This week, hacking groups were using post-U.S. presidential themes in their spear-phishing attacks; the Identity Theft Resource Center (ITRC) reports that there have been 858 data breaches recorded this year; another ransomware attack on a county in Indiana forcing officials back to pen/paper.

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.

Hacking Groups

Malicious hacking groups are riding the coat tails of the election, by amping up their spear-phishing campaigns.

Why is this signficant?

  • Fancy Bear, a malicious hacking group is taking advantage of zero days, prior to patches being issued for the vulnerabilities discovered by Google's Project Zero.  This hacking group has been running spear-phishing campaigns that have been sending bogus emails that resemble legitimate emails, targeting government, political, and military.
  • Cozy Bear, another malicious group and one suspect in the DNC hacks, has also been spear-phishing for the die hard democrats, luring them in by emails containing intriguing headliners with an email sender, that looks to be coming from Harvard University's Faculty of Arts and Sciences with a couple of emails that look to be from the Clinton Foundation.
  • The email headlines that are luring folks in, are as intriguing as, "The shocking truth about election rigging in the United States." The email contains a link to a zip file with a ".lnk" Microsoft shortcut file. 
  • "This shortcut file contains PowerShell commands that conduct anti-VM [virtual machine] checks, drop a backdoor and launch a clean decoy document," he writes.
    Read the full story on Ars Technica and Data Breach Today

Data Breach Resource

Identity Theft Resource Center (ITRC) reports that there have been 858 data breaches recorded this year through November 8, 2016.

Why is this signficant?

  • ITRC tracked in 2016 (so far) =809, 2015 =783, 2014=781
  • According to the 2016 Data Breach Report- the highest number of reported breaches occurred in the Business sector with 384 breaches containing 2,562,506 records.  The highest number of reported breached records occurred in healthcare 14,457,012 in 306 breaches.
  • One of the most disturbing data breaches reported is the Office of Child Support Enforcement within the Government/Military category at 5,000,000.  What could they possibly want with innocent children's information? Fraud, identity theft, and extortion are the first reasonable reasons as threat actors can leverage the information already now. Malicious threat actors may also store and save this mega network for future use.
    Read up on the latest reported data breaches on ITRC


A ransomware attack on Madison County, Indiana, forced county officials back to pen and paper.

Why is this signficant?

  • “Officials reported being unable to access archived court records or criminal records, and also could not use computers to book suspects in jail".  Madison County is a population of nearly 130,000 (according to 2015 U.S. census).  If suspects being booked were malfunctioning, one can't imagine the back-log of what it takes when the system gets back online.  The transfer of pen/paper notes to the system is bound to be filled with human error.
  • Targeted ransomware attacks are rising and ransomware is continuing to force companies to work using pen/paper.   Wouldn’t it be amazing to have a cyber security technology that blocks generic ransomware, out of the box?  Wouldn’t it be amazing to allow the employees to continue to work on the infected devices, by blocking any outbound traffic?
    /**Find out more about out of the box ransomware prevention **/
    Read the full story on SC Magazine