Public Transportation : Encryption Malware’s Latest Target

Anyone who closely follows the happenings of the cybersecurity world is probably well aware that news of late has been dominated by reports of IoT botnet armies. If you’re wondering what happened to ransomware, ponder no more: Encryption malware is still at large in charge as far as cyberthreats go, and shows no signs of being anything but in the coming months.

Public Transportation: The Newest Target

On Black Friday, the world witnessed yet another unprecedented ransomware attack. This time, the victim was San Francisco’s Municipal Transportation Agency. According to Ars Technica, ticketing systems at multiple Muni station booths locked up. Screens displayed a message that read, “You Hacked, ALL Data Encrypted.” Systems used to manage the city’s buses were also taken offline.

The hackers responsible requested a ransom of $73,000. As of this writing, all systems are go; however, it  remains unclear how the issue was remediated, or if a ransom was paid to hackers. What we do know is that the strain of ransomware used provided “cryptom27@yandex.com” as the contact email address, which has previously been linked to Mamba and HDDCryptor, both of which were discovered in September by cybersecurity researchers.

Interestingly, the event coincided with a study released by cybersecurity firm PhishMe in September, which stated that the transportation sector was more susceptible to clicking on malicious links or downloading malware spread through social engineering schemes. The city of San Francisco is ransomware’s most recent high-profile victim.

Botnet Blitzkrieg : Change Your Devices’ Default Passwords Today

If we told you only 10 years ago that a failure to change your default password would result in an army of machines being turned against you by hackers, you probably would have scoffed. But as a matter of fact, that’s exactly what will happen, and has happened.

In late October, an Internet-of-Things botnet 100,000 devices strong flooded Dyn – a DNS company – with requests, effectively crippling its ability to route internet traffic. The unprecedented distributed denial-of-service-attack resulted in downtime in certain parts of the U.S. for industry giants, including Netflix, The New York Times and Amazon, among many others.

The most worrisome part of all this is that it’s happened again since then, and it’s bound to happen yet again.

German Telecom Barely Evades Botnet Blitzkrieg

Over Thanksgiving weekend, approximately 1 million European web users served by Deutsche Telekom had their routers hijacked, allegedly in an attempt to orchestrate a DDoS attack. However, according to ZDNet contributor Zack Whittaker, the attack was “botched,” and the worst thing that happened was that those affected in the attack temporarily lost their internet connection. The telecom has since issued a fix.

Not so surprisingly, the attack was executed using a slightly modified version of Mirai, which is the same malware that was leveraged in the attack against Dyn.

The IoT is increasingly becoming a DDoS liability.

It’s Not Just Mirai We Need to Worry About

“Linux/IRCTelnet has

Protecting Mission Critical Systems : Securing the Energy Grid

Last winter, two power distribution companies in Ukraine were breached, resulting in a blackout that affected more than 200,000 people. The hackers responsible “likely used BlackEnergy3 to get into the utilities’ business networks,” according to Wired’s Kim Zetter. From there, it was just a matter of navigating to operator systems and turning the lights off.

“The operator grabbed his mouse and tried desperately to seize control of the cursor, but it was unresponsive,” Zetter wrote. “Then as the cursor moved in the direction of another breaker, the machine suddenly logged him out of the control panel.”

Fortunately, there were no reports of terrorist activity during the outage. Nevertheless, the events set a frightening precedent. According to U.S. officials, energy infrastructure in the U.S. is just as vulnerable to the tactics used to bring down parts of Ukraine’s power grid. The possibility that an attack on the power grid could be used for politically motivated reasons, or as a form of terrorism, is no longer outside the realm of possibility.

Understanding the Stakes

Nearly every component of our modern infrastructure is in some way driven by the power grid. Hospitals, water systems, public transportation, traffic lights, surveillance cameras, chemical manufacturing plants, data centers and government agencies are just some of the essential amenities that could be severely disrupted in the event of a premeditated attack against the power grid – to the extent that lives could be put in danger.

Offline traffic lights could cause gridlock, making it difficult for emergency responders to reach

Deep Freeze Cloud enhancements that might interest you

deep-freeze-cloud-enhancements-that-might-interest-you

We’ve added some interesting enhancements to Deep Freeze Cloud recently and we wanted to make sure you are aware of these updates.

1. Smarter Cloud Agent Updates We overhauled our Cloud Agent with the release of version 2.0 in March so that the customer does not have to manually upgrade the agent for minor enhancements and bug fixes. Cloud Agent “modules” can now update automatically in the background and address some significant issues without ever hassling the customer to upgrade the agent.

 

2. Deployment and Download Speed Boosts We made several big enhancements to the way our installers are created and deployed from the cloud. In short, the Deep Freeze download speeds are significantly faster and so are the rest of the installers as they are now hosted in an independent repository.

 

3. Inherit Settings from Faronics Default Policy Policies can now be configured to inherit settings from the Faronics Default policy to quickly distribute your setting changes across multiple policies. Settings can be inherited individually per service and for the Maintenance Period.

inherit_settings_from_faronics_default_policy

The old Enable Service checkbox is replaced with a drop-down menu for each service.

4. Power Save Policy Configuration Report Due to popular demand, this Faronics Core Console report has been brought into Cloud as well. The report summarizes all the Power Save Schedule settings along with the associated Power

Beware the Scourge of Holiday Hackers

More than 137 million Americans will be shopping this Thanksgiving weekend, according to the National Retail Federation. Some of them will be out at the stores, while others will be in front of a computer or mobile device, sheltered from the chaos that ensues every year at this time. All of them, whether or not they realize it, will be vulnerable to fraud.

Online Cybercrime

There’s no better time to scam people than during the busy holiday months, when email inboxes are flooded with promotions and bargains, and their hearts are filled with good will. Some offers may seem too good to be true, and that’s because a lot of them are. For years, hackers have used holiday-themed social engineering schemes to trick people into handing over login credentials or downloading malware. With 2016 shaping up to be one of the most lucrative shopping bonanzas to date, there’s little doubt that hackers will be out in droves.

Cyber Monday is just around the corner, and businesses must make sure that they’ve deployed application control software that can help prevent unauthorized executables from launching. You may not be able to stop your employees from holiday bargain hunting during lunch, but you can attempt to keep systems safe by having more control over what applications can execute.

Online retailers need also to make sure they have a way to protect  payment servers from SQL injections and other tactics that could allow hackers to access credit card numbers and personally identifiable information. A