The SecuriTea News - Issue #11
Every Friday The Weekly SecuriTEA Report brings you the latest week’s trending Information Security News. Here's what is new for this week:
New Cybercriminal Gang On The Move. New criminal organizations pop up each week, if not each day, in the hopes to gain a financial advantage over a victim. The latest group making causing trouble, called Silent Staling, has been successful in utilizing techniques that have allowed them to take funds from more than 500 worldwide organizations. Hailing from West Africa, this cybergang is taking advantage of a technique called VEC, or vendor email compromise, in order to steal funds from their targets. Vendor email compromise (VEC) is when a cybercriminal has compromised the account of a legitimate employee of an organization, usually by phishing attacks, and uses said compromised account to further attack customers of the organization. A visual example of this attack can be found below. Researchers have said that this type of attack method is expected to be the largest threat to the organization over the course of the next 12-18 months. Though this attack method is not new and has definitely been seen before, researchers who are studying the cybergang have stated that they fear the attack method will become more popular with other malicious attackers and increase the scope and scale of attacks drastically.
Hospital Patients Turned Away Due To Ransomeware. The DCH Health System, a regional hospital and medical complex located in Alabama, was impacted recently after a series of ransomware attacks locked them out of their system. We have reported on ransomware attack before, where an attacker locks out your computer or network in exchange for money (usually Bitcoin), but the scale of this attack was so vast that several medical facilities had to turn away new patients and even cancel surgery appointments. The impacted facilities were mainly in the United States and Australia. A press release by the organization stated that emergency procedures have been evoked but the impact facilities are still closed to all but the most critical new patients. Current patients will continue to be cared for. An attack of this magnitude that has the potential to impact health services further emphasizes the need for increased security measures for our major public infrastructure. Hospitals continue to be a top concern and target of ransomware attacks given the sensitive nature of patient data collected and stored by healthcare facilities.
Beware What You Install From Google Play. Despite best efforts to curb and ban malicious applications, there are still over 150 harmful applications that have been installed 335 million times by users in September alone. The majority of these applications are harboring adware, which is unwanted software that pops up with annoying advertisements, due to its ease of installation and creation. Once the malicious application is downloaded it begins displaying advertisements that can even be shown after the application is closed. Unlike other malicious applications, like banking trojans, adware doesn't require the user to input information or do anything and is mostly just annoying. The report by Symantec highlights the need for users to beware of the applications they are downloading. It is important for users to double-check that the application is verified in the app store, as well as checking any reviews and issues that might be told against the maker. If you are extra vigilant and want to go a step further, double-check the developer's security and privacy policies to understand how the application will be used on your device.
And that's a wrap for your Weekly SecuriTea Report. Be sure to check out the latest every week for the latest in Information Security News. Follow us on social media for daily news.