Threats 101
Ryan Harnedy
May 2016

Barkly Spotlight: Mobile Malware

Photo by Source

Your weekly roundup of the latest infosec news, including a look at ransomware attacks against water, power, and other utilities on the rise. 

photo-1439754525045-a9e8393a2692-477174-edited.jpeg

IN THIS WEEK'S SPOTLIGHT: RANSOMWARE UTILITY ATTACKS

Hey, what happened to my hot water?

Well, if you’re anywhere other than Lansing, Michigan chances are your roommate used it all up. However, if you live in Lansing then you could be a victim of the ransomware attack on the Lansing Board of Power and Light.

An employee of the utility clicked on a malicious email which not only infected their computer but also began encrypting files across the network.

Lansing Power and Light was forced to take a number of services offline while they tried to resolve the issue, although luckily no personal data of the utility’s 96,000 customers was compromised.

Why would cybercriminals attack a utility?

In the words of noted criminal Willie Sutton “Cause that’s where the money is.”

With so many people relying on them, utilities and power plants can’t afford to take their services offline for very long. That makes organizations like power and light utilities as well as hospitals ideal targets for ransomware: they have money, they can’t afford to be closed down, and they’re willing to pay to get back to business.

Lansing isn’t the only place these attacks are happening. A German nuclear plant was recently plagued with malware and earlier this year the Israel Electric Authority was hit with a ransomware attack. Seeing as how CryptoWall alone has made over $325 million in revenue for its developers and utilities fit the profile of a victim who is likely to pay the ransom, it’s likely well be seeing more of these attacks on the horizon.

What can I do?

These attacks are are part of what the FBI is calling an "unbelievable" uptick in ransomware attacks on businesses of all types. No matter what industry you’re in, it’s important to take the proper precautions.

For five tips you don't want to learn the hard way, see our post "Surviving Ransomware: Lessons from IT Pros Who Didn't Pay." 

 

INFOSEC NEWS YOU CAN USE

photo-1446000442451-e162542e5f8d-902766-edited.jpeg

Screen Overlay Malware Is on the Rise

Apart from the screen overlay capability, KNL Bot can intercept and send text messages, make and forward calls, turn off the phone's sound, vibration and screen, be operated via SMS and via commands sent from a C&C server and persist on the device. All for a low price — HelpNet Security

Car Hackers Could Face Life in Prison

Proposed bills attempt to reduce the risks of digital attacks on connected vehicles, but could discourage security researchers and white hat hackers from finding potentially critical vulnerabilities. — The Hacker News

IT Leaders Pick Productivity Over Security

Barkly's 2016 Cybersecurity Confidence Report was featured in a cool CIO.com article about IT attitudes on security, check it out. — CIO.com 

Hackers Now Targeting Victims with Country and Culture-Specific Malware

Scam emails are getting harder to notice, as hackers now counterfeit different company logos and invoices perfectly. — BetaNews.com

Dental Associate Mails Malware to Members

Flash drives distributed by the ADA left cybercriminals smiling. Members who plugged in the drives were directed to a Web page that has long been tied to malware distribution. The domain is used by crooks to infect visitors with malware and give them full control of the infected computer. — KrebsOnSecurity

Photos by Raphael Roth and Redd Angelo

Ryan Harnedy

Ryan Harnedy

Ryan writes about how to make cybersecurity make sense to end users and keep employees safe from ransomware, malware, and phishing attacks. He enjoys decoding buzzwords and sharing security tips that users might actually follow.

lock-white.png

Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo

Comments

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.