CyberheistNews Vol 4, 41 Scam of the Week: "Whatsapp Gold" & Security News Roundup

CyberheistNews Vol 4, 41

Editor's Corner

Scam of the Week: "Whatsapp Gold" & Security News Roundup A new scam is doing the rounds that may hit your employees soon. I suggest you send them a warning about these types of scams. Feel free to copy/paste/change this and blast to everyone, especially if they use company-provided smartphones. "Many of us use texting apps too quickly get word to someone, both private and in business. Cyber criminals have released a fake "Gold Edition" version of the very popular Whatsapp messaging app, and it is being pushed via social networking websites. This bogus version promises exclusive features like custom backgrounds and emoticons, but it actually subscribes you to high-cost messaging services that rips you off with $2 per text you send. "This may also happen with the current texting-app you use, so do not fall for hacker tricks like this, which either drive up your phone bill, or download spyware or ransomware to your phone. The bad guys try to scam as many people as they can and promote that the app is available for both iOS and Android. "Remember, legit smartphone apps do NOT ask for your mobile phone number and/or any other personal information so never give this out. Think before you click (or tap)!" Why All This Russian Cybercrime? Explained in Five Minutes... (This may be something interesting to forward to your friends!) We all know that a large amount of cybercrime originates in Russia and other eastern European countries that were former USSR satellite states. But why is that? I decided to dig into this and did some research which turned out to be eye opening. One of the most fascinating sources of reliable information was a book called Putin's Kleptocracy: Who Owns Russia? by Karen Dawisha, professor of Political Science at Miami University. Why cybercrime is so widespread in eastern Europe is closely connected and date-coincident with the rise of Vladimir Putin to Russia's autocratic leader. If this all sounds too unreal, I assure you it's the unpleasant truth. I'm going to give you a very, very short summary of what happened, so you get the big ugly picture. Putin came up in the 1990's in the KGB in Leningrad, and was also stationed in the German town of Dresden as a recruiter for agents, and obtaining high-tech secrets from the West. Yup, Putin was a spook stealing Western high tech intellectual property. He created his personal network in Leningrad (renamed to St. Petersburg), consisting of political allies, his personal security people, and Russian Organized Crime (OC). The group he has around him today, is the same group that brought him to power. At the onset, Putin and his circle wanted to create an authoritarian regime, (call it a modern Stalinism really), ruled by a close-knit cabal with the interest to only enrich themselves, and not create a real democracy. The cabal consists of former KGB, mafia, and political and economic forces that joined together. They claim to be devoted to Russia and did this to save her, but they are more devoted to their personal survival and prosperity. The whole enterprise is being bolstered by high oil prices and state control over almost the entire media space. It started out with the KGB moving all the Communist Party's vast financial reserves offshore, absorbing the Russian mafia and using them for black ops as a price for operating on Russian territory. At the same time, the KGB created hundreds of companies and several banks inside and outside of Russia to launder money. Good examples are the Bank Russia, and energy company Gazprom. Putin's cronies were put in charge of many of these, and many of these people have become billionaires. Their price? Total loyalty and like the mafia, silence: "Omerta". While moving all this money abroad, the KGB found themselves using the same channels as the mafia for their illicit gains, and these funds started to get mingled up to a point where it was no longer possible to tell which monies belonged to the KGB and which to the mafia. So, when more or less spontaneous privatization began to occur through Russia, the KGB and the mafia was given a head start. To make all this happen in an invisible way, a top-down corruption scheme was hatched that truly starts with Putin and then goes all the way down to low-level government employees. You only get into Russian government by paying for it, and then get rewarded via "tribute" payments. The system put in place by Putin causes the Russian economy to be badly hamstrung because their is no technical innovation, except in cybercrime where the criminal innovation is furious. Russia scores very high in overall education, but the well-trained young graduates only have three choices: go abroad, start working for the corrupt government, or go into cybercrime. The third option pays very, very well and many take it. The long and short of it is that organized crime in Russia is being allowed to operate, and has moved into cybercrime in a massive way, ransomware like CryptoLocker and CryptoWall being a good example. Now and then the cyber mafias are used by Putin as a resource to harass countries that get into his way. The same is more or less the case in countries like the Ukraine, where cybercrime has become a measurable percentage of their gross domestic product. Since they are thousands of miles removed, the major ways these bad guys can penetrate your systems are limited:    1) Badly configured servers and workstations    2) Known and unknown vulnerabilities in software    3) Social engineering That's why stepping users through effective security awareness training is such an important part of your defense-in-depth. Find out how affordable this is for your organization now: http://www.knowbe4.com/get-a-quote-kmsat/ Quotes of the Week "The World is a book, and those who do not travel read only a page." - Augustine of Hippo (354 - 430 AD) "You’re off to great places! Today is your day! Your mountain is waiting, So get on your way!" - Dr. Seuss, Writer (1904 - 1991) Thanks for reading CyberheistNews! Please forward to your friends. But if you want to unsubscribe, you can do that right here

Thanks for reading CyberheistNews! Warm Regards, Stu Sjouwerman | Email me: feedback@knowbe4.com

Is Your Compliance Management Like "Death By 1,000 Cuts"?

Are you finding yourself having to deal with more and more regulatory items? Do you spend more and more time in "Excel Hell" trying to manage all these controls? Is the cost of compliance getting higher every quarter?

Most organizations track compliance using spreadsheets, word processors or proprietary self-maintained software. This is inefficient, error prone, costly, and a risk in itself. Streamline your audit compliance management with KnowBe4 Compliance Manager™ (KCM).

Finally, an affordable compliance workflow automation tool! Fill out the form for a live web-demo and/or a 30-day trial.
http://info.knowbe4.com/knowbe4-compliance-manager_14-10-14

CryptoWall 2.0 Ransomware Moves to TOR network

A new version of the world's most widespread ransomware CryptoWall has migrated to the TOR network. It has been upgraded to version 2.0, and continues to encrypt files so that ransom can be extracted if there are no backups or if the backup process fails (which happens more often than you think).

Earlier versions of CryptoWall were not using TOR but HTTP, which allowed researchers to analyze the communication between the infected machine and the command & control server so they could take down the servers that delivered the malware.

October 1st, CryptoWall 2.0 went live after a few months of testing, and now only uses the TOR network, which makes it much harder to analyze its communications and take down malware servers. You can expect this new version to spread like wildfire and use innovative ways to propagate itself, like using ads on websites that utilize vulnerabilities in browsers and browser plug-ins that were not patched by the user.

So, here are three things you HAVE TO, HAVE TO do:

1. Make regular backups, and have a backup off-site as well. TEST your restore function regularly to make sure your backups actually work.
2. Patch browsers AS SOON AS POSSIBLE, and keep the amount of plug-ins as low as possible. This diminishes your attack surface.
3. Step all users through effective security awareness training to prevent malware infections to start with.

Three Scary, but True, Security Tales

While Halloween only comes around once a year, there are some truly frightful security mishaps occurring on a daily basis. Some of these mishaps have made headline news, while others were too terrifying to share… until now.

Just in time for Halloween, renowned cyber security expert and SANS Faculty Fellow, Dr. Eric Cole, shares three horrific tales of hideous human behavior which he has personally witnessed – and lived to tell!

1. Ghost Employees
2. From Billions to Millions
3. A Hideous Discovery

Snowden’s Privacy Tips: Get Rid of Dropbox, Avoid Facebook a nd Google

At TechCrunch: "According to Edward Snowden, people who care about their privacy should stay away from popular consumer Internet services like Dropbox, Facebook, and Google.

Snowden conducted a remote interview today as part of the New Yorker Festival, where he was asked a couple of variants on the question of what we can do to protect our privacy.

His first answer called for a reform of government policies. Some people take the position that they "don’t have anything to hide," but he argued that when you say that, "You’re inverting the model of responsibility for how rights work".

When you say, "I have nothing to hide," you’re saying, "I don’t care about this right." You’re saying, "I don’t have this right, because I’ve got to the point where I have to justify it." The way rights work is, the government has to justify its intrusion into your rights.

He added that on an individual level, people should seek out encrypted tools and stop using services that are "hostile to privacy." For one thing, he said you should "get rid of Dropbox," because it doesn’t support encryption, and you should consider alternatives like SpiderOak. (Snowden made similar comments over the summer, with Dropbox responding that protecting users’ information is "a top priority.") More:
http://techcrunch.com/2014/10/11/edward-snowden-new-yorker-festival/

NEW: Security News Roundup

- FBI Director gave a great 60 Minutes interview on Cybercrime. He highlights the dangers of ransomware at about 12:30 in, and states that people do not understand the risks of malware and cyber espionage:
http://www.cbsnews.com/videos/fbi-director-on-threat-of-isis-cybercrime/

- Pentagon, U.S. Cyber Command wants to build a 6,000-person cyber mission force and create 133 teams across the nation by 2016 to defend against threats to U.S. networks:
http://www.capitalgazette.com/maryland_gazette/news/ph-ac-gn-cyber1001-20141001,0,792082.story

- Ex-Homeland Security Secretary Tom Ridge together with Lloyd's starts an insurance company specifically for cyber risks:
http://www.ridgecyberins.com/resources/release.aspx

- Australian ABC TV Station off the air due to ransomware infection. The hacking attack, which reportedly originated in Russia, used fake emails containing a link which downloads malicious software. An employee fell for it:
http://www.abc.net.au/news/2014-10-07/fake-auspost-emails-used-in-crypto-ransomware-attack/5795734

- Russian botnet of 500,000 machines shows half of them are XP, recent research by Proofpoint shows. Time to get rid of XP or install some whitelisting software on those boxes:
http://www.proofpoint.com/threatinsight/posts/the-insider-view-of-a-russian-cybercrime-infrastructure.php

- Google updated Chrome to rev 38.0.2125.101 and patches a whopping 159 security fixes, including 113 relatively minor fixes found using MemorySanitizer. One of the patches was labeled "critical" so I would go to Settings | About Google Chrome | Update and do this manual instead of waiting for the automatic update:
http://googlechromereleases.blogspot.nl/2014/10/stable-channel-update.html

Cyberheist 'FAVE' LINKS:

* This Week's Links We Like. Tips, Hints And Fun Stuff.

SUPER FAVE: In this imaginative performance by Japanese dance troupe 'Enra' two dancers interact with points of light to create an amazing experience. Now THIS is an innovative laser light show. Think about the graphics horsepower behind this for a moment. Gorgeous:
http://www.flixxy.com/enra-pleiades.htm?utm_source=4

John Van Horne jumps from the top of the 1,099-foot Kuala Lumpur Tower into the rooftop pool of the nearby Pacific Regency Hotel. Now that's a way to make an entrance and impress the girls:
http://www.flixxy.com/urban-base-jumper-crashes-a-rooftop-pool-party.htm?utm_source=4

A couple of Russian guys climb a very high building in Hong Kong and hack the billboard that sits on top. Vandalism, but funny. They have a drone and record themselves top-down:
https://www.youtube.com/watch?v=jJkuCzgg7fo&app=desktop

Rodafonio - a magical big wheel with three musicians and two cyclists moving through the city streets performing classic, jazz and rock music. Wonderful lunatics:
http://www.flixxy.com/music-bike.htm?utm_source=4

A hawk wasn't happy to share his airspace over Magazine Beach Park, Cambridge with a remote-controlled quadcopter and took some quick and divisive action:
http://www.flixxy.com/hawk-vs-quadcopter.htm?utm_source=4

During his time in office Ronald Reagan told jokes about life under communism in the USSR. Very funny!:
http://www.flixxy.com/ronald-reagan-tells-soviet-jokes.htm?utm_source=4