You are viewing 'cybercrime'
Understanding the How and Why Ransomware Targets are Identified and Pursued
Welcome back to our discussion about the Second Victim. You’ll recall that these are the unknown victims in a ransomware campaign. These are the servers used to deliver a message or accept payment, completely under someone else’s control and all without your knowledge. Today we are exploring some of the aspects that elevates a server from unknown, to target, and finally a victim. Whether its contents are being held for ransom, or they are a pawn in the actor’s nefarious game.
A researcher that I follow recently issued a “Heads Up” warning that new ransomware is targeting servers. At the time of the reporting there were at least 400 affected servers. After doing some digging, I confirmed that at least 40 servers are victims of ransomware and at least two dozen others may be affected, but are taking steps to remediate the problem. But how did this happen? What was it about these servers that made them vulnerable? Plagued by these questions, I... read more >
Your Backup Strategy Can Minimize the Risk
Ransomware is grabbing a lot of security news headlines these days, not necessarily because it’s worse than other types of malware, but perhaps because it’s more annoying. Older malware might simply have erased your hard drive. Ransomware encrypts it, saying “your data is still here, but you can’t have it.” To add insult to injury, it then tells you to pay a ransom “or else.”
Of course, paying the ransom is no guarantee that your data will be recovered. Once a system is infected with ransomware, there is no sure way to recover all of the data. But a robust backup strategy can get you most of the way back, and that’s a lot better than nothing. It’s hard to believe that large organizations or government offices have been caught without adequate backups, but it has happened to hospital groups, law firms, police departments, and even NASA (see links at the end of this... read more >
Think You've Seeen It All from Ransomware?
We’ve all seen them. Recent headlines filled with reports of massive ransomware attacks against a multitude of targets. With healthcare organizations, financial institutions, and even the government falling prey, it would appear that none are safe. Many, many blogs and security posts have been issued warning businesses against this attack vector, seemingly to no avail! So, you might ask: “Why should I continue reading this blog post?” The answer is simple. Ransomware is evolving!
That’s right – you haven’t seen the end of ransomware or its effects. Since so many businesses are learning to effectively recover from devastating ransomware attacks, cyber criminals are adopting new methods to continue their campaign. Recent research from Talos indicates that ransomware authors are changing their weaponry to be even more... read more >
Over the years, cyberespionage has gone from being a fascinating Hollywood script plot to the topic of newsworthy, political discussions. It is likely that such activity has been going on for decades in various forms. Now, as technology increasingly becomes a cornerstone of a global society, these attacks have increased in terms of sophistication and impact. The nation-state actor, previously a distant threat, has become a real, if not intimidating foe.
Between recent events such as Russia attacking Ukrainian power and media infrastructure and the United States and Israel being credited with attacks against Iran with the Stuxnet, Duqu, and Flame malware, you might be wondering how your organization would stand up to a cyberespionage... read more >
Why It May Be More Than You Think
When your phone prompts for an update, you postpone it. When your operating system calls for an update, you ignore it. When your application requires a password update, you begrudgingly change it – all the while thinking “I don’t need a password or PIN. I’m just an average person. I don’t have anything that anyone could possibly want. Are all these layers of security really necessary? Could I really be a target?”
In a word, yes. There are many reasons you are a target, and I don’t mean of the heavy conspiracy type either.
Understanding the motives of potential attackers has long been a problem for many people. Most cannot fathom why hackers would want to attack them. In risk management we define this understanding as attack attribution. While there are infinite possible motives, I believe it’s most important to understand that no matter the situation, there is always something that another wants, an agenda that someone... read more >