Spam Making A Comeback!
Just when you thought that spam was on its way out, Cisco’s 2017 Annual Cybersecurity Report shows the opposite. Spam is making a surprising comeback as a threat to your network, and has become an important carrier of attacks like spear phishing, ransomware and bots.
This is Cisco's 10th annual report, they use their own routers to measure the spam volume and it shows that now 65% of all corporate email is spam.
The new numbers show a tsunami in 2016.
In 2010, Cisco recorded around 5K spam messages being sent per second. Over the next 5 years that number was roughly below 1,5K, spiking to about 2K for a short while in 2014, but in 2016 it moves up to more than 3K per second.
Also, phishing as an attack vector is skyrocketing (see graph) and Cisco's Franc Antes, an architect for Cisco’s security business group says. “I should start to double-check my security technologies that are supposed to be intercepting and monitoring for that particular attack vector”.
W-2 Phishing Scams
In a Jan. 25 statement, Campbell County Health, which operates a 90-bed acute care community hospital and other facilities, acknowledges that it was the victim of a "security incident" that may affect some of their employees' personal information.
"Currently, it appears that an unauthorized individual, impersonating a CCH executive, contacted an employee requesting W-2 information for all of our employees who had taxable earnings in calendar year 2016," says Andy Fitzgerald, CCH CEO. "Unfortunately, before it was determined that the request was fraudulent, the employee provided these files."
You Cannot Stop Threats
Over the past year, three absolute facts became relevant to network security:
- Your organization cannot prevent all attacks
- Your organization’s network is going to be compromised
- 100% security does not exist
The goal of security, then, is not just about stopping adversaries, but also about controlling and minimizing the overall damage from an incursion.
If you have not taken the security of your computer system seriously, it may be time to rethink that position. The Internet is full of good and wonderful things and has opened up communications between people that no one ever thought would happen. It has also created a superhighway for criminals. And, the smallest mistake by one of your staff who clicks on the wrong thing, can compromise your entire business.
How Are You Going To Handle A Ransomware Attack?
I have talked about Ransomware in these newsletters numerous times over the past couple of years. Hopefully, some of it is sinking in.
If you are a medical office, HIPAA requires you to have a written plan to recover from a disaster, such as ransomware emcrypting all of your files. If you are a regular business, then there is no government regulation with that requirement.
But, even in the absence of laws requiring a written disaster recovery plan, you should have one so that you have a checklist to follow in the event you are attacked and a plan to recover your important client data and accounts receivable information.
One of the core components of a good Backup and Disaster Recovery (BUDR) plan is a backup of your company files. That backup should be:
- frequent
- easy to access during recovery
- allow for quick recovery (within 30 minutes)
- keep copies offsite
They are some cheap backup solutions out there and if your business can survive three or four days waiting for the data to show up before the restore process can begin, then by all means, use one of the cheap services. If you cannot survive days of down time waiting on recovery, we sell a BUDR solution that does all of these things and that will create a safety net under your business in the event that something bad happens.
Ransomware Locks Hotel Guests Out of Rooms
A hotel in Austria paid 1,500 euros (USD 1,600) after its computer systems became infected with ransomware, which resulted in arriving guests being unable to unlock the doors to their rooms with card keys. Guests were not trapped in their rooms, despite early reports saying so. This was not the first time the Romantik Seehotel Jaegerwirt has experienced such an attack. The hotel replaced computers and decoupled networks, which prevented another attempted attack. The hotel is also planning to return to "old-fashioned door locks with real keys" to prevent guests from being locked out of their rooms by a malware attack in the future.
Ransomware Costs Texas PD Eight Years of Evidence
The computer system at a police department in Texas became infected with ransomware. The Cockrell Hill Police Department's backup system had backed up its files only after they had been encrypted with the malware. The department decided not to pay the ransom after learning from the FBI that there was no guarantee their encrypted data would be returned. The lost files included video evidence in legal cases. The department has started notifying defense attorneys that the video evidence in those cases no longer exists.
St. Louis Public Library Recovers From Ransomware Without Paying Demand
The St. Louis (Missouri) Public Library (SLPL) computer system was infected with malware last week. Rather than pay the USD 35,000 ransom demand, the SLPL contacted the FBI and set to work restoring its systems from backups. Studies show that many organizations are unsure how to manage the threat of ransomware; more than half of respondents to at least two surveys said they would be willing to pay the ransom to recover their data, and many said they had already paid ransomware demands.
Man Arrested for Allegedly Spoofing eMail, Stealing Money from Kansas County
A Georgia man was arrested for allegedly spoofing the email of the CEO of a Kansas company and tricking Sedgwick County, Kansas employees into transferring $566,000 into his corporate bank account. George James has been charged with wire fraud for misdirecting the transfer of funds that were intended to be paid to a Kansas company for roadwork.
Funnies
The computer in my high school classroom recently started acting up. After watching me struggle with it, one of my students came up and took over. "Your hard drive crashed," he said.
I called the computer services office and explained, "My computer is down. The hard drive crashed."
"We can't just send people down on your say so. How do you know that's the problem"?
"A student told me," I answered.
"We'll send someone over right away."
The Ultimate Computer stood at the end of the Ultimate Computer Company's production line. At which point the guided tour eventually arrived. The salesman stepped forward to give his prepared demo. "This," he said, "is the Ultimate Computer. It will give an intelligent answer to any question you may care to ask it."
A smart-aleck who ran a humor mailing list stepped forward and asked, "Where is my father?"
There was the soft hum of powerful electronic gear going to the task. Panel lights lit and blinked, and within a couple of seconds the laser printer printed out a piece of paper: "Fishing off Florida."
The smart-aleck laughed, "Actually, my father is dead! It was a trick question."
The salesman, quickly thinking on his feet, replied that he was sorry the answer was unsatisfactory, but as the Ultimate Computer was precise, perhaps a rewording of the question might work better.
The smart-aleck said to the Ultimate Computer, "Where is my mother's husband?" Again, the hum of the powerful electronic brain filled the room.
After a moment, the laser printer whirred to life. The paper said, "Dead. But your father is still fishing off Florida."
Do you know the song "Yesterday"? Then sing along to this computer version.
Yesterday, all those backups seemed a waste of pay.
Now my database has gone away. Oh I believe in yesterday.
Suddenly, there’s not half the files there used to be,
And there's a milestone hanging over me. The system crashed so suddenly.
I pushed something wrong. What it was I could not say.
Now all my data's gone and I long for yesterday-ay-ay-ay.
Yesterday, the need for back-ups seemed so far away.
I knew my data was all here to stay, now I believe in yesterday.
