Weekend reading: Friday, March 17, 2017

We’re back with this week’s edition of “Weekend Reading.” Below are some of the data stories from this week that you just can’t miss. I know that I found each of them beneficial (and equally interesting!) in my role as a Chief Information Security Officer (CISO). When you have a few minutes this weekend, be sure to check out these important stories. Enjoy!

Computer ransomware that locks out users flourishes in pay-to-make-it-go-away – The Japan Times

Will Japanese victims pay more to get their data back? Masakatsu Morii, a professor of information and telecommunications engineering at Kobe University’s Graduate School of Engineering, believes that might be the case.

The top issues your company needs to consider before implementing file-sharing services – TechRepublic

This is a great video that everyone who is considering cloud-based file-sharing services should watch. Ronen Vengosh, VP of business development at Egnyte, talks about how businesses can still maintain security when sharing files with individuals across (and outside of) an organization.

EU companies need to prepare for more malware and ransomware attacks, Europol report finds – The Merkle

Europe’s leading intelligence agency, Europol, recently released its new report on organized crime within the European Union. The report claims that malware and ransomware will continue to be a major concern for EU companies in the coming year.

How to protect yourself from ransomware – Fortune

I love seeing security being discussed outside of the echo chamber and this quick video (and blog post) from Fortune does just that. This is the kind of article that you can share with your non-technical staff, peers, friends and family to help them understand the threat of ransomware.

PetrWrap ransomware is a Petya offspring used in targeted attacks – BleepingComputer

PetrWrap, a new strain of the Petya ransomware created by a malware group named Janus Secretary, is renting access to Petya, Mischa and GoldenEye ransomware via a Ransomware-as-a-Service (RaaS) portal available on the Dark Web. Kaspersky researchers Fedor Sinitsyn and Anton Ivanov say the new threat actor took one of these Petya binaries and modified it to work independently from the Petya RaaS backend.

City erases, re-installs server after ransomware attack – Baxter Bulletin

The Mountain Home Water Department in Arkansas refused to pay ransom after being hit with a cyber attack on one of its servers, instead wiping the machine clean. The server was re-installed from a backup created the night before and no information was lost or stolen.

Revenge ransomware, a CryptoMix variant, being distributed by RIG exploit kit – BleepingComputer

Broad Analysis recently discovered Revenge, a new variant of CryptoMix (or CryptFile2), which is being distributed via the RIG exploit kit. Both BroadAnalysis.com and Brad Duncan of Malware-Traffic-Analysis.net have seen Revenge being released through websites that have been hacked. The RIG Exploit Kit javascript is then added as pages on the site.

Protecting your practice from ransomware – Diagnostic Imaging (blog)

This article shares great advice about how to respond to a ransomware attack on patient protected health information (PHI) if you’re in the medical field. Read on for tips about how to protect data and be HIPAA compliant.

Ransomware authors burying payloads deeper in installer packages – The Stack

Microsoft’s security labs found ransomware creators are becoming more innovative in their tactics, burying malicious payloads inside regular and valid installer mechanisms. According to Microsoft, there has been a rapid increase in cyberattackers’ adoption of the technique, which is expected to grow even more.

Richmond housing agency computers hit by ransomware attack – News & Observer

A Richmond, Indiana housing agency was the victim of a ransomware attack that demanded $8,000 to restore the agency’s access to the file. The agency lost approximately one month’s worth of data as a result of the incident, which was believed to be carried out by a group from India.

Data breach 101, part I: Data breach notification laws – The National Law Review

Another great article from The National Law Review for those looking to learn a bit more about data breach notification laws. Stay tuned for part II of the series! I hope it covers even more global laws, as well as those in development.

Star Trek themed Kirk ransomware brings us Monero and a Spock Decryptor! – BleepingComputer

Is nothing sacred? For possibly the first time, with the release of Kirk Ransomware, Monero has been introduced as a ransom payment. For the first two days, crooks are demanding 50 Monero or roughly $1,072. The fee doubles every few days if victims fail to cave. According to the ransom note, if no payment is made by the 31st day, the decryption key gets permanently deleted.

Eastern Iowans experience tax fraud after data breach – KCRG

Marion, Iowa tax company, Classic Tax, suffered a data breach in which more than 20 percent of the company’s 1,200 clients were affected. With tax season in full swing, how confident are you that your accountant can protect your data?

Have a good weekend!

  Like This
Andrew Hay

Andrew Hay

With over 15 years of data security experience in various roles inside organizations as well as advising them, Andrew serves as the chief information security officer at DataGravity. He is responsible for the development and delivery of the company’s comprehensive data security strategy. Prior to DataGravity, Andrew was the director of research at OpenDNS (acquired by Cisco) and the director of applied security research and chief evangelist at CloudPassage.