Thursday, January 28, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

CryptoLocker Goes Spearphishing, Infections Soar, Warns KnowBe4

by Corporate Compliance Insights
May 22, 2014
in GRC Vendor News
CryptoLocker Goes Spearphishing, Infections Soar, Warns KnowBe4

Ransomware Expands Crypto-Extortion from Adult Sites to HR Departments

May 20, 2014, Tampa Bay, FL  — CryptoLocker is ratcheting up attack levels, according to new reports issued by KnowBe4, a Tampa Bay based security company. The latest infections are caused by emails sent to companies that have job postings on Craigslist. The bad guys look for job postings and send resumes carrying the CryptoLocker malware as a payload. The moment anyone opens these resumes, the ransomware kicks in and downtime is the result. People involved with hiring are very often the people with the most access: the owner, CEO, HR or department heads.

On the heels of CryptoLocker comes Kovter, a new strain of ransomware that targets visitors of adult porn sites. This malware scans your browser history and displays this content while locking your computer as “evidence.” If it doesn’t find any, it will invent it by redirecting your browser to a random adult site, log the history and display its content. Its prevalence has doubled in the past month, according to reports by threat researchers at Damballa, an Atlanta-based security firm.

According to Stu Sjowerman, CEO of KnowBe4, “these methods pose a high risk to companies looking to hire along with individual users. The cyber gangs running these Crypto-variants will try any number of things to outdo each other and take your hard-earned money. Since the weakest point in any security model is the person who touches the keyboard, it is vital to educate users [about] what to look for, and stepping them through security awareness training will make them think twice before clicking on a link.”

The online IT community Spiceworks and their forums are full of horror stories of companies getting hit with CryptoLocker and CryptoDefense malware. One thread that is incredibly popular has the title “We fought a cryptovirus (and the virus won).”  The discussion goes on for many pages and indicates the level of worry about this new wave of ransomware.

According to Sjouwerman, “working backups are essential. How much of a danger these present can largely depend on how you have organized your backups. Mitigating the many ‘crypto’ infections can take a few hours to a few days, and can vary from an annoyance to significant losses.”

The United States Computer Emergency Readiness Team (US-CERT) has posted warnings about CryptoLocker, include steps for prevention: http://www.us-cert.gov/ncas/alerts/TA13-309A

For more information, visit www.KnowBe4.com


Previous Post

Conducting An Antitrust Audit: A Primer

Next Post

FCPA Compliance for SMEs: How Smaller Companies Meet Enforcement Agency Expectations

Corporate Compliance Insights

Related Posts

abstract handshake on grey background

Kroll Launches Data Privacy and Digital Trust Solutions Ahead of Data Privacy Day

January 21, 2021
red stick figure standing outside circle of blue stick figures

ICA Survey: 4 in 10 Compliance Professionals Experience Discrimination in the Workplace

January 21, 2021
business team interrogate corrupt businessman, money falls from his pockets

QuantaVerse Launches New Financial Crime Investigation Report

January 20, 2021
yellow job search box speech bubble

Fortune 500 Job Descriptions Are Still Biased Toward Men

January 12, 2021
Next Post
FCPA Compliance for SMEs: How Smaller Companies Meet Enforcement Agency Expectations

FCPA Compliance for SMEs: How Smaller Companies Meet Enforcement Agency Expectations

Access realtime data
Dynamic Risk Assessments with Workiva

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights