Interpol says ransomware may become a pandemic, expert advice on fighting ransomware and security updates for ForgeRock and Etherpad.
Welcome to Cyber Security Today. It’s Wednesday July 14th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
Ransomware attacks continue to spread. They’ve gotten so common that the Secretary General of Interpol, the international police co-operative, said this week police and cybersecurity companies must work closer to avoid a ransomware pandemic. Attackers are operating with near impunity, he said at a ransomware conference. Its estimated that crooks around the world pulled in $350 million last year in ransomware payments. Conference attendees, who included national computer response teams and the United Nations Office on Drugs and Crime, agreed to raise public awareness, to increase partnerships and do more information sharing.
Separately, Andy Bennett, the former deputy chief information and security officer of the state of Texas who is now with a California cybersecurity firm, issued advice on how to fight the attacks. In 2019 Texas faced co-ordinated ransomware attacks on 22 municipalities in the state. Yes, Bennett wrote, some groups will use new tactics that might not be caught by traditional cybersecurity. But, he added, if IT departments have to choose one strategy to improve the odds of beating ransomware it’s using multifactor authentication as an extra requirement for employees and customers to log into accounts. There are other important strategies, such as segmenting data systems so an attacker can’t leap from one network to another. For example, if an attacker gets access to the low-priority heating and air conditioning system they shouldn’t be able to jump to the high-priority human resource servers that house employee data. Another strategy is having safe, offline backups of data. But most strategies only constrain how far an intruder can get in your computer systems. Properly implemented multifactor authentication can stop many attacks from starting, Bennett said.
One recent victim is clothing retailer Guess. This month it began notifying 1,300 individuals that it was hacked in February, but didn’t know how many had their personal information copied by the hackers until last month. The news site DataBreaches.net reported in April that the DarkSide ransomware gang was posting stolen Guess data. According to Guess, stolen data included victims’ social security numbers, drivers licence numbers, passport numbers and financial account numbers.
UPDATE: On Wednesday evening a Guess spokesperson sent ITWorldCanada.com a statement saying “the vast majority” of persons notified were either employees or contractors. No customer payment card data was involved. Steps have been taken to enhance security.
Meanwhile in Canada a ransomware group claims to have recently stolen data from a British Columbia property management company.
Here’s some security update news:
There’s a critical vulnerability in ForgeRock’s Access Management platform versions below 7.0 that has to be patched. Users that can’t patch should apply a workaround. If remedial work isn’t done an attacker could use the vulnerability to get into a computer system.
WordPress administrators with systems using the Frontend File Manager should make sure they’re running the latest version of the plugin. It fixes serious vulnerabilities.
Administrators who oversee the Etherpad text editor should install the latest patches. They close two vulnerabilities.
Finally, yesterday was Microsoft’s monthly Patch Tuesday, when security updates are issued for Windows and other products. If you don’t have automated update installation enabled, check to make sure patches have been installed. Security updates have also been released for a number of Adobe products, including Reader and Acrobat.
That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon