June 21, 2018

Cybersecurity Threats to Watch Out for in 2018

by: Align

AdobeStock_136533289_Align_Security_Keyhole_Fingerprint

Photo Credit: © turbomotion046 - stock.adobe.com

In 2017 WannaCry, Petya/NotPetya and Bad Rabbit ransomware wrought havoc across the globe. These unprecedented attacks have cost businesses billions of dollars in damages.

This year, we have an entirely new slew of cybersecurity threats to watch out for and defend ourselves against, ranging from malware to exploitable weaknesses found throughout popular hardware. 

VPNFilter Router Malware

Researchers at Cisco’s Talos security division have recently identified VPNFilter malware, which is believed to have already infected at least half a million routers. The highly destructive VPNFilter malware targets routers and network-attached storage (NAS) devices. The malware is multi-staged beginning with installation, which allows it to remain on an infected device even after it has been rebooted.

The second stage contains the malware payload and can collect files, execute commands and exfiltrate data. It can even render infected devices unusable by overwriting part of the firmware and performing a reboot, after which the device isn't salvageable.

There are multiple Stage 3 modules, one of which includes a packet sniffer that is capable of stealing website credentials.

Side-Channel Attacks

Firefox and Chrome may have been inadvertently leaking Facebook user information for the last year.

Numerous malicious websites utilize a side-channel vulnerability hack that exploits a weakness of CSS3, which is the latest and greatest version of cascading style sheets. This version of CSS includes a feature known as “mix-blend-mode,” which has been leaking visual content hosted on Facebook.

Malicious websites that are aware of this issue include a cross-origin iframe, used with data capturing code to de-anonymize Facebook users. Attackers are able to retrieve the colors of each pixel within the iframe, and manually inspect images to extrapolate any personal information that is displayed including usernames, profile pictures and statuses.

SamSam Ransomware

SamSam ransomware, which appears to target healthcare and government organizations, brought the city of Atlanta’s municipal operations to a halt, and cost at least $2.6 million in recovery efforts.

A ransom note for six bitcoin, about $51,000 at the time, was sent to the city after government data was encrypted. In the days immediately following the attack, employees were forced to hand-write reports, city residents couldn’t pay their water bills online and court cases had to be rescheduled as files were inaccessible.

Atlanta is not the only city government to have been hit by SamSam. The Colorado Department of Transportation was infected twice this past February in the span of eight days, as well as Davidson County in North Carolina and the municipality of Farmington, New Mexico.

Spectre and Meltdown

Discovered in January 2018, Meltdown and Spectre exploit vulnerabilities found across the majority of modern processors, including those manufactured by computing giants like Intel, ARM and AMD. This encompasses almost all modern computing and IoT devices.

Meltdown and Spectre are capable of stealing data that is being processed in RAM—also known as volatile memory—which is only maintained while a machine is powered up. Running programs are not normally able to read the data that belong to other programs, but with Meltdown and Spectre it is possible to obtain data stored in memory across programs.

Security researchers believe that these vulnerabilities have the potential to be catastrophic.

Conclusion

This year’s cyber threats make it clear that everyone is susceptible to attacks and vulnerabilities, including technology giants and government organizations.

The imminent risk should only reinforce the importance of securing critical infrastructure, protecting sensitive information and regular maintenance that includes a patching schedule.

If you're wondering how to prepare against targeted cyber-attacks, the journey begins with approaching cybersecurity holistically and identifying the right solution for your business. 

Speak To A Cybersecurity SpecialistMore Information

Align Cybersecurity offers tailored, nimble and advanced cybersecurity solutions encompassing:
Contact us today to learn more about our cybersecurity offerings, security awareness training and more. 
Continue Reading

Related Articles

★★★★★

“Align is our trusted provider for all our Managed Services and cybersecurity needs. They provide us best-in-class IT services that not only help drive productivity and growth, but ensure we meet both current and evolving compliance and security requirements with ease. As consultants to financial advisors, trust and reliability are indispensable to our operations, which is why we never hesitate to refer Align to our very own client base. Align isn’t just our partner, they are an extension of our team. We look forward to entrusting them with our IT infrastructure for years to come.”

Ed Fasano - Experienced Advisory Consultants LLC