What can we learn from the latest cybersecurity breaches
The frequency and impact of cybercrime has been steadily escalating for several years now, but 2017 has been one of the worst– at least in terms of media headlines. Worse still, we’re only half way through the year.
So what has happened, and what can you learn?
NSA hacking tools are stolen and leaked
The National Security Agency – the US body responsible for “intelligence” – maintains an impressive array of tools that allow their analysts to hack computers belonging to foreign spies, terrorists or suspected criminals. Many of these tools use vulnerabilities that had were previously unknown even to the most successful cybercriminals.
However, these tools were stolen and leaked online earlier this year. Details of the exploits were also published on Wikileaks, throwing a spotlight onto US intelligence activity. Once the NSA tools were leaked, hackers immediately began to use them against innocent people.
How to protect yourself:
The NSA tools work by exploiting gaps and bugs in operating systems and software, like Windows 8 or Apple’s MacOS. You should regularly check for updates, and install patches as quickly as possible – this closes the loopholes used by the hackers, rendering their malware ineffective.
The WannaCry outbreak
Ransomware has been gaining popularity in recent years as a way to extract extort money from people by infecting their computer and encrypting their files. The only way to recover data is to pay a ransom to the hackers.
In May, WannaCry went global, infecting thousands of computers across the world. In the UK, several NHS trusts were affected, taking clinical systems offline, and forcing the cancellation of planned operations as engineers tried to reverse the damage.
Although the source of the WannaCry infection remains in dispute, security analysts agree that the malware uses one of the vulnerabilities exposed in the NSA theft. Some believe that the outbreak was planned by the North Korean government as a way to raise revenue – however the malware was more effective than expected, leading to the global outbreak.
The Petya outbreak
Just one month after WannaCry wreaked havoc, another malware variant burst onto the scene. Using the same NSA exploits, Petya (also known as NotPeya, Nyetya and Goldeneye) managed to compromise several major companies, including pharmaceutical giant Merck, shipping company Maersk and the Russian oil firm Rosnoft.
Unlike WannaCry which was global in its reach, Petya appears to have been targeted at businesses in Ukraine. The central bank, several power companies and the public transport network were particularly badly affected.
How to protect yourself:
The success of the NSA hacking tools relies on security vulnerabilities that are not known by a software vendor, and have not yet been repaired, called zero day exploits. Every computer is in danger of being exploited until these loopholes are closed.
You can improve protection by installing an anti-malware tool
Anti-malware cannot detect zero day exploits, but it can recognize malware by the way it acts – and block it automatically before damage is done to your data.
Trox Tech continues to #MakeITSimple.
Protect yourself from these security breaches and the numerous to come.
Give us a call at (704)200-9889