Jan 28, 2021

Emotet botnet malware taken down by global police sting

Cybersecurity
malware
Cloud
botnet
William Smith
2 min
Emotet was first discovered as a banking Trojan in 2014, and allowed cybercriminals to gain unauthorised access to computer systems across the globe
Emotet was first discovered as a banking Trojan in 2014, and allowed cybercriminals to gain unauthorised access to computer systems across the globe...

A botnet dubbed the “world’s most dangerous” has been disrupted by global police action, Europol has announced.

A botnet is created when malware overtakes a number of devices, linking the infected instances together. The size can grow exponentially as infected devices are added to the network and its computing power increases.

A long-standing threat

Emotet was first discovered as a banking Trojan (a malware that relies on misleading users into installing it) in 2014, and allowed cybercriminals to gain unauthorised access to computer systems across the globe. Attackers would then sell access to other criminal groups for purposes such as data theft or extortion.

A press release from Europol advised vigilance, saying: “cybersecurity awareness is essential to avoid falling victim to sophisticated botnets like EMOTET. Users should carefully check their email and avoid opening messages and especially attachments from unknown senders. If a message seems too good to be true, it likely is and emails that implore a sense of urgency should be avoided at all costs.”

Part of the danger of Emotet was its method of spreading - via infected word document email attachments. A prompt would be sent once the file was opened, at which point the malware could be installed on a computer.

Collaboration leads to success

Defeating the botnet required collaboration from police authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine. Authorities gained control of the infrastructure, allowing them to take EMOTET down from the inside. Further, a database of compromised email addresses, usernames and passwords was released and published.

Commenting, Kimberly Goody, Senior Manager of Cybercrime Analysis, Mandiant Threat Intelligence, said: “Emotet has consistently remained one of the most widely distributed malware families in recent years. Between October 2020 and January 2021, we observed Emotet distribute multiple malware variants that have been used to enable ransomware operations, so it is plausible that this Emotet disruption may reduce the immediate victim pool for ransomware deployment in the short term.“

Share article

Jun 15, 2021

IT Employees Predict 90% Increase in Cloud Security Spending

Technology
Cloud
Cybersecurity
Investments
Elise Leise
3 min
Companies that took the initiative on cloud platforms are trying to cope with the security risks, according to Devo Technology’s report

As companies get back on their feet post-pandemic, they’re going all-in on cloud applications. In a recent report by Devo Technology titled “Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits”, 81% of the 500 IT and security team members surveyed said that COVID accelerated their cloud timelines. More than half of the top-performing businesses reported gains in visibility. In fact, the cloud now outnumbers on-premise solutions at a 3:1 ratio

But the benefits are accompanied by significant cybersecurity risks, as cloud infrastructure is more complex than legacy systems. Let’s dive in. 

 

Why Are Cloud Platforms Taking Over? 

According to Forrester, the public cloud infrastructure market could grow 28% over the next year, up to US$113.1bn. Companies shifting to remote work and decentralised workplaces find it easy to store and access information, especially as networks start to share more and more supply chain and enterprise information—think risk mitigation platforms and ESG ratings. 

Here’s the catch: when you shift to the cloud, you choose a more complex system, which often requires cloud-native platforms for network security. In other words, you can’t stop halfway. ‘Only cloud-native platforms can keep up with [the cloud’s] speed and complexity” and ultimately increase visibility and control’, said Douglas Murray, CEO at cloud security provider Valtix. 

Here’s a quick list of the top cloud security companies, as ranked by Software Testing Help: 

 

What are the Security Issues? 

Here’s the bad news. According to Accenture, less than 40% of companies have achieved the full value they expected on their cloud investments. All-in greater complexity has forced companies to spend more to hire skilled tech workers, analyse security data, and manage new cybersecurity threats. 

The two main issues are (1) a lack of familiarity with cloud systems and (2) challenges with shifting legacy security systems to new platforms. Out of the 500 IT employees from Devo Technology’s cloud report, for example, 80% said they’d sorted 40% more security data, suffered from a lack of cloud security training, and experienced a 60% increase in cybersecurity threats. 

How Will Companies React? 

They certainly won’t stop investing in cloud platforms. Out of the 500 enterprise-level companies that Devo Technology talked to throughout North America and Western Europe, 90% anticipated a jump in cloud security spending in 2021. They’ll throw money at automating security processes and investing in security upskilling programmes. 

After all, company executives will find it incredibly difficult to stick with legacy systems when some cloud-centred companies have found success. Since moving from Security Information and Event Management (SIEM) offerings to the cloud, Accenture has saved up to 70% on its processes; recently, the company announced that it would invest US$3bn to help its clients ‘realise the cloud’s business value, speed, cost, talent, and innovation benefits’. 


The company stated: ‘Security is often seen as the biggest inhibitor to a cloud-first journey—but in reality, it can be its greatest accelerator’. 

Share article