Petya - Information Warfare not Ransomware?
The current Petya 'ransomware' is emerging as an information warfare malware. It seems primarily aimed at destroying data on Windows systems rather than ransoming. There appears no way paying the ransom will result in your data being decrypted. Petya can spread throughout organisations and servers, including backups and both encrypts the data and does irreversable damage to hard drives. Information warfare primarily involves one party degrading the assets of another party. The current Petya infection appears to follow this path rather than that of criminal intent.
A cure for Petya infection is potentially possible for those quick to act.
Breaking news - New worldwide ransomware attack
A new ransomware attack at least as big as WannaCry is attacking computers throughout the world today (28 June 2017). The result is work has stopped in many companies and government organisations. Symantec and other claim the attack is again based on based on the NSA's Eternal Blue exploit. It is not possible to buy recovery decryption keys but it is possible (if one is quick!) to recover from the infection - see https://www.itnews.com.au/news/what-we-know-so-far-about-the-petyagoldeneye-ransomware-466707?eid=3&edate=20170628&utm_source=20170628_PM&utm_medium=newsletter&utm_campaign=daily_newsletter
New! Boss-Gram Newsletter
BOSS-GRAM is our free cyber-security newsletter for all managers, executives and bosses.
Why for managers, executives and bosses?
First, cyber-security is primarily a business and management issue: Management considerations include cost-benefit assessment, scale and type of cyber-risks and losses, intellectual property risks, business continuity protection, competitive advantage risk, loss of business credibility with loss of confidential information etc.
Second, IT security is no longer enough: 'Whole of business' cyber security has this year been identified as being better by most cyber-security institutes and government bodies: The reason? Cyber-criminals attack via every aspect of business front and back office processes, staff behaviours, and even the activities of organisations a business interacts with.
Third, many important cyber-security protections come from changes to business practices rather than IT: Managers and executives are the people who can change business practices to improve cyber-security.
BOSS-Gram contains succinct, practical and up-to-date cyber-security and cyber-risk information for managers and executives to make informed management decisions about cyber-security. BOSS-Gram is purposefully written in straight management English and avoids technical language.
Why free?
We believe well-informed management cyber-security is important for business and for reducing cyber-risks worldwide.
New sophisticated Mac malware and ransomware
Password management - easy safe and secure
People find it difficult to use passwords easily and securely. Many professionals have a LOT of passwords.
Below is practical way to manage passwords that is effective, secure and easy to use. It was developed for a wide variety of business process environments that needed to have high levels of security for critical important passwords and have easy access for less important passwords .
Cyber-breach notification required in Australia this year
During this year, Australia will require organisations to notify cyber-breaches to the Privacy Commissioner and to all affected parties. Penalties are $360,000 for individuals and $1.8 million for organisations for not notifying cyber-breaches. There are however many exceptions...
Read more: Cyber-breach notification required in Australia this year
98% of US businesses cyber-attacked in 2016
Almost all businesses in the US had cyber-attacks, mostly these included ransomware
The picture of cyber-attacks in 2016 from Radware is that of increasing numbers of cyber-attacks and with greater sophistication. There is a move away from more traditional cyber-attacks towards multiple attacks aiming at different parts of the business and IT. Increasingly, cyber-attacks target the business rather than only targeting the IT systems.
New almost invisible malware attacks banks, telcos and govt agencies
A new kind of 'invisible' malware has been identified by Kaspersky as being widespread in banks, telcom companies and government organisations.
Malware usually appears in files on computers and that is how they are identified. This new kind of malware exists instead in computer's memory. This makes it much harder to spot. It also marks an increase in the use in the wild of what have been up to now rare memory-based cyber-attacks.
Read more: New almost invisible malware attacks banks, telcos and govt agencies
Information Risk Assessment
Information Risk Assessment identifies the levels of risk to a business of the different kinds of information the business is managing.
Every business depends on information to make a profit and for its continuity. Attacks on a business’s information can adversely affect the business and third parties and result in a variety of liabilities and losses. Information Risk Assessment helps businesses to decide the levels of cyber-protection for the different kinds of information.
Apple OSX and iOS cyber-attacks and security
From the early days, Apple has been proud of its cyber-security.There's a widespread assumption Apple computers and devices are safe from cyber-attacks. Recent evidence contradicts this.
How serious is it for businesses using Apple ? What are the best business cyber-security strategies for Apple products?
Layering of cyber security
Layering in cyber security means putting more barriers in the way of cyber-attacks.
Instead of cyber-security existing as a single perimeter barrier, cyber-security can offer layers of differing forms of protection.
The idea can be most easily seen in castles **
Page 1 of 2
New
Hack a secure business laptop in 30 seconds
F-Secure report that almost all secure business laptops can be hacked in 30 seconds. The hack bypasses all corporate security measures including Bit-locker encryption.
CPTED in Rio Favelas by Tactical Urbanists
CPTED is increasingly adopted in Rio de Janeiro favelas. Favelas are large-scale informal housing (used to be called slums) in which state intervention is low. Fevalas are typically self-managed, most notoriously, in some cases,by criminal organisations. Community journalists at RioOnWatch describe ways CPTED is becoming more widely used in favelas to make them safer and improve quality of life.
New Australian Strategy for Protecting Crowded Places from Terrorism
The Australian Government has released its strategy for Protecting Crowded Places from Terrorism.
Contact us now for Crowded Place Security Audits and Crowded Place Security Self-Assessments.
Read more ...