Cyber Weekly Roundup - December 22, 2017 - NetCentrics

Weekly Roundup

Cyber Weekly Roundup – December 22, 2017

By Colby Proffitt

1.) Beware of Cryptocurrency Mining Virus Spreading Through Facebook Messenger (December 21, 2017)

https://thehackernews.com/2017/12/cryptocurrency-hack-facebook.html

Summary: Researchers from security firm Trend Micro are warning users of a new cryptocurrency mining bot which is spreading through Facebook Messenger and targeting Google Chrome desktop users to take advantage of the recent surge in cryptocurrency prices.

Why it matters: Although Facebook has reportedly taken down most of the malware files, spam campaigns are common on Facebook. Users would be wise to simply avoid using the Facebook messenger app until it’s secure, or at least more secure.

2.) Boris Johnson tells Russia: we will retaliate against cyber-attacks (December 22, 2017)

https://www.theguardian.com/politics/2017/dec/22/boris-johnson-tells-russia-we-will-retaliate-against-cyber-attacks

Summary: Foreign secretary flies to Moscow with message that he wants the UK and Russia to work together, but misuse of cyberspace will not be tolerated.

Why it matters: What exactly Britain is capable of doing is uncertain, but deterrence is likely one of several tactics on deck. It’s going to be interesting to see how the UK and other western countries interact with Russia in the coming months. With a number of allegations against Russia, but very few lacking any irrefutable evidence, Russia’s alleged cyber meddling stands as an example of the challenge of cyber attribution.

3.) The Top Cybersecurity Threats for 2017 (December 22, 2017)

https://www.scmagazine.com/the-top-cybersecurity-threats-for-2017/article/720097/

Summary: In 2017 hackers weren’t slackers. The threats – and the attacks – kept coming in rapidfire. In a year drowning in threats, these newbies made their mark.

Why it matters: This article highlights some of the major threats and attacks from 2017 and is a reminder of just how much malicious cyber activity is out there. Ransomware attacks were a major method employed by cyber adversaries and we can expect more ransomware attacks in 2018.

4.) 11 Cybersecurity Resolutions For 2018 (December 22, 2017)

https://www.forbes.com/sites/forbestechcouncil/2017/12/22/11-cybersecurity-resolutions-for-2018/#13eb41cb503a

Summary: Cybersecurity threats are estimated to reach a whopping $6 trillion by 2021, according to a report by CSO. This rise in security attacks is frightening for businesses worldwide. Without a reliable plan in place, your company opens itself to a series of attacks that could be costlier than implementing the best of security strategies.

Why it matters: With no lack of attacks in 2017, and anticipation of even more attacks in 2018, it’s important for both organizations and individuals prepare for the ever-increasing likelihood of a breach or attack. This article highlights several specific cyber resolutions, including two-factor authentication, machine learning, encryption, and GDPR compliance.

5.) The Kaspersky Lab-U.S. government fight removed a miniscule amount of business (December 22, 2017)

https://www.cyberscoop.com/kaspersky-us-government-contracts-dhs-bod-lawsuit/

Summary: The U.S. government’s decision to ban Kaspersky Lab products from the federal government removes less than $54,000 worth of direct business, according to court filings and information provided to CyberScoop by the Russian anti-virus maker.

Why it matters: This article summarizes the trail of claims and events, and while any future business contracts between Kaspersky and the U.S. government are unlikely, there is a big question around the potential damage to U.S. cyber operations already suffered on account of previous investments in the Russian-based company.