Cloud Security News: Week in Review is our blog series, grabbing the more interesting cloud security scoops from the web. Sit back, relax, and catch up on all you should know about this week.
It may be a new year, but is the cybercriminal community turning over a new leaf? Hopefully ransomware attacks aren’t nearly as prevalent or successful compared to 2016. According to CSO, ransomware cybercriminals were able to steal an estimated $1 billion worth of Bitcoin last year. Unfortunately, there are already new varieties of ransomware out causing damage — 2017, meet GoldenEye, every HR department’s worst nightmare. In a weird twist of events, there’s also a new type of ransomware that may actually be doing its victims some good. Read all about it below.
By Maria Korolov (@MariaKorolov)
Ransomware cybercriminals were hard at work in 2016, successfully carrying out attacks that earned them millions of dollars worth of Bitcoin. The most prosperous type of ransomware was the notorious Locky, which stole over $220 million between its four different Bitcoin wallets. Cryptowall also did some serious damage, bringing in almost $100 million prior to its shutdown. Let’s hope that increased efforts to fight ransomware this year will pay off (no pun intended).
By Danny Palmer (@dannyjpalmer)
Human resources departments beware. This new ransomware takes advantage of the fact that HR employees constantly have to open attachments from various, not to mention unfamiliar, job applicants. Unbeknownst to HR, these job candidates are in fact cybercriminals attacking via GoldenEye. Wondering how it works? The email sent to HR contains two attachments: 1. A cover letter in PDF format that is actually harmless, with the purpose of reassuring the victim it’s just a normal job application, 2. An Excel file that appears to be an application form, but actually contains the GoldenEye payload ready to pounce.
By Lee Mathews (@leemathews)
Here’s a pretty cool story for you, despite it being about ransomware (trust me). The newly discovered Koolova ransomware will decrypt your files for free… With one catch. Once Koolova has infiltrated the victim’s system, a seemingly standard warning screen appears. Though upon thorough reading, the victim will see the message: “If you ‘agree to stop downloading unsafe applications off the Internet’ and do the recommended reading, you’ll get a decryption key free of charge.” You may ask, who’s responsible: criminal or vigilante?