Friday, May 12, 2017

Chop a head off and two will come out

The hydra is one of the most well-known monsters of Greek mythology. This monster was the second work of the 12 that Heracles (better known by all like Hercules) had to do by order of the oracle of Delphi, an old and ruthless aquatic monster with form of serpent of three heads. What made this monster dangerous apart from its venomous breath was that each time someone cut off one of its heads, two more will come out, being able to create up to 10,000 heads.

Today in our review of the best of the week in cybersecurity, we wanted to remember this polycephalic monster, since all the malware we find on the network reminds us of it. No matter how you manage to patch a vulnerability in your system or update your antivirus, another ransomware will always appear to take advantage of your data.

We found a perfect example of it this Thursday. Do you remember SLocker? This ransomware that goes after your sensitive data had been inactive for months. Now, when nobody remembered it and thought it was gone, it turns out that it was hiding in the shadows waiting for the perfect moment to attack. Furthermore, to make its return more problematic, it has returned with a list of improvements to make it more stealthy and dangerous.

Another head of the hydra that we found this week has its own name: BitKangoroo. With a name as affable as this one, you would not think that it is a destructive ransomware. Its modus operandi a priori is the same as many other viruses: it encrypts your files and shows you a window to pay a ransom. The difference with many other malware is that if you do not pay in a while, it will delete your files and forget about your data.

However, just as the hydra found in Heracles its destroyer, there are many cyber heroes willing to try to save us from the monsters of the network. Sometimes, these protectors are the companies that develop defenses to cover their own holes. This last Monday we found out that Microsoft had made an authorization to patch a vulnerability that allowed the attackers to take control of your computer remotely.

This patch of vulnerability was the hallmark of the well-known Patch Tuesday. For neophytes, Patch Tuesday is the unofficial name for the security updates in Windows on a monthly basis. On the occasion of this event, Tripwire's colleagues made a compilation of all the improvements that took place with this update, to make our equipment and web surfing safer.

As we have seen, the myth of the Hydra survived its struggle with Heracles and has reached the present day in the form of cybercriminals and ransomware. But we should not be alarmed, since we also have modern Hercules who fights everyday against the heads of this almost indestructible monster. Of course, we have to try to stay alert, since even though Heracles was a demigod, he was not omnipotent.


Post a Comment