Skip to main content
Tag

Microsoft Patch Tuesday

2016: The Year of Ransomware

By Patch ManagementNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

Rise of the Cybercriminal

Ever watch the end of year “World’s dumbest criminals?” You know the ones: the handsome gentleman caught on camera robbing a convenience store while his sidekick fills out a lottery form complete with name and address.

Unfortunately, cybercriminals aren’t quite so easy to catch. With ransomware incomes hitting almost $1 billion in 2016, what you can expect in 2017 is continued reinvention and more growth in the world of cybercrime.

Kaspersky declared 2016 to be the year of ransomware. This financial malware victimizes users and forces them to pay significant amounts of money to release systems from a locked state. Small businesses faced eight times more ransomware attacks in the third quarter of 2016 than in the same quarter of the prior year. Hardly a day goes by without a new ransomware attack or variant making headlines. Witness just a few of the attacks in 2016:

  • October, San Francisco public transportation ticketing machines and transit stations taken offline.
  • Hollywood Presbyterian Medical Center in Los Angeles had its ambulances diverted and access to medical records, x-rays, and CT scans denied.
  • Madison County, Indiana, suffered a widespread ransomware attack that shut down virtually all county services.
  • In May, The University of Calgary was attacked by a ransomware that locked staff, students and faculty out of their emails.

If anything, cybercriminals are getting smarter. In late December 2016, federal prosecutors charged hackers with insider trading. Using data garnered from the computer systems of U.S. law firms that handle mergers, hackers manipulated the stock market to generate more than $4 million in illegal profits.

Many cyber-attacks could be avoided if IT departments adopted a regular patch-deployment process. What difference can a small patch make? What was once a small crack in defenses transforms into computer crashes, data leaks, and corruption. Zero-day attacks are cyber-attacks against software flaws that are previously unknown.

The wily hacker searches for and ultimately finds an error, a loop hole, made by the programmer. Whether the programmer worked on the Windows operating system, your internet browser, Flash, or the myriad of other programs you rely on every day, coders are bound to make mistakes. Criminals love it. Zero-day loop holes exploit that human error.

[vc_single_image image=”11077″]

Because they rely on known entities like malware signatures or URL reputation, standard organizational defenses like virus protection or firewalls are powerless against zero-day threats.

The cybercriminal leverages the unknown and uses the time between when the loophole is found, and the leak is patched to do as much irreparable damage as possible.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big”]START FREE TRIAL[/dt_default_button][vc_empty_space]

Usually, these types of threats are possible only with some end-user permission, such as clicking OK or downloading a file. In 2016, Adobe announced a bug that affected customers by exploiting a vulnerability in a browser’s Flash plug-in. In this case, infection occurred by simply looking at an infected Web page. Breathing easy because you don’t use Windows? Don’t. Updates are required for OS X and Linux operating systems, too.

Terrifying to think a single employee could click a link, access a website, or download software and expose the entire organization to risk.

Among the predictions for next year from an Intel Security McAfee Labs report are an increase in attempts of dronejackings, more intrusive mobile phone hackings and malware aimed at exploiting the Internet of Things. Hackers will become increasingly adept at bypassing existing corporate defenses, and ransomware remains a top concern. Other threats growing in 2017?

  • Watering hole attacks, laser focused attacks on high valued targets
  • Class action lawsuits against companies that fail to protect customer’s personal data
  • Distributed Denial of Service (DDoS) attacks like the ones that temporarily took down Amazon, Twitter,Netflix and others

In its fourth annual “Data Breach Industry Forecast” white paper, security company Experian says it takes constant vigilance to stay ahead of emerging threats and increasingly sophisticated cybercriminals. “While some tried and true attacks continue to serve as go-to methods for hackers, there are evolving tools and targets that are likely to become front-page news in 2017. Organizations can’t wait until an attack happens to ensure they are protected—they need to look at the signs early on to start preparing for new types of security threats,” the report said.

With the 2017 onslaught of vulnerabilities, you’ll need a wall of defenses – combating attacks on multiple fronts. Patch and keep operating systems, antivirus, browsers, Adobe Flash Player, Quicktime, Java, and other software up-to-date. According to a Barkly study, common security safeguards including email filtering, firewalls, and antivirus aren’t enough to stop cybercriminals. They found 95 percent of ransomware attacks can bypass firewalls, and 100 % bypassed antivirus protection. Be sure to double down on protection in 2017. Are you using an automated patch management system? Do you have an organized method of discovering, evaluating, and deploying software updates?

What’s one guaranteed prediction for 2017? Programmers will keep making small mistakes, and hackers will continue to turn them into big profits. Someone ends up the victim, don’t let it be your business.