Security Central: HBO Plays the Game of Hacks, Ransomware Leaves SMBs Reeling

Written by Allison Francis
September 23, 2017

This week’s Security Central takes a peek inside HBO’s most recent hack, explores the impact of ransomware on SMBs, and takes a look at new research from Bitglass.

HBO’s security was compromised again this week, marking another incident in a series of hacks that have occurred over the past few weeks. The previous breaches have involved in leaked show scripts, an unaired Game of Thrones episode and sensitive emails.

This breach, however, wasn’t malicious. On Wednesday, the White Walk-… um, Hat collective dubbed “OurMine” was able to gain access to HBO’s Twitter page and the Game of Thrones Facebook page – not to inflict any damage or demand a ransom, but to oh-so-kindly point out that the TV network’s security was weak. Seems as though a simple email, a phone call or even a friendly Post-it note could have done the trick, but who are we to judge…

OurMine posted a tweet that said: “Hi, OurMine are here, we are just testing your security. HBO team please contact us to upgrade the security,” shortly before 8 p.m. on Wednesday, according to Fortune. Another message was posted by the Game of Thrones Facebook page with a call to action status saying: “Let’s make #HBOhacked trending.” All the posts have since been deleted.

It’s no secret that an attack (those of the malicious sort) can severely cripple or even take down a company, no matter its size. A good reminder for individuals, companies and providers to focus on what they can do in order to increase their protection and effectively prevent attacks from hackers, fire-breathing dragons, the army of the dead, etc.

Our second story takes a look at Malwarebytes’ recently-released “Second Annual State of Ransomware Report,” which explores ransomware attack frequency, the impact of attacks on small to mid-sized businesses, the costs of attacks, attitudes towards ransom payments and preparedness.

The study surveyed 1,054 companies with less than 1,000 employees across North America, France, U.K., Germany, Australia, and Singapore. According to an article by Stu Sjouwerman of KnowBe4, the survey results found that more than one-third of businesses have fallen victim to a ransomware attack in the last year. Twenty-two percent of these impacted businesses had to halt operations immediately.

“Businesses of all sizes are increasingly at risk for ransomware attacks,” says Marcin Kleczynski, CEO of Malwarebytes. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise. Osterman’s findings demonstrate that SMBs are suffering in the wake of attacks, to the point where they must cease business operations.”

According to Kleczynski, to make matters worse, most of the companies have a completely lack of confidence in their own defensive technologies and their ability to effectively thwart an attack. To be truly effective, providers and the security community as a whole must be in the trenches with the companies. It is vital that they understand the battles that these companies are facing, so they can better educate and protect them.

A few other key findings from the report:

For many, the source of ransomware is unknown and infections spread quickly. For 27 percent of organizations that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected.
Most SMBs do not believe in paying ransomware demands. Seventy-two percent of respondents believe that ransomware demands should never be paid. Most of the remaining organizations believe that demands should only be paid if the encrypted data is of value to the organization.
Current investments in technology might not be enough. Over one-third of SMBs claim to have been running anti-ransomware technologies, while about one-third of businesses surveyed still experienced a ransomware attack.

To read the full report, visit: https://go.malwarebytes.com/OstermanRansomware2017_PRSocial.html.

Our final story of the week focuses on the results of a new data security study from Bitglass entitled “Datawatch: Avoiding the Riptide of Corporate Data Exposure.” The goal was to uncover the risks posed by users’ data-related habits, so the Bitglass Threat Research Team tested real-world scenarios, such as frequency of connections to unsecured Wi-Fi hotspots, rate of external sharing in cloud applications, and the volume of corporate credentials already exposed.

To accomplish this, Wi-Fi hotspots were set up in random public spaces, which Bitglass was able to monitor, and capture and analyze user traffic. According to the study, in the 10-hour span that the unsecured hotspots were active, one-in-five people connected to them. Just think – hackers would have a field day.

This throws into sharp relief the frequency with which individuals and employees put data and credentials at risk. The study also found that:

21 people accessed enterprise cloud applications over the unsecured Wi-Fi hotspot, including Office 365, Salesforce, Adobe Marketing Cloud, ADP, Slack, and Asana
51 percent of data stored in Google Drive is shared with individuals outside of the enterprise – significantly more than data in other apps.
Roughly 19 percent of corporate data stored in Dropbox is publicly available.

Now more than ever, it is vital that employees be fully aware of what they’re sharing, connecting to and exposing. The practices of the modern technology and business world present a number of risks to corporate data, and it is high time that folks get more data/security street smart. Winter is coming.

The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.