Dyre Malware Has Stolen Over $1 Billion: Is Your Company’s Sensitive Data at Risk?

As Cyberattacks Continue to Skyrocket, DYRE Malware Grew 125% in Q2 Alone.  Are You Prepared for the Latest?

Both consumers and organizations of all sizes are at increased risk for DYRE malware attacks in the months to come. TrendLabs reported a 125 percent increase in DYRE attacks in the second quarter of 2015, proving that criminal interest in stealing user credentials is growing.

Simultaneously, attacks against healthcare organizations have grown 600 percent, and these organizations are 74 percent more likely to be targeted by phishing emails than other industries.

 Despite the increased climate of threats, small and medium-sized businesses (SMBs) can take the right steps to protect their finances and their customers’ sensitive data against DYRE and other phishing attacks.

What Is DYRE Malware?

DYRE malware typically enters a business network through a phishing email, which is designed to look like an important communication from a bank, the IRS, or another business entity. An example shared by TrendLabs included a subject line pertaining to a tax levy and an important-looking attachment with body copy that indicated immediate action was necessary. When employees click the link in the body of the email or open the attachment, the malware gains access to the system.

What Are the Repercussions of a DYRE Attack?

DYRE works quickly once it gains entry and performs “man in the middle attacks.” According to TrendMicro, it may perform browser screenshots and steal personal certificates to obtain password credentials to protected information. DYRE also works to avoid detection by disabling information security measures organizations may already have put into place, including firewalls and anti-malware protections.

Among private consumers, DYRE attacks are typically focused on stealing banking credentials so cybercriminals can gain access to an individual’s money. In healthcare organizations, the focus is usually to obtain protected patient or customer information so identities can be resold at a profit or ransomed back to the victim.

How to Protect Yourself Against DYRE and Other Phishing Attacks

To prevent a DYRE attack, phishing awareness among your employees is critical. A full-featured anti-malware solution and password change policies can help organizations get started protecting against the “dire” effects of this unfortunate information security trend.

In order to stay safe, all individuals at your organization need to be aware of how to detect a potential email attack, and who to notify if an email ever appears suspect… And for many small and medium businesses and practices, identifying the right resource to reach out to for technical help may not always be clear.

Despite increased threats, information security for SMBs and healthcare organizations isn’t impossible. Working with an expert managed services provider with years of experience helping with strategic information security enables you to identify your organization’s primary vulnerabilities, establish much-needed policies, and perform ongoing training to allow you to avoid the costly cleanup and customer defection that follows a major cyberattack.

Comments are closed.