REGULATORY VIEWPOINTS ISSUE 4 MAY 2017

Into the EternalBlue

As the world enters a new week, individuals hack’ training videos. You can safely view these and organisations are waiting to learn yourself. We left all the stable doors open, and whether the recent ransomware attack, the entire string of horses has bolted. already affecting more than 200,000 computers in over 100 countries, will How easily malware can be spread continue to be detected on new machines. We are not certain how this new attack has The malware might be sitting on many been distributed, but there are two probable thousands of computers that have not been scenarios. In the first, the malware could used over the weekend. have been spread via email. Finding email addresses for specific organisations can be While serious, this latest attack is not yet a child’s play; it is often as simple as searching candidate for the place of largest ever seen. on Google. I ran a search for UK National The Mariposa Botnet infected over 13 million Health Service email lists posted online this computers a few years ago and at least one morning and found thousands of publicly other such case, where a hacker remotely available examples. takes control of large numbers of machines at the same time, has reached similar Even the most low-level hacker can, proportions. But the current infection has therefore, send infected emails to targets. captured the headlines, and it underscores The emails could contain the malware itself, some fundamental challenges facing modern possibly in the form of an attachment, or they computing systems and networks. could contain links to infected webpages or Dropbox files. How easily malware can be created In days gone by, a very clever human was The second possibility is that the malware needed to create new malware. Those days is spread in the form of Worm; it worms are long gone. Search online, and you’ll its way through a network, automatically quickly find a bewildering array of malware finding vulnerable machines to infect. The toolkits that allow those bold enough to most famous Worm in history was called download them (don’t – you’ll certainly get Stuxnet, which attacked the Iranian nuclear your device infected) to customise a new programme several years ago. The recent variety of malware with a few clicks of the documentary film Zero Days describes this mouse. These are often hosted on seemingly incident in detail. legitimate hosting sites, as well as in the so- called Darknet or Dark Web. Most experts believe that Stuxnet was developed by the US National Security Cyberspace is weaponised. Anyone with the Agency, the NSA, which was also the source will can find the guns and ammunition, and of the leaked hacking files apparently used almost anyone can work out how to pull the by last week’s attackers. It will, therefore, be trigger. If they are unsure, they merely need to no surprise if Worm approach has been used visit YouTube and search for various ‘how to again.

DUBAI OFFICE: [email protected] LONDON OFFICE: [email protected] www.cclacademy.com www.cclacademy.co.uk +971 4 427 2151 +44 20 7638 9830 REGULATORY VIEWPOINTS • ISSUE 4 • MAY 2017

Why malware has such an impact explaining the way that email attacks work, You probably wouldn’t be too surprised if you showing them examples of what these ignored a recall on your car and then suffered emails might look like and then testing their a breakdown or an accident. True, the awareness with phishing campaigns. manufacturer must have made a serious error, • Search online regularly for files that might but you share the blame for the outcome. Get expose your user’s details to public view. If your car fixed and serviced before you drive you find any, consider helping those users it again! who have been exposed to change their email addresses and passwords and reduce The same is true of computer systems. the risk of spam, phishing and malware Windows XP, which seems to be the main attacks. target of last week’s attacks, and Windows 7 are no longer supported by Microsoft. Like the motor vehicle, our dependence on This means that if new security flaws are computing technology is now universal and discovered by hackers, they are generally absolute. But unlike on the road network, we not going to be fixed. More modern systems are not required to drive safely online with are also vulnerable if they haven’t frequently properly serviced equipment, and neither are been updated (patched). we trained to do so. What the latest attack should teach us is that it’s time we enforced How to stay safe a proper road code for the internet, managed What does this mean in practical terms? it properly and held both manufacturers and Here’s a simple list of must-do security users accountable for risky behaviour. measures for everyone with a computer. Even large organisations of the type attractive The CCL Academy, in collaboration with Mark to hackers often fail to adopt these simple Johnson, have recently launched a range actions effectively: of innovative eLearning modules designed to train your staff on how to protect your • Keep your system constantly updated. Run organisation against Cyber-attacks like this. automatic Windows Update checks and For a free eLearning trial, click here. other updaters for your various programmes and browsers. Never ignore the update message.

• Run up-to-date anti-malware. The anti- virus industry works tirelessly to send you updates daily that address the latest risks; Author: let these update automatically too. Mark Johnson • Train users never to click on suspicious links Cybercrime Advisor, or open email attachments. This means CCL Academy

DUBAI OFFICE: [email protected] LONDON OFFICE: [email protected] www.cclacademy.com www.cclacademy.co.uk +971 4 427 2151 +44 20 7638 9830