About Over 50 Articles Library
Content: Services - Computer
Computer Security No 21: State-ponsored Actors
Corporate Computer Security
- Kansas Heart Hospital paid the ransomeware but did not get the key to decrypt
- Crysis Ransomware targets Australian and NZ companies
- McAfee Cyber security doctrine
State-sponsored actors work on behalf of a foreign entity and are the most active malicious adversaries ASD(the Australian Signals Directorate) has observed. They are also the most sophisticated and best resourced adversaries. State-sponsored actors seek national security information to identify vulnerabilities in our capabilities or to gain a strategic advantage. However, malicious activity often has an economic focus, with targeting of Australia's commercial sectors (for example, the resources, banking and telecommunications sectors) also prevalent.
Kansas Heart Hospital paid the ransomeware but did not get the key to decrypt
In May 2016, Kansas Heart Hospital had its files encrypted by a virus. When your files are encrypted, you need the key to decrypt them. It is impossible to find the key, so if you wish to get quick access to the files, you retrieve them from backups or you pay the ransom. It is all due to how clever the encryption works, and most of it is based on AES (which scrambles the data to the point that you cannot descramble it efficiently without the key).
The criminals that infected the Kansas Hospital asked for a small amount initially, which was paid. The decryption key was not provided and a second much larger ransom was requested. The Hospital president stated he did not pay it and resorted to pen and paper instead.
NSA (National Security Agency in US) discovered the criminals make tables and files of the decryption keys that use in their attacks; these keys or files can be lost, destroyed, etc. Which leaves the victim without any chance of getting their files back, even if they may have paid the ransom.
Read More:- www.extreameech.com
Crysis Ransomware targets Australian and NZ companies
How it works:-
Takes advantage of the RDP (remote desktop protocol), built in Windows.
Is distributed via email spam, Trojanised attachments with double file extensions (that try to disguise the malware as a non-executable) or links to compromised websites and online locations that distribute spurious installers for legitimate programs.
It injects Trojans on connected devices like printers and routers so that the attackers can res-establish the connection to PCs and reinfect them again even after they were cleansed.
How to defend against it:-
Close RDP access or
Change RDP port to a non-standard port
Use two-step authentication
Account lockout policies
User permission rules to defend against brute force attacks
Read More:- www.lifehacker.com.au
McAfee Cyber security doctrine
At 71 years of age, the famous creator of the McAfee antivirus software ran for president of the United States. He was beaten by the New Mexico governor Gary Johnson. His views on the cyber war are blunt and worrying. He states US is in a cyber war with China and has been for more than 5 years.
Only recently, the Australian media showed via the ABC 4 Corners program how the Chinese had infiltrated the Australian Satellite company to the bone of its computers.
Please read the article as it is worth knowing John’s views:- www.lifehacker.com.au
Corporate security example:-
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© About Over 50s 2017 website by aml websites online