Malware in 2017: The More Things Change

October 10, 2017 Jacob Ansari

This article discusses ransomware and looks briefly at malware affecting point-of-sale (POS) systems, considering attack vectors and relevant defenses. It also touches on some of the exploit particulars, including origins as US government secrets.

In the last year, malware has featured prominently in news media, particularly as ransomware has affected a number of organizations including utilities, hospitals, and universities all over the world. Perhaps the most notorious, WannaCry and Petya, made use of vulnerability and exploit information previously held by the US National Security Agency and later disclosed by an organization calling itself the Shadow Brokers. Despite this, the defenses against these sorts of malware remain largely constant: a mixture of conventional preventative and detective controls. Furthermore, other sorts of malware with a more specialist focus, such as targeting point-of-sale (POS) software, requires the same set of defenses.

WannaCry ransomware

In May of this year, a variant of a previously little-known type of ransomware began infecting vulnerable systems and gained rapid notoriety for its affect against offices and healthcare facilities of the UK’s National Health Service (NHS)[4]. Like other sorts of ransomware, it affected its target systems by encrypting critical files, preventing the legitimate users from accessing them until paying a ransom in Bitcoin. Crucially for NHS, this impacted their ability to deliver health services to its patients, although other organizations such as corporations and universities faced similar computing disruptions. While its effect bore the usual hallmarks of ransomware, it spread using an exploit known as Eternal Blue[2].

Read more: bluetoad.com

About the Author

Jacob Ansari

Jacob Ansari is the Chief Information Security Officer at Schellman & Company, where he develops and manages the company-wide information security program. Jacob oversees the processes for risk and security assessment, vulnerability management, software security, awareness and education, and incident response. Jacob has also performed in a client facing role as the technical lead for Schellman’s PCI services, and represents Schellman to the payments industry. Additionally, Jacob has experience with other Payment Card Industry assessment services, namely Software Security Framework, PA-DSS, P2PE, 3DS, and PIN. Jacob has extensive technical expertise on matters of information security, compliance, application security, and cryptography, and has been performing payment card security assessments since the card brands operated the predecessor standards to PCI DSS. Over the 20 years of his career, Jacob has spoken extensively on PCI-related matters, trained and mentored assessors, and contributed to groups on emerging standards, advisory bodies, and special interest groups.

More Content by Jacob Ansari
Previous Article
New York Department of Financial Services Cybersecurity: Are You On Track?
New York Department of Financial Services Cybersecurity: Are You On Track?

On March 1, 2017, New York Department of Financial Services (NYDFS) released their cybersecurity...

Next Article
Blockchain Slowly Moves Into the Marketing Industry
Blockchain Slowly Moves Into the Marketing Industry

There has been much ado about blockchain lately and for good reason. The technology, which was f...

×

First Name
!
Success
Error - something went wrong!