CyberheistNews Vol 7 #20 [URGENT ALERT] Fight Back Against This Ransomware WMD NOW



CyberheistNews Vol 7 #20
[URGENT ALERT] Fight Back Against This Ransomware WMD NOW

Ransomware Attack Uses NSA 0-Day Exploits to Go on Worldwide Rampage

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, called the attack "the biggest ransomware outbreak in history." This is a cyber pandemic caused by a ransomware weapon of mass destruction.

In the Jan 3, 2017 issue of CyberheistNews, we predicted that 2017 would be the year where we'd see a "ransomworm" like this. Unfortunately, it's here.

The First Thing to Do: Email Your Users

I suggest you send the following to your employees, friends, and family. You're welcome to copy, paste, and/or edit:

"You may have seen the news this weekend. Criminal hackers have released a new strain of ransomware that spreads itself automatically across all workstations in a network, causing a global epidemic. If you or a co-worker are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your own workstation, but immediately everyone else's computer too.

Be very careful when you get an email with an attachment you did not ask for. If there is a .zip file in the attachment, do not click on it but delete the whole email. Remember: "When in doubt, throw it out!"

Optional if you use the complimentary KnowBe4 Phish Alert Button: "When you see a suspicious email, click on the Phish Alert Button, which forwards this email to the IT team and safely deletes it at the same time."

Hundreds of Thousands Machines Infected Worldwide

FedEx Corp, Renault, Nissan, Russian banks, gas stations in China, and Spanish telecommunications firm Telefonica which reported 85% of their systems being down as a result of a cyberattack earlier today, and ironically the Russian Interior ministry had 1,000 machines encrypted. Even the German Railways were infected.

Dozens of hospitals in the UK were shut down. Cybersecurity experts have long used the phrase "where bits and bytes meet flesh and blood," which signifies a cyberattack in which someone is physically harmed. This monster has infected hundreds of thousands of systems in more than 150 countries. Monday morning when people get back to work, these numbers will only go up.

SUMMARY:

Yet unknown cyber criminals have taken an NSA 0-day threat and weaponized a ransomware strain so that it replicates like a worm and takes over the whole network using the SMBV1 protocol. There is a 2-month old Microsoft patch that urgently needs to be applied if you have not done that already.

I suggest you immediately look into this and patch your systems before your users fall for this phishing attack. Here is a blog post with:

• All the updated details
• Infection maps
• How to detect it on your network
• Video with a live network infection
• Links to patches
• Technical deep-dive background
• Workarounds if you cannot patch
• Prevention Steps
• And more...

This blog post is being updated close to real-time: https://blog.knowbe4.com/ransomware-attack-uses-nsa-0-day-exploits-to-go-on-worldwide-rampage

On the same page is an option to download a complimentary tool to check if your endpoint security software protects you against ransomware infections, the tool is called 'RanSim' - or you can get it here right away: https://info.knowbe4.com/ransomware-simulator-tool-1chn

This is a bad one. Let's stay safe out there.

Warm regards,
Stu Sjouwerman,
Founder and CEO
KnowBe4, Inc.
Do You Live Below the Cybersecurity Poverty Line?

SAN FRANCISCO — After attending a meeting with the Health and Human Services Department and security experts, Kaiser Permanente Chief Technology Risk Officer George DeCesare came away with a startling realization.

“Seventy-five percent of the healthcare industry is below the cybersecurity poverty line,” DeCesare said at the HIMSS and Healthcare IT News Privacy & Security Forum on Thursday.

But here’s the rub: Unlike the federal poverty line based on household income, there is no clear definition of what the cybersecurity poverty line is. But DeCesare explained that it’s a matter of either investing enough to protect your patient data or not investing adequately.

It’s going to become more important than ever to remain above that poverty line in 2017, 2018 and the years ahead. Full article at Healthcare IT news, and this is NOT only for healthcare!
http://www.healthcareitnews.com/news/75-health-orgs-live-below-cybersecurity-poverty-line
Live Webinar: Best Practices and Future Direction of Security Awareness Training

While reported numbers fluctuate from industry study to industry study, they all agree on one thing: cybercriminals are successfully and consistently exploiting human nature to accomplish their goals.

Prudent security leaders know that security awareness and training is key to strengthening their ‘human firewall’ – but they often don’t know where to start.

Join security awareness expert Perry Carpenter, Chief Evangelist and Strategy Officer at KnowBe4 and former Gartner Research Analyst for this live webinar “Best Practices and Future Direction of Security Awareness Training”. We will discuss emerging industry trends and provide actionable information you need to train your last line of defense, your employees.

Perry will cover these topics:
  • Practical security awareness and behavior management tips
  • Outline how and where tools are helpful
  • Discuss emerging industry trends
  • How to create a ‘human firewall’
Webinar Date/Time: Thursday, May 25, 2017, at 2:00 PM EDT
Register Now! https://register.gotowebinar.com/register/4096453053252124163
President Trump Has Just Signed an Executive Order Regarding Cyber Security

This new executive order mandates that every federal agency within 90 days must submit a report describing, (among other things), their plan for implementing the NIST Cybersecurity Framework. The NIST CSF seems to be the new general cybersecurity standard going forward.

The next thing to be aware of is the New York State - Department of Financial Services - 23 NYCCR 500 Cybersecurity Requirements. Here are two links that cover this:

1. Is a list of key dates when this is enforceable:
http://www.dfs.ny.gov/about/cybersecurity.htm

2. Some background on the framework:
https://corpgov.law.harvard.edu/2017/01/10/nydfs-reversal-of-its-proposed-cybersecurity-regulation-for-financial-services-companies/

Of course a large part of NYCCR is in line with the NIST CSF framework, but specific to financial industries regulated by the NYDFS. But unlike the NIST CSF this is actually being required along with an enforceable deadline.

Luckily, we can help with this, whether you are following the NIST CSF, NYDFS, or any other framework. We recently added the Template for the NIST CSF framework to KnowBe4 Compliance Manager, and other compliance templates were also added:

• Cloud Security Alliance - Cloud Controls Matrix 3
• FDA 21 CFR Part 11 Requirements for Electronic Records

But How Do You Keep Track of These Hundreds of Controls?

Here is a great way to get through audits in half the time and at half the cost. The KnowBe4 Compliance Manager (KCM) simplifies the complexity of getting compliant and eases your burden of staying compliant year round:
  • Quick Implementation with Compliance Templates - Pre-built requirements templates for the most widely used regulations like NIST.
  • Enable Users to Get the Job Done - You can assign responsibility for controls to the users who are responsible for maintaining them.
  • Dashboards with Automated Reminders - Quickly see what tasks have been completed, not met, and past due. With automated email reminders, your users can stay ahead of any gaps in compliance.
See for yourself how you can minimize the busy work associated with audits and compliance, and how easy this becomes using KCM. Request a demo:
https://www.knowbe4.com/demo_kcm

Warm Regards,
Stu Sjouwerman

Quotes of the Week
"To be yourself in a world that is constantly trying to make you something else is the greatest accomplishment." - Ralph Waldo Emerson

"I pay no attention whatever to anybody's praise or blame. I simply follow my own feelings."
- Wolfgang Amadeus Mozart



Thanks for reading CyberheistNews
Security News
What’s a Good Password? NIST Says One That Hasn’t Been Stolen

The Security Ledger said: "What’s a good password? According to new guidelines from NIST: it’s one that hasn’t already been stolen by hackers.

Draft guidance from NIST on the creation of digital identities (NIST SP800-63b) released this week said that companies should vet any new passwords against lists of common passwords and those that have already been leaked as a result of data breaches. Exempting such passwords from the options available to users will improve account security more than arbitrary rules designed to create random-looking passwords, NIST said."

KnowBe4’s complimentary Weak Password Test (WPT) checks your Active Directory for several different types of weak password related threats.

WPT gives you a quick look at the effectiveness of your password policies and any fails so that you can take action. WPT tests against 10 types of weak password related threats for example; Weak, Duplicate, Empty, Never Expires, plus 6 more.

Here's how Weak Password Test works:
  • Reports on the accounts that are affected
  • Tests against 10 types of weak password related threats
  • Does not show/report on the actual passwords of accounts
  • Just download the install and run it
  • Results in a few minutes
This will take you 5 minutes and may give you some insights you never expected!

A recent IT pro who used WPT said: "Hi Nicole, it worked perfectly. There are definitely going to be some changes coming, especially in our production plant. Thanks to the results, there’s going to be a clean-up of Active Directory, both computer and user accounts.

I can’t thank you and KnowBe4 enough for the continued work, to help businesses secure their data and help mitigate the flood of attacks that have occurred in the very recent past."

Download Now:
https://info.knowbe4.com/weak-password-test-chn

Full article:
https://securityledger.com/2017/05/whats-a-good-password-nist-says-one-that-hasnt-been-stolen/
5 Things You Need to Know About the Small Business Cybersecurity Act

The U.S. Senate is poised to consider passage of the MAIN STREET Cybersecurity Act of 2017 to require the National Institute of Standards and Technology (NIST) to support better cybersecurity among small businesses, JD Supra reports.

Citing the National Cyber Security Alliance, the Act says that 60 percent of small businesses are put out of business within six months of a cyberattack, making their protection vital to the U.S. economy. The Committee on Commerce, Science, and Transportation approved the Act last month, and it would need to pass through both houses of Congress and be signed by the President to become law. Here are five things you need to know:
http://www.thewhir.com/web-hosting-news/5-things-you-need-to-know-about-the-small-business-cybersecurity-act
Other Interesting News Items This Week

Against a Rising Tide, Most Mid-Market Orgs Aren't Ready for Ransomware:
https://www.infosecurity-magazine.com/news/most-midmarket-orgs-ransomware/

Cifas: 66% of Fraud is Now Online:
https://www.infosecurity-magazine.com/news/cifas-66-of-fraud-is-now-cyber/

SLocker Android Ransomware Resurfaces in Undetectable Form:
https://www.infosecurity-magazine.com/news/slocker-android-ransomware/
Cyberheist 'Fave' Links
This Week's Links We Like, Tips, Hints and Fun Stuff

FOLLOW US ON: Twitter | LinkedIn | Google | YouTube
Copyright © 2014-2017 KnowBe4, Inc. All rights reserved.



Subscribe To Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews