Cyber Security Today: Sept. 24, 2018 — Ransomware hits a brewery, beware of remote access control software

Ransomware note comes in French, ransomware from a resume hits a brewery and beware of remote access control software.

Welcome to Cyber Security Today. It’s Monday September 24th. To listen to the podcast, click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

How’s your French? I ask because one of the latest ransomware attacks makes its threat message pop up on a victim’s computer in French after the malware has encrypted the hard drive. It’s been seen in the U.S., according to Trend Micro researchers. They call this strain of ransomware Virobot, because in addition to scrambling your data the malware takes over your computer and makes it part of a botnet for sending spam. It does that by looking for Microsoft Outlook on the infected computer, then automatically emailing malware to everyone on the contact list. Fortunately, for the moment, Virbot has been neutered because the command and control server it gets instructions from has been taken down. Trend Micro doesn’t explain who did that.

More on ransomware: A newspaper in Scotland reports a small brewery called Arran was victimized when a staff member clicked on a resume attached to an email. The company’s anti-virus software didn’t detect the malware before it began its work. A security expert had to be called in who was able to restore part of their computer system. But three months of data may be lost. The back story to this is interesting: The brewery was advertising for a job opening in the finance department, so naturally staff were expecting to get resumes by email from people in the U.K. Apparently attackers managed to post the ad on international job sites, resulting in dozens of applications. At least one was malicious. It’s tough when an organization is expecting email with attachments, like resumes. But perhaps it’s time HR departments realized that’s risky. Instead they should be willing to accept resumes that are included inline, as part of an email. If they need more detail, follow up. No more attachments.

Finally, remote access software gives someone the ability to log in and look at a computing device when they can’t physically get to it. Your company’s IT department may have the ability to remotely connect to office computers. But the use of remote access software has to be carefully watched. Consumers should make sure this kind of tool hasn’t been quietly installed on their computers by malware, giving attackers secret access to your PC. And as a report issued last week by Kaspersky shows, the same thing is true for industrial computers and devices. Companies can have thousands of Internet connected industrial devices running machines, valves and the like. And an easy way to monitor them is with remote access software. One big problem – just like on regular PCs – is password control. Companies have to make sure the use of remote access software is limited to only a few people. And they should have to use multifactor authentication, not just a simple password. First of course, companies have to do what you should be doing at home – inventory what software is on every machine. Does it really need remote access software? If so, ask if that software protected with tough password control.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast