn users.

The plugin, called Sell Hack, can be installed on any Chrome browser and when users of it browse LinkedIn profiles, a “hack in” icon appears.

LinkedIn is said to be taking legal action over the plugin and advised users to uninstall. However, the nature of the plugin is such that its users will most likely not heed LinkedIn’s warning until threatened with stronger action.

Sell Hack insists that the the tool was created for marketing professionals and that all data is publicly available.On its website it said: “We just do the heavy lifting and complicated computing to save you time, We aren’t doing anything malicious to LinkedIn.”

LinkedIn however issued Sell Hack with legal documents. A spokesmen said:”We are doing everything we can to shut Sell Hack down. On 31 March LinkedIn’s legal team delivered Sell Hack a cease-and-desist letter as a result of several violations”.

LinkedIn, as of June 2013 (more recent stats couldn’t be found) had 259 million users, so the potential number of affected users is likely to be huge.

Google Chrome has many plugins and tools that can be downloaded free of charge by users. Whilst most have no malicious intent or use, most plugins are produced by third parties, so the potential for malware to be produced is there.

The full consequences of the plugin are yet to surface, however it is expected that many users will certainly receive nuisanceemails as a result of this.

Derisory Backup Methods Results in Data Loss

Data recovery provider, Kroll Ontrack, has released results from its second annual survey of customers who lost valuable data.

One of the key findings from the survey was that consumers and businesses have increased their attempts to protect their data by backing it up but have used inadequate methods which resulted in data loss.

The survey results report that 65% of respondents had a backup solution in place at the time of a data loss incident. This is a 5% increase from the figures reported in 2013. What is concerning is that 59% of respondents claimed that they were taking a backup to an external hard drive. 15% utilised a cloud based backup solution whilst 10% used a tape based backup solution. 55% of the respondents also claimed that they made sure backups ran on a daily basis.

Despite so many consumers and businesses utilising a backup method, the main reasons for backups failing and therefore resulting in data loss are:

–          The external drive was only connected on an occasional basis; backup not automated and instead performed on demand.

–          The backup ran out of destination space.

–           The backup profile did not cover all of the device requiring backup.

Abhik Mitra who is a data recovery product manager at Kroll Ontrack believes that having a data backup solution in place is just one step to ensure that data isn’t lost.

Mitra stated, “As the year-over-year survey results demonstrate, conducting backups is just step one in a complete backup strategy. Regularly ensuring your backup solution works effectively and the data is accessible is also paramount.”

As there are now a host of backup solutions available, there are very little excuses for businesses to be utilising a solution that isn’t adequate to meet their needs and demands. This survey also exposes the lack of quality that some backup solutions provide to consumers and businesses as data loss still occurs when backups are meant to be running.

Mitra added, “With backup technology getting better in quality and price, it is no surprise we saw an uptick in the percentage of people implementing a backup solution. What is interesting is that those that spend time, effort and money to implement the solution still experienced data loss, proving that one needs to be extremely diligent to ensure their chosen backup method is successful.”

One feature of a backup solution that is regularly overlooked is the monitoring aspect. An effective monitoring system that is easy to understand can help reduce the likelihood of a data loss incident from occurring. A cloud based backup solution also brings several advantages than other solutions and should be seriously considered.

Do you utilise a backup solution? Are you confident that you can recover your data no matter what happens?

World Backup Day Offer from Backup Technology

31 March 2014

Backup Technology is offering a month’s free Cloud Backup to mark this year’s World Backup Day which takes place today (March 31).

We will provide one month of FREE Cloud Backup for new customers who take out a one year’s standard twelve month minimum contract and two months FREE Cloud Backup for new customers taking out a minimum 24 month contact. The offer ends at midnight on Friday 11 April.

Rob Mackle, Sales Manager and Channel Sales Manager EMEA for BTL, said: “Computer hard drives fail and that rate of failure increases the older the hard drive gets, so World Backup Day is a reminder of how important it is to have a secure backup solution in place. We work with enterprise business, consumer brands, consultancies and charities, all of whom need secure, reliable and scalable protection for their data.”

BTL’s Cloud Backup offering is based on Asigra software and fits the Private Cloud, Public Cloud and Hybrid Cloud requirements for any size of environment, on and offsite. Asigra is the world’s leading Cloud Backup software developer and BTL is its largest global partner.

The BTL offering provides an Enterprise and WAN optimised solution, allowing large amounts of data to be protected over small bandwidth connections.  BTL’s proprietary portal enables centralised web-based monitoring and consolidated daily emails giving customers full transparency of backups on a real time basis.

BTL is part of UK cloud company iomart and currently protects over 15 petabytes of data in the public and private cloud for customers including leading disability charity Papworth Trust. Read how BTL helped the Trust adopt a more streamlined approach to backup here: – http://www.backup-technology.com/downloads/papworth-case-study-.pdf

To take advantage of our World Backup Day offer call us on 0800 999 3600, email sales@backup-technology.co.uk  or Tweet to @backuptech

Morrisons suffer pay-roll data theft

Sensitive financial data from supermarket giant Morrisons’ staff payroll system has been stolen and published on the internet, putting 100,000 staff at risk.

The information, which was also sent on a disc to a newspaper, included bank account details of the Bradford-based chain’s employees.

A spokesman for Morrisons, which has 569 stores including 72 local stores across the UK, said that it immediately ensured it was taken off the website.

He added: “Initial investigations suggest that this theft was not the result of an external penetration of our systems.

“We can confirm there has been no loss of customer data and no colleague will be left financially disadvantaged.”

Morrisons have informed its workers about the theft and it is helping them take the appropriate actions to safeguard their personal data.

Morrisons has now carried out a number of actions, including working with the cyber-crime authorities and the police to identify the source of the theft and setting up a helpline for workers.

Dalton Philips, the firm’s chief executive, is leading the response to the theft.

The news comes after Morrisons posted its lowest annual profit for five years and announced it would invest 1bn ($1.67bn, 1.2bn) in price cuts over three years to win back customers.

Southern District Health Board Suffers Data Loss

The Southern District Health Board (DHB) has suffered from a data loss incident which has resulted in thousands of breast examination images being lost.

The images that have been lost were taken between 1st February 2012 and 31st October 2012 but will do little to reassure the affected patients that their personal data is in safe hands. It isnt all doom and gloom for the Southern DHB as all of the images that have been lost had been reported on by a senior doctor and all the results have been filed away in the patients case notes.

The data loss has been blamed on a server failure which was incorrectly configured. As a result of this, the images were not backed up and have therefore been lost.

Kevin Hague who is the Green Party health spokesman claims that hose affected will feel very uneasy about the Southern DHBs system security and that it is very surprising such incidents are still occurring after previous problems.

Hague stated, “There’s going to be a lot of women in the Otago and Southland area who are going to be feeling pretty anxious about that, and a larger number still who are anxious about the security of the DHB’s systems overall, not just in this particular area.

Hague added, “I would have thought that after all of the problems around loss of data, loss of information over the past several years, that district health boards would now be sensitive to these issues, and these sorts of problems would have stopped occurring. It is deeply disturbing that that’s not the case, and I believe that some kind of investigation of that is also warranted.”

Carole Heatly who is the Southern DHB chief executive has been keen to stress that there have been no changes in the patients mammogram outcomes and that they have contacted each person affected.

Heatly stated, The patients and the GPs have been informed of the results so there’s no clinical risk to these women. However, in the spirit of open disclosure, we’ve written to every woman affected and to their GPs to first and foremost apologise and to reassure them that their images, whilst lost from the server, have been reported on by a senior clinician and those reports have been retained in their case notes.”

Heatly added, We encourage anyone who needs more information to call our contact line, and I would like to again apologise for this error.

This case demonstrates the importance of having a robust backup solution in place which has easy to understand reporting. If the Southern DHB did this, they would have realised that the data wasnt being backed up and therefore adjustments could have been made before the server failed.

Backup status reporting is often overlooked when choosing a backup solution but is one of the most valuable aspects as it helps you to have a proper understanding with the status of your backups and whether there have been any problems.

Does the backup solution that you utilise have an easy to understand reporting system?

Are you confident that you can successfully restore your data in the event of a disaster?

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal