2017 has been a particularly bustling year regarding digital security events. They are especially memorable the irruption of WannaCry, Petya/NotPetya and Badrabbit, just to mention a few. But in the mood of making New Year’s resolutions; we need to make the balance of cyber attacks 2017: What other cyber attacks occurred during this year? What vulnerabilities they exploited, and what were the consequences?
At this point, we move forward a bit to say that the most visible consequence; is the obvious need to take urgent measures to protect the sensitive data of our companies. Also, there are many expectations for 2018 regarding digital security to expel and minimize damages resulting from cyber attacks.
Let’s see then what to expect to keep up with challenges, and prepare ourselves to tackle cyber attacks by enhancing our measures in digital security.
Cyber attacks 2017: Emblematic cases
Probably the exact date may slip away, but we all remember all the fuss over WannaCry. On 13 and 14 May of this year, the world experienced one of the most aggressive cyber attacks to date. This ransomware impacted worldwide, and its distinguishing feature was the ransom request to up to $300 in Bitcoins.
Almost in parallel, other malware popped up. Adylkuzz was one of them. This ransomware infected millions of devices using a vulnerability found in the cryptocurrency known as Monero. Infected devices sent information that legally generated Monero cryptocurrencies; then they all disappeared from the victims’ accounts.
Also, Petya/NotPetya struck hard. It used Dropbox files as a mean of propagation to catch up data files. Its hallmark was that it gripped the boot system.
Cyber attacks 2017: What lies ahead for 2018?
According to Sophos:
“Ransomware is big business on the Dark Web. Its creators realized they could make more money not just by extorting currency from their victims, but by selling kits buyers could use to make and distribute their own. We’ve seen a number of different services and pricing models in the past year, and expect to see many more in 2018”
The Government of Colombia has declared through its Ministry of Defense its agreements with the Organization of the North Atlantic Treaty (NATO) and with the United Kingdom (UK) to confront ransomware attacks.
For its part, Europe is addressing these attacks. According to the President of the European Commission, Jean-Claude Juncker; Europe is poorly equipped against cyber attacks. As a response, they plan to vote for joint measures to aggressively confront cyber attacks for 2018.
Among the joint measures, it is transforming Enisa (the agency responsible for network security and information of the European Union -EU-) into a real cybersecurity agency. Currently, this agency limits itself to offer solutions and practical advice to the public and private sectors of the countries of the EU; and the European institutions.
Beyond cyber attacks 2017: Measures to protect us in 2018
One of the mistakes that expose us to cyber attacks, is assuming that we are sufficiently shielded against them. Therefore, we repeat the following recommendations:
- Carry out frequent updates or patches for your operating system.
- Disconnect or isolate those computers with obsolete OS. If possible, upgrade or replace your devices with this condition.
- Close the 137 and 138 UDP ports, and 139 and 445 TCP in the firewall or network firewall.
Challenges for 2018 in Digital Security
For 2018, it is expected that cybercriminals replicate new ransomware using Wanna cry, Petya/NotPetya schemes, due to the huge impact they caused. As an example, we have Badrabit. This ransomware uses Flash player as a mean of replication. Also, it takes advantage of the Window vulnerability found in SMB protocol EternalBlue, same as Wanacry and Petya/NotPetya did.
Thus, ransomware promises to attack in 2018 through a new illegal software market. One of them is particularly dedicated to amateur cybercriminals. This market is known as Ransomware As Service or RAAS. By this means, less experienced cybercriminals simply buy the code through the network that also includes video-tutorials. As an example, we found Cerber, Satan, and Philadelphia.
All in all, it doesn’t matter how cyber attack will strike as they always will have some vulnerability that will allow their solution. However, get ahead and save yourself the bad experience by protecting your sensitive data in advance with the options we have here at GB Advisors the best solutions to protect your sensitive data. Contact us here, and we will gladly attend your queries.