Faronics Tech Roundup – September in Review

The realm of cyber security changes very quickly, with new malicious techniques emerging on a regular basis even as mitigation solutions try to keep up. By understanding the threats and solutions that are being created, organizations can better protect themselves. Let’s take a look back at some of the biggest cyber security news that took place in September:

Ransomware-as-a-Service Targets Android Devices

Ransomware-as-a-Service kits are making it easier than ever before for aspiring cyber criminals to create malicious apps and make a quick payday from unsuspecting users. According to ZDNet, hackers simply need to download the Trojan Development Kit app onto an Android phone, follow simple instructions and fill out the forms to create a ransomware program of their own without writing a single line of code. The kit comes with a variety of customization options including keys used to unlock infected devices, the icon used by the malware and animations to be displayed on infected devices.

TDK and other similar kits should be worrying to any security professional. Once attackers pay a one-time fee, they’re free to distribute the ransomware and make as many variants as they want. This offers a capable tool for low-level criminals and seasoned developers alike. Organizations must reinforce app policies and ensure employees know how to spot suspicious programs.

Ransomware-as-a-Service makes it easy for anyone to create a malicious app.

Equifax Breach Affects Millions

Earlier this month, Equifax, one of the three major consumer credit reporting agencies, was hacked, exposing sensitive information for 143 million Americans. Data leaked includes Social Security numbers, driver’s license numbers and other personally-identifiable information. According to The New York Times, there’s a 50-50 chance that you might be affected by the breach. This incident was the third major threat to the agency since 2015, undoubtedly because it represents a one-stop shop for identity thieves to grab the data they need and do real damage.

The breach allegedly occurred due to a vulnerability in Apache software, which was used in a smaller breach of Equifax computer systems in March. According to The Verge, although the relationship between these two incidents remains unclear, they exploited the same security gap because Equifax didn’t fully patch it. Updating systems remains a critical trend in major data breaches, with WannaCry and NotPetya being other major examples. Organizations must learn from these mistakes and ensure their software and hardware are fully patched and up-to-date.

New Locky Variants Emerge

Locky, one of the most pervasive and effective ransomware strains ever made, emerged in August with two new strains dubbed Diablo and Lukitus. The ransomware was distributed through the Necurs botnet with Diablo making a big hit on 11,000 infected endpoints across 133 countries, according to Bank Info Security. Like other ransomware methods, Diablo and Lukitus come in the form of files attached to legitimate-looking emails. When a user opens the attachment or downloads the files, the encryption starts running to lock down the machine. Don’t pay the ransom. Instead, take proactive action with backups, anti-executable solutions and reboot-to-restore tools. These will help remove the malicious files and ensure you remain secure.
“Negligent employees remain the biggest cause of data breaches among SMBs.”

Insiders Named Biggest Cause of SMB Breaches

Negligent employees remain the biggest cause of data breaches among SMBs in the U.K. and North America, TechRepublic reported. According to a survey by the Ponemon Institute, 50 percent of respondents experienced a ransomware attack within the past year, and 79 percent of them were carried out through phishing and social engineering methods. In addition, 53 percent of those who were attacked were hit more than once. The report noted that password protection and mobile access to sensitive data were other major issues among SMBs.

As the consequences of breaches and the potential for connected devices rise, organizations must train their employees effectively. Enforcing password policies and creating strong mobile procedures will also be essential. These efforts will help make workers more aware of threats and prevent them.

EU Implements Cyber Security Labels

The European Union recently unveiled a federal initiative to create a new intelligence-sharing agency and roll out EU-wide certificates for trusted networks and devices. These plans are part of a larger effort to respond to cyber attacks and ensure that security becomes a standard, Phys reported. Organizations will no doubt look to gain these certificates for competitive advantage, but they will likely have to meet a number of requirements.

In June 2017, the EU announced a series of strict rules that organizations will need to comply with to protect consumer data. The General Data Protection Regulation requires businesses to ensure that personal data and privacy of EU citizens remain secure for any transactions within the EU member states. Organizations that don’t have a presence in the EU but process the personal data of European residents must also adhere to the GDPR, according to CSO. A majority of U.S. companies believe these changes will force them to rethink their strategies to remain competitive. With the deadline of May 25, 2018, organizations must start preparing now to ensure that they can comply with the emerging EU cyber security and data protection standards.

Suzannah Hastings

Suzannah is interested in all things digital, from software security to the latest technological advances. She writes about ways in which the increasingly internet-driven landscape changes our lives, and what we can expect in the future.