News

Cooking The Books To Drive Up Stock Prices: A Serious Crime With Civil Liability Exposures

The CFO of a financial services organization is accused of conspiring with others to manipulate financial statements and artificially inflate earnings. We examine. Read More


Cyber Alert: New Arsenal Of Weaponized Malware Threatens Employers

Cybercriminals are creating malware intended not to steal money or data, but to destroy. Read more about the risk. Read More


Paying The Local Prevailing Wage For Federal Contractors

Plaintiffs asking for class action status allege a federal contractor paid its drivers fixed salaries that fell well below federal and local minimum wage and overtime requirements. We examine. Read More


print   email   Share

Cyber Alert: New Arsenal Of Weaponized Malware Threatens Employers

Most organizations now know that malware attacks pose a major threat that they must protect against, but the trickier part is knowing what form the next attack will take.

One disturbing trend is cyberattacks with the sole goal of creating destruction. Cybercriminals traditionally have used ransomware and malware to make money or steal identities, this new "weaponized malware" has no purpose other than to destroy data.

NotPetya was one of the first forms of weaponized malware that did not try to gain data or a ransom, but it will not be the last. Cybersecurity experts warn that more weaponized malware is coming, and it will be worse than ransomware. Jessica Davis "Future-proofing security: Protecting against the new arsenal of weaponized malware," www.healthcareitnews.com (Dec. 6, 2017).


Commentary

With weaponized malware, cybercriminals bent on destruction can wreak havoc on an organization’s data and functioning.

Weaponized malware succeeds by stealing digital keys and certificates to gain administrative privileges. Better certificate and encryption management strategies can help organizations prevent a successful attack. Monitoring keys and certificates to keep them updated and secure can help.

Train all employees on effective cybersecurity practices. Creating unique, strong passwords for all accounts, keeping them secret, and changing them regularly may seem simplistic, but it is still one of the best ways to keep cybercriminals from accessing your network. Because email-based malware continues to be a major risk, employees must demonstrate they understand they must select and click on a link or attachment in an email unless they are certain they know what it is.

Finally, your opinion is important to us. Please complete the opinion survey:

EEOC News

Mission Hospital Agrees to Pay $89,000 To Settle EEOC Religious Discrimination Lawsuit

January 13, 2018

READ MORE

Pioneer Health Services to Pay $85,000 To Settle EEOC Disability Discrimination Suit

January 11, 2018

READ MORE

Aloha Auto Group to Pay $30,000 To Settle EEOC Retaliation Suit

January 10, 2018

READ MORE