Cyber 321: 26th November 2021

Plain English cyber advice in 3 articles, 2 numbers and 1 action.

This week: How the BBC tried to track down some of the FBI’s most wanted Russian cyber attackers, how cyber attackers are making money simply through fear, and what NOT to do if you’re hit with ransomware.

This week’s action: Secure your website.

>>>>> THREE ARTICLES <<<<<

1: How the BBC went to Russia to try to track down the FBI’s most wanted cyber attackers

“Many of the people on the FBI’s cyber most wanted list are Russian. [Many] are accused of making a fortune from ransomware attacks and online theft. If they left Russia they’d be arrested – but at home they appear to be given free rein.” [..] “not only are the hackers allowed to carry on, they are recruited by the security services too.”

If you don’t believe the stories about the Russian hackers living the life off the proceeds of their cybercrimes, you have to read this piece by Joe Tidy at the BBC. The most striking image shows one of FBI’s ‘Persons of Interest’ driving a custom Lamborghini with the Russian word for ‘thief’ on the licence plate.

2: Fake ransomware on WordPress websites

“Fake red-on-black warnings have been plastered to hundreds of WordPress sites, warning that they’ve been encrypted.” [..] “But Sucuri researchers who tracked down and analyzed the fake ransomware said they found a whole lot of nothing.” [..] “It’s not surprising to see fake ransomware attacks in the wake of the yearly increase in actual ransomware attacks, [..] ‘Less skilled attackers can take advantage of the growing fear of ransomware and try to profit with simple hacks, rather than well-developed and complex ransomware.’”

When we think about cybersecurity, we naturally think about our internal network, servers and devices. Don’t we shouldn’t forget our shopfront to the world.

3: If you get hit by ransomware, what NOT to do

If you are hit by ransomware: "The first thing any company should teach their employees is not to open the ransom note and click on the link inside it… the timer starts to count when you click on the link. You can give yourself some valuable time by not doing this. Use this time to assess the impact of the ransomware infection."

If you are involved in a ransomware negotiation: “There’s the option of trying to convince the attacker that you can’t pay the ransom, but if the attacker has access to the network, they may be able to see financial documents or cyber-insurance policies – and likely have a figure in mind based off that document that will be the basis for negotiations.”

>>>>> TWO NUMBERS <<<<<

1: 80%

The percentage of Harvard University’s first-year students with a TikTok account, compared to just 24% who had a Facebook account.

2: 81 million

The number of videos taken down by TikTok in the 3 months to June 2021, because they violated its rules on bullying, suicide and hateful content.

81 million is less than 1% of the total number of videos on TikTok. Even if they take down the majority of dangerous material, the minority is still a large number.

Social media is more than just Facebook and Twitter. If you’re trying to build awareness about online dangers, don’t forget TikTok and the other new kids on the block.

>>>>> ONE ACTION <<<<<

1: Don’t forget your website

If your ‘shop front’ to the world is your website, you need to secure it.

The usual rules apply – Implement two-factor authentication on the site and on your hosting provider’s account; separate administrator accounts from ‘standard’ / editor accounts; run regular backups; keep the software (and themes and plugins) up-to-date. My guide to the basics may help.

I also recommend using a service like FollowThatPage, a simple detection measure that will send you an email if it notices any changes on your home page.

After all, why skip a security measure that cost very little and could be very valuable.