Outbreaks such as Petya and WannaCry really put the malware threat on the IT agenda and made cybersecurity a priority for everyone. Fredrik Svantes, Senior Information Security Manager at Basefarm, explains the latest developments that keep the cybersecurity community busy.
Greetings good people!
I wanted to share with you the latest trends of spam and\or malware I see coming in to Basefarm this last week. Thanks to everyone who is spamming me making this possible. 🙂
The latest trend is sending a mail with very little detail, complaining about a delay in shipping, lacking tracking information, anything really. And then attaching a .doc file with a simple name like “order-confirmation.doc” or “invoice.doc”.
We, as good people, want people to be happy with our service, so we get a little worried that there has been something we have missed and rush to open the .doc-file to see how we can correct this misunderstanding. The .doc file is loaded with a bunch of macros, and upon opening it downloads whatever malware recently paid the last bid to the spammer. Mostly I have seen botnet installs, and no more crypto-software so far, but this can be changed on the fly by the malware authors.
The purpose of the botnet-infection is the traditional proxying of malicious mail or web traffic, participating in DDOS or to the more modern mining of crypto currency. Also have in mind that it is not uncommon for them to exfiltrate any address books, stored passwords and passwords typed during the infection.
Unfortunately, having an up-to-date antivirus is not enough these days, so to keep yourself from enjoying a borrowed computer from Internal-IT while yours is getting reinstalled and you changing all the passwords you have in fear it might be captured, slow down and think about what files you are opening. Being more security aware is the best solution to this challenge.
As always, if you are not sure about something, talk to your closest internal-IT or SIRT person about your concerns. It is much easier to handle this while it is still in your inbox.
It’s time for a new security tip in our Christmas calendar. Security tip #11 is to learn to recognize the signs of malware. Running an antivirus is unfortunately far from enough these days, as anyone – even without prior knowledge – can spend a few hours and have a piece of malware that is undetected by the antivirus. Because of this, you need to make sure your employees know signs to look for of being infected by malware. As a start, you can visit AVG’s website where you will find a list of top 10 signs.