June was another fun month watching security. From a sudo exploit in most Linux systems, to the aftermath of Wanna Cry to the new and exciting attacks of the month. For this month I will be focusing the roundup to the Petya attack and the Erebus attack on a web host.

Erebus


First off, Erebus attacked Linux servers. The big news for this though is that a South Korean web host paid a ransom of over one million dollars to get its data back.  This allowed them to restore data on 153 servers that had been encrypted. This may have been caused by a lack of patches on the system. With Wanna Cry, Petya, and Erebus, there is a definite reminder that everyone needs to keep their systems up to date, regardless of the operating system in use.

Petya


Petya is still unfolding, but it has had another large effect for Windows users. Shipping companies, hospitals, and even Chernobyl was hit, causing outages of many services. This was originally reported as a ransomware attack, since it shows a screen similar to most other ransomware attacks, but it was later discovered that the attack actually destroyed the data instead of encrypting it. This has been reported to be a distraction for other things. Ukraine may have been the intended target in this attack and saw the worst of it. This seems to have elements of attacks from last year and also some elements from Wanna Cry. Attacks of this nature are continuing to become more prevalent and will stay a constant threat. Due to this good security practices and keeping up with patches will be increasingly important as we move forward.

In other news many countries such as England, Germany, Russia, and the US continue to look at new enforcements for encryption. This will likely be a topic of discussion for quite some time as they decide how to implement laws to control the data flow over the internet.