Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/835749
18 Security Dealer & Integrator / www.SecurityInfoWatch.com June 2017 O n May 12, the now-familiar threat of ransomware took the offensive, as more than 230,000 computers in 150 countries were encrypted for ransom at hospitals, telecommunications systems, govern- ments, banks and more. Known as "WannaCry," it demanded 300 bitcoin in exchange for decryption. e attack exploited known vulnera- bilities in an older version of Microso Windows – vulnerabilities that could have been avoided with recent patches. Worse yet, the global cyber-attack may be only the first in a series of sophis- ticated attacks that may arise out of leaked NSA hacking tools. Britain's National Health Service was hit by the cyber-attack, which encrypted and locked up data, result- ing in the need to turn away patients and cancelling surgeries and other operations, causing what is still unde- termined monetary loss and business continuity. e attacks continued to grow as the same attackers froze com- puters at Russia's Interior Ministry while further affecting tens of thou- sands of computers elsewhere. Across Asia, several universities and organiza- tions reportedly fell prey. Renault, the European automaker, said its French operations were one of the casualties, while its plant in Slovakia ceased oper- ation because of the digital scourge. e attacks spread quickly to more than 74 countries, with Russia worst hit and included Ukraine, India, Taiwan, Latin America and Africa. Cyber threats and ransomware in particular is one of the most talked about topics among the security com- munity. Ransomware presents a major threat across all businesses and vertical markets. Much of the ransomware is coming from out-of-country hackers who are quite adept in their attacks, oen demanding bitcoin as payment. "Ransomware is arguably the No. 1 method of cyber-attack in 2017, and this attack demonstrates the need for critical enterprises to have a ransom- ware playbook in place for when they are attacked," says Rich Barger, Direc- tor of Cyber Research for Splunk. Adds Jonathan Sander, Chief Tech- nology Officer for STEALTHbits Tech- nologies: "WannaCry does nothing original – it is a Frankenstein's mon- ster of vulnerabilities with patches and exploits that were stolen from the NSA and published for all to see. e reason for WannaCry's success is our collec- tive failure to do the basic security blocking and tackling of patches, user education, and consistent backups." Online extortion had a banner year in 2016, according to Trend Micro's annual security assessment report: "2016 Security Roundup: A Record Year for Enterprise reats." In 2016, there was a 752 percent increase in new ran- somware families, with $1 billion losses to enterprises worldwide. Experts at the University of Maryland's Robert H. Smith School of Business say the Wan- naCry attack's real impact might be yet to come, predicting it could mark a turning point in the way institutions handle cybersecurity. Cover Story WannaCry shines the light on the integrator's new role in cyber threat detection By Rob Simopoulos The Risk is Real Online extortion had a banner year in 2016, according to Trend Micro's annual security assessment report. In 2016, there was a 752 percent increase in new ransomware families , with $1 billion losses to enterprises worldwide.