Accenture News

Accenture Report Reveals New Cybercrime Operating Model Among High-Profile Threat Groups

Accenture Report Reveals New Cybercrime Operating Model Accenture Security’s 2019 Cyber Threatscape Report identifies top threats influencing the cyber landscape, including emerging disinformation techniques and evolving relationships in the underground economy ARLINGTON, Va.; Aug. 14, 2019 – Cybercrime campaigns and high-profile advanced persistent threat groups
/
The Verge

US gives Huawei another 90 days before full ban takes effect

The United States will once again delay a full ban on doing business with Huawei, saying that rural communications companies needed the extra time to switch their equipment away from products made by the Chinese tech giant. President Trump initiated the Huawei ban in May with an
/

The Rise of Ransomware

Ransomware

IT security company KnowBe4 has issued a warning regarding a new strain of ransomware called VirRansom, which “utilizes both ransomware and parasitic virus features,” according to a statement released Monday, Dec. 8 by CEO Stu Sjouwerman. As a self-replicating program, this particular strain has the potential to lock up a company’s entire system, demanding a BitCoin payment to free the files.

Ransomware is a brazen, yet effective approach to sabotaging a company’s operations by placing all of its files under an encryption key. The organizations behind its deployment often hide their identities within the anonymity of Tor, and demand payment in trackless virtual currency.

The ease by which a ransomware virus can spread has become a troubling problem for IT managers, given the complete interconnectedness of employees, through a variety of personal and company-issued devices as well as across a networks, both internal and cloud-based.

A recent story, covered by NPR, highlighted a company that was presented with a 72-hour countdown clock, which pointed to a deadline at which its files would be encrypted. The business in question was not large – not a typical target for hackers, but was one that found itself at the mercy of extortionists due to a simple human error: a phishing email that resembled a PayPal payment notification appeared in an employee inbox, and once clicked, activated the ransom note and timer.

VirRansom CEO Sjouwerman points out that these types of attacks are very difficult for antivirus companies to keep up with. Quoted in a story at CBS News online, he suggests companies take the following steps to protect themselves in advance:

1. Test the restore function of your backups and make sure it works, and have a full set of backups offsite.

2. Start thinking about asynchronous real-time backups so you can restore files with a few mouse clicks.

3. Get rid of mapped drives and use UNC (universal naming convention) links for shared folders.

4. Look into Whitelisting software that only allows known-good executables to run.

5. Update or enforce security policy best practices, such as thorough security awareness training to prevent these types of infections to begin with because the infection vector is your end-user opening up an attachment or clicking on a link.

Rahul Kashyap, a researcher at the cybersecurity firm Bromium, adds that the programs inside ransomware viruses are getting better at locating high-value files, explaining to NPR that there is greater value in finding autocad files, for example, than regular memos.

Experts are divided as to whether ransoms should be paid, some believing this merely funds more sophisticated crime tools. However all of them agree that the best defence is an offline reproduction of everything a company needs to operate – and that means completely offline.

By Steve Prentice

Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.

10 Prototyping Tools To Help Build Your Startup

10 Prototyping Tools To Help Build Your Startup

Prototyping Tools We are continuing this week by focusing on startup tools, tips and tweaks that will help you build, design, manage and market your ...
Infographic - The Internet Of Things In 2020

Infographic – The Internet Of Things In 2020

The Internet Of Things In 2020 The growing interest in the Internet of Things is amongst us and there is much discussion. Attached is an ...
Mitigating the Downtime Risks of Virtualization

Mitigating the Downtime Risks of Virtualization

Mitigating the Downtime Risks Nearly every IT professional dreads unplanned downtime. Depending on which systems are hit, it can mean angry communications from employees and ...
Security infographic

Survey: 87% of Businesses Are Confident About Cybersecurity

Businesses Confident About Cybersecurity In a year that has seen multiple massive data breaches and troubling cyberattacks, a new survey reveals 87 percent of businesses ...
IBM News

6 DataOps essentials to deliver business-ready data

/
Nearly every business is under competitive, disruptive, and regulatory pressures. As companies face digital transformation and modernization to meet their customers’  expectations, leveraging data and AI at the speed of business ...
ZDnet

700,000 Choice Hotels records leaked in data breach, ransom demanded

/
Researchers found the unsecured database, but hackers got there first 700,000 records belonging to Choice Hotels have reportedly been stolen with hackers demanding payment for their return. Comparitech, in collaboration ...
Alibaba Cloud

Alibaba and the $15 billion question: Amid Hong Kong’s protests, when to list?

/
HONG KONG (Reuters) - Hong Kong’s political unrest is posing a dilemma for Alibaba Group Holding Ltd (BABA.N) on the timing of its planned $15 billion listing in the city, ...