CyberheistNews Vol 07 #01 The New Scary Thing Warning for 2017: Ransomworms

CyberheistNews | KnowBe4

CyberheistNews Vol #7 #01
The New Scary Thing Warning for 2017: Ransomworms

Good article by Ryan Francis at CSO you can use for ammo to get more IT security budget in 2017.

"As if holding your data hostage and seeking cash payment weren’t harsh enough, security experts foresee the next stage of ransomware to be even worse. 'Ransomware is already big business for hackers, but ransomworms guarantee repeat business.' - Nir Polak, Co-Founder & CEO of Exabeam'".

Scott Millis, CTO at mobile security company Cyber adAPT, expects ransomware to spin out of control in the year ahead. That is an astounding statement when you consider that there were more than 4,000 ransomware attacks daily in 2016, according to Symantec’s Security Response group.

Corey Nachreiner, CTO at WatchGuard Technologies, predicts that 2017 will see the first ever ransomworm, causing ransomware to spread even faster. “In short, bad guys realize ransomware makes money, and you can expect them to double down in 2017,” he says.

Years ago, network worms like CodeRed, SQL Slammer, and more recently, Conficker were pretty common. Hackers exploited network vulnerabilities and tricks to make malware automatically spread itself over networks.

“Now, imagine ransomware attached to a network worm. After infecting one victim, it would tirelessly copy itself to every computer on your local network it could reach,” he says. “Whether or not you want to imagine such a scenario, I guarantee that cyber criminals are already thinking about it.”

Alex Vaystikh, cybersecurity veteran and co-founder/CTO of advanced threat detection software provider SecBI, thinks along those same lines. He says ransomware will become smarter and merge with information-stealing malware, which will first steal information and then selectively encrypt, either on-demand or when other goals have been achieved or found to be unachievable.

Although ransomware is an extremely fast way to get paid as a fraudster/hacker, if you are also able to first steal some information before you encrypt the device, you can essentially hack it twice. (That has already happened. See this blog post:)

“But what we might see in the coming year is ransomware targeting places where there is less chance of backup files being available. For example, I think we’ll see that SMBs who move their files to the cloud generally do not have backups and do not know how to recover. Specifically encrypting cloud-based data like this would have a significant impact on cloud providers and cloud infrastructures,” he says. Full article here:
KnowBe4 Has Had Another Blow-Out Fourth Quarter

Happy New Year!

I'd like to thank all our customers for your support. 2016 has been fantastic.

Our year-over-year sales increase was 298% for Q4 2016, with a record number of over 750 new corporate accounts in December alone with a very robust 88% customer retention rate, rising to over 8,000 enterprise accounts.

We have seen consecutive growth for a record 15 straight quarters, and more recently a stellar 2300% growth rate from 2013 to 2016. We made it into the Inc. 500 and Deloitte Fast 500 this year.

Our new-school security awareness training and simulated phishing platform has been well received by IT managers because it finally allows them to manage the ongoing problem of social engineering and train their employees to make better security decisions.

Customers continually tell us that their employee security culture is much better. Staff feels safer knowing they can better control both their organization’s and personal internet security.

Ninety-three percent of all phishing email contains ransomware. Between ransomware and CEO fraud, cyber criminals have built themselves a very successful business model that is pumping hundreds of millions of dollars into their pockets.

These internet bad guys are located primarily in Eastern Europe and are out of the reach of U.S. law enforcement agencies, leaving both companies and nonprofits to fend for themselves.

CEOs, C-level executives and managers in Finance and HR are increasingly becoming targets for cyber criminals. They need help along with employees to recognize the evolving techniques used by cybercriminals.

KnowBe4 strongly recommends monthly simulated phishing attacks to keep employees aware and on their toes. We have added some powerful new features this year like the new "Phishing Reply Tracking" function that allow you to send simulated CEO Fraud email and monitor the responses.

We need all the help we can get to spread the word. Please continue to tell your friends about us in the new year? Thank you so much.

P.S. Stay tuned for an exciting announcement January 10th.
Russia Hacking the U.S. Started With Phishing Attacks

As one of his last actions in office, President Obama expelled 35 Russian spies in retaliation for Russia interfering with the U.S. election process, after intelligence agencies lined up their stories and all pointed at Putin.

Bloomberg just wrote: "The attack against U.S. democracy began in the summer of 2015 with a simple trick: Hackers working for Russia’s civilian intelligence service sent emails with hidden malware to more than 1,000 people working for the American government and political groups. U.S. intelligence agencies say that was the modest start of 'Grizzly Steppe,' their name for what they say developed into a far-reaching Russian operation to interfere with this year’s presidential election."

The hackers sent spoofed phishing emails which looked like they came from legit websites. The hackers used social engineering to trick employees to fall for the spearphishing emails and got a foothold into the Democratic National Committee and other key email accounts like Podesta's for material that would later be leaked to damage Hillary Clinton in her losing campaign against Trump.

“This activity by Russian intelligence services is part of a decade-long campaign of cyber-enabled operations directed at the U.S. government and its citizens,” according to a joint statement from the Federal Bureau of Investigation, DHS and the Office of the Director of National Intelligence.

“The U.S. government seeks to arm network defenders with the tools they need to identify, detect and disrupt Russian malicious cyber activity that is targeting our country’s and our allies’ networks.”

Well, that would start with stepping all employees through new-school security awareness training which includes frequent simulated phishing attacks arriving in everyone's inbox. Full blog post with much more background:
No-Charge Domain Spoof Test

Can hackers spoof an email address of your own domain?

Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO fraud", penetrating your network is like taking candy from a baby.

Would you like to know if hackers can spoof your domain? KnowBe4 can help you find out if this is the case with our complimentary Domain Spoof Test. It's quick, easy and often a shocking discovery. Find out now if your email server is configured correctly, 82% are not!

Get Started Here:

Warm Regards,
Stu Sjouwerman

Quotes of the Week
The thing always happens that you really believe in; and the belief in a thing makes it happen.
- Frank Lloyd Wright - Architect (1867-1959)

Happiness lies in the joy of achievement and the thrill of creative effort. - Franklin D. Roosevelt

Thanks for reading CyberheistNews
Security News
Cyber Hack Exposes Law Firms’ Weak Spots

Your attorneys have increasingly become a target for hackers. It would be smart to talk to your C-level managers and forward this article to them. Lawyers are being hacked for a variety of reasons. The recent story is about two New York firms that were hacked so that the bad guys could get their hands on insider trading information.

The Manhattan U.S. attorney’s office unsealed a criminal indictment Tuesday against three Chinese men accused of using stolen law-firm employee credentials to access troves of internal emails at two law firms. The men, according to prosecutors, used details they obtained in law-firm partner emails about pending deals to make more than 4 million dollars in illegal stock trades.

I would inquire if your current law firm has sufficient employee security awareness training in place to prevent breaches like this, because credential-phishing is at the bottom of this. Article in WSJ:
Expect 2017 Cyber-Attacks to Far Surpass 2016 in Damage and Frequency

Wayne Rash at eWEEK to a very large degree thinks the same as I do about 2017: "Constant bad news about Russian hacking and the increasing prevalence of ransomware made 2016 an IT security disaster. However, 2017 promises to be even worse."

He summarizes the current spat between Russia and America, goes over fake news and how it will continue to proliferate as it's profitable, and just last week a fake news story resulted in renewed nuclear threats between Israel and Pakistan with each reminding the other that they have nuclear weapons and aren't afraid to use them.

While nuclear war, even on a limited basis, is far worse than a cyber-attack, the chances are that none of the nuclear-capable nations on earth is in a hurry to launch the Big One, if only because it will result in their own death as well, but that's where renewed cyber-wars come in.

Then he goes into DDoS attacks and ransomware, and ends off with excellent advice which I wholly recommend:

"But now's the time to start religiously backing up your data, to confirm that you can recover it and to make sure that you have storage in the cloud that you can also use for recovery. Then you need to be prepared to abandon your data center and bring up a new one so you can continue your business while you recover from the original attack.

"These measure aren't going to be easy or cheap. But all you can do is to be prepared for anything and hope that's enough." Only thing I can add to that is of course train your users within an inch of their lives to not click on phishing links or open attachments they did not ask for. Full article:
Expect Malicious Machine Learning in 2017, Making Social Engineering More Effective

Intel Security's McAfee Threat Predictions for 2017 observes that advances in technology are essentially neutral and that developments like machine learning should be welcomed, but they will also become available to cybercriminals. Machine learning in particular is something that can be misused.

Intel Security's Eric Peterson cites CEO fraud (The FBI calls it Business Email Compromise) – where individuals in companies are targeted through social engineering, and manipulated to fraudulently transfer money to criminal-controlled bank accounts.

There have been instances where the attacks have coincided with business travel dates for executives to increase the chances of the attack's success, Peterson says. Combine petabytes of publicly available data with open source analysis tools and it is entirely possible, the company warns, that criminals could build malicious machine learning algorithms to pick targets more precisely and with greater levels of success.

"Looking to 2017 and beyond, we might even see purveyors of data theft offering 'Target Acquisition as a Service' built on machine learning algorithms," Peterson says. "We expect that the accessibility of machine learning will accelerate and sharpen social engineering attacks in 2017."

Something to watch out for.

Fortunately, KnowBe4 is working on heading off the bad guys at the pass with our AIDA project. Meet AIDA – your smart sidekick that trains your employees to make smarter security decisions. Details at this blog post:
Tech Execs' Boldest Predictions for 2017 and Beyond

As part of InfoWorld's Tech Forecast 2017 survey of 196 senior technology professionals, they asked respondents to name their "boldest, most out-on-a-limb prediction for IT in the next five years." Here are a bunch of really cool ones like bots, self-driving cars and 25-petabyte SSDs are all in the mix.

Read on and estimate which ones you expect in what year in the future:
Cyberheist 'Fave' Links
This Week's Links We Like, Tips, Hints and Fun Stuff
    • How Big Data is being used to individually tailor a message based on 4,000 data points per individual. Fascinating and scary at the same time:

FOLLOW US ON: Twitter | LinkedIn | Google | YouTube
Copyright © 2014-2017 KnowBe4, Inc. All rights reserved.

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews