Congress continues to crawl towards new legislation to contain cybersecurity damage. Meanwhile, traditional antivirus techniques now miss most attacks, and Western Digital customers wake up to empty backup drives.
Traditional anti-virus and anti-malware apps look for specific strings of code in files (or data transfers) to determine if they’re dangerous. Those strings of code, or “signatures”, are updated periodically as new attacks come to light.
The world of cybercrime is now moving too fast for this to work. WatchGuard Technologies analyzed data collected from customer networks and found that 74% of detected threats wouldn’t have been detected by signature-based software.
Many attacks are now “Zero Days” or brand-new attacks without known signatures. Even old attacks were “repackaged” in ways that prevented signatures from appearing in the code. This is one of the biggest signs yet that traditional anti-virus software has been outflanked by cybercriminals releasing new and repackaged code at a near-daily pace. [Read More at DarkReading]
Western Digital’s MyBook devices are a popular way for home users to back up files – they’re cheap, easy to use external drives you can pick up at BestBuy. The (discontinued) MyBook Live series added an ethernet connection, allowing multiple computers to use the device over a local network.
These local-only backups are not very resilient, especially in the age of escalating cybercrime. Users who were relying on these devices to store valuable data are waking up to devices that have been remotely ‘reset’, deleting all data from the drives. The current solution: unplug them.
According to Western Digital, these devices are falling prey to a “remote command execution vulnerability”. There’s no patch as of yet, so MyBook Lives on improperly secured networks could be wiped at any time. [Read more at Threatpost]
More computer users than ever know they should avoid clicking on links in sketchy emails. That has led at least one malware operator to invest in a call center.
Microsoft is reporting that some users are receiving scam emails stating they’ve downloaded a demo product with an expiring trial period, and monthly charges will begin in 24 hours. There are no links in the email – instead, the email recipient is instructed to call a US-based phone number.
The helpful person on the other end of the line directs the email recipient to a website and asks them to download a file. The file, of course, is malware. It steals any passwords on the network the user can access, potentially opening a business network to a major attack. [Read more at ZDNet]
A draft of a federal data breach law is now being circulated in Congress by the top Republican and Democrat on the Senate Intelligence committee. The law requires specific types of businesses to notify the Cybersecurity and Infrastructure Security Agency of a “cybersecurity intrusion or potential cybersecurity intrusion” within 24 hours of detecting the attack. There are financial penalties for companies who do not comply.
The companies covered by the draft legislation include federal contractors, companies involved with maintaining critical infrastructure and companies who provide cybersecurity incident responses. Timelines, covered companies and financial penalties could all change before the law is formally introduced. [Read More at BankInfo Security]