Weekly Security Roundup with Clinton Pownall

Ransomware Update. Here’s one to file under: Thieves have no honor. The just released Coveware Quarterly Ransomware Report, tracking trends for Q3 2020, notes that not only is the price of ransomware demands going up, so is the fact that despite the  promises of data thieves, they are more likely than ever to post the stolen data online, despite receiving a ransom. (Coveware notes that the average ransomware demand increased 31% over Q2, to $233,817.) Of course, my belief is that ransomware should never be paid . . . and that the best way to avoid such thieves is to implement a comprehensive security program—including a tightly secured network with strategically secured onsite and offsite backups.

New Zero-Day Exploit. Google’s Project Zero team, a group of security analysts devoted to finding zero-day vulnerabilities, has announced discovery of an exploit against the Windows Kernel Cryptography Driver, that could allow a hacker to escalate user privileges. This is especially important work as zero-day exploits, as the name implies, are those that arrive without warning, forcing security experts into a race to secure the vulnerability before it is more widely exploited. An article in Ars Technica, “Google’s Project Zero discloses Windows 0-day that’s been under active exploit,” notes that “In keeping with long-standing policy, Google’s vulnerability research group gave Microsoft a seven-day deadline to fix the security flaw because it’s under active exploit. Normally, Project Zero discloses vulnerabilities after 90 days or when a patch becomes available, whichever comes first.” Zero-Day exploits underscore the need for constant vigilance with security. Organizations that don’t have 24×7 security staff, with industry-leading expertise, should consider working with a third-party security management team.

North Korea Goes Spearfishing with Job Offers to U.S. Aerospace and Defense Workers. I’ve written extensively (as has just about everyone else in the security field) about the enormous dangers of well-crafted spearfishing attacks—in which hackers use social media and other sources to draft convincing e-mails that lure users into clicking on links that download spyware and other threats. The Hacker News has good coverage on this in their article “North Korean Hackers Used ‘Torisma’ Spyware in Job Offers-based Attacks.” The spearfishing was detected by McAfee researchers, who codenamed its tracking efforts “Operation North Star.” The Hacker News notes: “The development continues the trend of North Korea, a heavily sanctioned country, leveraging its arsenal of threat actors to support and fund its nuclear weapons program by perpetrating malicious attacks on US defense and aerospace contractors.”

Fighting Back with a U.S. Network of Cybersecurity Institutes. It can be distressing (and depressing) to read about the constant and massive attacks that are underway second-by-second against companies, government agencies, and other organizations throughout the U.S. and beyond. So I enjoyed reading a recent article on the Homeland Security News Wire. The article, “Creating a National Network of Cybersecurity Institutes,” describes a recent grant from the Cybersecurity and Infrastructure Security Agency (CISA) to the University of Illinois at Urbana-Champaign to guide CISA in creating a national network of cybersecurity technical institutes. The article quotes Bryan Ware, CISA assistant director of cybersecurity, as saying: “CISA sees the growing cybersecurity workforce shortage in the United States as a national security risk.” I agree completely, and wish them well.

Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor’s of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. Pownall serves on several boards and committees and has a strong affiliation with education having previously served on the Bill & Melinda Gates NextGen Foundation. He serves as a Board of Director for the Orlando Shakespeare Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce and the Orlando Economic Partnership.