Monthly Archive November 2018

Fight Ransomware with Backup

One of the nastiest types of malware is ransomware.  Its objective is to invade your computer, prevent you from accessing your information and to hold it hostage until the money being demanded is paid.

You can, however, thwart and neutralize the major effect of a ransomware attack by maintaining a complete and functional backup of your computer records.  This applies to individuals and businesses.

Why Is Backup a Necessity?

Hardware will fail and malware attacks are growing.

You or your organization is totally vulnerable if it’s without a functional backup of vital computer records.  Your information system must be protected and capable of being quickly restored.

Billions of dollars are being lost each year due to ransomware.  Backup is clearly a necessity.  You must provide it.  Otherwise, you set yourself up to be a victim and left to pay the ransom in hope that the cybercriminal gives you the key to unlock your data.

The only other option you have is to permanently lose access to your information and start all over again.

How Do You Create Backup? 

The point has been made that you must be in the position to restore your data.  Both the Apple and Window’s operating systems have features you can use for backup.  You can use the backup features for your particular system.  That’s a partial strategy.

Other considerations include the need to be sure that you are creating a clean backup (one free of malware).  You could, otherwise, be restoring an information set that is infected.  The ultimate backup plan would, also, include maintaining multiple copies with at least one should being kept in a different location.

Once you have made provisions for creating a clean, thorough and reliable backup you should be able to restore your locked-up records that have been ransomed.

SPECIAL NOTE:  The author strongly recommends that you contact the publisher of your computer’s operating system and tell them that you want to do a full backup of your computer’s information as a defensive measure against malware.  Ask for the manufacturer’s suggestions.  Follow the recommendations for your particular model, the version of the operating system and your system’s capacity.

Listed below are two videos which will provide you with additional information on how to access and perform a backup for both the PC and Apple:

Video on how to backup your PC

Video on how to backup your Mac

What Would We Recommend for Backup?

We recommend that you consider a relatively easy tool as part of your backup plan.  That is to use external hard drives which are removable.

Shown below are two options.  I use the Western Digital removable external hard drives which can be removed.

Western Digital’s 4 Terabyte External Hard Drive

Western Digital’s 8 Terabyte External Hard Drive

How about the Cloud, a Network Area Storage Device or Tape Backup?

The publisher of the Computer Security Journal is focused on exploring an efficient and cost effective way to backup your information.  We want to be able to recommend methods that represent a solid defense against ransomware.  There is an ugly truth, however.

You are basically wasting your time if your backup is already infected with ransomware.  The malware that is on the original hard drive would likely be duplicated, too!  So what is the solution?

Backing up your entire hard drive to the cloud may solve the problem – depending upon the cloud storage provider’s services or whether the latest backup in the cloud is free of the ransomware that is on your computer.

Another option is to purchase and use a tape drive.  Tape drives are a much older technology but a modern day product that might be an excellent solution because infecting tape with malware is a bigger challenge for cybercriminals.

Another option is to use what is known as an NAS (Network Attached Storage).  These devices are much more expensive but may be a solution you want to consider.

Fighting Ransomware – A Summary

We strongly recommend the following to defend against ransomware:

1.)  Install and use a good malware program on your system

2.)  Create multiple copies of the information contained on your computer

3.)  Avoid keeping your backup media and device “connected” to the network or Internet

4.)  Keep a full-blown copy of your backup in a location that is separate from your computer

5.)  Follow the best practices associated with computer security

6.)  Establish a backup strategy to include restoration of data and test it.

We will continue to research  the topic of backup.  It’s extremely important and one that you must get right.  Please check back with us and watch for follow-up posts on the topic.

What Is Ransomware?

 

What Is Ransomware?

Ransomware is vicious malware.  It encrypts your data and makes it inaccessible unless you send money.  You can only hope that if you pay the hacker sends you the decryption key.

You should become urgently aware of ransomware and routinely fight against it.  The problem has been growing.  In the previous year it reportedly grew by 2,500%.  You could suddenly see a message on your screen like the one below.

Ransomware Suddenly Announces Your Data is Inaccessible

Ransomware can be delivered to your computer in a variety of ways.  An email attachment, for example, is a typical tool that can be used to infect your system.  The cyber criminal’s goal is to get you to “click” on a nefarious attachment installed on your computer.

The use of Spamware is another delivery method that can be used to draw in users into taking action to implement ransomware.  There are a number of nasty techniques.  Avoid clicking on unsolicited offers or questionable links.  Evolving ransomware is now automated and some attacks are hosted by cybercriminal organizations that sell ransomware as a service for a percentage of the amount stolen.

One is for the hacker to use an invisible web page placed behind the one that is observed on the screen.  An unsuspecting computer user could click on a particular area on the screen and the downloading of the ransomware would begin without the user’s knowledge.

Special Note:  The security software publisher Panda produced the informative video shown below.  We are unfamiliar with Panda’s effectiveness against ransomware but endorse its characterization of ransomware.

Everyone Should Fear Ransomware

Cyber thieves use ransomware attacks to extort monies from institutions, businesses, personal computers and even mobile devices (particularly Android systems).  User awareness is a major factor that can influence whether a ransomware attack can succeed.  Keeping all of your software updated is important, too.

Backing up your data is one of your main defenses against a ransomware attack.  You must remember, however, that anything connected to your network can be infected by ransomware.  That includes the data stored in the cloud.

Your backup must be stored separate and apart from your electronic data system.  Andra Zaharia, a self described at Heimdahl, lists 15 items to take anti-ransomware to a higher level.

I’ve paraphrased her comments below:

1.)  Avoid storing critical data on a PC.

2.)  Maintain at least two full backups on a removable hard drivediately close out the connection.

3.)  Sync your data to whatever cloud solution you use and immediately close out the connection.

4.)  Update and patch all operating system and application software.

5.)  Consider using a guest account (rather than an administrator account) for daily use.

6.)  Turn off all macros (special command sequences). Word, Excel, PowerPoint, Java, etc.

7.)  Remove browser plug-ins (Adobe Flash, Adobe Reader, Java and Silverlight.  Set the browser to request activation.

8.)  Maximize your browser’s security settings.

9.)  Remove any older software or plugins that you don’t use any more.

10.)  Use an ad blocker to avoid malicious ads.

11.)  Never open email from unknown senders.

12.)  Never download attachments.

13.)  Never click on questionable links.

14.)  Purchase and use a reputable antivirus product and set it to automatically update.

15.)  Consider using a traffic filtering solution.

Another source suggests disabling what is known as Remote Desktop Services if you don’t require it.

I would personally recommend that you avoid maintaining a persistent connection to the Internet.  Shut down your computer when you are finished working.

You need to have a backup plan in place.  One solution that appears to have merit is to consider using a tape drive that is never connected to the Internet.  You’ll have to wipe your computer should you be infected by malware.  Therefore, you must be prepared to restore your data from the backup you maintain – after terminating your connection to the Internet.

Summary

Ransomware is a major attack tool that cyber criminals use.  The malware denies the users access to their data.  The target’s information is typically encrypted and a payment is demanded to obtain the “key” to unlock the infected system.  The problem is growing.

Protecting your system involves following security best practices and developing a solid backup plan.

 

 

 

Improve Cyber Security. Install a “Human Firewall.”

Firewalls are security mechanisms through which Internet packets must travel.  These computer security devices can either be hardware or software.  They can also be a combination of both.    The purpose of firewalls is to prevent any unauthorized access to computers and networks by threats such as a virus or other malware.

The hardware version of a firewall is usually placed between the connection to the Internet and the network or computer.  The software version can reside in the computer or the hardware device itself.

How Does It all Work?

Packets of data come in from the Internet.  Each contains both a source and destination address as well as a “payload” section.  All packets are examined as they pass from the Internet and into the firewall.  A properly configured firewall only lets legitimate Internet packages through and blocks unauthorized messages that could be spam or malicious code.

Both the hardware and software firewalls work at the speed of computers.  But there is another “firewall” that can help stop the threat of cyber crime.

What Is a Human Firewall?   

A human firewall is different.  Well-educated computer workers are urgently aware of the need to maintain the confidentiality, integrity and availability of information.  Fully prepared humans, schooled in security best practices, can be very effective “firewalls” against intruders.

Why Not Create a Human Firewall?

A human firewall can stop a threat or close down a vulnerability by simply handling a threat in a proper manner.  For example, a virus can be downloaded onto a machine or network if just one person falls victim to a deceitful “phishing attack” and get through to compromise a computing infrastructure.

What Should the “Human Firewall” Know and Do?

A “properly configured” human firewall should be thoroughly aware of security best practices that include:

  • Avoid clicking on unknown links or questionable websites
  • Avoid downloading software or apps from unknown sources
  • Maintain a secure work space
  • Disallow the uploading or downloading of unauthorized files or software
  • Creating and changing robust passwords
  • Don’t allow others to use your computer
  • Lock your keyboard when temporarily stepping away from your computer
  • Terminate your connection when ending an Internet session
  • Don’t share storage media with others
  • Be suspicious of emails asking for confidential information
  • Disable services you aren’t using on your computer
  • Encrypt critical information
  • Comply with security policies

Summary

The human component in cyber security can be the weakest link.  Insiders are at the top of the list of threats.  Many exploits aim at the employee seeking to gain entry into the system through them.

People who have access to your system and information truly must become a part of a “human firewall” against the cyber criminal.

What Is Risk Management?

The phrase, “risk management”, has a number of meanings depending upon the circumstances and situation in which it is used.  The phrase could be referring to a profession, a structured organizational plan to control cyber threats cybercrime or vulnerabilities or prudent action taken by an individual computer user.

The title of this post refers to the management of risk at a user level designed to improve what is being done to secure your information resources.

Being careful about what you should “Click” upon is one way to manage risk.

Cyber Crime & Email Threats

Be cautious about clicking on unknown email links and visiting unknown websites and downloading free software.  Doing so could be used to deliver malware that would be harmful to your system.

Phishing Attacks

Another common attack method, using email, is a technique known as “phishing”.  It’s a form of “social engineering” that arrives in the form of email but masquerading as a legitimate request.  Phishing is designed to appear as a trusted source and using you to compromise the cyber security of your system.

Phishing Attacks Can Appear to be Legitimate

Phishing attacks can be very sophisticated and appear to come from a trusted website like the one shown below from PayPal:

One way to determine if the source of the email is legitimate is to place the cursor over the item and examine the URL in the text box to determine whether the supposed documents come from the actual source.  Hackers can gain access to your account and wreak havoc by tricking you into giving up information like your account number.

Avoid Clicking on Malicious Links

Another method of attack used by cyber criminals is to you to click on a link in a pop-up or malicious site.  One example could be a fake “Security Alert.”  The target is then sent to a website designed to compromise information resources.  The purpose of such an attack might be to download malware and install it upon your computer.  The malware could be a “keylogger” that stores every key stroke typed upon the infected machine and send it back to the hacker’s site.

Visiting Questionable Websites

A user could be enticed by an ad to go to visit a malicious site to view a “funny” video, for example.  Upon arriving at the site a visitor could receive an alarming message like the one shown below which appears to be a special alert.  Indeed, if a user were to follow the instructions, the malicious site could download intrusive adware or other type of software that infects your computer or networks.

Summary

Cyber criminals use a variety of methods to trick computer users.  The goal is to induce computer users to take an action that makes it possible to install malicious code on their computing resources.

Your computer, once it’s infected with nefarious software, is the servant of the cyber criminal.  The malicious software can even be used to further expand the spread of the malware to others.

Think twice before you casually click on a link.

Helpful Cybersecurity Products

Lock Your Keyboard When Leaving the Area

Why Lock Your Keyboard?

Insiders are one of the biggest threats associated with cyber crime.

Concerns about an insider hack exist in more than 90% of companies surveyed.  Disgruntled employees, third-party vendors and visitors already have access or routinely come into close contact with your information infrastructure.

You need to exercise control and shut the door to people who would intrude upon your confidential information.                                                                                                                                                        

One way you are inviting a malicious hacker to enter your system is by leaving your keyboard or touch screen “unlocked” when you take a break or temporarily leave your work area.  Your information could be quickly stolen or damaged.

Lock Unattended Keyboards

Lock Your Keyboard When Leaving the Area

 

How Do You Lock Your Keyboard?

Each digital device (e.g. computers, smartphones, laptops) communicates with users through its own unique operating system.  Users can issue a command that “locks” the digital device when it’s not being used.

Check with the manufacturer’s instructions for your specific hardware.  You can also check with your company’s customer support department prior to locking your system.  You must be familiar with your device’s operating system and the manner in which it can be locked and unlocked when the computer isn’t going to be used for a short while when you walk away.

You must enter your password or PIN, however, to re-gain access.

Make sure you know your password!

Let’s look briefly at how you can lock the “Mac” and “PC.”

How Do You Lock & Unlock “Mac?”

To lock your computer, select or click on the Apple logo and then Select Preferences > Security & Privacy and then > General.  Select the option that requires a password and a time limit if you so choose.  A user would then have to enter the password in order to access the computer.

How Do You Lock & Unlock a “PC?”

One way to lock your PC is to depress and hold down the CTRL + ALT + Del keys simultaneously.  Hold them down for a few seconds and a window appears.  Select the “Lock Computer” option.  Caution:  You will have to enter the correct password to be able to work on the computer again.

Why Is Locking Your Computer A Big Deal?

We’ve already mentioned that one of the biggest threats to cyber security comes from the insider.  They are people who are typically in close proximity to sensitive information and want to “hack” or steal confidential information.

Computer workers in America are generally free to get up and move around their work areas and take breaks.  Anyone who is inclined to access confidential information would have access to whatever you left exposed on your screen.

You can significantly hamper the efforts of the hacker by locking your screen.

FREE Security Reports