Security

CTC’s June 2018 Threat Report

This month’s threat report starts with a cyber threat rarity: A warning from one of the nation’s most prominent agencies to reboot browsers in an effort to fend off malware linked to Russia.

FBI issues stark warning

Here’s what you need to know about the router assault and how to respond.

WHO: The Federal Bureau of Investigations (FBI).

WHAT: Malware-infected routers.

WHERE: Small offices and home offices.

WHEN: Immediately.

WHY: VPNFilter malware targeting routers used in small offices and home offices may be able to collect information, exploit devices, and block network traffic.

HOW: Rebooting the routers temporarily disrupts the malware and potentially helps identify infected devices. Consider disabling remote management settings on the routers, secure them with strong passwords and encryption, and install the latest firmware if it isn’t already.

Links to guides for owners of Linksys | Netgear routers.

The “M” in BMW takes on a more insidious meaning: “Malware”

Malware can impact more than your router. Nowadays, it can also attack your car.

Imagine a peaceful Sunday drive in your car when the vehicle suddenly stops responding to you. You no longer operate the radio, cannot unlock the doors, and lack many other controls.

Chinese security researchers identified vulnerabilities introduced to BMW cars by their internet-connected infotainment system and telematics control unit. Emergency call services, remote door unlocking, and climate control are just a few of the systems over which the researchers gained control.

They wrote, “The attacker can remotely trigger or control vehicular functions over a wide-range distance by sending malicious … messages to the BMW vehicle’s internal CAN (Controller Area Network) bus, whenever the car is in parking or driving mode.”

They notified BMW in March, and the automobile manufacturer is patching the vulnerabilities.

Some of the exploits require physical access to the car itself. That access comes by way of either the on-board diagnostics port or USB. This means “attackers need to be inside your vehicle to exploit them by plugging a malware-laden gadget into the USB port,” according to Hacker News.

Is your organization prepared for continued cyber attacks?

Malware-powered cyber attacks — and more — are only going to keep coming. Protect your data, intellectual property, and reputation by mounting the best defense possible. We can help. Prevention is the best medicine. Follow us on Twitter or Facebook for our monthly security updates.

***

CTC Technologies helps businesses and enterprise organizations with their cybersecurity needs, ranging from network security assessments to implementation of endpoint protection solutions, firewalls, and data loss protection. Reach out to us at 734-408-0200 to speak to one of our cybersecurity specialists or click here today.