Don’t Get “Drown”ed — Or Ransomed! (Pt. I)


Don’t Get “Drown”ed — Or Ransomed! (Pt. I)

Unfortunately, the news of breaches, security breaks, and data leakages is reaching critical mass again, and it’s time for another quick roundup for ransomware.

ANd9GcRbe-HoLGIKkPKN95Td3te0GLKE2P9KMJ03bpNgg5QQNfvWyBaPggWebsite Vulnerabilities

As we publish this week, there is breaking news regarding websites. A significant portion, approximately one third, that previously relied on the supposedly secure “HTTPS” protocol have received a warning. Researchers have identified a new method to compromise the encryption protections, leaving them vulnerable to eavesdroppers.

This, according to the BBC, which says that “passwords, credit card numbers, emails and sensitive documents could all be stolen as a consequence.” You can, however, see which websites might be vulnerable by going to this link.

We will continue to provide updates as more information unfolds regarding this recently identified “old” vulnerability. Its origins can be traced back to the U.S. government’s desire for intentionally weakened encryption in exported software, which was compromised years ago and is now resurfacing as a significant concern.

The Rise of Ransomware

As if that wasn’t enough, other kinds of attacks, these in the “phishing” realm, are proving to be successful in shaking out what is literally “ransom” money from vulnerable businesses — hence “ransomware.”

The theft works via an attacker planting malware in your company’s network, which then encrypts the entire network, and/or the data therein, with a demand that you send a “ransom” to the attacker to regain access to your own machines.

There was one recently successful such attack against a hospital in the L.A area, which had to transfer patients during its forced “data outage,” and wound up paying the ransom, after all.’

Now comes word that a new such piece of ransomware is coming via the world of credit cards. As ZDnet reports, “If you have a Visa credit card, be careful not to fall for a new ransomware phishing campaign which offers you benefits and rewards, researchers say…. A new and unusual phishing campaign has caught the eye of Symantec. The scheme relates to credit cards — but attempts to lure consumers to download ransomware instead of handing over their financial details.”

An archived file is attached to these emails as a white paper which contains additional information about rewards for customers — however, if the file is ransomwareopened, the victim will see nothing more than an obfuscated JavaScript file.”

Protecting Your Firm

There are ways to reduce the odds of this happening to your firm:

*Set up company firewalls in accordance with PCI standards.

*Segregate  critical business data in computers that are separate for those used for  email, letter writing, internet access, spreadsheets, etc.

*When dealing with credit card information, it is crucial to ensure that the computer or machine responsible for storing, processing, or transmitting credit card transactions is completely separate or isolated from all other machines and functions within your business. It is essential to refrain from web surfing on the payment processing machine to enhance security.

We will have a further look at these two security problems, and more solutions on guarding against “ransomware,” in Pt. II, next week!

Until then — beware the Ides of March, contact us if you have any questions (or need any updating!)… and stay safe!