Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.
Here are the most interesting articles we’ve found this week that could be helpful to you:
Ransomware: How To Lose Your Business In 24 Hours
Great insightful story about ransomware and how it can hurt you.
In 2013, 72% of data breaches analysed world-wide were at companies with 100 or fewer employees
Average cost of cybercrime rises by 200% in just five years
Cybercrime keeps growing and becoming more expensive for companies to deal with. These numbers are staggering and there doesn’t seem to be any end in sight.
Cybercrime is costing the global economy up to $450 billion annually, a new report by Hamilton Place Strategies reveals.
The document finds that the median cost of cybercrime has actually increased by approximately 200% in the last five years alone, and that it is very likely to continue in that vein
A Skeleton Key of Unknown Strength
A new vulnerability has been discovered that’s present in a shocking amount of devices. It’s not clear what the exploit landscape looks like yet for this bug, but it may be the most widely distributed vulnerability of all time.
We’ve investigated the DNS lookup path, which requires the glibc exploit to survive traversing one of the millions of DNS caches dotted across the Internet. We’ve found that it is neither trivial to squeeze the glibc flaw through common name servers, nor is it trivial to prove such a feat is impossible. The vast majority of potentially affected systems require this attack path to function, and we just don’t know yet if it can. Our belief is that we’re likely to end up with attacks that work sometimes, and we’re probably going to end up hardening DNS caches against them with intent rather than accident. We’re likely not going to apply network level DNS length limits because that breaks things in catastrophic and hard to predict ways.
Adding Up The Total Costs of Ransomware
If you’ve got ransomware on your systems, it can get really expensive. The Hollywood Presbyterian Medical Center had to pay $17,000 in Bitcoins just to get rid of it.
Hollywood Presbyterian had $974,387,384 in revenue and $20,979,948 in net income for 2015. If we divide both figures by 365 days we see that the hospital takes in roughly $2.7 million in revenue and generates $57,479 of net income per day. It was noted in several reports that long delays were experienced by patients and that medical information was being shared via phone and fax between doctors.
Trend of ransom payoffs to unlock malware from ‘electronic stickups’ troubles law enforcement
More shocking ransomware news. It’s more widespread than we think. And businesses have to pay a lot to get rid of it. This is not a good scenario.
Often, businesses conclude paying the ransom is the quickest and most efficient way to get their data back.
“People don’t like to talk about it. It’s happening across all industries, banking, small businesses and other places,” said Phil Lieberman, a cybersecurity consultant.
It’s Here. New Ransomware Hidden In Infected Word Files
Another ransomware strain has been found. This particular one comes in an old form that computer security experts hadn’t seen much for years.
There is a new ransomware strain somewhat amateurishly called “Locky”, but this is professional grade malware. The major headache is that this flavor starts out with a Microsoft Word attachment which has malicious macros in it, making it hard to filter out. Over 400,000 workstations were infected in just a few hours, data from Palo Alto Networks shows.
If you download a new security patch, you need to reboot your computer to install it. Unfortunately, many people neglect to do the second step for way too long – leaving their systems vulnerable to attack.
Windows computers must be rebooted to complete the patch installations. And because a reboot takes the computer out of service for a few minutes, it causes downtime. And when that system is dependent on other systems, or vice versa, rebooting can cause a chain reaction that cripples critical software services. So in fact, the simple act of rebooting a computer to complete the patch installations is the hardest part of the job.
Mega Mess: Records Escape from Disposal Truck
A cyber attack isn’t the only way to lose customer data. You can also just drop it on the street.
“During transport, a small quantity of records were released on Fowler Street in Fort Myers, Florida,” the statement says. “This incident resulted from the condition of the container used by Lee County Solid Waste Division to transport the records and the Lee County driver’s failure to properly secure the container door.”