Ransomware defined 2017 - November 2017 - Hi-Tech Security Solutions
 
classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


Ransomware defined 2017
November 2017, This Week's Editor's Pick, Cyber Security

Sophos has released its SophosLabs 2018 Malware Forecast, a report that recaps ransomware and other cybersecurity trends based on data collected from Sophos customer computers worldwide during 1 April to 3 October 2017. One key finding shows that while ransomware predominately attacked Windows systems in the last six months, Android, Linux and MacOS platforms were not immune.

“Ransomware has become platform-agnostic. Ransomware mostly targets Windows computers, but this year, SophosLabs saw an increased amount of crypto-attacks on different devices and operating systems used by our customers worldwide,” said Dorka Palotay, SophosLabs security researcher.

The report also tracks ransomware growth patterns, indicating that WannaCry, unleashed in May 2017, was the number one ransomware intercepted from customer computers, dethroning long-time ransomware leader Cerber, which first appeared in early 2016. WannaCry accounted for 45.3 percent of all ransomware tracked through SophosLabs with Cerber accounting for 44.2 percent.

“For the first time we saw ransomware with worm-like characteristics, which contributed to the rapid expansion of WannaCry. This ransomware took advantage of a known Windows vulnerability to infect and spread to computers, making it hard to control,” said Palotay. “Even though our customers are protected against it and WannaCry has tapered off, we still see the threat because of its inherent nature to keep scanning and attacking computers. We’re expecting cyber criminals to build upon this ability to replicate seen in WannaCry and NotPetya, and this is already evident with Bad Rabbit ransomware, which shows many similarities to NotPetya.”

The SophosLabs 2018 Malware Forecast reports on the acute rise and fall of NotPetya, ransomware that wreaked havoc in June 2017. NotPetya was initially distributed through a Ukranian accounting software package, limiting its geographic impact. It was able to spread via the EternalBlue exploit, just like WannaCry, but because WannaCry had already infected most exposed machines there were few left unpatched and vulnerable. The motive behind NotPetya is still unclear because there were many missteps, cracks and faults with this attack. For instance, the email account that victims needed to contact attackers didn’t work and victims could not decrypt and recover their data.

“NotPetya spiked fast and furiously, and did hurt businesses because it permanently destroyed data on the computers it hit. Luckily, NotPetya stopped almost as fast as it started,” said Palotay. “We suspect the cyber criminals were experimenting or their goal was not ransomware, but something more destructive like a data wiper. Regardless of intention, Sophos strongly advises against paying for ransomware and recommends best practices instead, including backing up data and keeping patches up to date.”

Cerber, sold as a ransomware kit on the Dark Web, remains a dangerous threat. The creators of Cerber continuously update the code and they charge a percentage of the ransom that the “middle-men” attackers receive from victims. Regular new features make Cerber not only an effective attack tool, but perennially available to cyber criminals. “This Dark Web business model is unfortunately working and similar to a legitimate company is likely funding the ongoing development of Cerber. We can assume the profits are motivating the authors to maintain the code,” said Palotay.

Android ransomware is also attracting cyber criminals. According to SophosLabs analysis, the number of attacks on Sophos customers using Android devices increased almost every month in 2017.

“In September alone, 30.4 percent of malicious Android malware processed by SophosLabs was ransomware. We’re expecting this to jump to approximately 45 percent in October,” said Rowland Yu, a SophosLabs security researcher. “One reason we believe ransomware on Android is taking off is because it’s an easy way for cyber criminals to make money instead of stealing contacts and SMS, popping ups ads or bank phishing which requires sophisticated hacking techniques. It’s important to note that Android ransomware is mainly discovered in non-Google Play markets – another reason for users to be very cautious about where and what kinds of apps they download.”

The SophosLabs report further indicates two types of Android attack methods emerged: locking the phone without encrypting data, and locking the phone while encrypting the data. Most ransomware on Android doesn’t encrypt user data, but the sheer act of locking a screen in exchange for money is enough to cause people grief, especially considering how many times in a single day information is accessed on a personal device. “Sophos recommends backing up phones on a regular schedule, similar to a computer, to preserve data and avoid paying ransom just to regain access. We expect ransomware for Android to continue to increase and dominate as the leading type of malware on this mobile platform in the coming year,” said Yu.

For access to the full report, go to https://www.sophos.com/en-us/en-us/medialibrary/PDFs/technical-papers/malware-forecast-2018.pdf?la=en (short URL: www.securitysa.com/*so1).


  Share via Twitter   Share via LinkedIn      

Further reading:

  • Measure it if you want to manage it
    August 2018, Adamastor Consulting, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    There is no doubt that one of the differentiators between service providers is going to be the ability to make efficient use of data. We need more data detectives to meet the challenges.
  • Using data to stay secure
    August 2018, Technews Publishing, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    Situational awareness beyond the boundary walls can have a significant impact on the security of an estate and the wellbeing of its residents.
  • Technology risk assessments
    August 2018, Adamastor Consulting, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    Rob Anderson says the role of security practitioners is to continually work on mitigating risk, both physical and technological risk.
  • What is a security risk assessment?
    August 2018, Alwinco, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    Alwinco's Andre Mundell takes a look at what a real security risk assessment is, what it entails and what it delivers.
  • Efficient and proactive control rooms
    August 2018, Technews Publishing, This Week's Editor's Pick, Integrated Solutions, Security Services & Risk Management, Residential Estate (Industry)
    A question many estate managers face is whether they should keep the control room onsite and manage it and the relevant staff internally, or whether they should opt for a remote monitoring service.
  • Securing Serengeti
    August 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Perimeter Security, Alarms & Intruder Detection, Integrated Solutions, Security Services & Risk Management, Residential Estate (Industry)
    Serengeti Estate offers luxury, golf, conferencing and security, and the estate is on a new growth phase to incorporate more people and services within its 17.5 km boundary.
  • Radar comes home
    August 2018, Technews Publishing, This Week's Editor's Pick, Perimeter Security, Alarms & Intruder Detection, Integrated Solutions, Residential Estate (Industry)
    Covering up to 15 km in real time, radar-based perimeter and intrusion detection is set to change the way security operations on estates are managed and planned.
  • First line of defence
    August 2018, Technews Publishing, This Week's Editor's Pick, Perimeter Security, Alarms & Intruder Detection, Residential Estate (Industry)
    Hi-Tech Security Solutions asks what the best practices to take note of for installing and maintaining your electric fence.
  • Secure in their retirement years
    August 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Residential Estate (Industry)
    A retirement village with a limited budget upgrades its security to protect residents from increasing criminal activities.
  • Protection via thermal detection
    August 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Residential Estate (Industry)
    Thermal cameras offer almost unbeatable surveillance security for estates and are the envy of any security manager.
  • Make CCTV testify for you
    August 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Security Services & Risk Management
    Warrant Officer Bongiwe Gqotso highlighted some key points to consider when it comes to extracting evidence from your surveillance installation at the Residential Estate Security Conference 2018.
  • Cathexis Technologies demonstrates the power of VMS at Izinga Estate
    August 2018, Cathexis Technologies, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, Residential Estate (Industry)
    Cathexis installed a fully integrated video management system to support the surveillance and third-party security systems for Izinga Estate.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.