Symtrex Inc.

Cyber Security Specialist

Call - 866-431-8972 | Send an Email | Request a Quote
Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin

Zepto Ransomware Soars

by

InfoSecurity Magazine- Phil Muncaster

Security researchers are warning users of a spike in spam emails containing a variant of the infamous Locky ransomware, known as Zepto.

Cisco’s Talos team spotted 137,731 emails in just four days, containing over 3300 unique samples, according to technical lead, Warren Mercer.

Most of the emails used simple social engineering, asking the user to look at an attached document they had ‘requested.’

Emails are also crafted to appear more convincing by greeting the recipient by first name, he explained.

Once opened, the malicious JavaScript will run in the background, encrypting all files on a user’s machine with the .zepto extension.

Some samples only contacted one C&C server whilst others communicated with up to nine domains, the researcher continued.

Once the encryption has been done, the malware will display a message for the victim, demanding payment.

“The email attack vector will continue to be used as email is an everyday occurrence now and the ability to generate large lists of emails for spam campaigns like this is growing easier. The breaches which occur include email data which is actively sold to bidders on the underground for this type of campaign,” said Mercer.

“Ensuring users are careful with email attachments, like the ones used in this campaign, will help in an attempt to null the effects of this and further spam campaigns. Talos recommend you ensure you have a good backup strategy should you be hit with ransomware and we strongly advise that payment is never made to these actors.”

Meanwhile the Locky ransomware continues to evolve, causing devastation to individuals and businesses as it goes.

When it first burst onto the scene earlier this year, the botnet distributing it was shown to be the same one spreading Dridex banking malware.

In March, FireEye noted a sharp spike in Locky spam with users impacted in over 50 countries.

If you have any questions on Ransomware or how to protect yourself, contact us.

Average cost of a data breach up 12.5 percent among Canadian Firms

by

IT World Canada – Howard Solomon

Canadian CISOs who want more hard data to convince the C-suite and boards to devote more resources to cybersecurity have a new report to show.

If a study of 24 Canadian organizations is accurate, the total cost over a recent 12 month period of a breach of over 1,000 records went up 12.5 per cent compared to 2014 to just over $6 million.

Another way of looking at it is the average cost per record stolen or lost went up 10.6 per cent to $278 compared to the same period the year before.

These numbers come from a study released last week by the Ponemon Institute that was funded by IBM. The costs were based upon estimates provided by participating victim organizations.

The report is part of an annual global study of breaches in 13 countries (United States, United Kingdom, Germany, Australia, France, Brazil, Japan, Italy, India, the United Arab Emirates, Saudi Arabia, Canada and, for the first time, South Africa), which last year covered 383 organizations. The average cost of a breach across all those firms was US$4 million.

Importantly, the study included the cost of losing customers: Of the Canadian companies studied, for those that lost less than one per cent of their existing customers the average total cost of a breach was $4.77 million, well below the global averae of $6.03 million. When companies had a churn rate of greater than 4 per cent, the average cost was $7.88 million.

There are two cautions: First, Ponemon admits that 24 firms is a small sample for this country, and second, only organizations that suffered a breach of between 1,000 and 100,000 lost or stolen records in 2015 were counted – meaning Ashley Madison isn’t there. That way catastrophic incidents don’t skew the results.

The number of Canadian breached records per incident in the study period ranged from 4,800 to 70,998 and the average number of breached records was 21,200.
“Over the many years studying the data breach experience of more than 2,000 organizations in every industry, we see that data breaches are now a consistent ‘cost of doing business’ in the cybercrime era,” said institute head Larry Ponemon. “The evidence shows that this is a permanent cost organizations need to be prepared to deal with and incorporate in their data protection strategies.”

The report has other interesting numbers:

–It took more than five months to detect that an incident occurred and almost two months to contain the incident;

–54 per cent of the Canadian data breaches studied were caused by malicious or criminal attacks, 25 per cent were caused by human error and 21 per cent by system glitches. Companies that experienced malicious attacks had a per capita data breach cost of $304, which is above the average for all organizations studied. In contrast, companies that experienced system glitches ($250) or employee negligence ($246) had per capita costs below the mean value;

–The more records lost, the higher the cost of the data breach. The cost ranged from $3.59 million for data breaches involving 10,000 or fewer lost or stolen records to $6.88 million for the loss or theft of more than 50,000 records;

–Notification costs increased. These costs include IT activities associated with creation of contract databases, determination of all regulatory requirements, engagement of outside experts, postal expenditures and inbound communication set-up. The average cost increased from $0.12 million in 2015 to $0.18 million in 2016;

–Lost business costs increased. This cost category typically includes the abnormal turnover of customers, increased customer acquisition activities, reputation losses and diminished goodwill. Among all the 383 companies studied these costs increased from an average US$1.99 million in 2015 to US$2.24 million in 2016 — that’s of the overall $4 million average cost.

“The biggest financial consequence to organizations that experienced a data breach is lost business,” says the report.

Both direct and indirect per capita costs increased significantly. The indirect cost of data breach includes costs related to the amount of time, effort and other organizational resources spent to resolve the breach. In contrast, direct costs are the actual expense incurred to accomplish a given activity such as purchasing technology or hiring a consultant.

Direct expenses include engaging forensic experts, outsourcing hotline support and providing free credit monitoring subscriptions and discounts for future products and services. Indirect costs include in-house investigations and communication, as well as the extrapolated value of customer loss resulting from turnover or diminished customer acquisition rates.

 

 

Most SMBs Completely Unprepared for Ransomware

by

Tara Seals – InfoSecurity – June 21, 2016

A majority of American small and medium-sized business (SMB) owners say they recognize the severity of ransomware but lack the necessary resources, such as cyber-insurance or extra funds, to become operational once again if hit.

According to theft protection firm IDT911, one out of three say they could not go without access to critical business systems for any length of time. It added that SMBs, defined as businesses with less than 1,000 employees, have a lot to learn in terms of how to prepare for this risk and deal with the situation once impacted—making them prime targets.

Three-quarters of SMBs (75%) do not have cyber-insurance, or are unsure if their policy includes cyber protection; and 65% of SMB owners say they currently do not, nor plan to, budget extra funds. More than two out of 10 (22%) of SMB owners say they are unsure how to, or were not aware of the need to, back up their system and files.

The good news is that a majority (84%) said they would not pay in the event of an attack; and only 3% say they would pay $10,000 or more. About 10 percent would pay between $1 and $100.

Interestingly, Millennials (ages 18 to 34) are more likely to have cyber insurance protecting their business than those respondents aged 35 to 44. And female business owners are more likely than men to report ransomware attacks to authorities right away.

The FBI’s Internet Crime Compliant Center reported that a total of 2,453 ransomware complaints were received in 2015, costing victims more than $24 million dollars. And since January 1, Symantec Security Response has seen an average of 4,000 ransomware attacks per day—a 300-percent increase from last year.

“Ransomware is the Zika virus of the business world and there is absolutely no telling how far and wide this will spread,” said Adam Levin, founder and chairman of IDT911, and author of Swiped. “Training alone isn’t enough, cyber-insurance alone isn’t enough and, sure as heck, backed-up data alone isn’t enough. We’re talking about complete and utter paralysis of systems that could spell lost revenue, viciously impacted customers and a potential near-extinction level event for a business. Businesses need a comprehensive cyber security strategy that includes prevention, monitoring and damage control.”

There’s much riding on getting this right: More than half (60%) of business owners said that they would immediately report an attack to law enforcement authorities, as one out of three respondents (33%) say they could not go without access to critical business systems for any length of time.

Contact us to find out more about how to block, detect and protect your network from ransomware.

SnoopWall: Counterveillance Security for Network, Mobile and Apps

by

InsightSuccess
Today, smartphones carry your private data, which is the most convenient way of doing all online banking transactions smoothly, only when your data is completely protected from the bank’s network to your smartphone. Meanwhile those banks you are doing business with might not have enough network security protection in place, behind their corporate firewall.

SnoopWall is the world’s first counterveillance security company delivering a suite of network, mobile and app security products as well as cloud-based services, protecting all computing devices from prying eyes and new threats through patented cloaking technology.

SnoopWall secures mission critical and highly valuable confidential information behind firewalls and on mobile devices with next generation technology that detects and blocks all remote control, eavesdropping and spying. SnoopWall’s software products and hardware appliances are all made in the U.S.A.

Gary Miliefsky, Masterful Cyber Security Professional

Gary Miliefsky, founder and CEO of SnoopWall, is a consumer advocate and a cyber-security expert who frequently appears on ABC, CBS, NBC, Fox News, CNN and many other media outlets to share his expert opinion. He is a member of ISC2, CISSP® and Advisory Board of the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. He also advised the National Infrastructure Advisory Council (NIAC) which operates within the United State. DHS for the National Strategy to Secure Cyberspace. Gary is a Founding Member of the US Department of Homeland Security, served on the OVAL advisory board of MITRE and is a strong supporter of the CVE Program, plus he is a founding Board member of the National Information Security Group.

Subduing, the Biggest Challenge in Cyber Security

SnoopWall is growing rapidly, as their NetSHIELD appliances, MobileSHIELD endpoint agent and AppSHIELD SDK are critical to network and mobile security.

Firstly, SnoopWall’s NetSHIELD appliances solve internal network access control and dramatically reduce internal risk for a fraction of the cost of competition. SnoopWall’s MobileSHIELD endpoint agent solves the data leakage risks inherent in the BYOD dilemma, which is the second biggest problem in cyber security. And finally with their AppSHIELD SDK, they are protecting mobile banking, wallet and retail apps on smartphones from losing consumer information (PII) to cyber criminals. The market is very receptive, with their amazing network of channel partners and their phenomenal corporate team; SnoopWall is expanding their network throughout the globe through multi-tier distribution.

Most exploitation happens behind firewalls – either through malicious insiders, rogue devices, new forms of malware, trusted, yet infected employee owned equipment and SnoopWall’s NetSHIELD appliances as well as MobileSHIELD agents for the Bring Your Own Device (BYOD) dilemma continues to solve these problems for their customers.

Honest, Ethical, Passionate Information Security Team

Proudly, SnoopWall has customers around the globe who have not experienced a single breach since properly deploying their solutions. They have ‘INFOSEC professionals’ that care deeply for their customers and the protection of their networks and mobile devices. With this drive and passion, SnoopWall continues to build innovative, next generation security solutions that solve the worst problems in network security not resolved by firewalls and antivirus solutions, alone.

They would like to continue to grow and expand their international channels with the future possibility of being the worldwide market leader in network and mobile device security for small to medium sized enterprise (SME).

Cyber Security – Putting into Perspective

by

The news is full of stories of large well respected organizations (Target, Home Depot, Sony) and government agencies being victims of cyber crimes. Reporters than make statements like – well if these organizations can be victims, what does that mean to the small/midsized organizations.

imagesSo the truth is that no one is safe from cyber threats, to the cyber criminals organizations are just numbers (IP Addresses) and they are looking for those that have a weakness that can be exploited.

The challenge is to eliminate the weaknesses to the best of your ability. As I was writing this, I am reminded of the story of the Three Little Pigs and the Big Bad Wolf – funny how security can relate to a fable written in 1886. We all know the story – the first pig builds his house out of straw, which, unfortunately for the pig was not the best idea. The second pig builds his house out of sticks – again the news is not great for the pig. The third pig, takes his time and builds his house out of bricks, the wolf discovers that he cannot blow down the house, and has to revert to other tactics to get into the house. ( Denial of Service ).

He then attempts to trick the pig out of the house by asking to meet him at various places ( social engineering ), but the pig outsmarts him every time. Ultimately the wolf attempts to come down the chimney, where the pig captures the wolf.

In a very rudimentary way – this is how security works, first take your time and ensure that you have strong “perimeter defense” (an enterprise class firewall) , ensure that you have visibility on your “perimeter” so that you can see who is trying to get in, make sure that if they do get in that there is a way to limit their effectiveness be it antimalware (to quarantine viruses, malware, ransomware),or network access control (to stop data exfiltration).

Looking at these large, global entities, and putting into the perspective of the three little pigs – if the pig built an apartment complex, there are numerous ways to get in (windows/balconies), and even with an alarm, you are running from floor to floor to capture the wolf.

For those that of us that are not Target, Home Depot, etc, there are ways to protect yourself, as well as to attempt to identify who the cyber criminal is. I invite you to contact us to discuss your concerns, email at sales@symtrex.com or call at 866-431-8972.