The week in security: Ransomware mutating, IoT devices exploited for botnets

IBM Australia's investment in an Australian cybersecurity centre of excellence is the latest in a series of industry commitments that have been attributed to the pro-investment climate created by the Coalition government's investment and cybersecurity agendas.

One of the key areas of investigation in such centres will be in addressing Internet of Things (IoT) security issues that were on the agenda as vendors faced the need to improve their security from the beginning of their product development cycles.

As if on queue, there were reports that attackers had compromised more than 25,000 digital video recorders and CCTV cameras, using them to launch DDoS attacks. Indeed, highlighting the extent of the problem, researchers found more than 100 DDoS botnets built using malware for embedded Linux built into many IoT devices.

An end-user survey suggested that 1 in 3 cases of systems downtime were being attributed to security breaches; little wonder that visibility of network activity was being recognised as key to managing the threat from IoT and other attacks in business terms.

There were reports that Intel was considering selling off the security business it built around its acquisition of antivirus vendor McAfee, while Symantec products were found to have flaws that left computers vulnerable to hacking.

Ditto the Flash Keyboard app which, security analysts warned, can do some pretty dangerous things – as has a decade-long Iranian cyberespionage operation that was dismantled by researchers.

Even as figures showed the use of encryption had in a decade, there were warnings that many people were also not protecting their data by failing to properly erase it from hard drives sold second-hand on online forums.

Even as a Kaspersky Labs analysis found that encrypting ransomware is booming, new ransomware called Bart took a different tack to locking files, stuffing them into password-protected ZIP archives while trying out different pricing mechanisms to maximise return.

Also getting flexible was WhatsApp, Uber and Google Play. Such new approaches inevitably force businesses to adjust their defensive strategies, which is causing the US Department of Homeland Security to try to figure out how malware is morphing so it can plan how to block it when it becomes a reality.

US authorities were also hitting problems as a surveillance-powers bill was put on hold due to concerns about a lack of oversight. A comparison of smartphone sales suggested that Huawei was outperforming Samsung and its other Android rivals when it comes to security patches.

Also on the mobile front, observers picked up on a surge in mobile ransomware use while a mobile Trojan that secretly installs pornography apps on victims' phones was found to have hit millions of phones.

The US tax authority had to disable a PIN-based electronic filing feature after it was the subject of repeated attacks, while Google CEO Sundar Pichai had his social-media account hacked. Also apparently hacked were 10 million US patient records, which were being offered for sale on the black market by a hacker for some $US820,000 ($A1.1m).

Also compromised was a database of terror suspects used by banks and other groups as a 'terrorism blacklist'.

Join the CSO newsletter!

Error: Please check your email address.

Tags cybersecurityLinuxsymantecIoTCCTV camerasmalwarekaspersky labsDDoS attacksIBM Australia

More about GoogleHuaweiIBM AustraliaIntelKasperskyLinuxSamsungSymantecUber

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place