The beginning of summer, June also saw the beginning of truly advanced malware and cyber-threat techniques. Let’s take a look back at some of the biggest cyber news highlights from June 2017:
Payment-Card Malware Impacts Retailers
It’s no secret that payment-card data is some of the most valuable information to a potential cyber attacker. Hackers can sell this data for a quick payday or even use it to steal identities and money from unsuspecting victims. Of the biggest breaches within the past few years, Target comes to mind, but many organizations still haven’t learned from these incidents. Chipotle had 2,000 restaurants impacted by a security breach originating at its point-of-sale devices. Kmart was also impacted by POS malware, but the strain was undetectable by current security controls.
As malware continues to evolve, organizations are more likely to have longstanding breaches fly under the radar until it’s too late. Attacks might allow individuals to get away with data necessary to make fraudulent payments and seriously impact a customer’s life. Consumers are no longer taking these threats lying down and are less likely to do business with an organization that has been breached. For more information about how payment-card malware has impacted retail chains across the U.S. and what organizations can do about it, visit our blog on the subject.
New Ransomware Takes Notes From WannaCry
WannaCry was one of the single most damaging ransomware attacks in recent memory, impacting hundreds of thousands of computers around the world last month. However, it made a number of mistakes that cybersecurity experts were keen to point out. While WannaCry did have its issues, it also took advantage of a number of weaknesses that businesses weren’t prepared to handle, and new ransomware strains are following suit.
Top international businesses have once again come under attack from an intelligent strain of ransomware. While the ransomware bears some similarities to Petya, a ransomware that emerged last year, a prominent cybersecurity research lab has deemed it a new strain that has not been seen before, dubbing it NotPetya, BBC reported. Like WannaCry, NotPetya infects networks by moving from computer to computer through the EternalBlue tool and takes advantage of weaknesses in Microsoft Windows.
CNN noted that unlike WannaCry, NotPetya also locks down a computer’s entire hard drive instead of just files to spread within company networks. The new ransomware also doesn’t have a known kill switch, but a temporary solution does exist. Businesses can manually add a folder to each computer that will trick the ransomware into thinking it’s already infected the machine. It’s still unclear what exactly happened, who all has been infected or who could be behind this attack. Suffice it to say that organizations should expect intelligent ransomware to be the new normal and will need to prepare their security measures accordingly.
“The most advanced malware are evolving to be more difficult to identify, analyze and eliminate.”
Malware Evolution Poses New Threats
It’s no surprise that malware is changing, but the most advanced samples are evolving in ways that will make them significantly more difficult to identify, analyze and eliminate. A Cybersecurity Threat Report for June 2017 found that anti-sandboxing is now the most frequently used evasion technique, followed by anti-security tools and code injection. These methods help malware strains avoid detection and subvert engines that report on malware behavior. This not only means that malware will be much harder to find, but that it will also be problematic to evaluate and develop solutions for these strains.
The report also indicates that malware targeting Mac users isn’t predicted to slow any time soon. The first quarter of 2017 alone showed 250,000 new malware instances for macOS, bringing the total to 700,000 for the quarter. These numbers were boosted by a glut of adware targeting these machines. The Mac Observer noted that this type of occurrence is largely new to Apple, as Macs generally weren’t susceptible to viruses within the first decade of the 2000s that impacted PC systems. The tide is certainly turning as hackers attempt to impact every business and system possible, including mobile devices and other systems that might not have been previously explored.
Call for Effective Cybersecurity Spending
The damaging and advancing cyber threats witnessed within the past few months have put security experts and businesses on edge concerning how best to protect themselves and their sensitive information. At the Global Cybersecurity Summit 2017, it was revealed that cyber security attacks are still exploiting vulnerabilities that date back to the mid-2000s, making them entirely preventable, provided organizations update their systems and their protection for these resources accordingly. Panelists suggested that cyber security dollars would be better spent on educating people on cyber threats and how to handle them appropriately. This approach would certainly help avoid a lot of malware and phishing tactics, which are often aimed at tricking unsuspecting users into clicking on malicious content or providing information.
Organizations are facing a global epidemic of cyber attacks, kicking off an era of cyber insecurity. Expert John Carlin told CNBC that actors can get into your systems if they want to and that it’s important for companies to start rethinking their security systems. Leaders must take a critical look at their current protections and test them regularly to ensure that they are protected. Evaluations alongside monitoring tools will be essential for businesses to identify any unusual behavior on their network and mitigate it as quickly as possible.
“If you are a business — and every business these days is a tech business — you are vulnerable,” said Carlin.