Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/835749
It has been reported that 90 percent of the English National Health Service trusts run Windows XP. Only because an English cyber researcher discov- ered a kill switch in the exploit did the damage not become more widespread. To make life even more interest- ing, for those wannabe ransomers without the needed skills, there is "Ransomware as a Service" (RaaS) – where you can get supplied with cus- tomized code in exchange for the code writer getting a cut of the action. One concierge-type offering, called Fatboy, even provides location-based pric- ing, whereby victims in higher cost of living areas, as determined by the Economist's Big Mac index, pay more to get their data decrypted. us, it is worth exploring how mal- ware can get into a digital device and what can be done about it. Attack Vectors and Prevention Techniques Technology: Systems themselves may get compromised through brute- force attacks and the exploitation of vulnerabilities. e most common brute-force attack is against passwords, where millions or billions of char- acter combinations may be tested in seconds, starting with the most likely combinations – a dictionary attack. Common vulnerabilities are exploited via unchanged default passwords, unpatched systems with known vul- nerabilities and needlessly open ports. People: As powerful as technolo- gy-based attacks may be, it becomes simpler when people are factored in. e primary vehicle is email – I would like to think that many are wising up to the blanket phishing schemes that tell you an account or password has been compromised and you must click a link or view a document to resolve the issue; however, if you do it, they have you. Either can be a vehicle for malware entering your machine and the network that it is connected to. Spear phishing – the act of craing a personally targeted email – is more enticing. By leveraging social media, public records, purchased or stolen email lists, or other means, a very per- sonal email can be created to appear to be from someone you know. e end result is the same: You are infected. Additionally, social engineering – the act of gaining useful or unau- thorized information or access – is a valuable tool for reconnaissance or attacks. Encounters can be in-person, via telephone, email or social media. Sometimes, they involve leveraging one piece of information to get more until something useful is assembled. Giveaways: How many USB sticks have you found or been given lately? Many do not realize that the Stuxnet 26 Security Dealer & Integrator / www.SecurityInfoWatch.com June 2017 Your Money or Your (Digital) Life The recent ransomware attack should raise awareness for both security companies and clients Tech Trends BY RAY COULOMBE Wannabe ransomers without the needed skills can use 'Ransomware as a Service' – custom code where the writer gets a cut of the action." s I write this column, a major worldwide cyber event is in the news. As you may remem- ber, last fall, we were reading about – and perhaps experi- encing – a major botnet-based DDOS attack against Dyn's DNS service. e attack employed roughly 100,000 net- work-connected devices, including surveillance cameras, and the Mirai virus to tie up 1.2 Tbps (trillion bits per second) of bandwidth, the largest such attack recorded. Grabbing headlines this time is a ransomware attack of unprecedented worldwide scope. See this month's cover stoyr for more details, but here's the tech lowdown: It has been published – refer to the book War, by Shane Harris – that the NSA has been consistently amassing a cyber arsenal of known vulnerabil- ities and exploit tools. Last summer, a group called the Shadow Brokers released a collection of exploits allegedly stolen from that arsenal. is particular ransomware exploit is called "Eternal Blue" and targets Windows systems earlier than the lat- est Windows 10 release. Microso patched this vulnerabil- ity in March, but machines remained at risk for – either patches were not applied, or machines running Windows XP could not be patched because of the end of Microso sup- port for them. Aer the exploit was unleashed, Microso took the highly unusual step of issuing updates for Windows XP, Windows 8 and Server 2003, along with Windows Defender. A