TCS has a backdoor entry

The most common threats were backdoor attacks

In a recent survey, Malwarebytes confirms the increased risk of cyber attacks within the education sector. This has developed into a primary target for cyber criminals, and adware, Trojans and backdoors in particular endanger educational institutions and their actors.

Key findings from the Malwarebytes security researchers' study include:
>> In the first half of 2019, the Trojans Emotet, Trickbot and Trace were particularly active in the education sector, with these three types of malware representing almost half of all Trojans detected (44 percent) and more than eleven percent of all cyberattacks.
>> In general, attacks by Trojans across all industries rose by 132 percent in 2018 alone. The education sector was the industry most affected by Trojans in 2018.

Cyber ​​criminals will again focus on the education sector in 2019:
>> Trojans represented almost 30 percent of all detections
>> Germany is hardest hit by attacks by Trojans in the education sector:
>> Germany - 34 percent of all Trojan horse attacks in the education sector worldwide
>> USA - 26.8 percent
>> Australia - 21 percent

In 2018, the education sector was the one with the most adware and Trojan horse detections and the second most affected industry in terms of ransomware infections.

The trend continues in the first half of 2019: adware, Trojans and backdoors are the three largest categories of threats that have been identified in educational institutions:
>> Adware - 43 percent of all threats
>> Trojans - 25 percent
>> Backdoors - 3 percent

The security researchers at Malwarebytes also analyzed the e-mail traffic of educational institutions and edu domains in the period from March 2018 to March 2019.

The main findings:
>> One of the most common threats was backdoor attacks.

>> In July 2018 and September 2018 there was an overall significant increase in Trojan horse infections.

>> Spyware infections in these areas were reported increasingly in August 2018, suggesting that summer is a good time to attack students and educational institutions while they are on summer break, have thin staffing and perhaps less vigilant in Regarding security practices are.

>> During the summer time, edu mail addresses are also used on a variety of other networks when students travel home and elsewhere, putting them at increased risk of infecting devices that reconnect to the campus or school network in the fall become.

In a recent case, Malwarebytes helped New York-based East Irondequoit Central School District recover from an Emotet outbreak that infected over 1,400 school district endpoints. Malwarebytes managed to isolate, repair, and restore all infected endpoints within 20 days without having to completely shut down the network.

The Malwarebytes Cloud Platform provided a central point of contact for detection and reaction, which the team could use to remotely access the dashboard and monitor progress. This made it possible to analyze the full extent of the outbreak and to follow the infection containment activities in real time. By isolating infected endpoints and restricting communication to the online dashboard, the team was able to protect computers throughout the recovery process without affecting other IT processes.

"Companies from all industries and regions turn to Malwarebytes when Emotet or other threats overcome existing security solutions. Our unique ability to isolate and remediate infected endpoints in the middle of an attack enables customers to quickly restore their systems and the Regain control of them, "says Marcin Kleczynski, CEO of Malwarebytes. "Malwarebytes is designed to help businesses fight all types of threats. Our work with the school district to protect its students and faculty has shown us the practical impact cyberattacks can have on critical infrastructure."
(Malwarebytes: ra)

registered: 09/24/19
Newsletter run: 11/18/19

Malwarebytes: contact and profile

The information provider has his contact unfortunately not yet activated.

Messages: studies

  • Access rights are still an Achilles' heel

    58 percent of all globally surveyed companies fail to process requests from individuals who have requested a copy of their personal data on the basis of the GDPR (General Data Protection Regulation) within the period of one month specified in the regulation. This is shown by a recent study by Talend. In September 2018, Talend published the results of their first GDPR comparative study. The aim of this study was to assess the ability of companies to comply with the access and portability requirements of the EU regulation. At that time, 70 percent of the companies examined were not able to provide data on a data subject within a month. A year later, Talend again surveyed those companies that were unable to meet the GDPR requirements in the first benchmark. At the same time, new companies from the target group were surveyed. Although the total share of those companies that reported compliance with the regulations increased to 42 percent, the rate remains comparatively low 18 months after the regulation came into force.

  • Companies are investing more in IT security

    Two thirds of companies (66 percent) want to increase their investments in IT security - more than in any other area. There is also demand for data analysis software, in which 55 percent of companies want to invest more, and online shops with 52 percent. This is shown by a representative survey by Bitkom Research on behalf of Tata Consultancy Services (TCS) among 953 companies with 100 or more employees in Germany. On average, companies invest 5.5 percent of their annual turnover in digital transformation - an increase of 12 percent over the previous year. However, like the requirements for data protection (53 percent) and IT security (52 percent), companies also see the greatest hurdles in digitization. On the other hand, only one percent see a lack of financial resources as an obstacle. If there is a lack of money, the problems are homemade: every fifth company (19 percent) sees a lack of willingness to invest as a hurdle, despite the availability of funds. Missing guidelines from management (31 percent) or lengthy decision-making processes (37 percent) are mentioned even more frequently. The shortage of skilled workers is becoming an ever greater challenge: More than a third (35 percent) see the lack of employees with digital skills as a hurdle - in 2017 it was only 25 percent.

  • Customer satisfaction requires test automation

    Compuware has announced the results of a global survey of 400 IT executives, 75 of them from Germany. Accordingly, manual test procedures are still widespread. However, they are one of the biggest challenges large organizations face in accelerating digital innovation. Vanson Bourne's survey, commissioned by Compuware, examines the processes companies use to innovate on the mainframe as quickly as they do in their distributed environments that are heavily are dependent on the mainframe. The study also examines the methods used to support testing on the mainframe and the challenges of increasing quality, speed, and efficiency during the application development and deployment process. The full study with the worldwide results can be downloaded here.

  • Biometric data is increasingly exposed to attacks

    37 percent of the computers, servers or workstations on which biometric data is recorded, processed and stored and protected by a Kaspersky solution were exposed to at least one malware infection attempt in the third quarter of 2019. This is shown in the current report "Threats for biometric data processing and storage systems" from Kaspersky ICS CERT. It was mainly generic malware such as Remote Access Trojans (RATs) (5.4 percent), malware used in phishing attacks (5.1 percent), ransomware (1.9 percent) and banking Trojans (1.5 percent) Percent). The use of biometric data such as fingerprints, hand geometry or iris structure for authentication, as a supplement or replacement for traditional login data, is steadily increasing. It is used, among other things, to access government and commercial offices, industrial automation systems, corporate and private laptops and smartphones - and is therefore increasingly the focus of cybercriminals. The experts at Kaspersky ICS CERT investigated cyber threats in the third quarter of this Year of Kaspersky products on computers that collect, process and store biometric data. The result: Kaspersky products sounded the alarm on over a third of the computers (37 percent).

  • Security market has a turnover of 9.2 billion euros

    The global security industry is in a steady growth phase. In Germany alone, according to Statista data, sales of around 9.2 billion euros were achieved this year. This is due to the fact that awareness of safety is being raised and that consumers are investing more and more money for this. Germany is apparently one of the most important markets within Europe. The Federal Republic of Germany is home to around 6,000 companies with a total of 180,000 employees in this sector. From 2018 to 2019, the industry in Germany recorded growth of 2.9 percent. Around 80 percent of total sales come from private actors. In 2011, sales in the security and investigation industry in this country still amounted to 5.3 billion euros. Since then, the industry value has grown by 73.58 percent.