Case Studies And Key Industrial Players In Cyber Threat Management: [Essay Example], 1110 words GradesFixer
exit-popup-close

Haven't found the right essay?

Get an expert to write your essay!

exit-popup-print

Professional writers and researchers

exit-popup-quotes

Sources and citation are provided

exit-popup-clock

3 hour delivery

exit-popup-persone
close
This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

Case Studies And Key Industrial Players In Cyber Threat Management

Download Print

Pssst… we can write an original essay just for you.

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

Get your price

121 writers online

blank-ico
Download PDF

Malicious remote admin tool linked to KONNI malware

Since early 2018, a threat actor has been attempting to infect Russian and Cambodian political targets with a newly discovered malicious remote administration tool (RAT) that researchers believe could have North Korean connections.

Palo Alto Networks Unit 42 threat research team discovered the malware refers to it as NOKKI because it shares overlapping code and infrastructure with KONNI, which was another RAT that for the last four years has been spread through phishing documents often containing themes pertaining to the Korean peninsula. NOKKI collects information from an infected machine such as IP address, hostname, user name, driver information, OS and installed programs. The malware, which can also drop and execute payloads and produce decoy documents, is also distributed similarly to KONNI — via email phishing campaigns.

NOKKI attacks are of two types, the attacks from first half uses FTP and second half uses a separate NOKKI variant that relies on HTTP. The mid attacks somewhere around July indicates some unusual behaviour which targeted the fans of Russian World Cup. The inference that the researchers predicted to say that North Korea was involved was when they confirmed that there was a reference made to a North Korean official who was visiting Singapore.

Pirated GOT episodes most popular TV bait for malware

Game of Thrones known popularly as GOT are getting targeted for hackers where they are looking to spread malware content via a pirated TV content as per the study from Kaspersky Lab and BestVPN. com teams. The team has been successful in detecting more than 15000 infection attempts for users who downloaded illegal versions of GOT and more than 40000 plus were victims of the same.

The trigger is simple, whenever the user downloads the illegal versions of GOT, the malware would get simply get injected into the users machines without the knowledge of the users. Similar attacks were discovered in Netflix’s Stranger Things episodes which infected more than 4000 plus users and more than 2000 plus attacks happened on the HBO’s West world episodes.

Ransomware related to Barack Obama

Researchers have discovered a Barack Obama ransomware that is also known as Barack Obama’s Everlasting Blue Blackmail Virus Ransomware. This malware was detected by MalwareHunterTeam. This malware when injected into the user machine will encrypt the. exe files on a user computer and displays an image of President Barack Obama asking for a ransom to decrypt the encrypted files. As per Bleeping Computer, once the malware is executed it inspires change by terminating the processes associated with antivirus software including Kaspersky, McAfee, andRising Antivirus before it scans the computer for. exe files to encrypt them.

This ransomware also modifies the registry keys associated with. exe files and they use a new icon and run the virus each time when someone launches the executable part of the encryption process.

SamSam Ransomware

Allied Physicians of Michiana, Mich. , reported it was hit with a SamSam ransomware attack earlier this month, but was able to quickly restore its systems and the healthcare facility does not believe any patient data was compromised. The attack took place on May 17 and as per company CEO Shery Roussarie the computer network was quickly shut down to contain the cyberattack. While CEO did not say how long the firm’s systems were impacted, but indicated its internal IT team working with an outside incident responder and counsel was able to restore operations without any significant disruption of services. Allied Physicians believes the situation has been contained and it is conducting additional forensic work to confirm that personal and protected health information was not compromised during the attack. The FBI, which is also involved in the investigation, told Allied ransomware attacks are usually geared toward obtaining a financial payout and are not designed to extract information. Allied did not indicate whether or not a ransom was demanded.

BLACKHEART Ransomware

The blackheart ransomware program which is recently discovered has its program which can drop its malicious payload with a legitimate AnyDesk remote desktop tool which evades detection. The blackheart ransomware which is detected as RANSOM_BLACKHEART, will generate a ransom note which will demand $ in bitcoins in exchange for decrypting affected files. Trend Micro reports in a May 1 blog post. The company refers to BLACKHEART as a “fairly common ransomware, with a routine that encrypts a variety of files that use different extensions as part of its routine. ”

Trend Micro reports in a May 1 blog post. The company refers to BLACKHEART as a “fairly common ransomware, with a routine that encrypts a variety of files that use different extensions as part of its routine. ”While it’s known that BLACKHEART infects its victims via malicious sites, the company does not at this time understand the specifics of that process. Developed by AnyDesk Software GmbG in Germany, AnyDesk provides users with bidirectional remote access between personal computers running on various operating systems and unidirectional access on the Android and iOS mobile platforms. Other features include Transport Layer Security, file transfers and client-to-client chat. F. Ex-Sun Trust employee helps compromise 1. 5 million bank clientsSun Trust Bank was hit with an insider attack when a former employee, working with a third party, stole company contact lists possibly exposing the personal information of up to 1. 5 million customers.

Sun trust said that the information on the contact lists included the client’s name, address, phone number and in some cases account balances. The contact lists did not include Social Security numbers, account numbers, PINs, User ID, passwords, or driver’s license information. SunTrust is working with outside experts and coordinating with law enforcement and is making credit monitoring available to those affected.

Conclusion

In today’s world, our data or information which is of at most importance should be protected failing which leads to security breaches. We can predict from this study that it may be a single person or a group that can cause this damage leading to loss of our valuable information. So, we need to constantly monitor every time to see that our information is being protected. Security threats lead to weaknesses in our systems causing vulnerabilities. There are many ways to handle these threats and vulnerabilities which include enforcing a strong malware defence mechanism, deploying vulnerability scanners, SIEM tools to detect any abnormality, IDS/IPS etc. We can use the following suggestions to keep our environment clean,

  • Make sure that all the necessary updates are applied to computers all the time.
  • Vulnerability scanning should be done periodically to ensure our environment is free of any loopholes.
  • Once the vulnerabilities are identified, we need to have pen testing in place from an external vendor who can access our environment.

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

100% plagiarism free

Sources and citations are provided

Cite this Essay

To export a reference to this article please select a referencing style below:

GradesFixer. (2020). Case Studies And Key Industrial Players In Cyber Threat Management. Retrived from https://gradesfixer.com/free-essay-examples/case-studies-and-key-industrial-players-in-cyber-threat-management/
GradesFixer. "Case Studies And Key Industrial Players In Cyber Threat Management." GradesFixer, 16 Mar. 2020, https://gradesfixer.com/free-essay-examples/case-studies-and-key-industrial-players-in-cyber-threat-management/
GradesFixer, 2020. Case Studies And Key Industrial Players In Cyber Threat Management. [online] Available at: <https://gradesfixer.com/free-essay-examples/case-studies-and-key-industrial-players-in-cyber-threat-management/> [Accessed 7 July 2020].
GradesFixer. Case Studies And Key Industrial Players In Cyber Threat Management [Internet]. GradesFixer; 2020 [cited 2020 March 16]. Available from: https://gradesfixer.com/free-essay-examples/case-studies-and-key-industrial-players-in-cyber-threat-management/
copy to clipboard
close

Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.

    By clicking “Send”, you agree to our Terms of service and Privacy statement. We will occasionally send you account related emails.

    close

    Attention! this essay is not unique. You can get 100% plagiarism FREE essay in 30sec

    Recieve 100% plagiarism-Free paper just for 4.99$ on email
    get unique paper
    *Public papers are open and may contain not unique content
    download public sample
    close

    Sorry, we cannot unicalize this essay. You can order Unique paper and our professionals Rewrite it for you

    close

    Thanks!

    Your essay sample has been sent.

    Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.

    thanks-icon Order now
    boy

    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Having trouble finding the perfect essay? We’ve got you covered. Hire a writer

    GradesFixer.com uses cookies. By continuing we’ll assume you board with our cookie policy.