Share This

Showing posts with label Ransomware. Show all posts
Showing posts with label Ransomware. Show all posts

Tuesday, 4 January 2022

ONGOING CYBER THREATS

 

 

After years of data breaches exposing individuals’ personal information, cyberthieves will increasingly use that information to attack businesses in 2022, according to the Identity theft resource Centre’s predictions for the coming year.

` “We also tracked a record number of data breaches and a steady flow of new victims of unemployment benefits identity fraud long after the enhanced benefits ended,” said eva Velasquez, president and CEO of Identity theft resource Centre.

` Velasquez anticipates an increase this year in the number of people who have been victims of identity theft multiple times. And she warned of particular risk ahead as people change how they pay for things.

` “Look for cybercriminals to take advantage of the shift to alternative digital payment methods, such as payment apps, digital wallets and peer-to-peer services,” Velasquez said.

` With cryptocurrency becoming increasingly popular, scammers will find new ways to steal from consumers, according to the resource centre, which is a US nonprofit that tracks data compromises and provides free assistance to victims.

` The centre’s predictions for 2022 include:

  • ` l An accelerated shift from identity theft to use of already stolen personal information and credentials to commit identity fraud and attack businesses.
  • ` l Consumers may shift away from some online transactions and email communications due to the increasing problem of phishing, which is when cybercriminals use a fraudulent email or website to masquerade as a legitimate business or person.
  • ` l the effects of pandemicrelated fraud will continue into 2024, with some fraud cases taking years to resolve and unemployment compensation fraud efforts likely becoming permanent.
  • ` l ransomware, when hackers use malicious software to infect and lock a computer network and demand demand money to restore access, may surpass phishing as the top cause of data breaches.
  • ` l Supply chain attacks, which is when malware infects a single organisation that is linked to multiple others, will become more common.
  • ` l Single incident attacks will impact greater numbers of individuals, including social media account takeovers that victimise followers and networks.


` “All of these trends point toward increases in identity fraud that will change consumer behaviours, revictimisation rates and pandemicrelated identity crimes for years to come,” Velazquez said.

` “We expect to see these types of cyberattacks and who they target continue to evolve as they did in 2021.”

` The resource centre called for wider consumer education efforts and improved data protection. the number of publicly reported data compromises was already higher last year than in all of 2020. the centre’s third quarter report shows that as of Sept 30, 2021, data compromises rose by nearly 17% over all of 2020. the report found that nearly 281.5 million people were victims last year. there were 1,291 data compromise events in 2021, compared to 1,108 in all of 2020. the record is 1,529 in 2017.

` In November, the resource centre released data showing that 16% of 1,050 US adult consumers surveyed took no action after receiving a data breach notice, according to the survey by the resource centre and Dig.works, a consumer research company.

` Fewer than one-third of survey respondents had frozen their credit at one time for any reason and only 3% did so after receiving a data breach notice, the survey found. 

– Journal-news, Hamilton, Ohio/tribune News Service

Crypto cybercrime set to surge in 2022

 

Cybercrime in 2022 – be aware | The Star

2021 Cyber Threat Report - 2021 Global Threat Report


 

Related posts:

 

Hackers in your heads, Cybercriminals preying on gullible


`

Bitcoins, Cryptocurrencies under fire

  

 

Vital to know your rights when get arrested; comments on social media not be a serious crime

Monday, 10 July 2017

Six simple steps to defend your data from ransomware


Recent ransomware attacks have rattled internet users around the world. This malicious software blackmails users by encrypting the files on their computer or mobile device and demanding payment, generally in the virtual currency bitcoin, to unlock them. But these six simple security measures can significantly reduce the risk of a computer being hit by an attack.

1. Regular updates: Software updates for browsers and operating systems don't just add new functions – they also install security patches to protect computers against the latest malicious software.

The German Federal Office for Information Security (BSI) recommends enabling automatic updates on a device and advises against the use of older operating systems such as Windows XP, for which Microsoft has stopped providing regular security updates.

Microsoft will also discontinue updates for the operating system's successor, Windows Vista, this summer – all the more reason to replace it with a newer version.

2. Be vigilant: Don't trust anyone, says nomoreransom.org, a website run by IT security companies and European law enforcement. Never open email attachments from suspicious accounts, don't click on questionable links and don't download unverified software.

Even emails from friends and co-workers should not necessarily be trusted. Before opening an attachment or clicking on a link, always take time to consider whether the sender's online account could have been hacked or their computer software infiltrated by malicious software.

3. Antivirus software: Enable all the security applications in your operating system, advises the BSI. Reliable antivirus software can provide further protection, but must be kept up-to-date.

4. Back up data: Creating digital duplicates of your files can protect your personal information from disappearing forever. In the event of an attack, you can just transfer over your back-up files.

Windows (Backup and Restore) and MacOS (Time Machine) have in-built applications for backing up your data, but they might not be accessible in the event of an attack. A more secure option would be to save your files in an external device, such as a hard disk drive, solid-state drive, DVD, or in the cloud.

To reduce the risk of spreading viruses, only connect the external drive to a device during file transfers. As an extra precaution, save your data in two separate external hard drives.

5. Fight back: If you happen to accidentally install malicious software or receive suspicious messages, immediately disconnect your device from the internet, instructs  nomoreransom.org. to be decrypted. This will prevent the infection from spreading.

You can then run a clean installation of your computer software, and transfer over your back-up files. For some types of ransomware, there are techniques to unlock the content on your computer.

The latest malware outbreak "Petya" can be stopped by creating the read-only filetype "C:\Windows\perfc.dat," which prevents it from scrambling your files. An initial report on the antidote published on the site bleepingcomputer.com has since been confirm by several IT security companies.

6. Never pay: A blackmailer's demands should never be met, says the State Office of Criminal Investigation (LKA) of Lower Saxony. There are several reasons for this, the LKA reports. First, even if you pay the ransom, there is no guarantee that you will regain access to your files.

Second, by paying the attacker, you are supporting the growth of a criminal industry. Every payment finances new attacks. In the case of the recent Petya outbreak, the payment system is useless, because only one email address was provided, which has since been shut down by the provider. — dpa

Related Links

Six simple steps to protect your data from ransomware

Six simple methods to save your information from ransomware http://www.techagentmedia.com/six-simple-methods-save-information-ransomware/ via @techagentmedia


Related posts:

WannaCry ransomeware attacks, how to prevent it? 


Malware, ransomware attacks are a growing threat to computer and mobile phone!  

Malware, ransomware attacks are a growing threat to computer and mobile phone!

Sunday, 9 June 2013

Malware, ransomware attacks are a growing threat to computer and mobile phone!

FORGET pickpockets or thieves. The biggest threat to your smartphone now is kidnappers cyber “kidnappers” that is, with their Ransomware.

As the name suggests, ransomware is a malware (malicious software) that will keep your phone or computer a prisoner until you pay a ransom. Only when the specified amount of money is paid will you be able to “free” your device and access data or information.

Although it is not new ransomware is said to originate from Russia in 2005 and has been attacking many computers worldwide since the Symantec Corp Internet Security Threat Report (ISTR) Volume 18 revealed that ransomware is emerging as the malware of choice because of its high profitability for attackers.

Luckily, says Symantec Malaysia's senior technical consultant David Rajoo, to his knowledge, no cases have been reported here yet.

“However, as the worldwide web has no boundaries and with increasing broadband penetration and as more users are accessing the Internet, Malaysia is certainly exposed to the Ransomware threats,” he says.

Infected machines display messages which demand payment in order to restore functionality. - David Rajoo Infected machines display messages which demand payment in order to restore functionality. - David Rajoo
Rajoo points out that awareness is key to combat ransomware threat.

As the report highlights, attackers are using deceptive links and poisoned websites to infect unsuspecting users with malicious software and lock their machines.

“The attackers, many of them cybercriminal organisations, then hold users' machines for ransom. Infected machines display messages which demand payment in order to restore functionality,” he tells.

Recent attacks have also displayed images that impersonate law enforcement.

Consumers on the Android platform are most vulnerable to ransomware and mobile threats, says the report.

Last year, mobile malware increased by 58%, and 32% of all mobile threats attempted to steal information, such as e-mail addresses and phone numbers.

Although Android has fewer vulnerabilities, its threats are higher than any other mobile operating system. Its open platform and the multiple distribution methods available to distribute malicious apps make it the go-to platform for attackers, adds the report.

With malware growing sophisticated every day, Rajoo adds, a mix of intelligence-based technologies can provide optimal security to stop new and unknown malware.

To avoid getting infected, ensure the device's software and anti-virus definitions are up to date, and avoid suspicious sites, Rajoo advises.

“We also advise users to use more than antivirus for protection. We recommend using advanced reputation security which provides layered defence. Use more than just Antivirus use a full functionality solution which includes heuristics, reputation-based, behaviour-based and other technologies,” he says, stressing that a key strategy is to fend off threats before they infiltrate your computer system.

Symantec Malaysia's Systems Engineering director Nigel Tan agrees that stopping the threat at the gate is important as cyber criminals continue to devise new ways to steal information from organisations of all sizes.

Staying ahead of attacks

“The sophistication of attacks coupled with today's information technology complexities require organisations in Malaysia and globally to remain proactive and use “defence in depth” security measures to stay ahead of attacks,” he added.

According to the annual ISTR which analyses the year in global threat activity, Malaysia was ranked 35th on its global Internet security threat profile in 2012.

As it highlights, there was a 42% surge last year in targeted attacks globally compared with the prior year.

These targeted cyberespionage attacks, designed to steal intellectual property, are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31% of these attacks.

Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via “watering hole” techniques.

In a watering hole attack scenario, attackers compromise a carefully selected website by inserting an exploit resulting in malware infection. Through the compromised website, the attackers will target victims who visit the compromised site and take advantage of their software vulnerabilities to drop malware that will allow them to access sensitive data and take control of the vulnerable system.

As Symantec alerts, 61% of malicious websites are actually legitimate websites that have been compromised and infected with malicious code.

Business, technology and shopping websites were among the top five types of websites hosting infections. The shift of focus from government websites indicates an increase in attacks targeting the supply chain cybercriminals find these contractors and subcontractors susceptible to attacks and they are often in possession of valuable intellectual property.

The attack uses the security weaknesses in the supply chain specifically the small businesses to gain access into larger and more secured companies, adds Symantec.

Case in point is that those in sales became the most commonly targeted victims last year.

Another growing source of infections on websites is malvertisements this is when criminals buy advertising space on legitimate websites and use it to hide their attack code.

Tan urges organisations to continue to take proactive initiatives to secure and manage critical information from a variety of security risks, especially targeted attacks in the manufacturing and small business sectors, mobile malware, and phishing threats.

By HARIATI AZIZAN sunday@thestar.com

Rightways