Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Las Vegas Captures Ransomware Crown


Las Vegas is arguably the gambling capital of the world, but it's also the king city for ransomware, based on recent research.

Among the world's nations, the United States ranked highest in ransomware incidents, according to a Malwarebytes report on the prevalence and distribution of extortion apps. The area of the country that logged the most incidents was the Las Vegas-Henderson, Nevada, region.

Nevada cities led the nation in overall ransomware detections, most detections per individual machine, and most detections per population, according to the report, which is based on an analysis of half a million ransomware incidents.

Las Vegas' attraction to tourists and conference goers may be what attracts digital bandits.

"When people go to conferences, they're using their laptops on WiFi networks that may not be completely trusted," explained Adam Kujawa, head of malware intelligence at Malwarebytes.

Coupled with the relaxed atmosphere of the city, that can make users more vulnerable to vehicles delivering ransomware.

"When people are having a good time, they let their guard down," Kujawa told TechNewsWorld.

Rust Belt Targeted

Although Las Vegas topped the list for ransomware detections, half of the top 10 ransomware cities were found in the Rust Belt: Detroit, Michigan; Ohio cities Toledo, Columbus and Cleveland; and Fort Wayne, Indiana.

A lack of security awareness and misplaced trust may have contributed to the high rate of detections in that region.

"They're less security-aware than people living in larger metropolitan areas," Kujawa said. "People are also more likely to fall for phishing attacks, which is one of the primary methods of malware distribution."

Ransomware has been a scourge over the past two years, but that will change in the coming months as the security industry finds new ways to block ransomware, suggested Nima Samad, a Malwarebyes data science analyst who also worked on the report.

"Within the next year or two, we'll see a dramatic decrease -- at least in the kind of ransomware we're seeing right now," he told TechNewsWorld.

Teflon Security

Friction is the great enemy of e-commerce. Consumers do not respond well to any delays doing what they want to do online. That's why so many shopping carts are abandoned before shoppers pull the trigger on a purchase.

More than two out of three carts (68.81 percent) are deserted by shoppers, according to the Baymard Institute.

Friction creates a ticklish problem for security teams, because protecting merchants and consumers from fraud can create friction. Ideally, the best security scheme is one that gives consumers their cake and lets them eat it, too -- one that offers maximum protection but is invisible to shoppers.

Such a trend is occurring in global financial institutions, where adoption of passive risk assessment systems is growing. Those systems assess the risk of a consumer's session with a financial institution, using a basket of factors about that session.

What's particularly beneficial about the systems is that they continually authenticate the author of the session. Typically, once a user provides a name and password, they become "trusted," and their activity after login is ignored.

With risk assessment systems, users are monitored constantly. Even if they use a correct name and password, risky online behaviors will be flagged, and action taken to authenticate their identities.

Useless Passwords

"You can essentially authenticate and re-authenticate a user all the time by looking for things that are anomalous," explained Dan Ingevaldson, CTO of Easy Solutions .

There can be anomalies in how a browser is used or in the way a visitor logs in compared to the past, or in the makeup of the device used in a session.

However, it's important to understand that these passive systems deal in probability. They tell you what the probability is that a particular session is risky.

"Very confident predictions can be made that one session is related to another. That's really helpful. It can make things like stolen passwords unusable to attackers," Ingevaldson explained.

"We're going to see a lot more of these systems in 2017," he predicted.

Beyond Compliance

Software development is in a state of transition. More and more organizations are getting apps to market faster and with better quality using technologies like DevOps, Agile and continuous improvement. Those technologies aren't just changing software development -- they're changing the security industry, too.

The days of making security purchases solely for compliance reasons are fading fast.

"Plenty of security purchases were made to check off some compliance boxes, and it was hoped that the product would also deliver some real value," noted Zane Lackey, chief security officer at Signal Sciences .

With the adoption of DevOps and its emphasis on speed and quality, organizations are starting to demand more from security vendors.

"Buyers are getting fed up with vendors not delivering on their promises," Lackey told TechNewsWorld.

As part of that value equation, security vendors need to shed a role many of them have had for years.

"Security has always acted as this gatekeeper and blocker. Now buyers don't want to know, 'how does this slow me down less?' but 'how does this enable me to move faster?'" Lackey pointed out.

"Security can't be a compliance checkbox that just slows everything down," he emphasized. "It needs to add real value and help me move faster as an organization."

Breach Diary Dec. 26. PakWheels, an automotive classified website, notifies its users that their personal data is at risk after its server was breached by an unknown third party. Dec. 27. Three Chinese citizens charged by United States of engaging in conspiracies to commit insider trading, wire fraud and computer intrusion in an indictment filed in federal court in Manhattan. Dec. 27. New Hampshire's Department of Health and Human Services says confidential information of as many of 15,000 people who received department services is at risk after unauthorized access to them by a patient at the state's psychiatric hospital. Dec. 27. Global encryption software market will be US$2.5 billion by 2021, Allied Market Research forecasts. Dec. 28. InterContinental Hotel Group, which operates more than 5,000 hotels worldwide, says it's investigating reports of a possible data breach at a small number of its hotels located in the United States. Dec. 28. The Organization for Security Cooperation in Europe, which monitors the Ukraine-Russian conflict, says it suffered a data breach that compromised the security of its computer network. Dec. 29. Nevada takes its marijuana portal offline after a data breach exposed confidential information on some 12,000 applications for cards used to obtain medical marijuana. Dec. 29. FBI and U.S. Department of Homeland Security issue joint report detailing the tools and infrastructure used by Russian intelligence services to compromise and exploit networks and infrastructure associated with the recent U.S. election, as well as a range of U.S. government, political and private sector entities. Dec. 29. Hong Kong Airlines apologizes to its customers for flaw in its Android app that allowed personal information of more than 100 passengers to be viewed by other usrs of the app. Dec. 30. President Barrack Obama expels from the United States 35 suspected Russian spies for "malicious cyber activity and harassment" in connection with Russia's attempt to influence the 2016 presidential election. Dec. 31. Potomac Healthcare Solutions accidentally exposed to the public Internet confidential information on scores of psychologists and other healthcare professionals deployed within the U.S. military's Special Operations Command, MacKeeper security researcher Chris Vickery says.

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles

Latest Images