November Computer Use Threat Advisory

Resources

Learn about the latest cyber threats below, along with a more expansive list of best practices. Remember safety is everyone’s responsibility!

Need to Know

  • Please continue to be aware that if any County pc were to receive a Ransomware pop-up that pc should be shut down immediately and Information Systems notified by the department manager.

  • Do not use unsubscribe links in unsolicited messages because they may be forged and could confirm your email address is a legitimate email address

  • Do not fill out forms or reply to email messages / phone calls that ask for personal financial information or to confirm account information

  • Do not download any files or execute software that is from the Internet unless it is for county business and has been approved & scanned for viruses by MIS

Read on to find out more about these threats and others that can wreak havoc in your professional and personal lives.

Email Threats

  • The global spam rate dropped slightly in September to 55%.

  • The email malware rate increased slightly in September to one in 312 emails which is the highest rate of activity seen since December 2016.

  • The number of new malware variants decreased again in September, dropping from 54.2 million to 50 million variants.

  • The phishing rate decreased slightly in September, down to one in 2,644 emails. The most effective phishing email subject lines include psychological triggers to get people to click such as urgent calls to action or exploit victims' desires.

Mobile Devices

  • One new Android malware family was discovered in September.

  • A new form of Android Ransomware has been found by ESET. This Android Malware named “DoubleLocker” spreads in the same way as its PC parent, as a fake Adobe Flash Player update that is pushed via compromised websites.

  • It is becoming more and more important for smartphones and tablets to have a comprehensive security solution which includes a virus scanner to check the mobile device for Trojans, viruses & other malware and includes surfing & phishing protection to secure users against dangerous emails and websites.

  • Please be advised of these mobile device best practices:

    • Use strong passwords

    • Think before you click

    • Always update to the latest mobile security patch.

    • Only download apps from official app stores such as the Apple App Store or Google Play. Mobile botnets will continue to surface on Google's Play Store and users should protect themselves by reading the reviews of any app prior to installation, including programs found on the Play Store. If users decide to install an app, they should review its permissions carefully before they finalize the download process and be very suspicious if any app requests/requires admin privileges.

Attacks

  • According to Symantec last year alone, the number of bots added to the global botnet was 6.7 million. Symantec reported the top 10 US cities hosting botnets are; Chicago (4.69%) Washington, D.C. (4.13%), Atlanta 3.49%, Ashburn (3.23%), New York (3.22%), Portland (3.18%), Los Angeles (2.02%), Las Vegas (1.98%), San Jose (1.96%), and Tampa (1.57%).

  • Bots sneak onto a person’s device in many ways. The malware is often mistakenly downloaded through links or malicious file attachments when opening an email or social media message. Botnets can also sneak onto devices when a user has visited a compromised website.

  • An IoT (Internet of Things) botnet has amassed 10,000 to 20,000 devices and has another 2 million hosts that have been identified as potential botnet nodes, according to Arbor's Security Engineering & Response Team (ASERT), which refers to the botnet as Reaper.

Breaches & Vulnerabilities

  • The Total Breaches YTD was up 18.5% - there have been 1,012 total reported breaches through the first nine months of 2017. There has been one mega breach and 9 other large breaches YTD in 2017, which compares to one mega breach and 14 other large breaches YTD in 2016. The three largest breaches YTD exposed a total of 156.5 million records, with Equifax being the largest.

  • According to the second-annual State of Privacy and Security Awareness Report, 7 in 10 employees lack the awareness to stop preventable cybersecurity incidents. For the second year in a row, the average survey respondent achieved a "Novice" score, showing they are dangerously close to one wrong decision or mistake leading to a security or privacy incident.

  • Manual Sharing topped social media scams, comprising more than 67% of scams in September. Like Jacking increased by 7 percentage points.

  • Hyatt Corp. is alerting customers about another credit card breach at some hotels, the second major incident with the hospitality chain. Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017.

Please read and continue to adhere to the following best practices:

  • Be suspicious of unexpected emails. Watch out for poor grammar or misspelled words which are red flags that the email is suspicious.

  • Do not open email attachments unless they are expected.

  • Do not use links in emails to get to webpages, especially if you suspect the message in any way.

  • Be very suspicious of shortened URL’s, do not click on them without previewing or expanding.

  • Be suspicious of search engine results and review the presented addresses prior to clicking on them.

  • Do not use unsubscribe links in unsolicited messages because they may be forged and could confirm your email address is a legitimate email address.

  • Do not fill out forms or reply to email messages / phone calls that ask for financial information or to confirm account information.

  • Do not download any files or execute software that is from the Internet unless it is for county business and has been approved & scanned for viruses by MIS.

  • Any removable media data must be scanned for malicious content prior to being attached to the County network.