While working from home has become normalized, threat types and deployment have shifted in response. When the pandemic initially took hold, thousands of people were told to stay home. Some of these people used laptops and were allowed to take those home. Others were left to fend for themselves.
Unfortunately, this increases the likelihood that the proper protections are not in place. Oftentimes users are not sure what type of protections they should implement or how to properly implement them. These things combined put people working from home at greater risk of security threats.
This post covers three new security risks you should know about.
Security Updates: An Instagram Bug, Free AV & Ransomware
Not surprising, pandemic or not, attacks are on the rise. According to a report by CrowdStrike, there have been more cyber attacks in the first half of 2020 than there were in all of 2019.
A recent vulnerability in Instagram's Android and iOS app was revealed. The attack required a specially crafted image to be sent on the platform or over email, and was successful by taking advantage of a buffer overflow issue. In simpler terms, hackers can send a large image believed to be smaller image, which allows the vulnerability to cause a buffer overflow.
Instagram permissions can be granted to allow access to a device's microphone, camera, contacts, location services, and storage which puts all of those items at risk. The good news is this threat has already been fixed by Facebook. Also, Facebook reported they did not see any proof it was used in the wild.
The takeaway: Luckily there is nothing you need to do about this particular bug. It was included here as a reminder that security bugs can occur in almost any app at any time. Your best defense is to keep applications up to date at all times, remove apps you do not use, and use different passwords for each account.
The Department of Justice recently charged a group of hackers for hacking more than 100 victims globally. What makes this story important is the involvement free antivirus played. Though all the details have not been released, the DOJ recommends using an antivirus software from one of the major established players, and shared that using free antivirus can be riskier than you think.
The takeaway: It is absolutely critical to the security of your device and data to run endpoint security software. You also need to make sure it is up to date at all times. Lastly, invest in a paid version from a trusted company. Nothing, absolutely nothing, is free.
Universal Health Services
Over the weekend Universal Health Services (UHS) was hit with a cyberattack. UHS has over 400 facilities across the US and the UK, meaning they have a huge amount of client records which makes them a prime target. The attack against UHS was a version of the Ryuk ransomware strain.
In response to the attack, UHS shut down their systems to help prevent spread. This included shutting down computers, phones and access to records for facilities in California, Texas, Washington D.C., Arizona and Florida. Working in a hospital without access to computers makes it nearly impossible to treat patients or function with any normalcy. This, coupled with the value of their confidential data, is why hospitals are common targets.
The takeaway: There is nothing to do if you are a patient of a UHS hospital. While a statement has not yet been made, you will have to be notified if your records were put at risk.
Insurance giant Arthur J. Gallagher
A global insurance brokerage and risk management firm, Arthur J. Gallagher (AJG), was also hit with a ransomware attack last weekend. AJG operates in 49 countries and provides insurance services to customers in over 150 countries making them another prime target.
According to AJG, only a limited number of their internal systems were affected. Unlike UHS, most of AJG's business systems are not expected to suffer from the attack.
The takeaway: Like the UHS ransomware attack, there is not much individuals can do. Anytime a business that has some of your personal information suffers an attack, your privacy and data are at risk. If you have an online account with AJG, it is a good idea to change your credentials. You will also want to change these credentials if they are used anywhere else, though we never recommend reusing credentials for this very reason!
Sometimes you are the unlucky victim of an attack because of where you did business, meaning that business was hacked. Unfortunately, this is not something you can control. What you can control, is who you do business with, and what information you share with those businesses.
Nearly every week new security threats are introduced into the wild. This means you have to remain diligent all the time. If you let your guard down, for example if you click on something because you are tired or distracted, you may pay the ultimate price. Someone is always waiting to take advantage of people who click on a bad link or open a malicious attachment which can make it easy for them to gain access to your user accounts and data. Make sure you have endpoint protection, that it is always up to date, and that you are careful what you click on at all times to make yourself less of a target.
As always, being informed and being careful is the best way to protect you devices and the data on them.