Weekly Cyber Security News
Welcome to Astria’s blog and our Weekly Cyber Security News segment. Here we share some of the most interesting and relevant pieces of cyber security news that we find. This valuable resource is here to keep you informed of vulnerabilities and solutions for your business, as well as to discuss some cyber security concepts.
1. CSO Online: “Contractor hacks former employer, destroys and corrupts data.”
The industrial supply company W W Grainger had much more than paperwork to deal with after parting ways with their contractor, Edward Soybel. The contractor maintained Grainger’s servers for just over a year, but he held a grudge after being terminated. Months later, Soybel successfully hacked into their servers and corrupted their data, damaging thousands of dollars worth of information.
It is fortunate for Grainger that they detected the corruption, as in some cases it can be difficult to recognize quickly. But this story is more and more common: business partners and past employees are often the source of security incidents.
What can businesses take away from the Grainger case? First, businesses should be careful of who they trust. Second, make sure that employee access is fully removed after termination. Finally, it’s a good idea to have your files regularly checked for corruption, as many factors can cause this.
2. Security Week: “SamSam Ransomware Attacks Hit Healthcare Firms.”
In less than two weeks, two healthcare companies have been hit with the relatively new SamSam ransomware. For those not familiar, ransomware infections lock away all valuable files on a system and demand that you pay to get them back, usually in a hard to track currency like Bitcoin.
In this case, Hancock Health in Greenfield, IN and Allscripts, an electronic health record company in Chicago, IL, both had some services disrupted as a result of these attacks.
Cyber criminals use SamSam in targeted attacks on already compromised systems. In Hancock Health’s case, the attackers even went as far as deleting the backups. But you can often detect these types of intrusions with properly configured cyber security.
Businesses dealing with people’s personal information particularly need intrusion detection, because attackers in your network could attempt to steal the data as well.
3. The Hacker News: “Facebook Password Stealing Apps Found on Android Play Store.”
Facebook is a prime target for cyber criminals. In addition to stealing tons of personal data from a hacked Facebook page, criminals often find that victims use that same password for other websites. So crooks are often after Facebook login info, however they can obtain it.
Recently, cyber security firms Trend Micro and Avast discovered Android malware designed to trick users into giving away their Facebook login. 56 of these applications made it on to the Google Play store, as they technically have no malicious code. Instead, these apps download other malicious apps to do their dirty work, allowing them to sneak past Google’s checks for malware.
All of the bad apps have since been removed, but how do you protect yourself from future apps like these? Having some form of antivirus on your phone is a great start, and Astria can recommend several. But general awareness and checking app reviews can also help prevent many of the issues these bad apps cause.
Always look for both positive and negative reviews for red flags, and be sure to check what permissions apps request. Few apps really need admin access on your phone, so be wary of apps requesting every permission.