Octree Observer

  • Ransomware – the threat inside

    by : Octree

    When it comes to ransomware, it only takes one person to let the marauders run free

    That's the assessment of cybersecurity company Malwarebytes, which has found as many as one third of small-to-medium-sized businesses were hit by ransomware last year, and that "the human factor" is increasingly behind large-scale outages.

    The findings come as part of Malwarebytes' Second Annual State of Ransomware Report, which showed that, of the 32 percent of companies hit by at least one malware attack last year, one fifth had to completely stop operations immediately. Do not pass go, do not collect $200 (unless you're coughing it up in Bitcoin).

    The figures paint a grim picture of digital security in the modern era, at a time when malware attacks routinely make news headlines, and ransomware (malicious software that infects systems and demands a ransom to regain access to encrypted files) has the power to bring everything from home computers to the world's biggest companies into the digital dark ages.

  • Firms that didn’t patch and enabled local admin rights continue to suffer post cyber-attack

    by : Octree

    Just because a malware outbreak has begun to fade away from the newspaper headlines, doesn’t mean your troubles are over. Many firms can continue to suffer long afterwards.

    Here’s a salutary reminder for all businesses, my thanks to Graham Cluley.

    Just because a malware outbreak has begun to fade away from the newspaper headlines, doesn’t mean your troubles are over. Many firms can continue to suffer long afterwards.

    In late June, a malware attack crippled businesses and critical infrastructure in Ukraine at astonishing speed. Initially suspected of being a similar ransomware attack to the WannaCry outbreak seen the month before, the malware (variously named as Petya, NotPetya or GoldenEye by security vendors) appears to have been launched through a malicious automatic update to a popular Ukrainian accounting software tool called MeDoc.

    We tell companies all the time to keep their software updated with the latest available patches, and yet here was an update which actually delivered a devastating malware attack. The irony isn’t lost on anybody.

    Once in place on an infected PC, the malware would spread to other networked computers, using a variety of lateral movement techniques.

    And it didn’t take long for GoldenEye to spread beyond Ukraine’s borders, hitting the of offices of multinational companies in the United States, UK, Russia, France, Germany and elsewhere.
  • Government to encourage wider adoption of Cyber Essentials scheme

    by : Octree

    The government has said it will be pushing for more companies to gain certification to the Cyber Essentials scheme. The scheme is backed by the government and contains five key controls that, when implemented correctly, can prevent the majority of cyber-attacks.

    Matt Hancock, the Minister for Digital and Culture, was speaking at the Cyber Security Summit at the Institute of Directors in London in March.

    “Numbers are really starting to grow,” he said. “Already, we’ve awarded more than 6,000 certificates to date, with the numbers more than tripling in the past year.”

    According to Hancock, this growth proves that Cyber Essentials is “an effective tool which can be built on to achieve greater security in our organisations”.

    The government already requires all of its suppliers that handle sensitive data to hold a Cyber Essentials certificate, but Hancock said that it will now be “strengthening this requirement to ensure even more of our contractors take up the scheme”.

    Hancock was also quick to highlight the existing and growing cyber threats: “We know the scale of the threat is significant: one in three small firms, and 65% of large businesses are known to have, experienced a cyber breach or attack in the past year. Of those large firms breached, a quarter were known to have been attacked at least once per month.

    It’s absolutely crucial UK industry is protected against this threat - because our economy is a digital economy. Over 95% of businesses are have internet access. Over 60% of employees use computers at work. The internet is used daily by over 80% of adults - and four out of five people in the UK bought something online in the past year. And we know the costs of a successful attack can be huge. My message today is clear: if you’re not concentrating on cyber, you are courting chaos and catering to criminals.”

    Securing organisations’ supply chains

    This announcement signals a growing shift in the importance and authority of the Cyber Essentials scheme. In addition to the government’s requirement for suppliers to be certified, many organisations will feel the pressure to achieve certification.

    For instance, larger companies, especially FTSE 100 companies, will need to certify in order to secure their supply chain, and small and medium-sized enterprises (SMEs) will need to certify in order to work with larger buyers.
  • UK SMEs not educating staff on the risks of cyber-security

    by : Octree

    CFC Underwriting finds that 38 percent of its claims in 2016 could have been avoided if better education and training processes were in place.

    Once again, I really wanted to share this article from Roi Perez, Community Manager at SC Magazine, highlighting the increasing need for security awareness training within businesses, to reduce the threat of email and web borne malware (primarily ransomware).

    New research from specialist cyber-insurance provider CFC Underwriting reveals that over a quarter of UK-based SMEs (27 percent) are still failing to educate and train their staff on the threat of a cyber-attack.

    Phishing scams caused 38 percent of CFC's claims in 2016, meaning that they could arguably have been avoided if staff were trained properly.

    Over a quarter of SMEs (26 percent) say that they do not train and educate their staff on the threat of cyber-security because they are “not sure where to start”. This could be the result of not understanding their cyber-risk profile, with 20 percent of SMEs never assessing the business exposure to cyber-risk.

    CFC saw a 78 percent rise in cyber claims from 2015 to 2016, with 90 percent of claims by volume coming from businesses with less than £50 million in revenue, highlighting just how vulnerable SMEs are to relatively unsophisticated cyber-attacks.

    When SMEs were asked what poses the biggest threat to their business, cyber-crime came in second, topped only by Brexit. Nearly a third (31 percent) of IT companies report cyber-crime to be the main threat, followed by 25 percent in the manufacturing sector. By comparison, just eight percent overall are concerned about traditional crime. Despite these worries, 80 percent of SMEs still do not buy cyber-insurance.
  • Ransomware-as-a-Service is Booming: Here's What You Need to Know

    by : Octree

    Taking a page from the software-as-a-service playbook, ransomware-as-a-service (RaaS) is giving even novice cyber-criminals the ability to launch sophisticated — and profitable — attacks.

    My thanks to the colleagues at Barkly for this somewhat disturbing article, which I thought I would share with you all.

    Ransomware is certainly nothing new in the cybersecurity business, with the first instances cropping up in Russia more than a decade ago. But, the rise of the RaaS distribution model is giving would-be criminals an extremely easy way to launch a cyber-extortion business with virtually no technical expertise required, flooding the market with new ransomware strains in the process.

    In fact, the growth in RaaS platforms on the Dark Web is likely one of the primary drivers behind the huge spike in ransomware attacks over the last year. Network security provider SonicWall reports a staggering total of 638 million attacks over the course of 2016, more than 167x the number of attacks they registered in 2015.

    Other reports indicate nearly half of businesses fell victim to some cyber-ransom campaign last year. At the same time, the number of new ransomware families surged 752 percent, costing businesses $1 billion worldwide.

    What makes RaaS such a threat? It’s the simple, franchise-like deployment model. Instead of writing their own malicious code, aspiring cyber-criminals can now log in to their RaaS portal of choice, configure their deployment, and instantly distribute the malware to unwitting victims. Some RaaS providers even advertise their products in hacking forums, offering customizations and other enticements to drive subscriptions.

    To help you get a better handle on the RaaS threat, let’s dive into some specific FAQs.
  • Alert: New Wave of Ransomware is Bypassing Security

    by : Octree

    Your traditional anti-virus solution is defenseless to this attack!!!

    My thanks to Jonathan Crowe from Barkly for this article. Illuminating and very, very worrying. You really need to act now.

    Key details:
    • Type of attack: Ransomware hidden in NSIS installer files
    • Attack vector: Email
    • Damage: As of yet unknown, but researchers have spotted a major uptick in infections beginning in December

    A new slew of ransomware campaigns are infecting companies thanks to an improved method of avoiding detection — hiding malicious code deep within NSIS installers.

    According to researchers at Microsoft, adoption of the technique appears to be widespread, with Cerber, Locky, and other popular ransomware families all getting in on the act in
    "a collective move by attackers to once again dodge AV detection."

    Beginning last December, the volume of these attacks has experienced a significant uptick, putting more and more companies at risk.

Octree Cyber Essentials
Cyber security – don’t know where to start?
Talk to Octree, specialists in helping SMEs achieve Cyber Essentials status.
GDPR Survey

Recent Posts

Blog Categories

Blog Archive