Welcome
to our February edition of mhorner.com
“One third of the IT pros surveyed reported their security had been
bypassed by a cyber attack in 2016.
Nearly 6 out of 10 respondents reported being
aware that their organization was the target of one or multiple cyber attacks
during 2016. For more than half of the IT pros who reported experiencing
attacks, the security they had in place unfortunately wasn’t enough to stop all
of them. 54 percent of those who were targeted suffered one or more successful
attacks.
Over half the organizations targeted by cyber attacks in 2016 fell
victim to one or more of them.
The numbers are even worse for organizations
that were targets of ransomware attacks (57% of organizations that experienced
attacks, overall).
71% of organizations targeted with ransomware attacks were infected.
Yet when asked what adjustments they were
planning on making to their security stack to better protect themselves from
cyber attacks in 2017, nearly two-thirds of IT pros reported no changes were
planned.” 1
1 https://blog.barkly.com/cyber-attack-statistics-2016
In the very recent past
(and still today), ransomware was hitting desktops around the world, locking
users out of their system until you agreed to meet their demands and cough up
thousands of dollars to have your systems unlocked.
Today, there is a new scam
hitting our desktops – one equally bad if not worse. It is called Bitcoin
Mining. The bad guys load software onto your desktop by way of an infected
email or by a torrent.
This software then loads onto your machine and searches it for any trace you
have of a Bitcoin. It will seal this information and send it back to the
“owner” of this malware and will also attach itself to an email which is sent
to all the people in your contact list. Even if you do not have any Bitcoin or
traces of them, it continues to slow your machine down by looking at all of
your files, waiting for your
to purchase some.
Removing this malware is a
very painful task and will set you back a good three hours of tech time to
eradicate it. So what can you do to prevent this from
happening?
1. The first thing I tell all my clients is Never Open Email
Attachments That You Were Not Expecting. If you get one, call the sender BEFORE
you open it to make sure it is a legitimate attachment.
2. Make sure you are running an industry-leading antivirus
software. I have recommended ESET for years and it
is now in the very affordable category. More about them below.
3. If you are unfortunate to have this type of malware
installed, unplug your network cable or turn off your computer's WiFi and call your technician asap to have it removed.
ESET® is on the forefront
of proactive endpoint protection, delivering trusted security solutions to make
the Internet safer. For over 25 years, ESET has helped customers get the most
out of their technology by creating a more secure and trusted online experience
with antivirus software for consumers and endpoint security solutions for
businesses.
Scan Your System For FREE
Ø Scan your PC with one
simple click and without having to register any contact information.
Ø Find both known and
unknown viruses, worms, Trojans, spyware, phishing, and other internet threats.
Ø Easily launch scans from
Chrome, Firefox, Internet Explorer, Edge or Opera.
Ø Scan archive files to find
hidden malware.
Cryptojacking activity began exploding toward the end of 2017 and we
suspect that we will see far more activity in 2018, particularly as the value
of cryptocurrencies escalates. What makes this
kind of activity interesting is how it has created a blurry line between the
everyday Internet user and the cybercriminal. An individual mining
cryptocurrency could very well be mining for their own wallet, based on
visitors to their own web properties. There is also a very likely chance within
those circumstances that disclosed cryptojacking
activity could replace advertising on sites to become an entirely new revenue
stream. However, the largest portion of cryptojacking
is likely to occur from legitimate websites compromised to mine currency for
the criminal wallet. Regardless, cryptojacking will
be one of the cybercrime activities to watch in 2018.
Earlier this year, entities of the Saudi
Arabian government were compromised using a macro in Microsoft Word to infect
the target’s computer with an information-stealing Trojan. Rather than
retrieving a binary payload, the attack relied on malicious scripts to maintain
persistence on the device and to communicate with compromised websites acting
as proxies for the command and control server. These malicious script-based
attacks, specifically PowerShell-based attacks, are incredibly difficult to
identify. They can easily evade antivirus engines, making it that much more
appealing to cybercriminals. I predict many more PowerShell attacks in the year
to come.
While it may seem like we are already
overwhelmed by the amount of cyberattacks occurring daily, this will not slow
down in 2018. In fact, with a recent increase in cybercriminal tools and a
lower threshold of knowledge required to carry out attacks, the pool of cybercriminals
will only increase. This growth is a likely response to news media and pop
culture publicizing the profitability and success that cybercrime has become.
Ransomware alone was a $1 billion industry last year.
Joining the world of cybercrime is no longer taboo, as the stigma of these
activities diminishes in parts of the world. To many, it’s simply a “good”
business decision. At the same time, those already established as “top-players”
in cybercrime will increase their aggressive defense of their criminal
territories, areas of operations and revenue streams. We may actually
begin to see multinational cybercrime businesses undertake merger and
acquisition strategies and real-world violence to further secure and grow their
revenue pipeline.
In 2018, cybercriminals will target and
exploit more security software. By targeting trusted programs and the software
and hardware supply chain, attackers can control devices and wholeheartedly
manipulate users. Hackers will leverage and exploit security products, either
directly subverting the agent on the endpoint, or intercepting and redirecting
cloud traffic to achieve their means. As these events become more publicly
known, the public and business perception of security software, particularly
that of antivirus solutions, will further deteriorate.
In 2017, we saw WannaCry
and Trickbot use worm functionality to spread
malware. More malware families will use this technique in 2018 because network
compromise from worms spread faster than many other methods. If hackers can
figure out how to use worms without being too noisy (a traditional downfall of
this approach), this tactic can amass a large number of
victims very quickly.
These predictions are just a handful of the
many threats projected to hit 2018. Every year, we see both the caliber and
sophistication of breaches reach new heights with respect to loss and damages.
At the same time, we are all becoming too comfortably numb with the daily
breach headlines. We can’t cross our fingers and hope that our own company or
PII (personal identifiable information) isn’t next on the news cycle. 2
2 https://www.csoonline.com/article/3241766/cyber-attacks-espionage/top-5-cybersecurity-concerns-for-2018.html
*All words in Blue and Underlined are hyperlinks
to different websites. They are all
verified and safe.
We attempt to make all of our
mailings as informative as possible and we respect your privacy. Your information is never provided to any
source for any reason (unless of course it is Johnny Law with a proper
warrant).
As always, if you wish to be removed from our mailings,
just reply with REMOVE in the subject
line and we will remove you from our mailing list.