The newest threat to hit certain devices and software programs is being called Misfortune Cookie. It gets its name from the fact that it is linked to an error with the HTTP cookie management system in certain software programs.
With Misfortune Cookie, the hacker is able to manipulate cookies in order to get their fortune, hence the name. They are able to create HTTP cookies that can affect the application and corrupt the memory of your computer and other devices. It is a major vulnerability that could mean losing a lot of business assets just trying to fix the problem. Here is more information about this new malware attack and how to protect against it.
Devices Affected
So far, there have been approximately 12 million devices that were affected all over the world, in 189 countries. The actual number of devices could be larger, since not everyone knows about the attack and is reporting it.
There are about 200 models of devices by different manufacturers that are affected by Misfortune Cookie. The main ones include gateway devices like TP-Link, Edimax, Huawei, D-Link, ASUS, and ZyXEL. They believe devices that add a certain piece of software similar to the SDK chipset is the most vulnerable. Your business could lose sensitive and personal data as a result of the attack.
Why it is So Dangerous
While all Malware-related attacks are something to be cautious of, the Misfortune Cookie is particularly scary, for a few different reasons. The first is how many networks are vulnerable to the attacks. Most attacks are limited to a small number of devices, but there are hundreds that are at risk.
Another reason is due to its ease and severity, and the lack of security you can perform to prevent it. It may be as much as 50 percent of Internet users in the world that are potentially affected by Misfortune Cookie. To get into your system, all they need is one packet to your IP address and nothing else.
Tips for Protecting Your Business
While it is easy for hackers to get into your network with the Misfortune Cookie attack, there are still some things you can do to protect your business data.
First of all, be sure all documents and folders on your computers and devices with sensitive data are password-protected. This can add another step of privacy, making it more difficult for this attack to work.
You also want to add additional privacy to your browsing activity by encrypting all browser activity. Remember you need to add security not just to computers in your office, but to any devices you or your employees are using.
Keep up-to-date on firmware updates as they are released in conjunction to the Misfortune Cookie attacks. Manufacturers will begin having extra security through updates to protect against this type of attack.
If you are a victim of the Misfortune Cookie attack, not only is your information made public to the attacker, but you could be sued by any customers or clients that are affected by the attack. If you have a cyber liability insurance policy, you have coverage for any lawsuits, and protection for your own business assets.