Each week at Massive we comb through the cyberverse to bring you headlines about mayhem, mischief, and misanthropes..even words that don’t begin with “m.” Lessons for personal cyber security lurk within each little cyber insight…in fact, both definitions of “insight.”
This week involves some large scale lessons: a globally-scaled cyber attack, an enormous penalty on a tech giant, and a new career path for some big geeks (we use that word affectionately).
It’s your cyber week in review.
Petya is a female Russian name. Like “Piotr,” similar to the English “Peter,” Petya derives from the Latin “petra,” from the Greek word “petros,” meaning “stone.”
And Petya hit like a rock on a lake across Europe—a ransomware virus utilizing the same tools as WannaCry, but even more sophisticated in scope. Like WannaCry, Petya is built on Microsoft Windows exploits known as EternalBlue, which was reportedly first created by the NSA.
Petya’s put on her big girl pants, however, because she has no kill switch, locks the entire hard drive instead of just computer files, and uses other parts of Windows to infect computers.
Petya has hit companies around the globe, from Russian oil and gas company Rosneft to US-based pharmaceutical company Merck. She beat up Ukraine the most so far, hitting banks, the postal service, government offices and even affecting the metro system.
Fortunately, Petya has her kryptonite: a free Windows patch.
Which means, as always, to best avoid your own tears, keep all systems up-to-date.
Antitrust laws exist in the US and the EU to prevent a single entity from controlling a market. The idea is core to the concept of capitalism: fair and open competition best serves consumers.
In the European Union the executive body, the European Commission, oversees trusts and issues judgment when they feel antitrust laws have been violated. Well, they’ve never hit anyone with such a lofty fine as the €2.4 billion penalty recently hefted at Google.
Of course, as these matters go, it’ll probably take years of back-and-forth before a final agreement is reached; Google is sure to contest the penalty.
The complaint has to do with the price-comparison feature Google Shopping, built into the ubiquitous search engine. According to the filing of the European Commission, Google gave an unfair advantage to their own resources, disadvantaging competitors.
Google may need to either change or make broadly available their shopping algorithm, to level the playing field.
Time will tell.
Speaking of coming to terms and high dollar stakes, in the multi-billion dollar world of mergers and acquisitions, companies attempt to value an asset before coming to an agreement. Investigating all resources, from property to personnel, is just part of the game.
But now, a new angle: cyber security health. On the heels of Yahoo’s massive data breach that may have devalued the purchase by Verizon, Inc, companies are employing computer geeks to investigate—a cyber security risk assessment as part of the overall “health of the brand.”
Just as you wouldn’t want to purchase a car right before the timing belt breaks, companies don’t want to purchase another organization on the verge of a massive data leak. Such cyber security breaches damage reputation as much as they cost actual dollars.
Which translates into a new consulting job for some computer geeks and white hat hackers, as well as a reminder for us all: avoid catching viruses by keeping up with your cyber security health.
Until next week, enjoy the headlines, but stay out of them!