Malware, or malicious software, is any program or file that is harmful to a computer user. Types of malware include computer viruses, worms, Trojan horses, spyware, adware and ransomware. Generally, software is considered malware based on the intent of its creator rather than its actual features.
Trend analysis is an important topic within threat intelligence. It lets us forecast where things are headed; whether they’re getting better, worse or different; and where we should be focusing our precious budgets. The UK’s National Cyber Security Centre (NCSC) recently released the Incident trends report (October 2018 – April 2019). This highlights some of the trends seen across various UK government entities, organizations and sectors.
One of the leading producers of automation tools is still experiencing outages after being hit by a ransomware attack over a week ago. German giant Pilz notified the prosecutor's office and the Federal Office for Security in Information Technology after experiencing a coordinated cyberattack on Sunday, October 13. The company has set up an incident response team to identify the source of the attack and mitigate the issue but has warned that these outages will persist for several more days.
Pitney Bowes, the US-based global shipping and eCommerce giant, informed customers on Monday that select services are unavailable due to a piece of ransomware that infected its systems. The company announced on Monday that a piece of ransomware encrypted files on some of its systems, rendering them inaccessible to users.
The risk to supply chain assets due to malware is huge and the build, test and production environments are always at risk of suffering a malware attack. What ensues is failure of existing detection methods failure and compromise of software development lifecycle. Environments are often exposed to all imaginable vectors of attack caused by insider contamination due to malicious third-party software components. The production environment is at a high risk too.
Normally it works like this. Someone gets infected by ransomware, and then they pay the ransom. The victim then licks their wounds and hopefully learns something from the experience. And that’s what happened to Tobias Frömel, a German developer and web designer who found himself paying a Bitcoin ransom of 670 Euros (US $735) after his QNAP NAS drive was hit by the Muhstik ransomware.
Malware, or malicious software, is any program or file that harms a computer or its user. Common types of malware include computer viruses, ransomware, worms, trojan horses and spyware. These malicious programs can steal, encrypt or delete sensitive data, alter or hijack key computing functions and to monitor the victim's computer activity.
Danish hearing aid manufacturer Demant has revealed that a suspected ransomware attack on its systems in September could cost the company over $95 million. The company experienced a 'critical incident' on September 3, but refuses to elaborate on the nature of the attack. Some researchers have speculated there are many indicators that it could be a ransomware attack that hit the firm causing a critical crash in the IT Infrastructure.
The U.S. Senate passed a new law requiring the federal government to provide more support for organizations hit by ransomware. The DHS Cyber Hunt and Incident Response Teams Act will require the Department of Homeland Security to put together dedicated teams whose goal is to provide advice to organizations on how to protect their systems. This group will also be responsible for providing technical support and incident response assistance.
