Ransomware Gets Bolder as Bigger Players Join the Game

Posted December 2nd, 2016 at 11:00 am (UTC-5)
Leave a comment

(T. Benson for VOA)

(T. Benson for VOA)

Ransomware attacks are becoming more brazen if the November 25 assault on the San Francisco Municipal Transportation Agency’s (SFMTA) is any indication. And cybersecurity experts project a surge in these types of digital assault as new players get into the act.

“Unfortunately, this is a trend,” said Comodo Senior Research Scientist, Kenneth Geers. “And it works.”

“They seize your data virtually, encrypt it, and then they make you pay for this private key that is the only thing, according to the laws of mathematics, that will unencrypt your data and allow you to access it,” he said in an interview.

Different types of hacker groups are doing ransomware. Some go after any vulnerable target they find so long as they can make money. Increasingly, though, “the criminals who are doing ransomware are organized and sophisticated, said Dan Hubbard, Cisco Systems’ Chief Technology Officer for Cloud Security. These groups deliberately target different, possibly major entities or businesses that have a higher potential for profit.

“The trends we’re seeing are that there are larger groups doing it,” he told Techtonics. “Before, there was a narrow number of attacker groups that were actually doing ransomware, and that has broadened pretty considerably.”

Hubbard believes one of the key reasons ransomware attacks are becoming more pervasive is ransomware-as-a-service – a business model available to criminals online, complete with tech support. “They don’t necessarily have to be technical. They pay someone else who has the technical capabilities to do this.”

“Over the last maybe year and a half,” he added, “it has escalated and become quite more sophisticated and pervasive,” with various groups finding better and more sophisticated techniques to evade security products and deceive users into installing and running malicious software.

Where these criminals are is anybody’s guess, though many cybersecurity experts suspect Russian hackers. But Comodo’s research puts Albania at the top of the list of countries with the highest ratio of ransomware.

“Albania, South Korea, Finland, China, Denmark – those are our top five,” said Geers.

While it’s hard to predict where ransomware might hit next, Geers said sometimes, language and culture play a role, particularly if the hackers are using social engineering to manipulate people and trick them into divulging personal information.

“I suspect one of these organization might well be Albanian if they’re able to so effectively infiltrate [the] state,” he said. “But Russia is on … the top of everybody’s list – it’s number six on ours – by ratio.”

Old tricks still work

Attackers using ransomware encrypt files on mobile devices or PCs and lock out their users until they comply with a demand to pay ransom. (Ted Benson for VOA)

Attackers using ransomware encrypt files on mobile devices or PCs and lock out their users until they comply with a demand to pay ransom. (Ted Benson for VOA)

Ransomware attacks – or variations of them – are not new. Lockers, as they were called, were used as early as 1989 to block data access on browsers or desktops. In some cases, the hackers would grab a picture of the owner or the IP address of the computer and claim to be law enforcement agents. They then would tell the victim he has done something illegal and must pay a fine.

“This still happens all the time around the world,” said Geers. “… And a lot of people pay. And it’s lucrative for criminals.”

The scheme has netted criminals millions of dollars in “fines.” But over time, ransomware evolved into strong encryption. “They’ve gone a step further, essentially from 2013, in particular, on,” he said. “And they don’t need to threaten you as much.”

Once a cryptovirus has been loaded on a targeted device, hackers can access all sorts of documents, emails and system privileges. And while businesses, regardless of their size, are preferred targets, the lines between consumers and workers are becoming increasingly blurry as people use their own devices to work from home or in their car, or follow up on personal things at work.

Additional Resources

“That means that, as an individual, you’ve got to take some level of shared responsibility to be educated around the types of attacks and to understand that these things could happen to you as an individual and could potentially affect your company,” said Hubbard. “So obviously education is always an important thing … certainly awareness of this problem.”

Ironically, some companies believe this is something that can never happen to them. Hubbard cautioned, however, that anyone “can be a target at any time” – even individuals who suddenly cannot access their documents or find themselves looking at a ransom note on the screen.

It’s a good thing then SFMTA was prepared – sort of.

The hacker who compromised the agency’s data systems demanded a ransom of $73,000 in Bitcoin to release the files. But a viable data backup saved the day, so paying the ransom was not necessary. And as poetic justice would have it, a security researcher hacked the email the hacker provided for the ransom and obtained valuable clues on his identity and whereabouts.

Paying the ransom is a bad idea. Those that decide to go that route are often marked as a potential repeat target. And unless your hackers are business-minded enough to return your files, be prepared for the consequences.

“It really doesn’t guarantee anything if you pay,” said Geers. “A lot of times, law firms or hospitals – they’ll just pay the 50 euros, 100 euros or dollars in order to get their data back, but from a criminal syndicate perspective, that puts you in a category of someone who can and will pay, which is also dangerous.”

Even if you pay the ransom, hackers plan ahead, often leaving backdoors that allow them to get back in. And that makes it more difficult for the user to completely reinstall the compromised system or network from the ground up, a time-consuming and expensive process.

This is why a viable backup is crucial for recovery. And both Geers and Hubbard stress the importance of having a data backup offline on a separate device.

“Back up your data in what is called ‘cold storage’ – so offline,” said Geers. “… But … computer security goes back to best practices, which start with people.”

Keep your software up to date and remain vigilant for malicious apps and email payloads. Develop a response strategy, and if ransomware strikes, know what to do and who to call.

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

Wechat’s Censorship Game; FireEye: Russia Weaponized Social Media

Posted December 1st, 2016 at 12:29 pm (UTC-5)
Leave a comment

Today’s Tech Sightings:

FILE - A WeChat logo is displayed on a mobile phone as a woman talks on her mobile phone in this picture illustration taken July 21, 2016. (Reuters)

FILE – A WeChat logo is displayed on a mobile phone as a woman talks on her mobile phone in this picture illustration taken July 21, 2016. (Reuters)

Report: China’s WeChat Censors Users Abroad

A new report from Toronto’s Citizen Lab says China’s top messaging app WeChat censors or blocks key words and sensitive terms in messages sent from overseas to mainland China. The block affects group chats of three or more users and messages containing terms not sanctioned by Beijing or are linked to Chinese phone numbers.

FireEye: Russia Weaponized Social Media in US Election

Cybersecurity firm FireEye says in addition to hacking and document leaks, Moscow used social media as a weapon during the U.S. presidential campaign in November to influence perceptions. A FireEye analysis of thousands of online posts, links, and documents found material stolen by Russian intelligence being heavily promoted through fake social media accounts and narratives.

A Beginner’s Guide to Beefing Up Your Privacy and Security Online

These days, it’s harder than ever to protect you privacy amid an ongoing rash of cybersecurity breeches and expanded government surveillance. But there are steps you can take to beef up your digital privacy. Writer Andrew Cunningham offers some basic guidelines to help the uninitiated.

More:

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

Google Hacked; Trump Mobile Alerts Are Coming to Your Phone

Posted November 30th, 2016 at 2:28 pm (UTC-5)
Leave a comment

Today’s Tech Sightings:

FILE - This March 23, 2010, file photo shows the Google logo at the Google headquarters in Brussels. (AP)

FILE – This March 23, 2010 photo shows the Google logo at the Google headquarters in Brussels. (AP)

At Least 1 Million Google Accounts Breached by Gooligan Android Malware

An Android-based malware dubbed Gooligan has compromised up to one million Google accounts. Researchers from security firm Check Point Software Technologies found the strain in at least 86 apps available in third-party marketplaces. When the apps are installed, they gain high-level access to devices running version 4 and 5 of Google’s Android operating system. The malware then steals authentication tokens that allow access to various Google accounts. Here’s how to find out if you were affected.

Starting January 20, Trump Can Send Unblockable Mass Text Messages to Entire Nation

The U.S. Congress created Wireless Emergency Alerts in 2006 to inform mobile phone users nationwide about critical emergencies. But starting next year, President-elect Donald Trump will be able to mass-text every single America – and you will not be able to block the them, thanks to a congressional demand that carriers make this line of communication unblockable.

Reported Webcam Blackmail Cases Double in UK, Are Linked to Four Suicides

Britain’s National Crime Agency says reported webcam blackmail cases have more than doubled over the past year and have been connected to at least four suicides. The numbers have gone up to 864 from 385 webcam cases in 2015. Ninety-five percent of the victims are men 21-30 years of age, and all the suicide victims were men.

More:

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

Television Is Taking Over Social Media; 2016’s Biggest Breaches

Posted November 29th, 2016 at 11:21 am (UTC-5)
Leave a comment

Today’s Tech Sightings:

FILE - A 3D plastic representation of the Facebook logo is seen in front of displayed logos of social networks in this illustration in Zenica, Bosnia and Herzegovina. (Reuters)

FILE – A 3-D plastic representation of the Facebook logo is seen in front of displayed logos of social networks in this illustration in Zenica, Bosnia and Herzegovina. (Reuters)

Social Media Is Killing Discourse Because It’s Too Much Like TV

Writer Hossein Derakshan argues social media now represents the ascendance of television over other media. As video and graphic content replace text and hypertext, he says social media is recreating television, albeit with new problems. On social media, he argues, algorithms determine what content to display to maximum emotional effect. The outcome, he says, “is a proliferation of emotions, a radicalization of those emotions, and a fragmented society. This is way more dangerous for the idea of democracy founded on the notion of informed participation.”

SafariSeat’s Wheelchair for Developing Countries Hits 300 Percent Crowdfudning

In many African countries, people who use wheelchairs find it hard to maneuver in the absence of ramps or friendly terrain. But SafariSeat wants to change that with an all-terrain open source wheelchair. The wheelchair, which so far has been overfunded on Kickstarter, is designed for developing countries and can be assembled locally with bicycle parts. The crowdfunding campaign will fund as many chairs as the company is able to build and an open source manual to allow communities to build their own wheelchairs.

These Were the Biggest Hacks, Leaks and Data Breaches of 2016

Hack attacks have become bolder and more sophisticated in recent years. And 2016 has seen some of the biggest on record. ZDNet looks at some of 2016’s biggest and most dangerous attacks and leaks that compromised the personal information of millions of people.

More:

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

By the Way

Posted November 25th, 2016 at 11:35 am (UTC-5)
Leave a comment

Techtonics is taking the day off. Please check back with us on Tuesday.

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

By the Way

Posted November 24th, 2016 at 11:30 am (UTC-5)
Leave a comment

Techtonics is taking a couple of days off. Please check back with us on Tuesday.

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

Posted November 23rd, 2016 at 10:11 am (UTC-5)
Leave a comment

Techtonics is taking a few days off. Please check back with us on Tuesday.

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

Teaching Kids About Cybersecurity? Ask Garfield.

Posted November 11th, 2016 at 11:10 am (UTC-5)
1 comment

A graphic from 'Garfield's Cyber Safety Adventures,' a comic book that aims to teach kids about privacy and online safety. (Center for Cyber Safety and Education)

A graphic from ‘Garfield’s Cyber Safety Adventures,’ a comic book that aims to teach kids about privacy and online safety. (Center for Cyber Safety and Education)

Children are spending more time online, chatting up strangers and sometimes giving them personal information that could put them in harm’s way. But a new collaboration that enlists a particularly troublesome cartoon feline is looking to teach kids a few things about cybersecurity.

Mobile devices have become the babysitters of the technology age, engaging and distracting kids in equal measure.

“Children are growing up with these things,” said Patrick Craven, Director of the Center for Cyber Safety and Education. “They practically have them in the crib with them and so they don’t see the danger that could be.”

Online strangers that come across as friendly and chatty might seem harmless to a child. But giving them too much information – a home address or the name of the child’s school – or even meeting with them, might invite cyberbullying or worse.

“It’s a very scary situation,” said Craven. “And that’s part of what we’re trying to make sure that they don’t do.”

Enter Garfield. Cartoonist Jim Davis‘ orange cat, going strong since 1997, is better known for pestering Odie the dog and eating and sleeping all day. But with the new collaboration between the Center for Cyber Safety and Education and Davis, Garfield has a new role, featuring in a series of comic books and educational kits to teach kids the basics of internet safety.

“The children know who he is,” added Craven. “They watch his cartoons, they see his movies. And so it was we thought a fun way to try to communicate to the children instead of doing a PowerPoint presentation.”

But since Garfield is hardly “one that you go to learn things from,” the series introduces a new character – Dr. Cybernia, a Siamese cat and a certified cybersafety expert designed to serve as a role model. And her being a woman “was not by accident.”

“We thought it would be a great way to encourage young girls to look into cybersecurity or the STEM fields as a potential career path for them,” he said. “And hopefully she becomes a role model for them.”

The first part of the series, the only one published so far, focuses on basic privacy precautions, such as what you are tagging and what not to post online – your name, where you live, where you go to school, or your password. It includes a comic book, a poster and other educational material.

“The very first cartoon deals a little bit with stranger danger,” explained Craven. “And there’s a character on there that they don’t know. And they think it’s a cat. And it turns out it is not a cat. So it tries to teach that.”

A graphic from the poster for 'Garfield's Cyber Safety Adventures,' a comic book that aims to teach kids about privacy and online safety. (Center for Cyber Safety and Education)

A graphic from the poster for ‘Garfield’s Cyber Safety Adventures,’ a comic book that aims to teach kids about privacy and online safety. (Center for Cyber Safety and Education)

The poster teaches kids that online friends are not the same as friends they meet at school and that they should be approached differently.

“It doesn’t mean you can’t have online friends,” said Craven. “And it actually doesn’t mean you can’t meet with them, but you don’t go meet with them by yourself. Your parents go with you.”

Dealing with online strangers is the first installment of a dozen different topics. “We have a new one coming out every three or four months,” he said. “… All of them will be different – different stories, different messages, different lessons in them.”

The project also reaches out to parents and encourages them to learn more about cybersecurity and to reinforce what their kids have learned. All the material will be translated into different languages and used around the world.

“Right now, the first lesson is available just in English, but it’s already being picked up and ordered for usage around the world,” said Craven. “And eventually, we’re going to be able to put it into different languages so that children are able to hear it in their native language.”

The first translations will focus on French, Spanish and German. But the center also shipped educational kits to Kuwait, which expressed interest, for a pilot program.

“If they like it, then there’s a good opportunity they may help us in funding to put it into Arabic,” he added. “We are having conversations with the Brazilian government, so we could go into Portuguese quickly.”

Singapore is also on the list of potential recipients of translations done entirely in the native tongue. “First-graders, second-graders, they can’t read subtitles,” said Craven, “so it wouldn’t be of any use. So it’s got to be in their language. So there will be production costs and hiring the voices and things like that to translate.

The project is nonprofit, and the money generated from selling the kits, designed for up to 30 students in grades 1-6, covers printing and production costs for the various languages.

“Part of it will be dictated by who steps up and wants it and can helps us fund the translation for getting everything done because there’s a whole lot of material that comes with it,” he said. “It’s not just the comic book. There’s a cartoon, stickers, there’s posters, there’s letters – all these different things would all have to be translated. And the cartoon was actually kind of the cornerstone.”

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

Tech Giants Brace for Trump Presidency; Russia to Block LinkedIn

Posted November 10th, 2016 at 1:02 pm (UTC-5)
Leave a comment

Today’s Tech Sightings:

FILE - Apple CEO Tim Cook speaks during a news conference in New York, April 30, 2015. (AP)

FILE – Apple CEO Tim Cook speaks during a news conference in New York, April 30, 2015. (AP)

Tim Cook: ‘The Only Way to Move Forward Is to Move Forward Together’

Apple CEO Tim Cook stressed his commitment to diversity and social progress in a message to employees following the election of Donald Trump as the next president of the United States.  Without mentioning Trump, who had threatened to ban Apple during his campaign, Cook said Apple is open to all. “We celebrate the diversity of our team here in the United States and around the world — regardless of what they look like, where they come from, how they worship or who they love,” he added.

Should Google Be Scrubbing Servers to Prepare for President Trump?

Other tech CEOs, including Microsoft’s Satya Nadella and Facebook’s Mark Zuckerberg, sought to reassure their employees, calling for unity or focusing instead on long-term goals. Silicon Valley is very jittery about what tech policies will look like under President Trump. Fearing more government surveillance of user data, Pinboard CEO Maciej Ceglowski, a critic of data collection, urged Google and other tech giants to take a serious look at their trove of behavioral data on the internet and consider removing them. Here’s a list of the tech policies the president-elect promised to implement once in office.

Russia to Block LinkedIn After Court Ruling on User Data

A Moscow court has rejected LinkedIn’s appeal against a ruling that stated it had broken a data-storage law requiring all personal information on citizens to be stored on local servers in Russia. According to Interfax news agency, LinkedIn’s website will be blocked once the full text of the court’s ruling is delivered next week. The case was brought against LinkedIn by Russia’s state telecommunications and media regulator.

More:

Aida Akl
Aida Akl is a journalist working on VOA's English Webdesk. She has written on a wide range of topics, although her more recent contributions have focused on technology. She has covered both domestic and international events since the mid-1980s as a VOA reporter and international broadcaster.

WhatsApp to Add Video Calls; Adult Dating Site Hacked

Posted November 9th, 2016 at 3:37 pm (UTC-5)
Leave a comment

Today’s Tech Sightings:

A security message is seen on a Whatsapp screen in this illustration photo April 6, 2016. (Reuters)

A security message is seen on a Whatsapp screen in this illustration photo April 6, 2016. (Reuters)

WhatsApp Says Video Calls ‘Coming’

The popular messaging service says it will roll out a version of the app that allows users to make video calls using an iPhone, Android or Windows Phone.Users have been wanting this feature for a long time.

Adult Sating Site Hacked, Exposing Private Information

The parent company of adult dating site AdultFriendFinder, Friend Finder Networks, has been hit with a massive attack that exposed personal information on over 400 million users.

Facebook Employees Team Up to Examine Fake News’ Influence

Amid allegations that fake news circulated on Facebook make have influenced the U.S. election, a group of employees is forming an unofficial task force to try to measure the effect, if any.

More: