Risk Radar Free Newsletter – Feb. 23, 2016


 Digital extortion (ransomware) on the rise: 45 times more people had their devices held hostage in 2014.” Symantec Internet Security Threat Report 2015  


We Could Not Look the Survivors in the Eye if We Did Not Follow this Lead

Here’s why the government ‘will have an uphill fight’ against Apple

Facebook, Google, Twitter, Woz, Trump, McAfee, Snowden, and more take sides on Apple vs. the FBI
James Comey (Director of the FBI) make his and the FBI’s case for the request to have Apple assist in breaking into the San Bernardino terrorist’s iPhone. The FBI Director states it does not want to break encryption or set loose a master key on the Apple iPhones. He is asking for some of the iPhone security features to be disabled by Apple to enable the FBI in evidence collection.  Keep in mind that one of the primary roles of the FBI is counter-terrorism.  What if this action save the lives of 100 Americans from an act of terrorism?  Does this impact how you view the balance of privacy and disclosure to government in this ongoing debate?

“Locky” Ransomware Encrypts Unmapped Network Shares

The latest ransomware is the latest and greatest ransomware in the wild. Locky takes it up a notch by searching for un-mapped network shares to locate and hold for ransom data (encrypted by Locky). Locky is currently spread by email with Word documents that contain a malicious macro.
Hospital Ransomware Attack Alarms Cybersecurity Experts
A ransomware attack on Hollywood Presbyterian Medical Center is very troubling to security experts. With the hospital paying ($17,000) the hackers it encourages ransomware attacks in the future. Once infected with ransomware the only option may be to pay the hacker to decrypt the data. Preventative controls and robust offline backups are the best way to avoid ransomware attacks.  If you need help with an assessment or other preventative services contact 4D5A Security today.
Adding Up The Total Costs of Ransomware
The costs to companies from ransomware are more than just paying to get data back. Move from reactive to proactive today – it makes financial sense to do so when you add up the numbers of a large scale incident.  If you need help calculating your total cost of ownership (TCO) contact 4D5A Security.
That Linux flaw may be fixed, but what about your containers?
The years-old bug in the GNU C Library is being patched by many. If you use Linux containers you should check into who is patching them. Linux containers are similar to virtual machines, the lack of maturity for Linux containers means the security responsibilities are not clearly defined.