Hello, welcome to the Friday December 2, 2016 edition of the Sansonet Stormsendors.

Stormcast, my name is Johannes Ulrich, and I am recording from Jacksonville, Florida.

Most operating systems will implicitly trust USB devices being plugged into the system.

This has been a long known problem for mass storage

device, of course, but it can also be an issue with keyboards and lately network adapters

that are being plugged in and then initialized automatically. Windows users now at least

have a way to defend themselves using an open source

tool called BeamGun. BeamGun intercepts the messages that are created by Windows whenever a new

USB device is plugged in and then essentially it just sends the disconnect command to the USB device unmounting it

and preventing any damage. Interesting little tool and yes it's open source but also only for

Windows right now. The basic problem exists on OS10 and yes on Linux as well. A few years ago,

Malvern known as Shemu made headlines for raising thousands of systems at Saudi Arabia's

government-owned oil company Saudi Ramco.

Now, in that attack, apparently, a phishing email was sort of the original tricker for spreading the malware, and it made big headlines because it took quite a while for Saudi Ramco to

recover all these systems.

It appears that last week, a follow-on to this attack was

launched against the Saudi Civil Aviation Authority and a number of additional targets

in Saudi Arabia. Again, thousands of systems were erased. This malware will essentially just

destructively erase, not encrypt the affected systems.

And what was different in this particular case was that multiple targets were hit at the same

time. However, at this point, only the Civil Aviation Authority is known as one of those targets.

And British ISP KCOM did suffer a major outage over this weekend.

...