Welcome to our February edition of mhorner.com
“One third of the IT pros surveyed reported their security had been bypassed by a cyber attack in 2016.
Nearly 6 out of 10 respondents reported being aware that their organization was the target of one or multiple cyber attacks during 2016. For more than half of the IT pros who reported experiencing attacks, the security they had in place unfortunately wasn’t enough to stop all of them. 54 percent of those who were targeted suffered one or more successful attacks.
Over half the organizations targeted by cyber attacks in 2016 fell victim to one or more of them.
The numbers are even worse for organizations that were targets of ransomware attacks (57% of organizations that experienced attacks, overall).
71% of organizations targeted with ransomware attacks were infected.
Yet when asked what adjustments they were planning on making to their security stack to better protect themselves from cyber attacks in 2017, nearly two-thirds of IT pros reported no changes were planned.” 1
In the very recent past (and still today), ransomware was hitting desktops around the world, locking users out of their system until you agreed to meet their demands and cough up thousands of dollars to have your systems unlocked.
Today, there is a new scam hitting our desktops – one equally bad if not worse. It is called Bitcoin Mining. The bad guys load software onto your desktop by way of an infected email or by a torrent. This software then loads onto your machine and searches it for any trace you have of a Bitcoin. It will seal this information and send it back to the “owner” of this malware and will also attach itself to an email which is sent to all the people in your contact list. Even if you do not have any Bitcoin or traces of them, it continues to slow your machine down by looking at all of your files, waiting for your to purchase some.
Removing this malware is a very painful task and will set you back a good three hours of tech time to eradicate it. So what can you do to prevent this from happening?
1. The first thing I tell all my clients is Never Open Email Attachments That You Were Not Expecting. If you get one, call the sender BEFORE you open it to make sure it is a legitimate attachment.
2. Make sure you are running an industry-leading antivirus software. I have recommended ESET for years and it is now in the very affordable category. More about them below.
3. If you are unfortunate to have this type of malware installed, unplug your network cable or turn off your computer's WiFi and call your technician asap to have it removed.
ESET® is on the forefront of proactive endpoint protection, delivering trusted security solutions to make the Internet safer. For over 25 years, ESET has helped customers get the most out of their technology by creating a more secure and trusted online experience with antivirus software for consumers and endpoint security solutions for businesses.
Scan Your System For FREE
Ø Scan your PC with one simple click and without having to register any contact information.
Ø Find both known and unknown viruses, worms, Trojans, spyware, phishing, and other internet threats.
Ø Easily launch scans from Chrome, Firefox, Internet Explorer, Edge or Opera.
Ø Scan archive files to find hidden malware.
Cryptojacking activity began exploding toward the end of 2017 and we suspect that we will see far more activity in 2018, particularly as the value of cryptocurrencies escalates. What makes this kind of activity interesting is how it has created a blurry line between the everyday Internet user and the cybercriminal. An individual mining cryptocurrency could very well be mining for their own wallet, based on visitors to their own web properties. There is also a very likely chance within those circumstances that disclosed cryptojacking activity could replace advertising on sites to become an entirely new revenue stream. However, the largest portion of cryptojacking is likely to occur from legitimate websites compromised to mine currency for the criminal wallet. Regardless, cryptojacking will be one of the cybercrime activities to watch in 2018.
Earlier this year, entities of the Saudi Arabian government were compromised using a macro in Microsoft Word to infect the target’s computer with an information-stealing Trojan. Rather than retrieving a binary payload, the attack relied on malicious scripts to maintain persistence on the device and to communicate with compromised websites acting as proxies for the command and control server. These malicious script-based attacks, specifically PowerShell-based attacks, are incredibly difficult to identify. They can easily evade antivirus engines, making it that much more appealing to cybercriminals. I predict many more PowerShell attacks in the year to come.
While it may seem like we are already overwhelmed by the amount of cyberattacks occurring daily, this will not slow down in 2018. In fact, with a recent increase in cybercriminal tools and a lower threshold of knowledge required to carry out attacks, the pool of cybercriminals will only increase. This growth is a likely response to news media and pop culture publicizing the profitability and success that cybercrime has become. Ransomware alone was a $1 billion industry last year. Joining the world of cybercrime is no longer taboo, as the stigma of these activities diminishes in parts of the world. To many, it’s simply a “good” business decision. At the same time, those already established as “top-players” in cybercrime will increase their aggressive defense of their criminal territories, areas of operations and revenue streams. We may actually begin to see multinational cybercrime businesses undertake merger and acquisition strategies and real-world violence to further secure and grow their revenue pipeline.
In 2018, cybercriminals will target and exploit more security software. By targeting trusted programs and the software and hardware supply chain, attackers can control devices and wholeheartedly manipulate users. Hackers will leverage and exploit security products, either directly subverting the agent on the endpoint, or intercepting and redirecting cloud traffic to achieve their means. As these events become more publicly known, the public and business perception of security software, particularly that of antivirus solutions, will further deteriorate.
In 2017, we saw WannaCry and Trickbot use worm functionality to spread malware. More malware families will use this technique in 2018 because network compromise from worms spread faster than many other methods. If hackers can figure out how to use worms without being too noisy (a traditional downfall of this approach), this tactic can amass a large number of victims very quickly.
These predictions are just a handful of the many threats projected to hit 2018. Every year, we see both the caliber and sophistication of breaches reach new heights with respect to loss and damages. At the same time, we are all becoming too comfortably numb with the daily breach headlines. We can’t cross our fingers and hope that our own company or PII (personal identifiable information) isn’t next on the news cycle. 2
*All words in Blue and Underlined are hyperlinks to different websites. They are all verified and safe.
We attempt to make all of our mailings as informative as possible and we respect your privacy. Your information is never provided to any source for any reason (unless of course it is Johnny Law with a proper warrant).
As always, if you wish to be removed from our mailings, just reply with REMOVE in the subject line and we will remove you from our mailing list.