Malware in 2017: The More Things Change

October 10, 2017 Jacob Ansari

This article discusses ransomware and looks briefly at malware affecting point-of-sale (POS) systems, considering attack vectors and relevant defenses. It also touches on some of the exploit particulars, including origins as US government secrets.

In the last year, malware has featured prominently in news media, particularly as ransomware has affected a number of organizations including utilities, hospitals, and universities all over the world. Perhaps the most notorious, WannaCry and Petya, made use of vulnerability and exploit information previously held by the US National Security Agency and later disclosed by an organization calling itself the Shadow Brokers. Despite this, the defenses against these sorts of malware remain largely constant: a mixture of conventional preventative and detective controls. Furthermore, other sorts of malware with a more specialist focus, such as targeting point-of-sale (POS) software, requires the same set of defenses.

WannaCry ransomware

In May of this year, a variant of a previously little-known type of ransomware began infecting vulnerable systems and gained rapid notoriety for its affect against offices and healthcare facilities of the UK’s National Health Service (NHS)[4]. Like other sorts of ransomware, it affected its target systems by encrypting critical files, preventing the legitimate users from accessing them until paying a ransom in Bitcoin. Crucially for NHS, this impacted their ability to deliver health services to its patients, although other organizations such as corporations and universities faced similar computing disruptions. While its effect bore the usual hallmarks of ransomware, it spread using an exploit known as Eternal Blue[2].

Read more: bluetoad.com

About the Author

Jacob Ansari

Jacob Ansari is a Manager at Schellman. Jacob performs and manages PCI DSS assessments. Additionally, Jacob oversees other Payment Card Industry assessment services, namely PA-DSS and P2PE. Jacob’s career spans fifteen years of information security consulting and assessment services, including network and application security assessments, penetration testing, forensic examinations, security code review, and information security expertise in support of legal matters. Jacob has performed payment card security compliance assessments since the payment card brands operated their own standards prior to the advent of PCI DSS. Jacob speaks regularly to a variety of audiences on matters of information security, incident response, and payment card compliance strategy.

More Content by Jacob Ansari
Previous Article
New York Department of Financial Services Cybersecurity: Are You On Track?
New York Department of Financial Services Cybersecurity: Are You On Track?

On March 1, 2017, New York Department of Financial Services (NYDFS) released their cybersecurity...

Next Article
Blockchain Slowly Moves Into the Marketing Industry
Blockchain Slowly Moves Into the Marketing Industry

There has been much ado about blockchain lately and for good reason. The technology, which was f...

×



Subscribe now
to receive content updates once a week

First Name
!
Success
Error - something went wrong!