Invasion of the Cryptominers
That's it, we're done! The 2018 malware awareness module is on its way to subscribers, infecting customers with ... our passion for the topic.
There are 28 different types of awareness and training material, in three parallel streams as always:
| Stream A: security awareness materials for staff/all employees | |||
| 1. Train-the-trainer guide on malware | MS Word document  4 pages | START HERE! Creative ideas to boost your security awareness program | |
| 2. Awareness seminar on malware | MS PowerPoint presentation  15 slides with speaker notes | Outlines today’s malware threats, plus pragmatic advice on how to reduce the risk | |
| 3. Awareness posters on malware | 3 high-resolution JPG images | Eye-catching images | |
| 4. Awareness briefing on malware 2018 | 8 pages + cover | Written to accompany the seminar, or to circulate on its own merits | |
| 5. Malware hit parade | 1 page | Outlines 5 types of malware and 5 notable malware incidents | |
| 6. Malware scam busters | 6 x 2 pages each | Double-sided leaflets covering computer viruses, cryptominers, spyware, APTs, bank Trojans & ransomware, with news | |
| 7. Ransomware advisory | 1 page | What to do it your computer/device is being held to ransom | |
| 8. Computer virus leaflet | 2 pages | Simple double-sided informative leaflet | |
| 9. Case study on malware | 2 pages | Draws on a genuine malware incident, reported in the news | |
| 10. Wordsearch puzzle on malware | with solution | The grid hides well over 100 malware terms: how many can you find? | |
| 11. FAQ on malware | 1 page | A simple one-side Q&A format | |
| 12. Awareness challenge on malware | 1 page | A creative, fun challenge to get people thinking and interacting on malware | |
| 13. Awareness survey on malware | 1 page | Measure awareness and gather feedback | |
| 14. Awareness test on malware | 1 page | Are your awareness materials and activities getting the key points across? | |
| 15. Hyperlinked information security glossary | 316 pages (!) | New terms include false flag, Coinhive, cryptominer, cryptojacking, Hiddad, Kedi and Xafecopy; malware entries are shown in red throughout the glossary | |
| Stream B: security awareness materials for managers | |||
| 16. Diagrams for malware |  20 MS Visio drawings (!) | Visual representations of various aspects of the malware threat | |
| 17. Management seminar on malware | 18 slides with speaker notes | Discusses the evolving malware threat | |
| 18. Board agenda on malware | 1 page | Get senior management talking about the strategic aspects of malware | |
| 19. Elevator pitch on malware | 1 page, ~80 words | If you had a fleeting chance to discuss malware with management, what would you say? This document is a prompt | |
| 20. Model policy on malware | 5 pages | Generic policy template, needs customization to suit your requirements | |
| 21. Exec briefing on malware | 1 page | Looks as the strategic, governance and management aspects | |
| 22. Management briefing on malware | 3 pages + cover | Quite succinct, explains cryptomining malware and other topical concerns | |
| 23. Job description for a malware analyst | 1 page | Outlines this specialist rôle and the skills/competences typically required | |
| 24. Management briefing on malware metric | 5 pages | A discussion paper suggesting several ways to measure malware risks and controls | |
| Stream C: security awareness materials for professionals | |||
| 25. Newsletter on malware | 4 pages | Uses recent news clippings and topical quotations for an update on malware | |
| 26. Professional seminar on malware | 19 slides with speaker notes | A slightly more technical take on malware | |
| 27. Professional briefing on malware | 4 pages + cover | A relatively short and sweet update this year, an overview for perspective | |
| 28. Internal Controls Questionnaire on malware | 9 pages | Evaluate the organization’s malware-related information risks and controls | |
I'm particularly pleased with the poster image above, designed to accompany the staff seminar:
Malware The Movie Part XIV:
Invasion of the Cryptominers
While the surface was strangely calm,
far underground the crypt took shape
I had in mind those lurid cult classics such as Invasion of the Bodysnatchers, Friday the Thirteenth or the sinister Hammer horrors with Christopher Lee & co. Our graphics wizz married the concept of a horror movie poster with an image representing digital currency and Bitcoin, bringing it bang up to date. Nice work!
It's "part XIV" because there are (at least!) 13 other recognized types or families of malware already, conveniently averaging about one per year that we've been churning out the 'malawareness' content.
I wonder what horrors will feature in the module this time next year? Will it creep you out if I suggest that, whatever it might turn out to be, it is probably already in the wild, right now?
Don't forget to check under the keyboard tonight, and keep a firm grip on the mouse. Sleep tight.