CyberheistNews Vol 6 #40 This Weird Ransomware Strain Spreads Like A Virus In The Cloud



CyberHeist News CyberheistNews Vol 6 #40 Oct. 4th
This Weird Ransomware Strain Spreads Like A Virus In The Cloud
Stu Sjouwerman

Here is a ransomware horror story for you...

An obscure 2-year old ransomware strain called Virlock has a nasty feature: it is capable of stealthily spreading itself via cloud storage and collaboration apps. That way just one infected user can unknowingly spread the infection further across your network, Netskope researchers discovered. Virlock is borrowing from a wide range of threat techniques.

How does it work?

Ransomware normally spreads through email phishing attacks, exploit kits, removable drives or external network shares. However, Virlock is a weird family of ransomware that not only encrypts files but also converts them into a polymorphic file infector just like a virus. Apart from infecting the usual documents and image related files, it also infects binary files. Yikes.

Virlock has effectively weaponized every data file it encrypts, converting each one into a propagation vehicle for the malware itself.

Read the whole story at the KnowBe4 Blog with links, a bunch of screenshots, schematics and how to mitigate if you get hit with this, because there is one silver lining that you need to know about:
https://blog.knowbe4.com/new-virlock-ransomware-strain-spreads-stealthily-via-cloud-storage

Ransomware's Greatest Adversary: Employee Cyber Awareness

October is National Cyber Security Awareness Month, a great opportunity to strengthen your human firewall in the war against this ransomware epidemic.

Here are two great bits of ammo if you need to get budget for IT security. First is an article that explains how ransomware causes downtime for sometimes a whole organization and how to boost cyber security awareness. I suggest you send this to the powers that be and cc HR while you are at it. This was written by a large insurance / reinsurance company:
http://xlcatlin.com/fast-fast-forward/articles/ransomwares-greatest-adversary_employee-cyber-awareness

Next, the DHS site has lots of tools, hints and themes you can use. In their words:

"October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not.

National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident:
https://www.dhs.gov/national-cyber-security-awareness-month

KnowBe4 Is Excited To Announce Active Directory Integration

We are stoked to announce the new integration with Active Directory (AD).

The Active Directory Integration (ADI) helps you easily upload user data and eliminate manual updates by automatically synchronizing your AD user information with KnowBe4’s platform.

Once the ADI is configured, users will be added, changed and archived in sync with changes made within AD automatically.

Here is link to the PDF datasheet at HubSpot (where our website lives):
https://cdn2.hubspot.net/hubfs/241394/ActiveDirectoryIntegration.pdf

See This in Action

Request a demo, and see this in action through a quick screen-share:
https://info.knowbe4.com/kmsat-request-a-demo-chn

Don’t Miss The October Live Demo: New-School Security Awareness Training

Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks. Old-school security awareness training doesn’t hack it anymore. More than ever, your users are the weak link in your network security.

Join us on Wednesday, October 12, 2016, at 2:00 p.m. (EDT) for a 30-minute live product demonstration of the innovative Kevin Mitnick Security Awareness Training Platform to see the latest features and how easy it is to train and phish your users:

    • Roll out Training Campaigns for all users (or groups) with follow-up emails to “nudge” users who are incomplete on the training.
    • Send simulated phishing tests to your users and drive down the Phish-prone percentage of employees.
    • NEW Active Directory Integration allows you to easily upload and manage users.
    • Advanced Features: EZXploit™ an internal, fully automated "human pentest". USB Drive Test™ to test reactions to unknown USBs.

    • Reporting to watch your Phish-prone percentage drop, with great ROI.

Find out how thousands of organizations have mobilized their end-users as their first line of defense. Register Now:
https://attendee.gotowebinar.com/register/6651094648067569667

Warm Regards,
Stu Sjouwerman

Quotes Of The Week

"Employees make decisions every day that negatively affects their business’s security. As a result, we have known for a while that, to protect organizations, employees need online street smarts. However, the problem is that some in the industry treat employee awareness as a training concern or one-time activity. It is not. It is an ongoing cultural problem."- Wolfgang Goerlich

"Don’t look for society to give you permission to be yourself."
- Steve Maraboli - Writer


Thanks for reading CyberheistNews


Security News
Why Your Employees Are Still A Huge Security Risk

Is security awareness training doing the job of protecting organizations from employee negligence? Michael Bruemmer of Experian Data Breach Resolution tells us where awareness is falling short, and what companies can do to improve. He helps companies with data breaches and knows what he is talking about - they handle more than 3,500 of these per year.

Despite an increase in security awareness training, and concern about awareness by top-level management at companies, data breaches continue to happen through employee negligence, whether malicious or not.

In the latest episode of Security Sessions, Joan Goodchild spoke with Bruemmer about a recent survey that said companies are unprepared to stop employee-caused data breaches. Worth 8 minutes of your time, watch this on a break:
http://www.csoonline.com/article/3125093/security/why-your-employees-are-still-a-huge-security-risk.html

85% Of State CIOs Have Now Developed Security Awareness Training

"As cyberattacks grow in frequency and intensity, state governments have responded by adopting cyber security disruption plans, and the vast majority of states have now adopted a cyber security framework based on national standards and guidelines.

According to the recent report “The 2016 State CIO Survey” from the National Association of State Chief Information Officers (NASCIO), 94 percent of states CIOs have now adopted such a cyber security framework. That is up from 80 percent in 2015.

Further, 85 percent of state CIOs have now developed security awareness training for workers and contractors, and 77 percent have created a culture of information security in state government." More:
http://www.information-management.com/news/security/cyber-threats-forcing-states-to-take-more-defensive-steps-10029871-1.html

Is Security Making The Grade? What IT And Business Pros Really Think

Great joint survey by CSO, CIO and ComputerWorld by Amy Bennett which is excellent ammo to add to a budget request that needs to be approved by a C-level exec. Here's why:

"If you sense some discontent in how information security is handled in your company, you're not alone. Half of the 287 U.S.-based IT and business pros who responded to a recent survey from CSO and its sister sites CIO and ComputerWorld gave their organizations' security practices a grade of C or below.

Contributing to the low scores is a familiar push and pull: Security is under increased scrutiny from the highest levels of the organization, while IT and security staffs and budgets are stretched to their limits.

A majority of survey respondents (65 percent) said that senior business management is focusing more attention on information security this year than in prior years, and 77 percent of respondents said that they expect management to be more focused on infosec in the next 1 to 3 years.

The reason for this increased attention? The C-Suite is on the hot seat for security. “In the past, a CEO could simply have faith in the efforts of security professionals in the company," Joel Gibbons, director of IT and compliance at National FFA, told CSO. "Now, the CEO needs to know more to be able to answer specific questions about how we are securing whatever needs securing inside the organization’s perimeter.”

The whole survey with all the scores is here:
http://www.computerworld.com/article/3122786/security/is-security-making-the-grade-what-it-and-business-pros-really-think.html?upd=1475069845882#slide1

TheDarkOverlord Holds Investment Bank Files Ransom, Or Else...

Graham Cluley describes a high-end file hostage situation that does not bode well for the future:

"No-one knows who TheDarkOverlord is. No-one even knows if he or she is one lone hacker, or a group of hackers. But one thing is certain, TheDarkOverlord must be giving some companies sleepless nights as they struggle to work out the best way to respond.

You see, TheDarkOverlord has embraced the next era of online extortion.

We’re all familiar with ransomware encrypting company’s data and demanding a payment for its decryption. And we’ve all heard about online criminals launching DDoS attacks against websites, making them inaccessible, and demanding a ransom be paid for the denial-of-service to be halted.

But this year we’re seeing increasing evidence of online extortion stepping up a gear – where attackers steal your company’s data, and rather than sell it on for a small profit to other criminals on the computer underground, they instead threaten to publish it online to damage your reputation." More:
https://www.hotforsecurity.com/blog/thedarkoverlord-holds-investment-bank-to-ransom-or-else-hacked-files-will-be-released-16764.html


Cyberheist 'FAVE' LINKS:
This Week's Links We Like, Tips, Hints And Fun Stuff





Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews