The Dark Web has a new kind of ransomware-as-a-service that allows users to tailor their own code and ransom demands by Satan. These attacks consist of phishing or malicious links to infect the victim’s computer, where then the malware encrypts the files on the computer and places a HTML file on the desktop with the ransom demand and instructions so the victim can get their files back. As Satan store their private keys to decrypt the files on a remote server, there is no other option but to pay the ransom.
I found this rather terrifying and I don’t know what I would do if this every happened to me. I hope that researchers get the code sample that is required to update and protect Windows based machines from this threat. What the general public should know, is to be careful of suspicious e-mails or links and to always make sure that if an e-mail has an attachment it is supposed to be there before opening it. I also feel like I should have heard of ransomware before this as it has caused over $1 billion in damages in 2016 alone, and that the general public should have too. I am not sure if any public policies are in place about this; if there are not, anyone caught should have to give up their login information to the Dark Web service they are using and/or the code that will allow researchers to update and protect computers at risk.
SafeBreach has made a attack simulator that allows organizations to conduct war-game-like attacks that can show weaknesses in their security. Using the military’s war games to as a basis for their idea, SafeBreach thought out that an organization needs to have an interlocking set of strategies that involve people, processes, and technology. For people, the organization needs to make sure employees understand the importance of security and what to look out for (i.e. phishing e-mails, or an unknown USB). In the case of Processes, SafeBreach indicates that organizations should ensure that there are procedures in place to make sure they are followed and that third-party vendors’ security is also safe. As for technology, checking on security systems has to be an everyday thing, not just biannually or quarterly. SafeBreach gives multiple examples of ongoing cyber-war games to help test organization’s people, processes, and technology in a safe, secure manner.
I think this is a fantastic idea that, it makes sure that everyone and everything is ready for an attack and that each person within an organization understands the threats that could come into play. I learned that there is more to security then just updating a firewall and checking on it once in a while, as that was what I had thought computer security was about not long ago. The general public should know that this resource is there if they are in need of checking their security within their company/organization. I feel like this might become a major tool that organizations utilize to validate their security and that many professionals will look into using it. It might even become policy to use these in major corporations like banks to check their systems and upkeep their security. I hope to see this in action someday.
An Ohio man, Ross Compton, was arrested for arson after police found discrepancies in testimony and a cardiologist reviewed his pacemaker’s data that proved that it was improbable that what he alleged happened was possible. Compton was also found with gasoline on his clothing and had allegedly packed multiple bags and broke a window with his cane so he could climb out and carry the heavy bags to his car. The fire was also found to be started in multiple places outside the house. Police used this information to get a warrant for the data stored on Compton’s pacemaker and finally got the nail in the coffin for Compton’s arrest.
When I first saw the headline, I was worried about medical security and that the information was attained in an illegal manner. Further reading showed that the police did get a warrant and followed proper procedures. I am not sure if in the future the medical information will be protected enough to make sure police need to get warrants to attain the information. The general public should be careful to read about how information was actually attained, as to not spread misinformation. I feel like policies should stay the same currently and maybe looked at later when technology gets to the point that the policy needs to be changed, at which point they should bring in computing professionals to help with creating new policy.
Source(1) Source(2) Source(3) Source(4) Source(5)
WordPress made a recent update to its software (4.7.2) with a fix that was not mentioned in the content of the update, so it could be phased in quietly. The updated stopped the vulnerability that came with update 4.7 (released in early December) and allowed attackers to change the content of any website with the software remotely. This problem was discovered by a security researcher with Sucuri, Marc-Alexandre Montpas, and alerted WordPress on January 20th. WordPress used the update to silently fix the flaw so criminals would be unaware of the issue and exploit it.
I think WordPress went about this in a safe, secure way that made sure to their clients were protected quickly. I like that WordPress made sure that while the update content did include 3 security updates, the most important one was kept secret to deter criminals and stop them from learning about the problems in the software before the update got out there, it might be good for companies to do this in order to protect clients. What concerns me is that it is possible developers can possibly omit information that could possible leave people open to attacks.
Professionals should look at this flaw and learn from it, maybe they could make sure to cover important security updates with other things that criminals wouldn’t blink at. Public policies could be updated to help professionals do this. The general public could keep themselves aware of these issues by reading their updates and reading up on their software.