Although scary costumes might be the highlight of October, cyber security is the most frightening prospect for any business. Let’s take a look back at some of the biggest cyber incidents and outcomes that occurred this month.
Rallying Around NCSAM
Federal agencies have acknowledged the damage that cyber incidents can cause to their own bodies as well as businesses and consumers. National Cybersecurity Awareness Month was created to better inform the public and enterprises of the dangers they face. However, as Jon Oltsik noted for CSO, a number of leading cyber security technology vendors made one small reference or didn’t even mention NCSAM on their websites and blogs. To make this effort a true success, vendors and employers alike must promote cyber security awareness throughout the year and ensure there are ample opportunities to receive the message.
Organizations must rally behind the NCSAM message
Companies Still Unprepared for Attacks
Despite all the headlines that cyber incidents have received lately, organizations are still slow to protect themselves. The 2018 Global State of Information Security Survey by PricewaterhouseCoopers found that less than half of respondents have adopted key processes, such as information security intelligence, penetration tests, threat assessments and vulnerability assessments, used for uncovering cyber risks. Without these tools, organizations remain vulnerable to the consequences of an attack on their critical systems. Some leaders didn’t even know how many incidents they had suffered in the past year or how they were targeted. This lack of information makes it more difficult to prepare for future exploits and root out current ones. As the consequences of downtime become more extensive, businesses must take proactive action by implementing safeguards.
“Bad Rabbit has infected only selected targets, but it does show a major threat to critical infrastructure.
Bad Rabbit Ransomware Emerges
In late October, a new strain of ransomware hit Russia, Ukraine and Eastern Europe. Dubbed Bad Rabbit, the ransomware caused confusion and is still being analyzed by security experts. According to ZDnet, Bad Rabbit holds a number of critical similarities to the Petya outbreak and spreads by drive-by downloads on hacked websites. Appearing as a fake Flash update, unsuspecting victims are persuaded to click and install the malicious files.
Bad Rabbit has some major differences from its predecessors. The ransomware can spread laterally across networks and may be targeting its victims. So far, Bad Rabbit has infected only selected targets, but it does show a major threat to critical infrastructure.
While Bad Rabbit is certainly another threat to worry about, cyber security researchers have discovered flaws within the strain that could allow victims to recover their data without paying the ransom. Experts found a flaw in the code where the malware doesn’t wipe the generated password from memory, offering a chance to extract it before the process terminates, TechTarget reported. Researchers also disclosed that Bad Rabbit doesn’t delete shadow copies after encrypting victim files, meaning that victims may be able to restore the original versions.