More companies willing to pay after being hit by ransomware, help for hunting online child predators and arrests made for business email fraud.
Welcome to Cyber Security Today. It’s Wednesday June 13th. To hear the podcast, click on the arrow below:
Paying off a criminal in the hopes of getting rid of ransomware on your computer isn’t an easy decision to make. But a survey from Radware says more executives are willing to do it than before. For the first time in the security company’s annual global survey, a majority of executives – 53 per cent – said they had paid a hacker’s ransom following a cyber-attack. That may be because criminals are increasingly turning to ransomware to make a quick buck. Sixty-nine per cent of executives said that their company faced a ransom attack in the past year, compared with only 14 per cent in 2016.
There’s an implication in the number who have paid that their organization just wasn’t ready after being hit with ransomware and felt they had to pay up. Having secure independent data backups is the best way organizations, and individuals can protect themselves against ransomware. Just ask the city of Atlanta, which as I’ve reported is still trying to recover after a ransomware attack it wasn’t prepared for.
You can get the full report here. Registration required
Magnet Forensics, a Waterloo, Ontario based maker of the Axiom digital investigation software for police departments, says its suite will soon be integrated with the online data activity collected on alleged child predators by the U.S.-based Child Rescue Coalition. Once a search warrant for a computer, smart phone or cloud service is executed, an investigator can use Axiom to import coalition files and process the seized devices. Axiom can corroborate downloading activity, digital identifiers, and chat activity included in coalition’s file, alongside the evidence from a suspect’s devices. The integration will be ready in the fall.
Finally, police are making some progress in fighting business email fraud. That’s when a criminal convinces an organization through email to send money to a bank account under the pretext of a legitimate business. On Monday the U.S. Justice Department announced that an unnamed Canadian was among 74 people charged with committing a series of scams in the U.S. Among them, 23 people were charged in Florida with laundering at least $10 million from proceeds of business email scams. Victims ranged from individuals to a law firm.
Some of these scams involve genuine-looking email. Experts remind company executives to impose tight rules on those in finance departments who can distribute money. That includes being required to use digital certificates to validate the legitimacy of emails they receive. Remember, one of the signs of a fraud is a message that puts a fast deadline on transferring money.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.