Cyber Security Roundup for October 2017

State-orchestrated cyber attacks have dominated the media headlines in October, with rogue state North Korea and its alleged 6,800 strong cyber force blamed for several cyber attacks. International intelligence scholars believe the North Korean leadership are using cyber warfare to up the political ante with their ongoing dispute with the United States. The North Koreans, as well as terrible security practices, were directly blamed by the UK National Audit Office for the recent NHS WannaCry attack (despite North Korea denying it). North Korea was also reported to be implicated in the stealing US War Plans from South Korea, and for a spear phishing campaign against the US Power Grid. The possible Russian manipulation of the US election with cyber attacks and rogue social media campaigns is still a story not going away, while the Chinese are alleged to be behind the data theft of Australian F-35 fighter jet, in what is described as an 'extensive' Cyberattack. The finger was pointed at Iran for the recent Parliamentary Emails cyber attacks in the UK, meanwhile, EU governments venting their cyber concern, warning that Cyber Attacks can be an Act of War.
Read more

Labs report: summer ushers in unprecedented season of breaches

In this edition of the Malwarebytes Cybercrime Tactics and Techniques report, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. We also observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams. Categories: Malwarebytes news Tags: 3rd quarterandroid malwareastrumbreachcerbercybercrimecybercrime tactics and techniquesemotetEquifaxexploit kitfrancophonefruitflyglobeimposterLockymac malwaremalicious spammalspamMalwarebytesmalwarebytes labsnational health serviceNHSoceanlotusq3 2017reportRIGsmartscreensonictech support scamstrickbottrojan.clicker.hyjwhole foods (Read more...) The post Labs report: summer ushers in unprecedented season of breaches appeared first on Malwarebytes Labs.
Read more

NHS Cyber Attack Allegedly Exposes Personal Data of 1.2 Million Patients

The UK’s National Health Service (NHS) has reportedly fallen victim to another massive cyber-attack, exposing the confidential records of up to 1.2 million patients. According to reports, an unknown hacker claimed to exploit a weakness in the NHS’ appointment booking system, SwiftQueue. The vendor is contracted by eight NHS trusts to manage booked appointments, as … Read More The post NHS Cyber Attack Allegedly Exposes Personal Data of 1.2 Million Patients appeared first on The State of Security.
Read more

Cyber Security Roundup for May 2017

The WannaCry ransomware outbreak within the NHS dominated the national media headlines earlier this month. Impacting 45 NHS sites in England and Scotland, the massive cyber attack led to cancelled operations and diversions of emergency medical services. The WannaCry outbreak was not just limited to the NHS, as thousands of computers were shut down at companies in almost 100 countries. After an initial infection via a phishing email and file encryption, the ransomware has the added ability to rapidly self-replicate, infecting other networked Windows computers without Microsoft’s March 2017 critical update (MS17-010) installed, this drove the swift spread of the malware within large organisations and across the world.Debenhams had 26,000 customer personal details stolen through its flowers service website, which was operated on Debenhams behalf by a third party company. The data breach has been reported to the ICO.With a year to ago until General Data Protection Regulation (GDPR) goes into law, there were several news reports stating UK businesses need to do more to prepare and highlighting the new data breach fines which could run into Billions for FTSE 100 companies.If you live in Manchester, your computer is 4 times more likely to be infected...
Read more

WannaCry Ransomware Bite Sized Business Prevention Advice

The top three actions to reduce the risk and impact of a WannaCry type Cyber Attack at a businessPerform regular Staff Awareness specifically on spotting Phishing EmailsHave a robust Patch Management Processes. Ensure all Microsoft Windows systems have Microsoft Critical Updates applied quickly - they are marked as critical for a reason!Have Anti-Virus running on all Microsoft Windows systems, with AV definitions kept up-to-dateSecurity in DepthThere are further security risk-reducing steps like filtering web traffic, ensuring data is regularly backed up, security monitoring, and network segmentation, but the above three are the most simple and most effective in terms of prevention against this type of attack, especially within the SMB space where security budgets are limited. Expect further versions of the WannaCry ransomware.The Reasons Behind this Advice(1) The WannaCry ransomware infects an initial system via a phishing email, the user executes the malware within an attachment or through a weblink. The Microsoft security update will not stop the initial ransomware execution, (3) but updated Anti-Virus system now blocks the current strain of the malware from executing. (2) The Microsoft MS17-010 security update stops WannaCry from rapidly propagating (i.e. worm malware) from the initially infected system to other
Read more

The IT Security Expert Blog is 10 Years Old

Ten years ago today I published my first ever blog post about a BBC news story titled "Home Network Security Scrutinised". A decade ago it was rare to see an IT security or hacking story make the news media, and back then the term 'Cyber Security' would conjure images of Dr.Who's metallically clad arch-villains in most people's minds in the UK.The Face of Cyber Security in 2007 Fast forward ten years, IT security has long been rebadged as 'Cyber Security' and on Friday the top ten news stories on Sky News were all Cyber Security related, albeit about the same global attack, but how times have changed.'I found the following article on the BBC news website, which happens to be exactly what I had been talking about in my presentations this week. None of the findings is surprising to me, but I find many people I talk with are in the dark about digital security. Anyway, I thought I'd write this post about it and start my own blog' - 15th May 2007How times have changed since I started writing this blog, the use of computing...
Read more

WannaCry Global Cyber Attack Killing the NHS Explained & Help

A large-scale cyber-attack has impacted organisations around the world today, including badly affecting NHS services, with at least 25 NGS organisations hit by a mass ransomware outbreak. The ransomware responsible is known as WanaCrypt0r 2.0, WannaCry or WCry2, once it infects a system not only does it encrypt data on the host system, but it attempts to infect other computers over the local network. This aggressive malware uses an exploit method named EternalBlue, details of which was posted online by the Shadow Brokers dump of NSA hacking tools on April 14th, 2017. WannaCry exploits this Windows vulnerability (CVE-2017-0145) to enable it to spread quickly over the network (i.e. Worm malware), the vulnerability was security patched by Microsoft on 14th March 2017. More specifically, the vulnerability lies within the SMB protocol, which is used for network file sharing, which the WannaCry malware exploits to replicate itself to other vulnerable Windows devices also attached to the same network.WCry2 Ransomware Demand To avoid the WannaCry ransomware infection within a network environment, make sure Microsoft Critical Security Update MS17-010 is applied to all Microsoft Windows. The update was released by Microsoft on 14th March 2017, so...
Read more