michael j. horner, CTech
555 Delora Drive • Victoria, British Columbia • V9C 3R9
CELL (250)
380-8117 • E-MAIL mike@mjhorner.com
If this page does not display properly, please open it in your web
browser
Welcome to our February edition of mjhorner.com
“One third
of the IT pros surveyed reported their security had been bypassed by a cyber
attack in 2016.
Nearly 6 out of 10 respondents reported being
aware that their organization was the target of one or multiple cyber attacks
during 2016. For more than half of the IT pros who reported experiencing
attacks, the security they had in place unfortunately wasn’t enough to stop all
of them. 54 percent of those who were targeted suffered one or more successful
attacks.
Over half the
organizations targeted by cyber attacks in 2016 fell victim to one or more of
them.
The numbers are even worse for organizations
that were targets of ransomware attacks (57% of organizations that experienced
attacks, overall).
71% of
organizations targeted with ransomware attacks were infected.
Yet when asked what adjustments they were
planning on making to their security stack to better protect themselves from
cyber attacks in 2017, nearly two-thirds of IT pros reported no changes were
planned.” 1
1
https://blog.barkly.com/cyber-attack-statistics-2016
In
the very recent past (and still today), ransomware was hitting desktops around
the world, locking users out of their system until you agreed to meet their
demands and cough up thousands of dollars to have your systems unlocked.
Today,
there is a new scam hitting our desktops – one equally bad if not worse. It is
called Bitcoin Mining. The bad guys load software onto your
desktop by way of an infected email or by a torrent. This
software then loads onto your machine and searches it for any trace you have of
a Bitcoin. It will seal this information and send it back to the “owner” of
this malware and will also attach itself to an email which is sent to all the
people in your contact list. Even if you do not have any Bitcoin or traces of
them, it continues to slow your machine down by looking at all
of your files, waiting for you to purchase
some.
Removing
this malware is a very painful task and will set you back a good three hours of
tech time to eradicate it. So
what can you do to prevent this from happening?
1. The first thing I tell all my clients
is Never Open Email Attachments That You
Were Not Expecting. If you get one, call the sender BEFORE you open it to
make sure it is a legitimate attachment.
2. Make sure you are running an industry-leading
antivirus software. I have recommended ESET for years and it
is now in the very affordable category. More about them below.
3. If you are unfortunate to have this
type of malware installed, unplug your network cable or turn off your
computer's WiFi and call
your technician asap to have it removed.
For over 25
years, ESET has helped customers get the most out of their technology by
creating a more secure and trusted online experience with antivirus software
for consumers and endpoint security solutions for businesses.
Scan Your System For FREE
Ø Scan your PC with one simple
click and without having to register any contact information.
Ø Find both known and unknown
viruses, worms, Trojans, spyware, phishing, and other internet threats.
Ø Easily launch scans from Chrome,
Firefox, Internet Explorer, Edge or Opera.
Ø Scan archive files to find
hidden malware.
Cryptojacking activity began exploding toward
the end of 2017 and we suspect that we will see far more activity in 2018,
particularly as the value of cryptocurrencies escalates.
What makes this kind of activity interesting is how it has created a blurry
line between the everyday Internet user and the cybercriminal. An individual
mining cryptocurrency could very well be mining for their own wallet, based on
visitors to their own web properties. There is also a very likely chance within
those circumstances that disclosed cryptojacking
activity could replace advertising on sites to become an entirely new revenue
stream. However, the largest portion of cryptojacking
is likely to occur from legitimate websites compromised to mine currency for
the criminal wallet. Regardless, cryptojacking
will be one of the cybercrime activities to watch in 2018.
Earlier this
year, entities of the Saudi Arabian government were compromised using a macro
in Microsoft Word to infect the target’s computer with an information-stealing
Trojan. Rather than retrieving a binary payload, the attack relied on malicious
scripts to maintain persistence on the device and to communicate with compromised
websites acting as proxies for the command and control server. These malicious
script-based attacks, specifically PowerShell-based attacks, are incredibly
difficult to identify. They can easily evade antivirus engines, making it that
much more appealing to cybercriminals. I predict many more PowerShell attacks
in the year to come.
While it may
seem like we are already overwhelmed by the amount of cyberattacks occurring
daily, this will not slow down in 2018. In fact, with a recent increase in
cybercriminal tools and a lower threshold of knowledge required to carry out
attacks, the pool of cybercriminals will only increase. This growth is a likely
response to news media and pop culture publicizing the profitability and
success that cybercrime has become. Ransomware alone was a $1 billion industry last year.
Joining the world of cybercrime is no longer taboo, as the stigma of these
activities diminishes in parts of the world. To many, it’s simply a “good”
business decision. At the same time, those already established as “top-players”
in cybercrime will increase their aggressive defense of their criminal
territories, areas of operations and revenue streams. We may actually
begin to
see multinational cybercrime businesses undertake merger and acquisition
strategies and real-world violence to further secure and grow their revenue
pipeline.
In 2018,
cybercriminals will target and exploit more security software. By targeting
trusted programs and the software and hardware supply chain, attackers can
control devices and wholeheartedly manipulate users. Hackers will leverage and
exploit security products, either directly subverting the agent on the
endpoint, or intercepting and redirecting cloud traffic to achieve their means.
As these events become more publicly known, the public and business perception
of security software, particularly that of antivirus solutions, will further
deteriorate.
In 2017, we
saw WannaCry and Trickbot use worm functionality
to spread malware. More malware families will use this technique in 2018
because network compromise from worms spread faster than many other methods. If
hackers can figure out how to use worms without being too noisy (a traditional
downfall of this approach), this tactic can amass a large number of victims very quickly.
These
predictions are just a handful of the many threats projected to hit 2018. Every
year, we see both the caliber and sophistication of breaches reach new heights
with respect to loss and damages. At the same time, we are all becoming too
comfortably numb with the daily breach headlines. We can’t cross our fingers
and hope that our own company or PII (personal identifiable information) isn’t
next on the news cycle. 2
2 https://www.csoonline.com/article/3241766/cyber-attacks-espionage/top-5-cybersecurity-concerns-for-2018.html
*All
words in Blue and Underlined are hyperlinks to different websites. They are all verified and safe.
mjhorner, CTech
Information Technology and Communications
Consultant
555 Delora Dr
Victoria, BC V9C3R9
phone: 250-380-8117
email: mike@mjhorner.com
http://mjhorner.com
Be email smart.
Prevent the spread of virus and phishing attacks. Think before you
click
If in
doubt, throw it out!
We
attempt to make all of our
mailings as informative as possible and we respect your privacy. Your information is never provided to any
source for any reason (unless of course it is Johnny Law with a proper warrant 😊 ).
As
always, if you wish to be removed from our mailings, just reply with REMOVE in the subject line and we will
remove you from our mailing list.