About Over 50 Articles Library
Content: Services - Computer
Computer Security No 54: WannaCry - the malware that took over the world (now at version 4.0)
Corporate - Private Computer Security
WannaCry - the malware that took over the world (now at version 4.0)
Last Friday (12/05/17), the WCry or WannaCry ransomware campaign started scanning the Internet for computers that were not patched to the latest version from Microsoft.
Origin: In March 2017, Shadow Brothers released several tools stolen from NSA onto the dark web.
Victims: Universities in China, Russia's Ministry of Internal Affairs, National Health Service in the UK, enterprises including Federal Express, the Spanish telecommunication company Telefonica, French car manufacturer Renault and hundreds of thousands of other users.
1. Propagation - WannaCry scans for computers for port 445 and leverages EternalBlue to gain access and deploy the WannaCrypt malware onto the machine; after that it scans for nearby machines laterally.
2. Encryption - the encryption phase is executed at the first stage, before any outbound communication.
3. Communication - The TOR client is embedded within the ransomware. It is only used to share the encryption keys with the C2 server.]
Ransom: $300 for the first 3 days, after which it doubles to $600 for the next 4 days, after which the files become unrecoverable.
Kill switch: a security researcher noticed soon after the campaign began that a killswitch domain was unregistered. He promptly registered the domain, but this only slowed the campaign down temporarily. The hackers released further versions (now up to 4.0) with the kill switch code removed.
Microsoft: the patches for the SMB vulnerability exploited by WCry were released on March 14 for all supported windows versions soon after the initial leak, Microsoft has now released aditional patches for unsupported windows versions. The company's President slammed NSA for not disclosing the vulnerability to the vendor.
Check if your system is supported
If it is supported then check that all automatic updates have been installed. If you are running an unsupported version of windows then you will need to install the appropriate match for your system manually. Using these links:
Windows Server 2003 SP2 x64,
Windows Server 2003 SP2 x86,
Windows XP SP2 x64,
Windows XP SP3 x86,
Windows XP Embedded SP3 x86,
Windows 8 x86,
Windows 8 x64
According to Radware, at the moment there are no confirmed reports of victims receiving a key for decryption after making a payment.
(image & info source: Radware website & Microsoft)
A directors and officers cheat sheet on D&O cyber insurance
All the Directors and Officers surveys recently published by Wall St Journal, PWC and many others in US, not to mention the one run by Conscious Governance on its large database of Directors and Officers (US, Australia and Europe) point to insufficient preparedness at board level.
Some large law suits with derivative suits against directors:
* Wyndham Worldwide Corporation
* Target Corporation
* The Home Depot
Jury still out in the Wendy's and Yahoo cases...
M-P Cormier (partner in a law firm in US) & J Garner (associate) put together a cheat sheet on D&O insurance for directors. Many of the points made are applicable to other jurisdictions:
* if a data breach claim is not covered under D&O, make sure it is covered elsewhere
* Indemnifiable loss includes provisions/claims arising out of privacy or data breach of any type
*claim broad enough to cover any investigation costs or regulator investigating
*'wrongful act' is suficiently broad to include hacks, cyber extortion, computer fraud, theft of funds, theft of personal info or personal IDs
* policy covers advance defense for counsel selected by director
* misconduct special exclusions
* and more
Worth a read and you can find the article at: http://www.boardmember.com/hot-topics/directors-officers-cheat-sheet-cyber-insurance/
(source:boardmember.com; image source: clipartbay)
To read more: https://corpgov.law.harvard.edu
(image source: poormd.com)
Cyber Security & Privacy suite for Directors and Executives
ABG offers the Cyber suite of course modules:
- Cyber threats and defences Module - Tactical plans
- Directors and Officers Module - Strategy
- Risk Management Workshop for Cyber
- Cyber Crisis simulation
Send your enquiries to email@example.com
NEW SERVICE OFFER from ABG and Conscious Governance:
Cybersecurity Governance Systems Review
to find out more visit:- http://consciousgovernance.com/cybersecurity-governance-systems-review
Beware of the threats
1. New Adylkuzz cyberattack (same vulnerability as WCry)
Researchers at Proofpoint discovered on May 16 another large scale cyber attack, exploiting the same vulnerability as WannaCry. It is believed it could dwarf last week's cyberattack.
Instead of locking files, it uses the computers infected to mine virtual currency. Adylkuzz uses the machines to mine in a background task a virtual currency called Monero and then transfers the money created to the virus authors.
It may have been released as early as April, it suddenly renders the servers and computers very slow.
DocuSign, a electronic signature and digital transaction mgmt tech company, confirmed a breach at one of its email systems.
"A malicious third party had gained temporary access to a separate, non-core system that allows us to communicate service-related announcements to users via email," DocuSign said in the announcement.
"DocuSign has observed a new phishing campaign that began the morning of May 16 (Pacific Time). The email comes from “firstname.lastname@example.org” with the subject “Legal acknowledgement for
Early this week, Bell Canada, nation's largest telco confirmed the company had been hacked by a criminal who managed to access its customer information illegally. Bell has revenues of $5.85 billion CAD and has over 21 million customers.
"The illegally accessed information contains approximately 1.9 million active email addresses and approximately 1,700 names and active phone numbers," the company said.
4. Apple security updates
Early this week, Apple released security updates for iOS, macOS, Safari, tvOS, iCloud, iTunes, and watchOS to fix a total of 67 unique security vulnerabilities.
Blockchain & CryptoCurrencies (Part 4)
We started a series about Blockchain and Cryptocurrencies, We will discuss the Blockchain technology, cryptocurrencies and Bitcoin in particular (only in the fortnightly Private Security newsletters - even numbers #54, 56, etc).
1. Bitcoin mining
Bitcoin mining is the process of adding transaction records to Bitcoin's public ledger of past transactions (blockchain). The blockchain helps confirm transactions legitimacy to the rest of the network, as having taken place.
Bitcoinmining.com gives has a good description of the process:
People that mine for Bitcoins need to use significant computing power to find new bitcoins or use the cloud to purchase mining capacity.
2. Bitcoin trading
Bitcoin mining is the process of adding transa
A report from Businessinsider.com from January 2017 shows where the most Bitcoin transactions take place: China (over 90%)
The Bitcoin market is very volatile, as announcements that China would investigate exchanges in Beijing and Shanghai on suspicion of market manipulation affected the Bitcoin trading down by 5%.
Memories of jokes
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© About Over 50s 2017 website by aml websites online