Monday, November 30, 2015

Chimera Changes the Ransomware Game

Chimera Changes the Ransomware Game

Ransomware is an ever growing issue within the cyber security industry. With the announcement of the new Chimera variant, what was already a large nuisance has been turned into a real threat to organizations and individuals alike. This article highlights what ransomware is and the staggering damages it can cause financially; how the new Chimera variant has changed the ransomware game from a nuisance to a real threat; the damaging effect this strain of ransomware could have, looking at high-profile breaches from the past year; and why an inside out security approach is the best way to fight these types of threats.

Tuesday, November 17, 2015

The Threat Within: 3 Out of 4 Companies Affected by Internal Information Security Incidents

Costly cyberattacks are now almost routine for businesses, but while many organizations are focusing on external attackers, it's important to also look at threats from within. According to the IT Security Risks Survey conducted by Kaspersky Lab and B2B International, 73% of companies have been affected by internal information security incidents. The survey also found that the largest single cause of confidential data losses is by employees (42%). Read more here.

Introduction to Dependable Embedded Software

"Embedded Software Development for Safety-Critical Systems" discusses the development of safety-critical systems under the following standards: IEC 61508; ISO 26262; EN 50128; and IEC 62304. It details the advantages and disadvantages of many architectural and design practices recommended in the standards, ranging from replication and diversification, through anomaly detection to the so-called "safety bag" systems. Reviewing the use of open-source components in safety-critical systems, the book has evolved from a course text used as a training module on building embedded software for safety-critical devices. This excerpt introduces the concepts of dependable embedded software and the safety culture.

Monday, November 16, 2015

6 CyberHacks That Will Affect Your Life in 2016

6 CyberHacks That Will Affect Your Life in 2016
As we are quickly marching toward the end of another year, Stephen Newman, CTO of Damballa, discusses the new types of cyber attacks that will likely see in 2016. He points out that these new types of attacks will draw everyone's attention to the lack of privacy and security in our interconnected world.

Monday, November 9, 2015

Anyone Hit by the Power Worm Will Lose the Data Forever

Today's news reports that a new kind of ransomware, called Power Worm, contains coding mistakes that means anyone hit by it will be unable to recover their files, even if they pay the ransom. The coding errors mean that the worm destroys the keys that could help recover any data that the worm did scramble.

Fred Touchette, Manager of Security Research at AppRiver has shared the following insights:

Q. Power Worm - could it be deliberate instead of a mistake?
"It’s unlikely that this was a deliberate mistake. Creating malware that simply destroys files would be much easier than adding that sort of "functionality" into an already complex ransomware variant."

Q. Linux.encoder - what makes this one different to all the others?
"One of the main differences is that it attacks websites. Until now the biggest target group was the home and business end user. It makes sense that this type of malware, including their potential targets, would continue to evolve."

Q. It feels as if there's been a spike in ransomware - would you agree? Any stats that substantiate this?
"There has been an obvious spike, but I don't have metrics specific to this type of attack."

Q. Why is ransomware increasing?
"Ransomware is increasing because it is working. Victims continue to pay these cyber criminals and in turn, the bad guys keep doing what's working so well for them."

Q. Should organizations ever pay a ransom? Assuming not, what should they do instead?
"No. Organizations should backup their files."

Q. What else can be done to rid yourself of ransomware? Is there anything?
"Yes, #1 back up your files. #2 Stop paying criminals. Avoiding 100% of the damage caused by ransomware is quite simple, by having a backup of one’s data, all that needs to be done in case of a ransomware infection is to restore said backups. Also, aside from ransomware attacks, there are a million other reasons that people should backup their systems, it’s kind of amazing that these attacks are working so well."

Russia's Undeclared Cyber Wars

Post-Soviet Russia continues to exercise a get-tough attitude toward its former possessions. With each successful foray, its treatment toward the newly independent states that were once part of the Russian Empire becomes more and more assertive if not more aggressive. This excerpt from Vladimir Putin and Russia's Imperial Revival discusses Russia's cyberwar tactics and analyzes its 2007 Cyber War with Estonia.