Weekly Security Roundup #71: All Ransomware Everything
62% of businesses don’t think they’d recover from a ransomware infection without losing vital data
In this past week, ransomware took over the scene. You’ll see that most of the security articles revolve around how easy ransomware spreads, who are the latest victims, how it evolved and how much it affects businesses.
But before you rush to the security articles of the week, you should have a look over one of our recent blog articles. It’s slightly different from what we usually publish, but nonetheless worth the attention. It covers the new EU Data Protection Law, what you should expect and how to prepare for it. The law will come into effect starting 2018.
Security articles of the week
Ransomware at a whole new level: “Petya” is a ransomware that skips the files and folders and directly encrypts portions of your hour hard drive.
Looks like ransomware is quickly evolving. The FBI is fighting new strain of ransomware called MSIL/SAMAS, that encrypts data across entire networks rather than single computers.
US medical group Medstar Health was forced to go back to paper and pencil after their network was infected with ransomware.
Some interesting findings from this survey carried by Tripwire:
- 62% of businesses don’t think they would recover from a ransomware infection without losing critical data
- 58% of participants have observed an increase in spear phishing emails over the past year
- the same percentage said they are not confident that their executives could spot a phishing scam
FBI dropped its case against Apple after finding a way into the iPhone 5C used by San Bernardino shooter. Now the question is: how did they do it?
Apple‘s not the only company receiving requests for technical assistance from the government. Google also had been ordered to help with access into nine Android devices. However, a spokesman declared that:
“We carefully scrutinize subpoenas and court orders to make sure they meet both the letter and spirit of the law” […] “However, we have never received an All Writs Act order like the one Apple recently fought that demands we build new tools that actively compromise our products’ security….We would strongly object to such an order.”
Look out for scam emails with citations regarding speeding tickets, the chances are that they are fake.
It might also help if you have another look over our extended guide against scams.
A long article that analysis why hospitals and healthcare facilities are the perfect targets for ransomware attacks. Here’s a short excerpt:
“Without quick access to drug histories, surgery directives and other information, patient care can get delayed or halted, which makes hospitals more likely to pay a ransom rather than risk delays that could result in death and lawsuits.”
Cyber attackers managed to breach into two of the top law firms in the US and obtain private information.
Apparently, the whole industry is targeted, as FBI issued a Private Warning Notification to law firms.
“According to the FBI ‘[T]he scheme involves a hacker compromising the law firm’s computer networks and monitoring them for material, non-public information… This information, gained prior to a public announcement, is then used by a criminal with international stock market expertise to strategically place bids and generate a monetary profit.”
No news here, just a reminder.
“It’s natural to be curious about things. Unfortunately with email scams, it’s better to think before you click.”
It’s April Fools’ Day. The day when you have to be careful not to fall for any of the pranks. Trust nobody. Question everything.
Oh, hey, wait a minute, why should be this different from any other day of the year?
Checking from multiple sources, filtering every information, doubting anything that we read, no matter who’s it from – in the cyber world, you should be doing this all the time.
Remember to always keep your guard up. Be paranoid.