Weekly Security Roundup with Clinton Pownall

By Clinton Pownall
 President & CEO
 Computer Business

From Phishing to Smishing. Last week I wrote about the ever-present threat of phishing—using social engineering to convince e-mail recipients to click on something that will download malware onto their computer. Naked Security carries one of those informative articles you want everyone to read:

“Smishing attack tells you ‘mobile payment problem’– don’t fall for it!”

Smishing refers to phishing attacks executed via SMS text messages (SMS + Phishing = Smishing).

Basically, you receive a text message telling you, for example, that the payment you made to Verizon, AT&T, T-Mobile or some other carrier has failed, and you need to re-enter your payment data. If you know that Verizon isn’t your carrier, you can tell right away (we hope) that this is a scam. But if by chance the name of the carrier matches the one you happen to have, well this is where we need to remember that you don’t click on such links. You enter the URL on your own, or give a call. Hackers work hard to create phony URLs that appear to be legitimate. While the article focused on hacks targeting mobile phone carriers in the UK, there is a spectrum of potential targets as we make ever more use of mobile payment systems. As always—unfortunately—we need to be cautious . . . in fact suspicious of any request we receive that asks us to input personally identifiable information—especially financial data.

Hospitality Industry Targeted with New ‘ModPipe’ Malware. As if the hospitality industry wasn’t already facing enough challenges from the COVID-19 pandemic diminishing business, ZDNet reports on a new malware, called ModPipe, that targets restaurant and hotel point of sale (PoS) systems used by “hundreds of thousands” of organizations in the hospitality sector. The malware targets PoS systems running Oracle’s Restaurant Enterprise Series (RES) 3700 software, creating a backdoor for harvesting sensitive information. ZDNet reports: “RES 3700 is described by Oracle as the ‘most widely installed restaurant management software in the industry today.’ The software suite is used to manage PoS, loyalty programs, reporting, inventory, promotions, and mobile payment.” The report notes that fortunately credit card numbers are encrypted by the system. While other user data, including names, can be harvested, ZDNet says, it appears as if the encrypted data is safe. Hooray for encryption.

COVID-19 Vaccine … Good News, but Hackers Are After It. It was reassuring to hear the news about early data showing Pfizer’s COVID-19 vaccine is more than 90% effective. So, it was disappointing—but hardly surprising—to read reports that nation-state attackers are targeting COVID-19 vaccine makers around the world. Tom Burt, corporate vice president of Customer Security and Trust at Microsoft, recently wrote a blog post titled “Cyberattacks targeting health care must stop.” He reports: “In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19. The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States. The attacks came from Strontium, an actor originating from Russia, and two actors originating from North Korea that we call Zinc and Cerium.” In the same post, Burt also pointed to the ransomware attacks on hospitals and healthcare organizations across the U.S. and beyond.

Microsoft Patches Zero-Day Exploit. Good news with Microsoft announcing that as part of its weekly Patch Tuesday, it issued a fix for the zero-day vulnerability that had been discovered by Google’s Project Zero team. As I noted last week, zero-day vulnerabilities are especially concerning as they arrive without warning, forcing security experts into a race to secure the vulnerability before it is more widely exploited—which is precisely what Microsoft has now done. No apologies for repeating the following from my last week’s column, because it is so very important: Zero-Day exploits underscore the need for constant vigilance with security. Organizations that don’t have 24×7 security staff, with industry-leading expertise, should consider working with a third-party security management team.

Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor’s of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. Pownall serves on several boards and committees and has a strong affiliation with education having previously served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He serves as a Board of Director for the Orlando Shakespeare Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce and the Orlando Economic Partnership.