Beware of Lucifer, better privacy controls from Apple and Google and more
Welcome to Cyber Security Today. It’s Friday June 26th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
A new variety of Windows malware has been spotted by security vendor Palo Alto Networks. They’ve given it the nickname Lucifer, and it’s a devilish threat. It has the ability to steal Monero cryptocurrency found on infected machines and to use them for launching distributed denial of service attacks on other computers. I’ll have more to say about capability in a minute. Once on an infected machine, Lucifer brute forces its way into stealing passwords and depositing malware. It takes advantage of unpatched holes in computers that date back to 2014, which is why cybersecurity experts urge people and organizations to install software patches quickly. Attacks using this malware have been going on most of this month. The way people are getting hit is by going to infected web sites. The best defences are keeping software up to date, having good anti-malware software and staying away from websites likely to be infected, like gambling, porn and sites that offer illegal music, videos and applications.
I mentioned that computers infected with Lucifer can launch distributed denial of service attacks. These kinds of attacks are used to cause websites to collapse under pressure. It’s called a distributed denial-of service attack because the packets used in the attack come from millions of hacked Internet-connected devices like your computer, router or home surveillance camera. They get chained together in hacker-controlled botnets which regularly get ordered to launch attacks.
An internet company called Akamai this week said it detected one of the biggest denial of service attacks it’s seen: 809 million packets a second being fired at the website of a European bank. Think of that as 809 million people pounding on a door. Except the door is a website. Eventually, the door breaks. Which is the goal: The website crashes.
Why bother? Sometimes the goal is to make a political statement against a target organization by temporarily closing their website. But often it’s to distract the IT department of the victim into trying to stop that attack while the hackers are sneaking into the organization elsewhere.
What can you do to stop botnets? Make sure your software is up to date by installing security updates, use strong passwords to prevent your devices from being hacked. Make sure before you buy an internet-connected device — like baby monitors, children’s toys, wireless toothbrushes, security cameras and the like — it allows you to put in a strong password. Thnk carefully about buying products if they don’t.
Updating software on all your devices closes holes that hackers use. Another reason is that updated software sometimes adds security features. The upcoming Apple iOS 14 for iPhones and iPads has a couple of good ones. One is a yellow dot indicator in the top right status bar that shows if the microphone or camera is recording. That’s good to know if malware is secretly recording you. The Safari web browser will indicate if you’re using a bad password for any logins because it’s been compromised by a hack somewhere else. When you tap the Privacy Report button there will be an explanation of how websites treat your privacy. And apps in the Apple App store will soon have to show a summary of its privacy practices. Look for all this and more in the fall.
It addition Google this week announced some privacy changes to its platform. If you allow Google to save your Location History, the data will be auto-deleted after 18 months. You don’t have to choose to delete it. You still have the choice of having Location Data deleted after three months. Again, that’s if you have Location Data turned on. If it’s turned off, Google never saves location data. Same thing for your web and app activity. For YouTube, auto-delete will be set to 36 months the first time you turn on the data save feature. You can also choose three or 18 months for automatically deleting data. And, coming soon, will be the ability to more easily find your Google privacy and security settings if you have a Google Account by using the Search feature.
Finally, for some reason, the IT departments of certain organizations don’t understand the importance of quickly patching vital applications. This week Microsoft had to again remind administrators who use its Exchange email servers to install a security update it issued in February. Email is a critical application in every organization. It needs priority.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.