This article discusses ransomware and looks briefly at malware affecting point-of-sale (POS) systems, considering attack vectors and relevant defenses. It also touches on some of the exploit particulars, including origins as US government secrets.
In the last year, malware has featured prominently in news media, particularly as ransomware has affected a number of organizations including utilities, hospitals, and universities all over the world. Perhaps the most notorious, WannaCry and Petya, made use of vulnerability and exploit information previously held by the US National Security Agency and later disclosed by an organization calling itself the Shadow Brokers. Despite this, the defenses against these sorts of malware remain largely constant: a mixture of conventional preventative and detective controls. Furthermore, other sorts of malware with a more specialist focus, such as targeting point-of-sale (POS) software, requires the same set of defenses.
In May of this year, a variant of a previously little-known type of ransomware began infecting vulnerable systems and gained rapid notoriety for its affect against offices and healthcare facilities of the UK’s National Health Service (NHS). Like other sorts of ransomware, it affected its target systems by encrypting critical files, preventing the legitimate users from accessing them until paying a ransom in Bitcoin. Crucially for NHS, this impacted their ability to deliver health services to its patients, although other organizations such as corporations and universities faced similar computing disruptions. While its effect bore the usual hallmarks of ransomware, it spread using an exploit known as Eternal Blue.
Read more: bluetoad.com
About the AuthorMore Content by Jacob Ansari