Tag:ransomware

1
Open for business, ransomware authors and perpetrators cashing in on emerging dark web marketplace economy
2
Update everything: Discovery of Wi-Fi flaw in connected devices
3
Australia Affected By Global Ransomware Attacks
4
New Petya Ransomware Attacks Global Law Firm
5
You are not alone! Rasomware attacks increase
6
Reports and Surveys Update

Open for business, ransomware authors and perpetrators cashing in on emerging dark web marketplace economy

By Cameron Abbott and Giles Whittaker

The emergence of a booming dark web marketplace has facilitated the skyrocketing ransomware sales from US$249,287.05 in 2016 to US$6,237,248.90 as of September 2017, representing a growth rate of 2,502%. This rapid growth is in part due to not only the effectiveness of ransomware as a criminal enterprise but the increased availability to partake in such activities. According to a recent report by Carbon Black, The Ransomware Economy: How and Why the Dark Web Marketplace for Ransomware Is Growing at a Rates of More than 2,500% Per Year, there are 45,000 ransomware product lines at an average price of US$10.50 and includes various do-it yourself (DIY) kits.

Read More

Update everything: Discovery of Wi-Fi flaw in connected devices

By Cameron Abbott, Rob Pulham and Olivia Coburn

A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.

The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.

Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.

Read More

Australia Affected By Global Ransomware Attacks

By Cameron Abbott and Ling Zhu

Despite Australia seemingly avoiding the brunt of the attacks by the WannaCry ransomware crippling computer systems around the world last month, a few Australian organisations have not emerged unscathed.

Victoria Police has revealed 280 speed cameras around Victoria were exposed to WannaCry between June 6 and June 22. Although the cameras were not connected to the internet, the ransomware was unintentionally introduced to the system through a USB device during maintenance. The police reported that the ransomware caused the cameras to continually reboot, however it is unclear whether this resulted in inaccurate readings. Initially, only 55 speed and red-light cameras were thought to be infected, however that has since increased to 280 cameras. Subsequently, 1,673 infringement tickets will be withdrawn, with another 5,500 pending tickets to be embargoed. Now don’t get excited and start drag racing – the police intend to continue operating the cameras, with embargoed and new tickets to be issued once they confirm that cameras are taking accurate readings.

Meanwhile in Hobart, Cadbury chocolate factory has stopped production following its parent company, Mondelez International, being affected by the similar “Petya” ransomware. The US-based Mondelez International suffered a global IT outage overnight, with all network computers being infected. Australian workers were unable to begin production in the Cadbury factory on June 28, as many processes are automated and controlled by computers. It is uncertain when the global system will be restored.

Now speed cameras is one thing, but affecting chocolate production is way out of line!

A reminder that both WannaCry and Petya exploit vulnerabilities that have been patched – you just have to load those security releases. A call out to all the chocolate producers of the world – load your patches for the sake of us all!

New Petya Ransomware Attacks Global Law Firm

By Cameron Abbott and Edwin Tan

Just a month after the WannaCry ransomware infected devices around the globe, a new strain calling itself Petya has struck overnight. Petya looks and operates the same way as WannaCry, locking out users from their systems and demanding a ransom of US$300 in order to decrypt files stored on the device. To spread across devices, Petya utilises exactly the same vulnerability used in WannaCry, patched by Microsoft in March 2017.

Organisations in Europe have been the worst hit, with the ransomware slowly spreading to the United States, and to Australia this morning as organisations boot up their computers. The Prime Minister of Ukraine has called the attack on his country “unprecedented”, with the government’s computer network going down, and the state power distributor being disrupted.

A global law firm has also been hit by Petya, with its offices in the UK, Europe, the Middle East and the US all affected by the attack. This continues a worrying trend of law firms being breached as of late, potentially exposing thousands of clients to commercial and legal risk.

We cannot emphasise enough the importance of keeping all devices and systems patched and up-to-date. Unfortunately, it seems that organisations around the globe, even those professing to be experts in cybersecurity, are still unprepared to deal with cyber-attacks and mitigate their risks.

The UK National Cyber Security Center has released guidance to help both home users and organisations limit the impact of ransomware attacks. It can be read here.

You are not alone! Rasomware attacks increase

By Cameron Abbott and Giles Whittaker

While no one likes to admit that they have been caught out or victimised by cyber-attacks such as ransomware, what appears to be true is that a lot of organisations are. The lesson is that it is quite likely to happen so design your IT systems to give you a recovery option. No good having your back up encrypted as well!

A survey (reg. req.) of IT security decision makers by CyberEdge found that a whopping 61% of respondents’ organizations were victimized by ransomware in 2016. Among those hit by ransomware, 33% paid the ransom to recover their data, 54% refused to pay but recovered their data anyway, and 13% refused to pay and lost their data. In general, the report found the percentage of organizations being hit by successful cyber-attacks continues to rise, from 62% in 2014 to 70% in 2015, 76% in 2016, and 79% in 2017. Three in five respondents believe a successful cyber-attack is likely in the coming year.

 

Reports and Surveys Update

by Jim Bulling and Julia Baldi

Tred Micro Q1 2015 Report
Trend Micro Q1 2015 Report finds Australia is the target of increasing ransomware attacks, with Australian holding 6% of the world’s ransomware detections. Australia also ranked second in the world for countries with the highest number of Point of Sale RAM Scraper infections (malware which sources card details) with 10% of the world’s infections, after the United States  with 23%.

See a summary of the report here, and the full report here.

Blue Coat Systems Inc
Blue Coat Systems, Inc., released result of a global research study of 1,580 respondents across 11 countries. Results from the survey found that universally, workers visit inappropriate websites while at work despite typically being fully aware of the risks to their companies.

See the media release here.

Copyright © 2024, K&L Gates LLP. All Rights Reserved.