Ransomware could really destroy your business – Make sure you are protected!

Ransomware –  Make sure your business is protected before it’s too late !

Local ICT companies that provide support services to local businesses are getting an increasing number of reports of systems being infected by what is known as Ransomware here in Malta. All over the world reports of businesses being heavily effected and indeed even going out of business because of this threat are being reported daily. In the US, the New York Times is treating this as a major issue. Many are labeling this threat a “Business Killer” because it can literally destroy your business. This type of Malware makes your files unusable and this includes your invoicing system and any other applications you may be using. Unless you have a backup of your data which is not also affected by this malware, you could potentially lose everything. It is extremely important that you have the correct protection and contingency measures in place. You need to be proactive as traditional antivirus solutions including corporate packages may simply not protect you against this threat.

The graph below shows the increase in the incidences reported to Mcafee recently. Mcafee is one of the leading anti virus solution publishers. There is no question that this type of virus is becoming a real problem. Read on to make sure your business is protected!

So what is ransom ware?
Ransom ware is a relatively new type of malware or virus. What it does is put you in a situation where you either pay a criminal (the creator of the virus) or you lose access to all your data. This includes MS Word Documents, MS Excel files, PDFs and many application software packages such as Sage Accounts and other popular products.  It encrypts or changes your data in such a way that there is no way of getting your files back except by paying the criminals who designed the virus. Once this happens you will be notified through a popup that appears on your screen similar to the one below. The criminals who are developing these new threats know that they can get caught easily if their money is delivered using traditional channels such as credit cards or Paypal so they request payment in Bitcoin which is a relatively new virtual (or internet) currency. These criminals choose to be paid in Bitcoin because they cannot be traced through it. In fact, this is the reason why Bitcoin is used for other illegal business such as trading in weapons and narcotics. The issue for us Maltese is that unlike in other countries it is not easy to find and purchase Bitcoins in Malta although it can be done.  In Italy for example, you simply look up people selling Bitcoin on Google and all you have to do is go down to the nearest public place with mobile in hand and your eWallet app installed, hand over your cash and the seller will send you the Bitcoins. They are after all simply numbers.

Figure 2 – Pop up screen that appears when you are infected (Could vary !)

So how do you get infected?
The most common method of infection is through email. At the moment a lot of emails are being sent under the guise of being from DHL or FEDEX because the creators of this malware are very aware that people are using eCommerce all the time and getting an email from these carriers is no surprise. This is not a rule as this malware is constantly evolving and the email could be disguised as anything. We have seen instances of this threat appearing as a response to a vacancy for example. Needless to say, companies looking for employees will be likely to open the attachment in this case. The sender could also be someone you know, so the advice “Don’t open attachments from people you don’t know” no longer applies.  
It has also been reported that this malware can also be spread through Remote Desktop Connections. To those of you who are not very tech savvy, this is a system which is used to connect to computers or servers remotely and usually used by branch offices or to work from home.
Another method that this malware spreads is through macros in Microsoft Word documents. Macros are small programs that provide extra functionality to Word docs and this malware will exploit this feature to deliver its payload. MS Word will warn you that a macro is a potential danger but if you get the document from a colleague, you are likely to ignore the warning.
Once you get infected, you will have no doubt of that this has happened. The malware will display a splash screen giving you instructions of how to pay the ransom and get your data back. There are many variants but most of the latest ones will ask you to pay half a Bitcoin if you do it in the first few days with the price going up if you wait longer.

What can you do to protect your data ?
The most obvious advice here is “Don’t open these email attachments!”. People who got infected will tell you that this  is easy to say but next to impossible to achieve in practice.
The key word here is backup ! You need to backup your data regularly and in such a way that Ransom Ware does not encrypt your backups as well!
Many of the regular antivirus solutions simply detect ransom ware when it is already too late. Most are good at removing the actual application but not before it deploys its payload. Furthermore, the malware will first finish encrypting your data and only display the ransom message when it is done. By this time it will be too late to do anything in any case.
The latest variants of this threat also attack popular backup systems such as Easus Backup. The first versions that appeared in the wild did not but the latest versions are becoming much more intelligent and are aware of measures that are taken to mitigate these threats. For example, the latest windows operating systems support “Previous Versions” which allow you to revert to versions of your data from dates in the past. The latest variants even erase these copies so that you cannot use this feature as a safety net.
The best solution is to use a backup system that backs up to a device that is not usually accessible through Windows. Windows Server Backup in the latest versions of Windows Server Operating Systems works just like this. You can dedicate an external USB drive for your backups and this drive is then not accessible through “My Computer”. This is a perfect solution and something which the criminal malware creators will have difficulty solving.  Unfortunately this type of backup is not something you can use on your personal computer but there are others that work the same way.  Another solution would be to connect your external drive while you are backing up and disconnecting it when you are done.
There are also a host of applications specifically designed to combat this malware. Most of these work very differently from traditional antivirus solutions. Most antivirus solutions look for a signature to detect a virus or a sequence of bytes through which it can be identified. Applications designed to combat this threat instead work using Heuristics which means they detect the process which actually performs the file encryption. Because they work in this way, regardless of what the malware creators do, if it involves encrypting your files they will discover it and stop it.  

Here are a couple of examples :
Even the free edition will protect you enough for most purposes.

Or  http://www.surfright.nl/en/hitmanpro
Hitmanpro also have a free version which works in the same way.

Should you pay the criminals ?
The easy answer to this in NO! You are paying criminals and you have no guarantee that they will decrypt your files and give you your data back. You also cannot be sure that these criminals do not get arrested before they can keep their part of the deal or else skip the country because they have made enough money from poor souls like you!
On the other hand, if you don’t have any recent backups or if your backups have also been effected you need to ask yourself “Is my data worth €350?” If it is and many times it is worth much more than that, then paying is an option you should consider. Indeed it is like paying a thief who is robbing your house in the dead of night so that you don’t have to change your locks but in many cases this is the only option. There are many reports of users having paid the ransom and successfully got their data back.
Obviously paying the ransom will encourage more criminals to join in using this new method of extorting money from unsuspecting businesses but when it’s your data you simply might have no other option!

Written by Marcel Mizzi MSc BSc
GRTU Vice President (Finance & Admin)



GreenMT Council Awards 2016

Green MT, the National Authorised Packaging Waste Compliance Scheme has held its annual Council Awards under the patronage of the Hon. Minister for Sustainable Development, the Environment and Climate Change, Jose Herrera and the Hon. Stefan Buontempo, Parliamentary Secretary for Local Government.

The Green Council Awards have entered into their sixth year and nine awards were this year given to Local Councils, Schools, Industry Operators, 

 and individuals who have distingushed themselves in the sector of waste separation and final recycling.

In 2015, Green MT has managed to collect 4986 tons of recyclable waste from across 28 towns and villages in Malta and Gozo. More than three-quarters of that waste came from household waste collection, with 21.6 per cent collected at bring-in sites. Green MT manages 41 grey bag collections each week from these localities. As of 2015, Green MT has also started the glass bottles and glass container collection and has managed to collect and recycle 257 tons. 

Addressing the Green Council Awards, GREEN Mt CEO, Mr Joe Attard explained that each tonne costs the Scheme anything €120 in Malta and €217 in Gozo. Mr. Attard said that “sustainability in this sector can be ensured if the law obliges residents to separate at home” 

GRTU Vice President and Green Mt Director Marcel Mizzi said that GRTU is committed to ensure the proper implementation of the extended Poluter Pays Principle according to various EU Environemnt Directive. Mr. Mizzi continued that GRTU is a main stakeholder and on behalf of it’s members, it must be involved in every decision taken on waste management.

The winners of the Green Council Awards are:



• Ta’ Xbiex – (inġabru 239 tunnellata – 87 kg per capita)

• Imġarr, Malta – (inġabru 223 tunnellata – 61 kg per capita)

• Mellieħa – (inġabru 607 tunnellati – 60 kg per capita)



• Is-Sur Mario Calleja – Sindku ta’ Marsaskala



• St Ignatius College, Luqa Primary



• Simonds Farsons Cisk



• Imtarfa



• Siġġiewi



• San Pawl l-Baħar


Kappara Junction Project Progresses – GRTU follows closely as Vjal ir-Rihan Traffic Management is amended

The Kappara Junction Project has registered progress as diversion and alternate routes have been upgraded and improved in preparation for excess traffic that would be using such roads during the more rigorous phases of the project where actual works will be undertaken at the Kappara Junction itself.

Works have included widening of roads such as in Swieqi Valley, amended traffic diversions to support a circular traffic flow such as at Gzira strand, as well as upgrading of road infrastructure. During the month of June, Transport Malta has implemented new traffic management at Vjal ir-Rihan San Gwann. This route is to be utilised as one of the major diversion routes for traffic once Kappara Junction will be partially or fully closed during works.

GRTU has followed business needs closely during this change whereby better implementation and support to commuters was necessary. The business community in San Gwann has been in constant communication with GRTU. GRTU has managed to safeguard interests of retail outlets by convincing the authorities to install adequate un/loading bays in the area as well as introducing timed parking to ensure customers find adequate parking facilities in the vicinity. Moreover it is expected that in a few weeks time, when major works are undertaken at the Kappara Junction and further closures are effected in other zones, traffic will increase drastically resulting in more business in the outlets of the effected area.

GRTU continues with its proposals and communication with businesses and government on this project in order to ensure that business interests are safeguarded. The GRTU Transport Lobby Group represents business operators related to the passenger and goods transport and logistics sector. The Lobby Group continues to offer its on-the-ground expertise in order to put forward proposals and mitigate possible pitfalls. On the other hand, GRTU continues supplying direct information to business outlets in the effected zones to ensure that their interests are safeguarded as much as possible during the months ahead as the project progresses.

The next immediate step is that of Sliema Road partial closures and related works. GRTU is in contact with its members in the area in order to ensure a smooth transition. GRTU is gathering information and suggestions from businesses in the effected area and surroundings to be able to fully represent business interests and ensure that any measures to mitigate such effects are taken in full by government and respective authorities. For further information you are kindly asked to contact GRTU on 79232884 or 21232881.

GRTU supports the 2nd edition of ‘Servizz bi Tbissima’

A press conference was held at MCCAA to inaugurate ‘Servizz bi Tbissima’ The Service with a smile award’ that will also be extended to the best online service.

This award is organized by the Malta Competition and Consumer Affairs Authority (MCCAA). The aim of this competition is to recognize those shops that offer good service and strive to improve the relationship between consumers and retailers. At the same time promote good business practices.

Addressing the conference, Minister for Social Dialogue, Consumer Affairs and Civil Liberties Hon. Helena Dalli said that following the positive experience of last year, this year another category will be added where consumers will have the opportunity to reward business that offer good service online.

Director-General within the MCCAA Joyce Borg explained how apart from ensuring law enforcement amongst business, the Authority also conducts online action to ensure that sales and purchases online are efficient. Thus consumers have the peace of mind that these sales methods are in accordance with the GRTU supports the 2nd edition of ‘Servizz bi Tbissima’ law. GRTU Vice President Marcel Mizzi praised the initiative and said that the GRTU strongly supports this award. He mentioned how GRTU insisted that the application should be accessed and submitted online to make the application process easier. Mr Mizzi expressed the importance of the Maltese businesses using online platforms and said that in the coming days a financial scheme will be launched to help and encurage business owners to start selling over the internet.

In this second edition, consumers will play a key role in choosing the winner through online voting on the MCCAA Facebook page as well as through the website.

The winners will be announced at a ceremony that will be held in October.

Nomination forms along with more details about this award can be accessed at: www.mccaa.org.mt 


Loading & Unloading of Containers: a much needed clarification

GRTU has recently insisted with the Department of Local Government for a clear policy to be introduced in relation to the loading and unloading of containers.

The issue relates to containers being loaded and unloaded within Localities as opposed to the Hal Far Groupage Complex. GRTU has been advocating the principle that traders had every right to request permission to place a container within a Locality as long as the entire contents of the container were to be delivered to the same recipient.

Containers carrying groupage are strictly to be unloaded at the Hal Far Groupage Complex in terms of the Motor Tractors Regulations.

Until recently, the practice to load or unload a container outside one’s warehouse consisted of simply obtaining a permit from the Local Council offices in that locality.

Nonetheless in recent months members complained that certain Local Councils were refusing to issue permits for placing containers outside their premises temporarily in order to load or unload their contents. The issue revolved around conflicting interpretations of two pieces of legislation: the Motor Tractors Regulations and the Activities Requiring Permits by Local Councils Regulations.

This has left many traders fuming after being unable to carry out their commercial activities and moreover being served with contraventions to appear in Court charged with having containers parked on the street without the necessary permits.

After analyzing the existing regulations, GRTU’s legal department asked the Director for Local Government from the Parliamentary Secretariat for Local Government to confirm the GRTU’s interpretation which was eventually confirmed by virtue of two circulars that finally clarified the matter.

Members are therefore being made aware of the correct procedure for placing containers outside their premises:

  • Containers still loaded on their trailers simply require a Police Permit from the local district office. They do not require a permit from the Local Council. A Police Permit will always be given under the following conditions: (1) that no road is obstructed; (2) that no inconvenience to neighbours is caused; and (3) that no garages are obstructed.
  • Containers that have been removed from their trailers and placed on the street do not require a Police Permit. The trader however will have to obtain a Local Council permit. Permits for temporarily placing containers on the street from Local Councils cost €35.00 for a twenty-foot container and €70.00 for a forty-foot container.

GRTU requests MCESD meeting following BREXIT vote

Following Britain’s referendum result at the end of June, GRTU Malta Chamber of SMEs President Paul Abela has requested a meeting of the Malta Council for Economic and Social Development for Government and social partners to plan together a way forward in a context of an EU without Great Britain.

There is definitely an expected impact for the political and economic reality of the European Union and developments have to be followed closely. The political setting in Great Britain is also moving fast with resignations from PM David Cameron and with lead EXIT campaigners now refraining from taking leadership in a possible post-BREXIT United Kingdom whilst calls for Scottish Independence resurface.

Nonetheless whilst following these developments closely, our focus should only remain on Malta’s own positive economic momentum. There should not be any alarm bells but rather maintain Malta’s economic growth and identify opportunities in this new setting. This was Paul Abela’s first reactions to a MEUSAC Core Group meeting held days after the British vote. 


Launch of a New Code of Practice for Outlets serving Alcohol

A new Code of Practice for outlets serving alcoholic beverages was launched amid calls for a more inclusive social responsibility to promote common welfare.

The new code replaces the one introduced 15 years ago and is the result of collaboration between The Sense Group, the Institute for Tourism Studies

 (ITS), the Malta Hotels and Restaurants Association (MHRA), the GRTU Malta Chamber of SMEs and the Malta Bartenders Guild (MBG).

The new code introduced for the first time concerns the element of binge-drinking and lays out guidelines on how to deal with people who would have exceeded legal drink limits.

Outlets which serve alcoholic beverages for consumption on premises contribute to social well-being by providing venues for socialising and entertainment. It is for this reason that outlets serving alcoholic beverages acknowledge their social responsibility through these ethical guidelines.

These outlets must:

  • Only promote legal consumption of alcohol;
  • Not serve alcoholic beverages to any person below the legal drinking age. If a bartender or serving staff is in doubt as to the age of the purchaser, proof of age should be requested and ascertained;
  • Not serve alcoholic beverages to known alcoholics. Serving staff should make an effort to identify negative behaviour that is related to alcoholism and aim at preempting issues that may arise as a result of excessive consumption of alcohol;
  • Not serve alcohol to anyone who has clearly exceeded the legal drink driving limit and is identified to have the intention to drive afterwards. In such cases they shall offer alternative non-alcoholic beverages and advise clients to either seek passage home with someone who is within the legal limits or, either takes public transport or a taxi. Bartenders should take the initiative in such instances and offer to make the necessary arrangements themselves;
  • Manage intoxicated, antisocial or disruptive clients with safe removal from the premises. It is very important that all members of staff immediately inform management or supervisor on duty, to take control and address any problematic client/s, as this can easily turn into a bad situation if not handled properly;
  • Be responsible for the safety of their clients, when trying out new trend of recipes, or creating new recipes making sure that they are aware of any ingredients and allergic reactions that may cause to their clients;

During the launch Tourism Minister Edward Zammit Lewis said that the European Union had been had been discussing issues relating to the consumption of alcohol for a number of years.

“The EU has actively worked with a number of institutions and industry representatives in order to increase awareness and introduce best practices towards establishing a responsible and updated policy regarding the consumption of alcohol.

GRTU discusses long-standing issues afflicting Gozo businesses during its mission in Gozo

The GRTU Executive Council and management team embarked on a mission that brought them closer to the reality of Gozo based businesses.
During a day that was specifically focused on Gozo GRTU’s top management team held meetings with Gozitan entrepreneurs as well as the Gozo Business Chamber.
High on the agenda was the issue of accessibility of Gozo. Gozo businesses expressed their concern that the permanent link project between Malta and Gozo was earmarked to take very long to be completed and when considering the dire situation they were in, any unnecessary delay meant irreversible damage.
Gozitan enterprises still do not feel that the accessibility issue of Gozo is a priority for our politicians. They are facing a reality where it is immensely difficult and close to impossible for them to do business in Gozo and the decision makers are not concerned with the problems afflicting Gozo.
Whilst appreciating that an environmental assessment is necessary, this should be carried out within specific and justifiable timeframes. The environment should not be used as an excuse to postpone projects that were needed yesterday.
They therefore expect Government to make all the necessary effort and focus on finding solutions and not excuses as to why the project should be further delayed. Government needs to come up with a reasonable timeframe and project management proposal that would be agreed upon through consultation and endorsed by social partners representing businesses.
GRTU stated that following a presentation by Prof Gordon Cordina GRTU was not only convinced that Gozo needs a permanent link but it is also fully backing its members. GRTU will be lobbying the Government to achieve the desired results.
GRTU invited the stakeholders to join forces with the GRTU to increase pressure to speed up the permanent link project and to find solutions that would improve accessibility conditions in the immediate. Businesses cannot wait over 10 more years for something to be done, there are short to medium term solutions that would help them survive the interim and these must be implemented.
The permanent link is not an end in itself. Gozo requires a number of drastic measures to become the thriving economy everyone hopes for. Accessibility is however the main measure that will help other initiatives become effective. Without the permanent link any measure will be weak because its potential can only be reached with increased accessibility.
Gozitan enterprises also expressed their concern on the political situation. They said that the Government and the opposition are wasting precious time bickering instead of investing time to tackle important business issues that have been shelved for too long.
During its visit GRTU took a number of its member’s proposals and will be following these up accordingly.
Part of the activity also included a discussion on changes to update the GRTU Statute as well as a team building activity to lay forward a strategy for the organization.

GRTU Executive Council meets Dr Nadine Sant, Legal Advisor to the Economy Ministry (MEIB) to discuss the Family Business Act

The aim of the family Business Act is to address obstacles and problems that those operating a family business face especially in instances of business transfers. 

Family businesses constitute 75% of Maltese enterprises and they employ a substantive number of people. Most of these family enterprises pass on to the second generation. However, during this transition, only 30% of these family businesses succeed and only 10% make it to the third generation.
Dr Sant highlighted that the structures of family businesses, the vast majority of whom are micro-enterprises, are often poorly defined. She said that to have an efficient and effective legal framework, widespread consultation has been carried out.
Dr Sant explained that the proposed Family Business Act aims to encourage family-owned businesses to register themselves, who occupies what position, the actual ownership structure, who has voting rights and decision-making rights. Amongst other things, the Family Business Act will include a clear definition of what constitutes a family business. This will control abuses and is a very important initiative considering that family businesses registered under this Act will be eligible for tax incentives.
The Family Business Act allows a broad spectrum of legal scenarios through which a family business may be operated: limited liability companies, registered partnerships, unregistered partnerships, and even listed or trading companies on a multilateral trading facility. The act defines family businesses as those owned by at least two members of the same family, although a small minority stake by non-family members is permissible.
The registered family businesses would qualify for operational assistance and fiscal benefits. The benefits introduced with the new Act are mainly twofold: those pertaining to the operation of the business per se, and those pertaining to prospective transfers between family members of immovable property or shareholdings on which Duty is payable.
The Operational Benefits
  1. Micro Investment of a maximum tax credit of €50,000 over a three-year period, naturally subject to Malta Enterprise’s terms and conditions;
  2. Legal and Accountancy advisory services up to €2,500 over a five-year period; to any family business owners that would require assistance in the case of transfers 
  3. Assistance for Arbitration sittings to address any possible disputes relating to the transfer of assets (five free sessions).
  4. Education and training for owners and their employees of up to €1,000 annually per family business;
  5. The positive consideration of lease renewals occupying government premises;
  6. Loan guarantees of up to €500,000 per business for the purpose of acquiring the business or parts thereof.
The Fiscal Benefits:
  1. Duty on Documents on immovable property being transferred between family members of a family busiess shall be chargeable on the first €500,000 of the value of the property transferred at the advantageous rate of 3.5% or part thereof;
  2. In the case of Duty on Documents payable on the transfer of shares of a family owned company between family members, or interests in a partnership, trust or foundation, no duty will be chargeable on account of the first €150,000 of the value of the shares or interests in a partnership, trust or foundation transferred.
GRTU is one of the main stakeholders which has worked on the legal framework of the Act in conjunction with other stakeholders which have worked on the Family Business Act.