Don’t Get “Drown”ed — Or Ransomed! (Pt. I)

Don’t Get “Drown”ed — Or Ransomed! (Pt. I)

Unfortunately, the news of breaches, security breaks, and data leakages is reaching critical mass again, and it’s time for another quick roundup.

Breaking as we go to press this week is news that websites — up to one third of those relying on the once-thought-secure “HTTPS” protocol — “have been warned they could be exposed to eavesdroppers, after researchers discovered a new way to disable their encryption protections.”

This, according to the BBC, which says that “passwords, credit card numbers, emails and sensitive documents could all be stolen as a consequence.” And although there a fix has been issued, it may “take some time for many of the website administrators to protect their systems.”

Which is bad news for those intending to shop at “HTTPS” websites, since there’s no “fix” that can be done on the consumer/user end, for additional protection. You can, however, see which websites might be vulnerable by going to this link.

We will keep you posted as more is discovered about this newly discovered “old” vulnerability — which has its roots in the U.S. government wanting “deliberately weakened encryption” for exported software, “which people broke years ago, and it is now coming back to haunt us.”

As if that wasn’t enough, other kinds of attacks, these in the “phishing” realm, are proving to be successful in shaking out what is literally “ransom” money from vulnerable businesses — hence “ransomware.”

The theft works via an attacker planting malware in your company’s network, which then encrypts the entire network, and/or the data therein, with a demand that you send a “ransom” to the attacker to regain access to your own machines.

There was one recently successful such attack against a hospital in the L.A area, which had to transfer patients during its forced “data outage,” and wound up paying the ransom, after all.’

Now comes word that a new such piece of ransomware is coming via the world of credit cards. As ZDnet reports, “If you have a Visa credit card, be careful not to fall for a new ransomware phishing campaign which offers you benefits and rewards, researchers say…. A new and unusual phishing campaign has caught the eye of Symantec. The scheme relates to credit cards — but attempts to lure consumers to download ransomware instead of handing over their financial details.”

The emails are designed to look like they come from “Visa Total Rewards and include information pertaining to the credit card’s reward schemes. An archived file is attached to these emails as a white paper which contains additional information about rewards for customers — however, if the file is opened, the victim will see nothing more than an obfuscated JavaScript file.”

There are ways to reduce the odds of this happening to your firm:

*Set up company firewalls in accordance with PCI standards.

*Segregate  critical business data in computers that are separate for those used for  email, letter writing, internet access, spreadsheets, etc.

*If you work with credit card information the computer or machine that stores,processes or transmits credit card transactions should definitely              be separated, or isolated, from all other machines or functions in your business. No web surfing on the payment process machine!

We will have a further look at these two security problems, and more solutions on guarding against “ransomware,” in Pt. II, next week!

Until then — beware the Ides of March, contact us if you have any questions (or need any updating!)… and stay safe!

Leave a Reply

Your email address will not be published. Required fields are marked *