As TeslaCrypt is retired, and superseded for the most part by CryptXXX, other strains of ransomware continue to circulate. CYBER.POLICE, puerile screen presentation and all, remains a problem for Android devices. More criminals are making use of a combined ransomware and DDoS attack. KnowBe4, Invincea, and FireEye are tracking this development, which strikes many observers as the new normal: such attacks are inexpensive to mount and promise a good payoff.
Paying ransom loses some of its meretricious luster. Kansas Heart Hospital, following the example of Hollywood Presbyterian, did pay recently, only to find that its attackers reneged on their promise to decrypt files. The criminals decrypted only a fraction of the affected files, then demanded additional payments. That was enough for Kansas Heart—they’re no longer paying.
Rogue hardware devices turn up in the wild: the US FBI warns against keyloggers disguised as USB charging devices.
Microsoft’s Azure Active Directory now blocks weak passwords that have shown up in breaches. (Like, the Register notes, “M!cr0$0ft.”)
In industry news, the next major security IPO is rumored to be Blue Coat, which could move as early as next week. And investors continue to look for buying opportunities in established companies.
In the crypto wars, some in law enforcement are coming around to the view, prevalent in the US IC, at least, that hacking, not backdoors, are the way to access systems. (Law enforcement adds “undercover work.”)
In the UK, the “snooper’s charter” will be subjected to a review before it clears Parliament.