Cyber-security for managers

The current Petya 'ransomware' is emerging as an information warfare malware. It seems primarily aimed at destroying data on Windows systems rather than ransoming. There appears no way paying the ransom will result in your data being decrypted. Petya can spread throughout organisations and servers, including backups and both encrypts the data and does irreversable damage to hard drives. Information warfare primarily involves one party degrading the assets of another party. The current Petya infection appears to follow this path rather than that of criminal intent.
A cure for Petya infection is potentially possible for those quick to act.

A new ransomware attack at least as big as WannaCry is attacking computers throughout the world today (28 June 2017). The result is work has stopped in many companies and government organisations. Symantec and other claim the attack is again based on based on the NSA's Eternal Blue exploit. It is not possible to buy recovery decryption keys but it is possible (if one is quick!) to recover from the infection - see https://www.itnews.com.au/news/what-we-know-so-far-about-the-petyagoldeneye-ransomware-466707?eid=3&edate=20170628&utm_source=20170628_PM&utm_medium=newsletter&utm_campaign=daily_newsletter

BOSS-GRAM is our free cyber-security newsletter for all managers, executives and bosses.

Why for managers, executives and bosses?

First, cyber-security is primarily a business and management issue: Management considerations include cost-benefit assessment, scale and type of cyber-risks and losses, intellectual property risks, business continuity protection, competitive advantage risk, loss of business credibility with loss of confidential information etc.

Second, IT security is no longer enough: 'Whole of business' cyber security has this year been identified as being better by most cyber-security institutes and government bodies: The reason? Cyber-criminals attack via every aspect of business front and back office processes, staff behaviours, and even the activities of organisations a business interacts with.

Third, many important cyber-security protections come from changes to business practices rather than IT: Managers and executives are the people who can change business practices to improve cyber-security.

BOSS-Gram contains succinct, practical and up-to-date cyber-security and cyber-risk information for managers and executives to make informed management decisions about cyber-security. BOSS-Gram is purposefully written in straight management English and avoids technical language.

Why free?

We believe well-informed management cyber-security is important for business and for reducing cyber-risks worldwide.

Regarded as the most sophisticated Mac malware and ransomware so far. MacSpy and MacRansom are the start of a new strand of 'malware as a service' (MAAS) in which additional features can be bought by cyber-criminals. Both MacSpy and MacRansom have been available from the dark web since May25.

MacSpy can capture screenshots every 30 seconds, log every keystroke, access synced iPhone photos, record sounds continuously even without the microphone turned on, retrieve clipboard contents, and

People find it difficult to use passwords easily and securely. Many professionals have a LOT of passwords.

Below is practical way to manage passwords that is effective, secure and easy to use. It was developed for a wide variety of business process environments that needed to have high levels of security for critical important passwords and have easy access for less important passwords .

During this year, Australia will require organisations to notify cyber-breaches to the Privacy Commissioner and to all affected parties. Penalties are $360,000 for individuals and $1.8 million for organisations for not notifying cyber-breaches. There are however many exceptions...

Almost all businesses in the US had cyber-attacks, mostly these included ransomware

The picture of cyber-attacks in 2016 from Radware is that of increasing numbers of cyber-attacks and with greater sophistication. There is a move away from more traditional cyber-attacks towards multiple attacks aiming at different parts of the business and IT. Increasingly, cyber-attacks target the business rather than only targeting the IT systems.

A new kind of 'invisible' malware has been identified by Kaspersky as being widespread in banks, telcom companies and government organisations.

Malware usually appears in files on computers and that is how they are identified. This new kind of malware exists instead in computer's memory. This makes it much harder to spot. It also marks an increase in the use in the wild of what have been up to now rare memory-based cyber-attacks.

Information Risk Assessment identifies the levels of risk to a business of the different kinds of information the business is managing.

Every business depends on information to make a profit and for its continuity. Attacks on a business’s information can adversely affect the business and third parties and result in a variety of liabilities and losses. Information Risk Assessment helps businesses to decide the levels of cyber-protection for the different kinds of information.

Petya - Information Warfare not Ransomware?

Breaking news - New worldwide ransomware attack

New! Boss-Gram Newsletter

New sophisticated Mac malware and ransomware

Password management - easy safe and secure

Cyber-breach notification required in Australia this year

98% of US businesses cyber-attacked in 2016

Almost all businesses in the US had cyber-attacks, mostly these included ransomware

New almost invisible malware attacks banks, telcos and govt agencies

Information Risk Assessment

Apple OSX and iOS cyber-attacks and security

Layering of cyber security

New

New Australian Strategy for Protecting Crowded Places from Terrorism

Boss-Gram Newsletter