Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Nuclear Ransomware 3.0: It Is About To Get Much Worse

As an intro to the quintuple-extortion article just below, we asked Roger Grimes to give us his (scary) perspective.

“If you think ransomware is bad, it is about to get much, much worse. What will ransomware gangs do? Just everything. I have been writing about computer security for over 27 years. And each year, as the year comes to an end, I am often asked questions about what I think the future computer security and cybercrime trends will be. They boil down to will the attacks get worse next year or will the computer security industry finally start to make a dent in cybercrime and actually decrease overall malicious hacker and malware activity?

And year after year, looking at all the evidence from prior years, I have always had to conclude that it is going to get worse… and that the cybersecurity industry is not yet capable of implementing a robust defense to even slow the continued increase in cybercrime, much less actually lessen it. Year after year, cybercrime just gets worse. Many times, however, what is going on today seems so bleak and huge that I cannot see how it could possibly get worse the next year. But so far, it always does.

The ransomware problem is a great example. A few years ago, ransomware was already extorting billions of dollars a year, exploiting any company it wanted to, taking down hospitals, taking down consortiums, holding entire cities for ransom. I was asked if it could get worse. I said, “Yes.” To be honest, I could not believe what I was saying, but based on my experience and seeing no signs that the good side was doing a significantly better job at preventing cybercrime, it was the only thing I could conclude – that ransomware was going to somehow get worse. And it did. Far worse than I could have predicted.

Nuclear Ransomware 2.0 Quintuple Extortion

Starting in late 2019, ransomware started routinely exfiltrating data, in what is now commonly known as “double extortion.” I wrote about it on January 7, 2020 on the blog. I shared that beyond traditional encryption, ransomware programs and gangs were also doing the following:

  • Stealing Intellectual Property/Data
  • Stealing Every Credential It Can – Business, Employee, Personal, Customer
  • Threatening Victim’s Employees and Customers
  • Using Stolen Data to Spear Phish Partners and Customers
  • Publicly Shaming Victims

The most important thing about these five new ransomware activities, beyond the issue that there are now six things to worry about instead of one, is none of the new ones can be mitigated by a good backup. Before Ransomware 2.0, a good, secure backup could possibly save you. Once the ransomware gangs routinely started doing all of the new actions, a good backup was just one piece of the possible solution. I started to give what became one of my most popular presentations of my career, called Nuclear Ransomware 2.0, to warn people.

I have presented it hundreds of times now and I’m still surprised by how many attendees don’t understand how bad ransomware has become.”

CONTINUED. This is an important 5-minute read:

Can robots help save us from the talent crisis?

Robotic process automation could be another arrow in your quiver in mitigating the effects of the Great Resignation.

US Navy ship Facebook page hijacked to stream video games

The official Facebook page of the USS Kidd has been hijacked. Hackers used the page to [checks notes] stream Age of Empires, an award-winning, history-based real-time strategy game.  Kind of funny, worth the read

Adblocker promises to blocks ads, injects them instead

[Bob’s comment:  I always thought ad-blockers seems a little dodgy, and this one is.  Watch out for apps in sheep’s clothing]

Watch out. Researchers at Imperva uncovered a new ad injection campaign based on an ad blocker named AllBlock. The phony ad blocker extension was available, at the time of writing, for Chrome and Opera browsers.

High school student rickrolls entire school district, and gets praised

The Illinois high schooler hacked into his school’s network, not to change his grades or erase his absences, but to help reveal weaknesses in the school’s network, all while having a little fun at the same time.

[Bob’s comment – This story turned out way better than usual for the student. Bet he has  multiple job offers from pen-testing firms already. The IT director at Elk Grove realized he had a talented gem who had just saved the district a million-dollar pen-test fee.

Back when I was doing cybersecurity work for a managed service provider, a residential prep school we supported had experienced a similar hack of the grade changing variety.  The student was expelled.  I always thought that action was a short-sighted mistake and a waste of potential cybersecurity talent.]



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.