Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
How do you know that something has become very popular? Simple – when poorly-made knockoff versions start to hit the marketplace. Ransomware, it seems, has hit that point.
The writers behind the new ZCRYPT ransomware family have either scrapped support for Windows XP, or did a sloppy job in creating it. This new family only targets systems with newer versions of Windows, specifically Windows 7 and later. Is ZCRYPT deliberately cutting of older operating systems, or is it just poorly-written malware?
Since 2012, we’ve been keeping an eye on the IXESHE targeted attack campaign. Since its inception in 2009, the campaign has primarily targeted governments and companies in East Asia and Germany. However, the campaign appears to have shifted tactics and is once again targeting users in the United States. We also noticed that there were some changes to the underlying behavior of the malware used.
At a glance, it seems that DRIDEX has dwindled its activities or operation, appearing only for a few days this May. This is quite unusual given that in the past five months or so, this prevalent online banking threat has always been active in the computing landscape. Last May 25, 2016, we observed a sudden spike in DRIDEX–related spam emails after its seeming ‘hiatus.’ This spam campaign mostly affected users in the United States, Brazil, China, Germany, and Japan.
Earlier this week Trend Micro security researchers talked at the annual HITB security conference in the Netherlands about some of their recent research into Android vulnerabilities. The topic was how performance counters in Android led to several serious vulnerabilities – including several that led to root access. This could allow an attacker to take control of a user’s device.
Cyber extortion attacks on enterprises have grown exponentially in the last year and the ransomware families behind them have grown at a similar pace. We have blocked more than 100 million since October 2015. New families alone have grown 100% in the first six months of 2016, and we have detected and blocked more than 50 new families since January. By comparison, in 2014 and 2015 only 49 ransomware families were detected and blocked.
Opinions differ on whether the time has come to establish a federal backstop that would respond to losses caused by catastrophic cyberattacks similar to the U.S. facility that backstops terrorism losses.
Such a backstop was created by the Terrorism Risk Insurance Act of 2002 to help insurers cover losses from truly catastrophic future terrorist events.
Banks received a double dose of pressure to tighten up their defenses against cyberattacks on Friday as they were admonished on the subject by one of Europe’s top regulators and the Swift global payment messaging system. Andrea Enria, chairman of the European Banking Authority, said that national regulators in Europe should stress test financial institutions to assess their vulnerability to hackers and force them to hold more capital if they are not doing enough.
The U.S. Federal Reserve, the nation’s central bank, detected more than 50 cybersecurity breaches between 2011 and 2015, including a handful attributed to espionage. The Fed’s Washington-based Board of Governors identified 51 information disclosures during the five-year period, according to information obtained through a Freedom of Information Act request by Reuters.
The Obama administration policy of avoiding assertive action against foreign hackers came under fire from Congress last week, and is raising concerns that the White House is failing to protect the country from large-scale cyberattacks. Christopher Painter, the State Department’s coordinator for cyber security, defended the administration’s strategy for deterring massive data breaches, like China’s pilfering of sensitive personnel records on 22 million federal workers, known as “deterrence by denial.”
When you’re launching your business, connecting with customers and refining your product or service are top priorities. But another thing you should consider, which isn’t always top of mind, is your security strategy. It is an integral part of your company’s longevity, and to be the most effective, it should be a part of your planning right from the start.
Google CEO, Sundar Pichai, spoke Wednesday at Recode’s Code conference in Ranchos Palos Verdes, California about Google’s AI. Artificial intelligence is already a hot topic at the conference, and it’s a big part of Google’s future. Pichai devoted much of his keynote address at last month’s Google I/O developer event to the strides the online search giant has made in building a better, smarter digital assistant. He also addressed privacy concerns in the digital world.
Please add your thoughts in the comments below or follow me on Twitter; @.