Procurement 12 March 2019

3 cyber fraud horror stories and how they could’ve been prevented

cyber fraud
Online fraud now most prevalent type of crime in England and Wales
Ransomware is one of the biggest threats to business owners, both large and small. In most cases, ransomware can be prevented – yet it’s often not, due to a number of factors (which well explore).

Writing for Business Advice, cyber security expert Robert Dale showcases three of the worst cyber fraud horror stories you’ve ever read, and what couldve been done to prevent them.

L0cky

L0cky was a ransomware released in 2016 which was spread via email. It showed up in a user’s inbox as an invoice payment request, with an attached Word document. The Word document was infected with malicious macros, but simply opening the Word document didnt infect the user’s computer. No, Locky required some serious user-error to execute itself.

When the Word document was opened, it was full of a bunch of gibberish, and a single line that said: Enable macro if data encoding is incorrect.

well, since weve already downloaded strange Word documents from suspicious emails, why not follow the Word document’s instructions asked every subsequently infected user, as they proceeded to enable macros in Word. Honestly, sometimes I think you should need a license to operate a computer, or be within 5 feet of one.

In any case, enabling macros within the Word document converts the document into a binary file that downloads the actual trojan. Which then encrypts the computer, and demands ransom (in the form of Bitcoin) to be unlocked.

Now, you might think such a virus might only infect your grandma, who fell for that Nigerian Prince scam years ago. But no. L0cky managed to infect hospitals, college campuses, and tons of small businesses.

How could L0cky have been prevented: Well, not downloading attachments from strange emails wouldve been a start. Not following the instructions in a strangely encoded Word document wouldve been a great follow-up. Keeping your antivirus updated is also a smart idea – though you need a good antivirus from a reputable company that keeps their virus definitions updated. If you read
this article, it makes a good case for Avira.

__________________________________________________________________________________
CEO fraud

 

What is CEO fraud and how can I identify it?

Business Advice unpicks one of the growing threats to small companies, asking what is CEO fraud, before consulting two experts on the typical tactics employed by scammers and how owners can protect their firm.

__________________________________________________________________________________

WannaCry

WannaCry was a ransomware in 2017 that caused billions of dollars in damage globally. it’s a really long story that involves the NSA, Russia’s GRU intelligence agency, Microsoft, unknown Russian hackers, and somehow North Korea.

It was basically a real-life Tom Clancy novel, with some elements of Stephen King’s The Stand for good measure. Remember in The Stand how the world-population-destroying virus basically escaped a secret government lab? That’s the summary of what happened here.

The NSA had been compiling system exploits for a long time, basically coming up with all kinds of nasty system hacks. They created a penetration tool that targets Microsoft Windows, and codenamed it EternalBlue. Theyve been compiling these zero-day exploits for cyberwarfare because nowadays, you can pretty much cripple a country’s economy with a good virus. The NSA notified Microsoft, and Microsoft released a security update for Windows platforms. Which apparently, nobody downloaded.

Somewhere along the way, hackers known as the ‘shadow Brokers? (this is where it starts to read like a Tom Clancy novel) stole a bunch of data, including a bunch of top-secret hacking tools, from the NSA, and leaked it online. Other unknown? hackers, though the CIA is pointing fingers at the Russian military, used the leaked data to create a new ransomware called WannaCry, based on the NSA’s EternalBlue exploit.

WannaCry then made its way around the world. As a ransomware, WannaCry’s payload encrypted the MBR (Master Boot Record) of a computer, which basically locks the entire computer from booting up, while displaying a ransom message. Victims were instructed to wire money for their computers to be unlocked.

So while the world was being infected, security researcher Marcus Hutchins (who is actually pending trial on unrelated hacking and malware charges) discovered a kill-switch? in WannaCry, which he heroically shared with the world. And then a new version of WannaCry came out, with a new kill-switch method, which was also discovered, and then the final boss appeared, a version of WannaCry with no kill-switch at all.

A Scooby group of security researchers from several universities put their heads together and finally defeated WannaCry with encryption APIs, mathematics revolving around prime numbers, and sorcery. Though WannaCry still did around $4bn in damages before suffering defeat.


 
TAGS:

Work and Wellbeing