End-users can be the weakest link in your infosec defense. But according to KnowBe4 founder and CEO Stu Sjouwerman, there is something you can do about that – if you implement the right behavioral diagnostics and focus your training needs on individual users’ actual weaknesses.
Banking Trojans replaced Ransomware as top email-based payload in Q1
The concept of infecting targeted users with banking trojans has been so successful in the recent past that in the first quarter of 2018, banking trojans overtook ransomware as the top malicious payload distributed through email.
The concept of infecting targeted users with banking trojans has been so successful in the recent past that in the first quarter of 2018, banking trojans overtook ransomware as the top malicious payload distributed through email.
In all, banking trojans accounted for 59 percent of all malicious email payloads in the first quarter of 2018 which also saw email-based malware attacks rise significantly. A new report from Proofpoint has shown that the number of firms receiving more than 50 email-based malware attacks grew by 20 percent compared to in the last quarter of 2017.
Aside from injecting banking trojans that are designed to obtain confidential information about customers and clients using online banking and payment systems, hackers are also distributing information stealers, downloaders, remote access Trojans (RATS), and other banking malware via emails to steal credentials and to use them to commit fraud or theft.
Cyber-criminals are also leveraging sophisticated malware that are adept at defeating a majority of anti-malware protections installed on targeted systems. For example, Emotet, a polymorphic malware that has the ability to evade over 75 percent of antivirus engines, has been used in 57 percent of all banking malware attacks and 33 percent of all malicious payloads in Q1.
“Trojans are effective because they exploit weaknesses on different levels. Fraudsters often bait unsuspecting users to click on links in emails that seem to be legitimate, which lead them to a fake website or to download a malicious app,” said Gerhard Oosthuizen, CTO at Entersekt to SC Magazine UK.
“These fakes can look frighteningly real, and the emails baiting users often mimic the bank’s official communications in design and tone. It makes it very hard for users to know when an email, the site they’re clicking through to, or the app they’re downloading, is legitimate.
A New Age of Malware - Cryptocurrency Mining
Cryptocurrencies continue to make headlines, and generally for all the wrong reasons. As cryptocurrency continues to fluctuate in value, we are seeing a plethora of new cryptocurrency malware emerging. This is reflective of the evolution of modern malware, with variants attacking computer systems globally, hijacking them to mine cryptocurrencies and capitalizing on the victim’s resources. Crypto-malware is literally making money.
It is no surprise that crypto-malware has been proliferating, as digital currencies provide a level of anonymity and are rather profitable. It is, however, probably the worst of all malware. This new age of crypto-jacking malware simply uses the end user’s device to mine cryptocurrency when they visit an infected site.
More websites are adopting cryptocurrency mining through visitors instead of running ads to fund their businesses. Recently, the popular torrent site The Pirate Bay ran a bitcoin-miner as an alternative to ads to generate funds for the business. This new income-generating scheme caused users’ central processing units (CPUs) and electricity usages to skyrocket while degrading the performance of their device. Coincidentally, advertising revenue is dropping significantly.
Mining 101
If you have not heard of bitcoin, then you must be living under a rock. Undoubtedly the most famous cryptocurrency, it is generated by “mining.” By mining, I mean a computationally intensive task that utilizes a lot of energy and processing power for verifying transactions. Successful miners are rewarded with a “coin,” which is added to a digital wallet — or, in the case of crypto jacking, to the digital wallet belonging to the hackers. For the first time, malware can directly “print money” for criminals.
On its own, a personal computer would not be powerful enough to profitably mine cryptocurrencies — the operative word being “profitably.” Mining done properly requires specialized rigs composed of specialized hardware and lots of electricity. Note that there are different cryptocurrency algorithms, some of which are more intense and require more computing power than others.
Have a question on how to protect you networks - Contact us.
According to ISACA - Cyber Threats Up but no increase in Ransomware
Ransomware attacks are significantly declining despite an increase in cyberattacks generally, according to the global IT association ISACA.
Written by Peter Dinham - ITWire
In its State of Cybersecurity 2018 research study just released, ISACA reveals that last year, 62% of respondents experienced a ransomware attack, compared to 45% this year — a 17-point drop.
According to ISACA, the drop in ransomware attacks is likely because organisations are significantly better prepared after last year’s WannaCry and NotPetya attacks, with 82% of respondents saying that their enterprises now have ransomware strategies in place. In addition, 78% said they have a formal process in place— up 25-points from last year.
“While these findings are positive, the data show that ransomware attacks may have been displaced by cryptocurrency mining, which is becoming more frequent,” said ISACA.
“Cryptocurrency mining malware can operate without direct access to the file system, making them harder to detect—and as the prices of cryptocurrencies increase, the economics of cryptocurrency mining malware becomes better for the attacker.
“Additionally, the three most common attack vectors remain unchanged from last year - phishing, malware and social engineering.”
The research also shows that 50% of the 2,366 security leaders surveyed have seen an increase in cyberattack volumes relative to last year and, in addition, 80% of respondents said they are likely, or very likely, to be attacked this year — a statistic that ISACA says remains unchanged from last year’s study.
According to ISACA, active defence strategies are highly effective, but underutilised.
The research also found that nearly 4 out of 10 respondents (39%) are not at all familiar or only slightly familiar with active defence strategies (e.g., honeypots and sinkholes), and of those who are familiar with active defence strategies, just over half are actually using them.
“This is a missed opportunity for security leaders and their organisations,” said Frank Downs, director of cybersecurity at ISACA.
“ISACA’s research indicates that active defence strategies are one of the most effective countermeasures to cyberattacks. A full 87% of those who use them indicate that they were successful.”
The ISACA report suggests enterprises must be better prepared with focused attention on several areas, and makes several recommendations, including:
- Investing in talent—With attacks still on the rise, enterprises must continue to invest in finding, retaining and training skilled cyber security professionals
- Exploring further automation benefits—Enterprises should consider automation-driven strategies and tools for detection and to support recovery and response efforts
- Ensuring appropriate investment in security controls—With attack vectors (phishing, malware and social engineering) minimally changing, existing control types are still valid and useful. Enterprise investment and attention to security controls should increase in line with the frequency of these attack vectors.
KnowBe4 Adds ThinkHR Training Modules
KnowBe4’s scope of training materials expanded beyond security awareness to address HR concerns
KnowBe4, providers of the world’s largest security awareness training and simulated phishing platform, today announced that it has added new training modules from ThinkHR to its arsenal of training materials.
ThinkHR combines live human resources with innovative online technology to deliver trusted knowledge solutions that enable organizations to thrive. Their industry-leading HR knowledge products help their partners strengthen their client relationships and win more business. HR professionals use ThinkHR’s tools to be more effective in their roles, while business and risk 
managers leverage its industry-leading team of HR advisors for compliance and risk guidance. And, all employers benefit from their HR compliance tools while building a positive and productive workplace.
“We’re constantly looking for new and exciting ways to freshen up our training content modules,” said Stu Sjouwerman, CEO, KnowBe4. “ThinkHR brings KnowBe4 into an entirely new training arena for the company – the HR space. We’re pleased to be able to offer this new, innovative content to our customers.”
“We’re excited KnowBe4 selected our award-winning training content as the next big addition to their security platform,” said Doug Doyle, CMO at ThinkHR. “Well-trained employees are a company’s most powerful firewall. Our mutual commitment to combining the best of SaaS technology and human expertise is the basis for this valuable partnership.”
The content is centered around HR compliance issues such as FERPA, harassment training, physical security, and managerial training with most modules running between thirty and sixty minutes each. The training will be available in the KnowBe4 “Mod Store” for its Diamond Level customers.
