Computers are vulnerable pieces of equipment, often subjected to hardware failure, overheating, and the potential loss of data. To make matters worse, malicious individuals and criminal groups can develop specialized malware to exacerbate the aforementioned issues. One such cyber-attack is the Korhigh Trojan, which has successfully targeted the government and numerous media networks across South Korea. The program can reduce a computer to an unusable brick, wiping the hard drive clean of data. Luckily, image-based backups serve as an effective counter-measure to these attacks, and it is paramount that small businesses educate themselves on such cyber security techniques.
The Debilitating Korhigh Trojan
According to Ars Technica, the true danger of the Korhigh Trojan is its ability to overwrite almost any information stored on a system’s hard drive. Although most people assume that these attacks are limited to saved documents, photos, and music, this is not actually the case. Much like the Jojka malware that shut down half a dozen banks back in March, this data-wiping program can delete the device’s master boot record, a vital component required for a computer to properly start. In essence, the Korhigh Trojan can not only delete specific files, but it can prevent you from getting beyond the boot screen.
Even if the attackers spare you the sheer functionality of your computer, they can easily target specific files. According to a post by a security firm, the Trojan can replace all passwords with pre-set characters. In one instance, compromised devices had their passwords reset to the string “highanon2013”. Furthermore, all files ending in gif, php, and dll among others, can be wiped by a single command.
So who’s behind these attacks? Early reports suggest that a hacking community known only as DarkSeoul is responsible. A blog post by the aforementioned security firm, added, “We can now attribute multiple previous high-profile attacks to the DarkSeoul gang over the last 4 years against South Korea, in addition to yesterday’s attacks. The attacks include the devastating Jokra attacks in March 2013 that wiped numerous computer hard drives at South Korean banks and television broadcasters, as well as the attacks on South Korean financial companies in May 2013.”
Image-based Backups to the Rescue
Once your computer has been attacked by a file-wiping Trojan, there is admittedly little that you can do. It is for this reason that frequent hard drive backups are so important. When backing up data, there are two popular methods – image-based backups and file-based backups, with each one carrying its own pros and cons.
Image-based backups are a complete snapshot of your entire hard drive. They include all of your installed software, documents, games, music – everything!
At the other end of the spectrum are file-based backups. This method involves transferring individual files one-by-one. The process can be conducted manually, or specialized software can be downloaded to automatically identify and save any new data, though it’s inferior to full image-based based backups, since it’s easy to miss a file–even for software.
Image-based backups offer better protection. After all, they ensure the safety of the entire hard drive, rather than just a select few files. However, according to Celera Networks, this is a common misconception. Image-based backups take a little more time than simply transferring files, but they are generally done less frequently. This means that backups can be weeks or months apart, and any data that is lost in between these intervals is usually irrecoverable.
As a result, it is best to use a combination of the two. By running frequent file-based backups in conjunction with the occasional image-based method, you’ll ensure the safety of all your files, even those most recent.
Curious about cyber security? Have a look at this article: “Cyber crimes are wrecking the Internet, what should we do?”