Tech Security Updates
Petya RansomWare Outbreak - *Read&Posted by Brian McDonald at 6/27/2017
No one took the WannaCry Ransomware seriously enough last month. Now we have Petya, an agressive outbreak that spread through Russia and Europe and even touched down in the U.S.
We are patched here at the COE, however please read and be cautious. Knowledge is power...
Ransomware. You could be next...Posted by Brian McDonald at 2/7/2017
That menace is lurking in your employee inbox that wasn't blocked by the email filter? Egyptian Prince with millions to give you? Microsoft telling you that you need to contact them immediately with your credit card and social security number ready?
For schools and education, the new evil is Encrypting Ransomware attacks - an incredibly sinister type of malware that is delivered via spear phishing emails to staff or students that have the ability to lock up valuable data and documents and demands a ransom to release them, often starting at $600 per ransom - and they are out there waiting for you. The FBI estimates Ransomware is on pace to be a #1 billion dollar source of income to cyber criminals by the end of 2017.
The numbers don't lie folks. The explosion of multiple types of ransomware is working it's way into all organizations, but especially education and schools. Why? Big business baby, and a huge return on investment to those attackers succesful in using it. An average of 30,000 infections per month!
At this very moment, one of you could be clicking a link in a spam email and activating macros in a malicious word document. In a few seconds, all your data, as well as the organizations data will be encrypted and held for ransom with only a few days to pay to get it back.
Here is how it goes down:
- Initially, the victim receives an email which includes a malicious link or a malware-laden attachment. Alternatively, the infection can originate from a malicious website that delivers a security exploit to create a backdoor on the victim’s PC by using a vulnerable software from the system.
- If the victim clicks on the link or downloads and opens the attachment, a downloader (payload) will be placed on the affected PC.
- The downloader uses a list of domains or C&C servers controlled by cyber criminals to download the ransomware program on the system.
- The contacted C&C server responds by sending back the requested data, in our case, the ransomware.
- The ransomware starts to encrypt the entire hard disk content, personal files and sensitive information. Everything, including data stored in cloud accounts (Google Drive, Dropbox) synced on the PC. It can also encrypt data on other computers connected in the local network.
- A warning pops up on the screen with instructions on how to pay for the decryption key in Bitcoin which is untraceable by law enforcement.
This happens in seconds. Literally... seconds.
How can you protect yourself and the organization?
Fake emails and webpages often have bad spelling, or just look unusual. Look out for strange spellings of company names (like PayePal instead of PayPal) or unusual spaces, symbols, or punctuation or run on words or sentences (iTunesCustomerService instead of iTunes Customer Service).
- Do not visit unsafe or suspicious websites while at work.
- Do not open email attachments from people or entities you don't know, or from people or entities you do know, but weren't expecting email from.
- Bottom line: If you are unsure, delete it and don't click it!
Beware the Public Wi-Fi...Posted by Brian McDonald at 7/10/2016 6:00:00 AM
I was sitting with my wife at a local coffee joint recently. We were both on our computers, spending a bit of time together chatting while getting some early morning email out of the way before we headed to work. We were talking about how my Verizon hot spot was much quicker than her AT&T hot spot, when I began wondering what the other patrons in this crowded shop were using for wi-fi? That got me thinking about the free public wi-fi offered at almost all public locations nowadays and specifically, how many of my fellow java worshippers were conducting personal business while connected to said public wi-fi?
And I said to myself, "They all know how dangerous public wi-fi is, right? There are so many articles and info pieces out that none of them are using it for anything personal".
But, do they and do you? If you have found yourself sitting at a coffee house, restaurant, airport or any other location with public wi-fi available and you are connecting to "open" or "free" or "secured or unsecured" public wi-fi do you realize that everything you transmit while connected can be viewed by anyone else connected to that same public wi-fi? And I mean your passwords, usernames, credit card and bank account info. Whoah... do I have your attention now? Here are the things you can do to keep you and your personal info and finances safe:
- User your common sense. Use of any open or public network is a security risk. Don't bank, online shop, or do any other activities that would expose your private info. If you aren't willing to share your credit card or bank account with the public, it can wait until you get to your home wi-fi.
- You are never really secure. Public wi-fi hot spots are always unsecured connections, period and end of story. So you and any potential hackers are in fact, hanging out in the same network bubble! It's not difficult for even a novice hack to check out your activity and sniff out your personal information. So, even if a hot spot requires a login/password or guides you into a login screen, you're at risk.
- Computer connection to public wi-fi. Windows and Mac laptops have security features that you have to be familiar with if your using your computer in public. Enable your firewall. Block all incoming traffic. Disable file sharing for a public network.
- Public wi-fi on my cell phone is ok right? Yeah... no. Same deal. A hacker can place himself between your cell and the wi-fi and sniff all your activity. And public malware on cell phones has become a big issue as hackers use public wi-fi to spread malware to cell phones. So if you are in a spot questioning whether or not to connect, just don't do it. Even if you are worried about going over your allotted data plan limit.
- Padlock it. If you have to use public wi-fi, make sure the site you are connecting to is secure. SSL (Secure Socket Layer) sites or https:// sites use enrypted communications between themselves and you.
- Personal Hot Spot. When in doubt, activate the hot spot feature on your cell phone account if you can. Use your personal or work based cell phone account for computer connectivity to bank or work use outside the office.