A ransomware trick, e-commerce sites hit by credit-card skimming malware and sloppy software developers.
Welcome to Cyber Security Today. It’s Friday May 10th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com. To hear the podcast click on the arrow below:
Baltimore is still trying to recover from a ransomware attack that hit the city government at the beginning of the week. Among other things the city took its email service offline, which, of course, has affected a number of departments. Public Works temporarily couldn’t levy fines for late water bills, for example. Nor could it handle phone calls. Computers were down Thursday in the city zoning office, making it hard for staff to answer questions.
Because governments of various levels offer so many services to the public they are prime targets for ransomware. IT leaders have to be better prepared. But it’s complicated. Technicians have to first take systems offline, make sure the infection is gone, delete everything on infected computers or servers, make sure they are clean before putting them back online and then restore with backup data.
Speaking of ransomware, security company Trend Micro reports an improved version of one strain of ransomware first comes as an email pretending to be a warning that your Windows system is at risk, and tries to get you to click on a link to update and verify your antivirus. If you click, your monitor will show a screen installing what appears to be an antivirus remover from a company called Eset. This is a diversion. What’s really going on is the ransomware is being secretly installed. Make sure you’re not fooled.
As payment card companies switch to more secure credit and debit cards, criminals are switching tactics. It’s getting harder to infect point of sale systems in stores and restaurants, so now attackers are infecting e-commerce web sites. That way they can steal credit card data when you pay for things online. Last week there was news that websites of 201 online campus stores in the United States and Canada had been compromised. This week a Chinese security firm said it has discovered 105 e-commerce sites around the world that have been compromised with credit-card skimming malware. So if you look after a site that sells products, or you’re a software company that makes a platform enabling others to sell online, check your code regularly and lock down administrative access so the site can’t be hacked and malware installed.
Every year U.S. telecommunications giant Verizon issues a report analyzing thousands of cyber security incidents from around the world. The latest report was released this week. Among the numbers I found interesting was that 21 per cent of data breaches could be blamed on mistakes made by employees — like clicking on bad links in email and misconfiguring software. In a separate report this week a security researcher gave an example of mistakes: Software developers at a company owned by Samsung left sensitive code sitting out in the open on the development website called GitLab. GitLab is where software developers can do testing. In this case the developers left their login credentials and security tokens in the open. A knowledgeable hacker could have exploited that to put malware in Samsung software. Software development team leaders have to make sure their staff understands security policies.
Finally, those of you with Android devices should check over the next few weeks to see if the latest update has been installed. New fixes for versions 7 to 9 of the operating system were released this week. Smartphone users should note it may take a few weeks for their carrier to release the patches, although some are pretty fast. If you’re still running a phone with Android 6 or earlier you should think about getting a new one.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon