SpotlightMay2017

Cyberattacks are happening to companies of all sizes and at an extremely alarming reality.

public. He has been credited for identifying the web domain for the hackers’ “kill switch” or malware dis- abling site that allowed many to avoid the ransom demand. Unfortunately, it was too little too late for some. The ransomware encrypted data their hard drives and demanded payment of $300 to $600 to unlock it. Researchers observed some victims paying the ransom using the bitcoin service. No one really knows how much ransom was given to extortion- ists because of the largely anonymous nature of the exchange. Analysts with security software developer Avast said they had recorded 126,534 ran- somware infections in 99 countries, with Russia, Ukraine and Taiwan the top targets. The attack, already believed to be the biggest online extortion scheme ever recorded, is an”escalating threat”. The hackers, who have not been verified, took advantage of a self- spreading technology in a piece of NSA spy code known as “Eternal Blue”. The supposedly top secret code was released recently by a hackers group known as the Shadow Brokers. British cybersecurity expert Graham Cluley doesn’t blame the NSA for the hacks but said “Obviously, they want those tools to spy on people of interest, on other countries, to conduct surveillance,” Cluley also cautioned “It’s a handy thing to have, but it’s a dangerous thing to have. Because they can be used against you. And that’s what’s happening right now.” Computer users are advised to question the source of unfamiliar emails and look at the actual address of the sender. Large organizations do not use webmail services to com- municate. Also, simply don’t open attachments, especially jokes and executable programs, unless you are one hundred percent certain of the sender’s intention. Even if you know the person they may still be sending you an infected file.

These criminals perpetrating this wave of fear have the attention of most of the major intelligence agencies around the world, including being mon- itored by the situation room at the White House. The irony of these being that these criminals are believed to be capitalizing on spying tools devel- oped by the United States National Security Agency. So far the damage has been felt by FedEx in the United States, the Spanish telecom giant Telefóni- ca, the French automaker Renault, universities in China, Germany’s federal railway system and Russia’s Interior Ministry. The most troublesome incidents infected Britain’s public health system. Surgeries had to be rescheduled and some patients were denied access at emergency rooms. Social engineering is when hackers trick people into doing things that activate malicious malware planted on the user’s machine. For example, a crafty email is capable of convincing the most sus- picious person to launch an attachment. After that happens, the seed is planted and while the unsus- pecting user is enjoying a funny joke or cute picture of puppies, behind the scenes, the malware is taking control. Often these phishing emails are masked as security alerts, job offers or other enticing notices. When the malware code is written to lock you out of your machine until you pay a ransom, it is known as ransomware. A terrible experience for a single user but a massive threat when it happens to a whole network of users. Once that single machine, kind of a patient zero scenario, launches the malware it looks for other hosts to infect. If the infected machine in a secure network at work or school the malicious program has now made it past security leaving it free to roam for unpatched victims. Before long, most vulnerable machines are infected. The machines being infected in the recent wave of attacks are vulnerable because their Windows oper- ating system has not been kept up to date. Micro- soft releases patches to fix holes that are identified as risks for malware attacks. This time Windows 10 was not targeted but older versions of Windows are. Organizations are being told to backup data, upgrade their anti-virus and patch their operating system. Those actions won’t help those already impacted. Fortunately, the damage was mitigated by a 22-year- old British researcher. The savior wants his real name to remain anonymous, but does use his Twitter name MalwareTech to interact with the

37

MAY 2017 • SPOTLIGHT ON BUSINESS MAGAZINE

Made with FlippingBook Online newsletter