Many other transportation networks are likely be vulnerable the same sort of attack, since the ransomware used attacks Microsoft Windows-based computers with outdated software, said Ed Cabrera, chief cybersecurity officer at TrendMicro.
Investigators say a small corps of elite hacking groups is carrying out the attacks. “The skill level to create the malware for the actual network intrusions is a step up,” from more common ATM crimes, said Robert McArdle, a security researcher with antivirus vendorTrend Micro Inc.
EDR, meanwhile, is now part of the product lines of traditional AV companies such as McAfee, Symantec, and Trend Micro. "EDR is rapidly becoming a feature" in most new endpoint security products, Gartner's Firstbrook says.
With 79 new variants discovered in the first 6 months of 2016 alone, representing a 172% increase over 2015, ransomware has become the type of attack enterprises need to take notice of and work to protect against.
According to Trend Micro researchers, since the Adobe fix and the announcement of the Windows zero-day patch, the Pawn Storm attackers ramped up their spear-phishing campaigns against various governments and embassies around the world, seeking to maximize the utility of the soon-to-be patched Windows zero-day.
The Flash Player security updates fix nine critical vulnerabilities that could be exploited remotely to execute malicious code on computers. All of them were privately reported by researchers through Trend Micro's Zero Day Initiative, an exploit acquisition program.
Jon Clay, director of global threat communications for Trend Micro, an internet security firm, said Apple’s tight control over the iPhone had historically kept malicious apps out of its App Store. Fake apps appeared more often on Google’s Android platform or on third-party app stores, he said.
Detecting Mobile-Targeting Ransomware (Thursday, 10:00): Only 10 ransomware families currently target mobile devices, say researchers Federico Maggi of Trend Micro and Stefano Zanero of Politecnico di Milano. They promise to detail new techniques for how related attack code can be spotted.
Stephen Hilt, Trend Micro's lead researcher on the project, said they don’t have a concrete percentage on the number of encrypted messages. "However, there were very few pages that were actually encrypted," he said.