Phony flu email alert leads to ransomware, more on how common business compromise scams are and GitHub warning for developers.
Welcome to Cyber Security Today. It’s Monday March 25th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com. To hear the podcast click on the arrow below:
Hackers will do anything to get your attention, taking advantage of people’s fears. The latest is an email campaign pretending to be from the U.S. Centres for Disease Control about an alleged new flu spreading. Click on a link in the message and you get infected — with ransomware. The lure is in the subject line, which reads, “Flu pandemic warning.” Use of words like “warning,” “alert,” and “urgent” are triggers attackers hope will make you worried, and want to read and act on the message. In this case the message says “You should take a look at this important announcement.” which includes an attachment that supposedly has health instructions. This is a con.
One of the ways to make sure you’re not taken in is to be wary about messages that ask you to quickly click on a link or an attachment. And look in the “From” field in the message. Who is it coming from? Make sure you’ve got the settings turned on that show the full address of the sender. It’s easy for a hacker to put “Centres for Disease Control” or a company name in the sender field. But if you can see the full email address you’ll have a better idea if it’s legit.
Speaking of ransomware, Orange County North Carolina was hit for the third time in six years last week. Some of the 100 computers affected include the library, the tax department, the planning board, the registrar of deeds and the sheriff’s office.
In one of my podcasts last week I talked about companies falling for invoice scams, where employees get suckered into sending money to a phony company or bank account controlled by a criminal. Insurance company Beazley just released a report giving an idea of how big this and similar cons are. Experts call it the business email compromise, and Beazley says it accounted for 24 per cent of the 3,300 data incidents reported by customers last year. That’s up 10 per cent over 2017. Your firm can avoid being victimized by warning staff to be careful of messages asking for money to be transferred on an urgent basis, to check if a supplier asks for a change of address or bank account and by limiting the number of people who can authorize wire transfers. Some of these cons are aided by breaking into people’s email, so use of multi-factor authentication for logins also helps.
Finally, GitHub is an open platform where software developers can create and collaborate on applications while keeping control over the versions they work on. So it’s helpful. It can also be a dangerous place for security breaches if developers aren’t careful. That came through from a recent study by North Carolina State University researchers who discovered over 100,000 software repositories had exposed security tokens and cryptographic keys. These are pieces of code used, for example, in your browser to confirm you have a secure link with a bank or an online shopping site. A hacker scanning GitHub might discover some very valuable keys allowing them to break into companies or governments. This isn’t a new problem. Software developers using GitHub and other code-sharing repositories have got to do a better job of protecting their data, particularly when using tokens and keys.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.