Staying Safe: Recent Malware Attacks and Trends

IT security Los Angeles
This entry was posted in Security on by .

Are you worried about your business’s online security?

It’s only natural that you worry about it. After all, there have been over 9.9 million malware attacks recorded in 2019. However, it’s a relief that the number is much lower than the one recorded in the year prior to it.

This is because technology helped up pick up the pace in protecting ourselves against malware. With the pandemic hitting us hard, though, there has been a surge in recent malware attacks. Falling victim to even one of these recent attacks can mean the doom of your business.

To prevent that, you need to know what you’re up against. Read on to learn about the recent malware trends to learn what you can do to prepare against them.

Biggest Malware Attacks To Date

To know how damaging malware attacks can be, here’s a list of the recent attacks over the past year. These have been the most notable due to how much the attacks cost their victims. 

The Pittsburg Unified School District of California

One of the first major attacks in 2020 targeted the Pittsburg Unified School District of California. This small community located in Contra Costa County had to take its servers down because of a malware attack. The school district didn’t respond to the threat, though, and didn’t disclose any more information to the public.

What makes this incident notable is that the ransomware spread quickly throughout the entire district. Multiple universities became affected by the attack. While not much got disclosed, we can only imagine there was an information leak. Otherwise, the schools wouldn’t need to have a large scale server shutdown.

The attack even affected the major offices and services in the area. This meant that, if an information leak was the resulting effect of the attack, the hackers would have had the transaction information, personal information, and even the credit information of everyone in the area.

This even affected the Contra Costa County library system. This incident followed at the heels of the initial attack in the area. It caused the network outage of 26 branches over several days.

The Travelex Incident

Travelex is a foreign exchange company based in the UK. Because of the pandemic, their business model suffered a lot. The changes it brought prevented them from generating income.

To make matters worse, they also became the victim of another ransomware attack. The hackers held back some data and demanded the company pay 2.3 million USD in ransom. Travelex complied and paid them through the use of cryptocurrency.

To date, the company still exists. However, it had to lay off 1,309 employees to survive. They also had to go into administration, which is the UK’s version of declaring bankruptcy. Despite all that it’s faced, though, it gets to have another chance at success.

Habana Labs Attack

Habana Labs is another foreign company that suffered a malware attack. It’s among the most recent malware attack recorded to date, too. What makes this notable is that it’s one of the growing trends of hyper-localized attacks.

This is because Habana Labs is an Israeli company that develops AI processors. They’re essential in creating functional AI components for their parent company, Intel. All these qualities made it a prime target for Pay2Key.

Pay2Key is ransomware that often targets companies in the area. It attacked Habana Labs in December 2020, leaking sensitive data online. The ransomware also codes to various documents that detailed Habana Labs’s various transactions.

This meant that both Habana Labs and Intel were in dire straits after the incident. To date, there have been no follow-up reports by either company. Both companies continue with their functions, though, as of today.

The Attack on Three Universities

Last year, three universities fell victim to the same ransomware attack. The attack came from NetWalker, a ransomware family that uses Ransomware as a Service. How it works is that they hold encrypted data hostage and sell it back to who they stole it from.

Columbia College Chicago was the first victim of the NetWalker ransom gang. They threatened to sell the data they collected on the dark web. The only way they would abstain is if the college paid the extortion payment.

The college handled it well and sent out a blast email to all students. It reassured students that nothing suspicious happened to their credit score after getting hacked. To this day, it’s unsure whether the college negotiated or paid the ransom.

The University of California in San Francisco faced the same threat. In their case, their IT staff detected malicious activity before it spread too much. They were able to halt unauthorized access to the rest of the school’s IT environment.

However, they still opted to pay the 1.14 million USD that the hackers demanded. By doing this, though, they were able to recover the data the attackers encrypted.

Michigan State University was the last victim – and one who handled it poorly. The attackers claimed they’d leak their students’ data if not paid. The data concerned personal and banking information.

According to MSU, the hack only affected the Department of Physics and Astronomy. They then issued a statement saying the hackers are only looking for a quick buck. They also opted not to pay the ransom. 

Following this, MSU discovered a data breach involving their online store. The lack of website security compromised the information of over 2,600 individuals.

Foxconn Blackmail

Foxconn is a giant in the global electronics scene. However, they also fell victim to a malware attack. This shows that even companies with enough resources can become victims without proper malware protection.

The company became a victim of the DoppelPaymer ransomware. The source was one of their facilities in Mexico. The hackers encrypted their data and offered their decryption tool for a price.

They demanded 1.804 BTC, which equaled 34 million USD at the time. Foxconn didn’t opt to pay, so they lost all the data the hackers held hostage. This amounted to 1,200 encrypted servers, and 100 GB of unencrypted files. 

What’s worse is that the hackers deleted up to 30 TB of backups. This could have been easily avoided, though. Preparing your backups the right way allows you to recover all your files no matter how bad the hack gets. 

The Law Firm Incident

The most controversial attack happened to Grubman, Shire, Meiselas, & Sacks law firm. They’re a firm that handles mostly A-list celebrities. As you can imagine, targeting them would lead to a high-profile case.

This was the goal of the ransom group REvil. They got a hold of over 756 GB worth of confidential client data. This included the personal records and correspondences of notable celebrities.

They demanded 21 million from the firm to prevent the disclosure of said data. The firm refused, though, and that’s when their demand increased to 42 million. Because of the firm’s refusal to cooperate, they’ve released data on Madonna and Lady Gaga.

They plan on auctioning off more if the first doesn’t cooperate. This incident proves that law firms need a dedicated IT managed service provider. The data they carry is too confidential to risk getting leaked.

Those were the biggest attacks in 2020. They were either brought about by over-confidence in an organization’s security system, or the absence of it in a company. This makes it important for you to have 24/7 monitoring and support to prevent these attacks from ever getting worse in your business.

You can also prepare against them by knowing about the latest trends in malware threats. This way, you can prepare the best malware protection measures against them. Here’s a list of the newest malware trends today.

Worms are Making a Comeback

Worms are malicious software that dominated the malware scene way back when. They became a big problem at the height of email messaging’s popularity. They would hop aboard and present itself as an email attachment.

A notable trait of worms is that they’re self-replicating. Once someone opens a wormed email, it would spread to other devices connected to the network. This may be what’s behind the attack on the Pittsburg School Districts.

The speed at which the malware got spread in the area was too fast for any other malware. If worms were behind the attack, then it means they’re poised to resurface as a huge threat.

They can’t do it alone, though, as messaging systems can filter them out with ease. The threat they pose is still something to fear, but we’ll touch more on that later.

More Ransomware Attacks

As you may notice above, ransomware attacks are the most common malware attacks. They’ve picked up in popularity among hackers because of the pandemic. It’s easier for them to get into devices and networks because of the need for essential programs.

They often hitch a ride on legitimate programs and wait for someone to open them. Once opened, they’ll hold your data hostage until you compensate them for the amount they want.

What’s great is that basic virus and malware protection is enough to stave them off. However, ransomware is evolving to the point that traditional programs can’t detect them. You’ll need to keep your programs updated to keep up with the latest malware trends.

Fileless Attacks Will Become More Common

Malware is also getting past most security measures because there’s nothing to detect. Traditional security measures review files that enter your system for any known threats. However, more fileless attacks are happening all over the world.

Most fileless attacks happen through browsers. A malicious line of code injects itself into your device if you click on something on the Internet. Once injected, the malware will then do its functions and cause chaos in your device.

This is becoming a trend because more people are working from home because of the pandemic. This caused employers to send software to allow their new setups to be a part of their network. While it may sound harmless, this gives hackers opportunities to spread themselves.

While the network is allowing employees to integrate their devices into the network, the malware is doing the same. It’s a seamless way for it to infect other people in the network, too.

Topical News Will Become Weaponized

As the news about the pandemic develops, more people will tune in to find out what’s new. This is enough for malware to gain access to your device. All they need to do is come up with a clickbait title to pique your interest.

Hackers then share their weaponized articles on social platforms. This way, more people get to see it, giving them a long list of potential victims.

This is enough of a reason for you to be careful of what you open. Even if someone you know shares it, it’s best to vet the link’s domain, first. Doing this allows you to determine if the domain is trustworthy or not.

Hybridized Malware Attacks

We mentioned that worms are going to be making a comeback. They can’t do it alone, though, or they’ll get filtered out with ease. If combined with other malware, though, it can result in fast-spreading malware attacks.

This is the hybridization of malware. They take the qualities of one form of malware and combine them with others. This can cause a widespread ransomware attack, like the one that happened in Pittsburg.

Other combinations can result in harder-hitting attacks. Trojan and RATs combined allows for coordinated and evasive attacks. This makes it harder for an organization’s IT department to detect and prevent their hack.

What’s great is that you can still prevent hybrid attacks with basic malware protection measures. Preventing access to your network’s backdoors prevents RATs and Trojans from getting close in the first place. Updated firewalls are great at preventing these.

Learn About the Recent Malware Attacks Today

Protecting your business against these threats is essential for survival nowadays. With these attacks evolving regularly, learning how to adapt to them will help you keep your business safe. So, learn about these recent malware attacks to prevent yourself from falling victim to them today!

Are you looking for some extra help in protecting your business? Hiring professionals to help you manage and monitor your website is the best way to protect yourself against these threats. Contact us here, and we’ll get in touch with you as soon as we can!

About Chad Lauterbach

CEO at Be Structured Technology Group, Inc. a Los Angeles based provider of Managed IT Services for small business. I desire to help small businesses better utilize technology by assisting in high level planning to make sure that new systems will benefit them both operationally and financially. I am careful to implement and support systems using industry best practices.