Cyber Security Today: No shortage of ransomware, toughen those passwords

Ransomware has not hit its peak, a ransomware strain is quickly updated and another reason to toughen those passwords and upgrade IoT devices.

Welcome to Cyber Security Today. It’s Wednesday July 18th. To hear the podcast, click on the arrow below:

Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts

 

There’s no shortage of reports about ransomware attacks, so here’s more bad news: They’re only going to get worse. A blog on Tripwire says that ransomware has not even remotely hit its maturity curve on the effectiveness for a hacker to utilize it as a major threat. Why? Because criminals get their money fast, instead of having to worry about how to sell stolen data like credit card numbers and passwords. The best way to prevent ransomware, says the author, is to be prepared, practice mock incidents, and implement a preventative security awareness training program to build a culture of security within your organization.

Let me give you an idea of how hot ransomware is in the criminal world. Fortinet reports a strain of ransomware called GandCrab just got updated to version 4.1, two days after version 4.0 was released. This new version contains an unusually long hard-coded list of possibly compromised websites that it connects to. It isn’t clear why this was done, as the listed sites don’t seem to be acting as sources for downloading the malware. Is it an experiment or a diversion? Regardless, the point is the people behind this strain of ransomware are regularly honing it.

Finally, another example has surfaced of people being careless with passwords. This time it comes from a researcher looking into vulnerabilities in the digital surveillance recording system made by a Chinese company, Dahua Technologies, sold around the world. Using an Internet of Things search engine called ZoomEye, administrative passwords for Duhua have been captured. The bug was fixed a while ago, but people can still find passwords for unpatched devices. Passwords like “123456” and “admin123.” Listeners. you’ve got to make sure to patch things you connect to the Internet – surveillance cameras, recorders, WiFi routers, thermostats, front door locks. And they’ve got to have strong passwords. Remember, sometimes devices have two passwords – one that lets you use the device, and a second administrative password.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast