Cybercriminals are shifting their focus from identity theft for actions that bring immediate benefits, — concluded the experts at the SANS Institute. At the round table “Seven most dangerous new attacks” conducted by experts from within the RSA conference, Dr. Johann Ulrich showed an interesting slide with a modest “Changes in the Economics of malware” and much more a loud statement in the center — “ALL DATA is ALREADY STOLEN”.
All the data has been stolen. What’s next?
In the U.S. alone, according to Ulrich, was stolen 191 million of records, databases of voters, despite the fact that most them States 142 million Thus, data on most Americans was stolen not even once. Credit card ratio is not as striking but still troubling — issued 170 million credit cards and stolen 61 million (as of 2014).
An interesting consequence of this “overproduction” is lower prices for similar data on the black market. This makes the operation for the theft of “ordinary” personal data less appealing for cybercriminals, forcing them to earn on something else. The new focus of criminals is a direct extortion of money from victims, villains and aim as individuals and in business.
Each of the info was stolen. What is future?
Improved the amount of extortion during DDoS strikes offenders don’t not block the assault before person who owns the website objective isn’t going to cover the ransom. Boost the wide variety and sophistication of ransomware. One of brand reports become general public, the prevalence of extortion cryptographer 2 physicians, plus a minimum of among these had been made to pay for a ransom to decrypt the info.
Less loudly, but additional a mass occurrence, the most current creation of ransomware, is intended to halt the internet website. Perhaps not such a long time past underneath the effects of ransomware CTB Locker has hit on WordPress websites. Cybercriminals hack to your site, using good advantage of identified vulnerabilities in WordPress, and also encrypt each of the articles of the website. But they added into this website code, that enables one to start it from the internet browser and then link using all the extortionists from the Earth, it’s in actuality, the speak “tech support team”.
To establish his “honesty”, additionally they decipher two data files at no cost. It would appear, why a lot of problem to your weblog? However it needs to be said the simplicity of utilization of WordPress has recently caused how it’s established not merely weblogs, but in addition on the web outlets or internet sites of organizations all together. In such instances, the financial value of this informative data in the server could be rather large.
To encrypt info isn’t exactly the exact same concerning steal it again. As it happens the very first can be much worse compared to previously.
Here is the head of the national security Agency, USA Michael Rogers (Michael Rogers), also speaking at RSA 2016, says a malicious change to the data one of the most frightening nightmares. “What if someone modifies the data, program, or system security and suddenly we can’t trust what we see? What we will do in this case?” he asks.
Normal people should still be wary of ransomware that encrypts data on the computer. When you do this, criminals carefully eyeing and phone ransomware on Android already exist. They not only encrypt data, but hinder at all to use a smartphone as intended.
Given the fact that a significant percentage of smartphones have unpatched vulnerabilities (such as Stage fright, for example), but the complexity of malicious code for Android has increased dramatically, we can expect a new, more destructive attacks, combining the theft of money from the phone or your linked Bank account with the subsequent extortion.
SANS experts did not dwell on the safeguards, but we will do it for them and remind you that you need to do.
Owners of websites should be regularly updated WordPress and all additional modules. Since it is fairly complicated, you should consider moving to a dedicated webhosting service that will do this for you, automatically.
A backup of the site, which create almost all the providers have to regularly download to have a copy of the data offline.
Backup important data you need, first, to do regularly, and secondly, store them on media that is not connected to the computer for the rest of the time. It is best for domestic use suitable USB hard drive. For smartphones, you can configure the “cloud” backup of all key data. Regular updates of OS, browser, antivirus and essential applications is vital for all computers, tablets and smartphones. If you don’t want to spend too much time — turn on autoupdate.