Welcome to the SecAware blog

I spy with my beady eye ...

28 Feb 2018

NBlog March 1 - Invasion of the Cryptominers

That's it, we're done! The 2018 malware awareness module is on its way to NoticeBored subscribers, infecting customers with ... our passion for the topic.

There are 28 different types of awareness and training material, in three parallel streams as always:

Stream A: security awareness materials for staff/all employees
1.      Train-the-trainer guide on malware
MS Word document  
4 pages
START HERE!  Creative ideas to boost your security awareness program

2.      Awareness seminar on malware
MS PowerPoint presentation   15 slides with speaker notes
Outlines today’s malware threats,
plus pragmatic advice on
how to reduce the risk

3.      Awareness posters on malware
3 high-resolution JPG images
Eye-catching images

4.      Awareness briefing on malware 2018
 8 pages
+ cover
Written to accompany the seminar, or to circulate on its own merits

5.      Malware hit parade
  1 page
Outlines 5 types of malware and
5 notable malware incidents

6.      Malware scam busters
 6 x 2 pages each
Double-sided leaflets covering computer viruses, cryptominers, spyware, APTs, bank Trojans & ransomware, with news

7.      Ransomware advisory
 1 page
What to do it your computer/device is being held to ransom

8.      Computer virus leaflet
 2 pages
Simple double-sided informative leaflet

9.      Case study on malware
 2 pages
Draws on a genuine malware incident, reported in the news

10.  Wordsearch puzzle on malware
 with solution
The grid hides well over 100 malware terms: how many can you find?

11.  FAQ on malware
 1 page
A simple one-side Q&A format

12.  Awareness challenge on malware
 1 page
A creative, fun challenge to get people thinking and interacting on malware

13.  Awareness survey on malware
 1 page
Measure awareness and gather feedback

14.  Awareness test on malware
 1 page
Are your awareness materials and activities getting the key points across?

15.  Hyperlinked information security glossary
 316 pages (!)
New terms include false flag, Coinhive, cryptominer, cryptojacking, Hiddad, Kedi and Xafecopy; malware entries are shown in red throughout the glossary

Stream B: security awareness materials for managers
16.  Diagrams for malware
 20  MS Visio drawings (!)
Visual representations of various aspects of the malware threat

17.  Management seminar on malware
 18 slides with speaker notes
Discusses the evolving malware threat

18.  Board agenda on malware
 1 page
Get senior management talking about the strategic aspects of malware

19.  Elevator pitch on malware
 1 page,
~80 words
If you had a fleeting chance to discuss malware with management, what would you say?  This document is a prompt

20.  Model policy on malware
 5 pages
Generic policy template, needs customization to suit your requirements

21.  Exec briefing on malware
 1 page
Looks as the strategic, governance and management aspects

22.  Management briefing on malware
 3 pages
+ cover
Quite succinct, explains cryptomining malware and other topical concerns

23.  Job description for a malware analyst
 1 page
Outlines this specialist rĂ´le and the skills/competences typically required

24.  Management briefing on malware metric
 5 pages
A discussion paper suggesting several ways to measure malware risks and controls

Stream C: security awareness materials for professionals
25.  Newsletter on malware
 4 pages
Uses recent news clippings and topical quotations for an update on malware

26.  Professional seminar on malware
 19 slides with speaker notes
A slightly more technical take on malware

27.  Professional briefing on malware
 4 pages
+ cover
A relatively short and sweet update this year, an overview for perspective

28.  Internal Controls Questionnaire on malware
 9 pages
Evaluate the organization’s malware-related information risks and controls

I'm particularly pleased with the poster image above, designed to accompany the staff seminar:
Malware The Movie Part XIV:
Invasion of the Cryptominers
While the surface was strangely calm,
far underground the crypt took shape

I had in mind those lurid cult classics such as Invasion of the Bodysnatchers, Friday the Thirteenth or the sinister Hammer horrors with Christopher Lee & co. Our graphics wizz married the concept of a horror movie poster with an image representing digital currency and Bitcoin, bringing it bang up to date. Nice work!  

It's "part XIV" because there are (at least!) 13 other recognized types or families of malware already, conveniently averaging about one per year that we've been churning out the 'malawareness' content. 

I wonder what horrors will feature in the module this time next year? Will it creep you out if I suggest that, whatever it might turn out to be, it is probably already in the wild, right now?

Don't forget to check under the keyboard tonight, and keep a firm grip on the mouse.  Sleep tight.

No comments:

Post a Comment