You are viewing 'cybercrime'

Server Victimology

Understanding the How and Why Ransomware Targets are Identified and Pursued

Ramece Cave

June 16, 2016 - Posted by Ramece Cave to Security Insight

Server Victimology - What Makes a Server a Target?

Welcome back to our discussion about the Second Victim. You’ll recall that these are the unknown victims in a ransomware campaign. These are the servers used to deliver a message or accept payment, completely under someone else’s control and all without your knowledge. Today we are exploring some of the aspects that elevates a server from unknown, to target, and finally a victim. Whether its contents are being held for ransom, or they are a pawn in the actor’s nefarious game.

A researcher that I follow recently issued a “Heads Up” warning that new ransomware is targeting servers. At the time of the reporting there were at least 400 affected servers. After doing some digging, I confirmed that at least 40 servers are victims of ransomware and at least two dozen others may be affected, but are taking steps to remediate the problem. But how did this happen? What was it about these servers that made them vulnerable? Plagued by these questions, I... read more >

Top Ten Ways to Fight Ransomware with Backups

Your Backup Strategy Can Minimize the Risk

Bob Bybee

June 09, 2016 - Posted by Bob Bybee to Security Insight

Ransomware Note

Ransomware is grabbing a lot of security news headlines these days, not necessarily because it’s worse than other types of malware, but perhaps because it’s more annoying. Older malware might simply have erased your hard drive.  Ransomware encrypts it, saying “your data is still here, but you can’t have it.” To add insult to injury, it then tells you to pay a ransom “or else.”

Of course, paying the ransom is no guarantee that your data will be recovered. Once a system is infected with ransomware, there is no sure way to recover all of the data. But a robust backup strategy can get you most of the way back, and that’s a lot better than nothing. It’s hard to believe that large organizations or government offices have been caught without adequate backups, but it has happened to hospital groups, law firms, police departments, and even NASA (see links at the end of this... read more >

The Evolution of Ransomware

Think You've Seeen It All from Ransomware?

David Biser

April 26, 2016 - Posted by David Biser to Security Insight

The Evolution of Ransomware

We’ve all seen them. Recent headlines filled with reports of massive ransomware attacks against a multitude of targets. With healthcare organizations, financial institutions, and even the government falling prey, it would appear that none are safe. Many, many blogs and security posts have been issued warning businesses against this attack vector, seemingly to no avail!  So, you might ask: “Why should I continue reading this blog post?” The answer is simple. Ransomware is evolving!

That’s right – you haven’t seen the end of ransomware or its effects. Since so many businesses are learning to effectively recover from devastating ransomware attacks, cyber criminals are adopting new methods to continue their campaign. Recent research from Talos indicates that ransomware authors are changing their weaponry to be even more... read more >

eSymposium: Cyberespionage

Zach Holt

April 12, 2016 - Posted by Zach Holt to Security Insight


Over the years, cyberespionage has gone from being a fascinating Hollywood script plot to the topic of newsworthy, political discussions. It is likely that such activity has been going on for decades in various forms. Now, as technology increasingly becomes a cornerstone of a global society, these attacks have increased in terms of sophistication and impact. The nation-state actor, previously a distant threat, has become a real, if not intimidating foe.

Between recent events such as Russia attacking Ukrainian power and media infrastructure and the United States and Israel being credited with attacks against Iran with the Stuxnet, Duqu, and Flame malware, you might be wondering how your organization would stand up to a cyberespionage... read more >

What Motivates a Hacker?

Why It May Be More Than You Think

Derek Weakley

April 07, 2016 - Posted by Derek Weakley to Security Insight

What Motivates a Hacker?

When your phone prompts for an update, you postpone it. When your operating system calls for an update, you ignore it. When your application requires a password update, you begrudgingly change it – all the while thinking “I don’t need a password or PIN. I’m just an average person. I don’t have anything that anyone could possibly want. Are all these layers of security really necessary? Could I really be a target?”

In a word, yes. There are many reasons you are a target, and I don’t mean of the heavy conspiracy type either.

Understanding the motives of potential attackers has long been a problem for many people. Most cannot fathom why hackers would want to attack them. In risk management we define this understanding as attack attribution. While there are infinite possible motives, I believe it’s most important to understand that no matter the situation, there is always something that another wants, an agenda that someone... read more >

1 | 2 | 3 | 4 | 5 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)