Bluetek IT Solutions Blog

Not a day goes by we don’t hear about another “ransomware” attack, it seems – including high-profile attacks on a major U.S. oil pipeline and the world’s largest meat processing company.

President Joe Biden pressured Russian President Vladimir Putin to crack down on ransomware attacks to “avoid unnecessary action.”

As the name suggests, ransomware is an attack that locks your computer and demands a ransom to give back your data.

Cybercriminals typically target businesses and governments – in the hopes they’ll pay bounties to release files and perhaps avoid a public relations disaster – but opportunistic crooks also extort money from regular computer users, like you and me. Because hey, it all adds up.

You might sit down to use your laptop or desktop and see an on-screen alert that your computer has been locked or that your files have been “encrypted.” To obtain a decryption key, you must pay up. The ransom demanded from individuals varies greatly, but it's typically a few hundred dollars and must be paid in difficult-to-trace cryptocurrency, such as Bitcoin.

Trojan Horse for Malware

The graphics card inside your computer is a powerful tool for gaming and creative work, but it can also potentially serve as a Trojan horse for malware. Cybercriminals are finding ways to exploit graphics cards and their VRAM to inject malicious code into your system. The approach is claimed to have worked during a proof-of-concept hack on both discrete and integrated GPUs from AMD, Intel, and Nvidia.

Because antivirus software today cannot scan the graphics card’s own video RAM, known as VRAM, hackers are now targeting GPUs to carry out their dirty work. On the other hand, conventional methods used today that target the system’s main memory would trigger the antivirus software.

According to Bleeping Computer, a brief description of the hack was posted on a hacker forum, where one seller was trying to sell his proof-of-concept method to exploit the VRAM on GPUs. The seller stated that the method worked on Intel’s integrated UHD 620 and 630 graphics, as well as discrete solutions including the AMD Radeon RX 5700 and Nvidia GeForce GTX 1650. It’s unclear if the attack would also work on other GPUs, like the recent Radeom RX 6000 series from AMD and theGeforce RTX 3000 series from Nvidia, both of which have seen high demand and short supply.

Industrial businesses were the second most targeted sector in 2020 and new research from Positive Technologies shows that an external attacker could penetrate the corporate network at 91 percent of them.

In addition, Positive Technologies penetration testers gained access to the industrial control system (ICS) networks at 75 percent of these companies. Once criminals have obtained access to ICS components, they can shutdown entire production lines, cause equipment to fail, or incidents that could cause serious harm.

Olga Zinenko, senior analyst at Positive Technologies, says, "Today, the level of cybersecurity at most industrial companies is too low for comfort. In most cases, Internet-accessible external network perimeters contain weak protection, device configurations contain flaws, and we find a low level of ICS network security and the use of dictionary passwords and outdated software versions present risks."