Recent times have been quite eventful for cybersecurity specialists. The world witnessed a number of cyber-attacks; thereby creating a need for adoption of advanced cybersecurity solutions.
Here is a brief description about some significant breaches that happened recently:
- SolarWinds: In this attack, hackers were able to successfully compromise the infrastructure of a company named SolarWinds. The company produces a network and application monitoring platform known as Orion. After compromising the company’s infrastructure, the attackers used their access to distribute compromised version of the software to the users including 425 of Fortune 500 companies, top ten telecommunication companies of US, top five US accounting firms, hundreds of colleges worldwide, etc. Malware infected version of Orion was used to successfully breach a cyber-security company known as FireEye. Another malware known as Supernova also used the compromised Orion version as the delivery method to infect its victims.
- Software AG: Software AG is the second largest software vendor in Germany and seventh largest in Europe. It was hit by Clop ransomware attack in October 2020. The attackers demanded $23 million as ransom.
- Sopra Steria: It is a European IT firm that provides an array of IT services, including consulting, systems integration, and software development. In October 2020, the company was attacked by a new version of Ryuk ransomware.
- Telegram: A group of hackers that had access to the system used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business.
Formulating new cyber security strategies and updating existing protocols is necessary for staying protected against cyber-attacks. A great way to do so is to observe the cyber-attacks and understand the new techniques being used. Recent cyber-attacks have shown that ransomware and social engineering attacks are gaining momentum. In terms of defensive actions, SolarWinds attack has indicated that third party risk management needs to be prioritized. Protecting remote endpoints and workers has emerged as next priority. Automated response systems should be used to improve the response time for preventing lateral infections through the network.
Centex Technologies provides cybersecurity solutions to businesses. For more information, call Centex Technologies at (972) 375 - 9654.
A ransomware is a malicious program that infects a target device and gains control. The program encrypts files and blocks the user access to the infected data (or system) until the targeted organization pays the ransom to the attackers. Although the instances of ransomware attacks have gained momentum lately, it is actually a primitive cybersecurity threat.
Here is a brief account of history of ransomware:
- First Ransomware: The first known ransomware attack was recorded in 1989. The attack was carried out by Joseph Popp, an AIDS researcher. He distributed 20,000 floppy disks containing a malicious program to AIDS researchers across 90 countries. He made pretence that the floppy disks contained a survey program. It was a basic ransomware attack and since then ransomware attacks have evolved and have acquired an array of advanced features.
- Locker Ransomware: In 2007, a new category of ransomware malware appeared. It was known as Locker Ransomware. This type of ransomware did not encrypt files; instead it locked the victim out of the device preventing him from using it. Another ransomware that operated on this technique is known as WinLock. The ransomware employed worms such as Citadel, Lyposit, and Reveton for displaying a fine message from a law enforcement agency. The ransomware demanded $10 as ransom in exchange for the unlocking code.
- Scareware: After a few years, the attackers changed their strategy. They started capitalizing on the fear of ransomware by spreading fake applications and antivirus programs. In these types of ransomware attacks, the malicious applications attack a target device and display a pop up message saying that the device has been infected with viruses. The message encourages the victim to visit a website and pay for antivirus software for fixing the problem. The link mentioned in the message redirects the user to a malicious website designed to look authentic and legitimate. After a few years, cyber criminals understood that they can compromise any website instead of designing fake websites. They switched to automated ransomware attacks the included phishing emails as vectors.
- Crypto Ransomware: In 2013, first cryptographic ransomware emerged. It was known as CryptoLocker. It was launched by Gameover ZeuS bot and was sent as an email attachment. Once downloaded, the ransomware encrypted the files on the device and demanded a bitcoin payment for unlocking the files.
- Ransomware-As-A-Service: It is the latest step in the evolution of ransomware. It first appeared in 2015 with the Tox toolkit launch. This gave beginner cybercriminals a chance to develop custom ransomware tools with advanced capabilities.
Centex Technologies offers cybersecurity solutions to businesses. For more information on, call Centex Technologies at (972) 375 - 9654.