Tag Archives: cybercrime

Ransomware: Another Reason for Back-Ups

Among the many kinds of wicked online traps that users must beware, one of the most vicious kinds is called “ransomware“. This is a generic term for a type of malicious software that encrypts all or the most useful of the victim’s files, making it impossible to open or do anything until a ransom is paid to the cybercrooks. As in many kidnapping cases, their demands can greatly escalate if not paid quickly. But even if the ransom is paid, the victim very often does not get what was taken back. Fortunately, this last summer, a particular nasty specimen called CryptoLocker was finally broken open by two Internet security firms, FireEye in California, and Fox-IT in the Netherlands. Once they recovered the encryption keys, they put up a free site, decryptcryptolocker.com, to help victims get their precious files back. The details of how they were able to do this are sketchy, but the opportunity apparently arose after an international effort by law enforcement agencies, Operation Tovar, successfully took down the GameoverZeus botnet. Since then other tools and policies to avoid infection have been developed. CryptoLocker is usually spread by email attachments but can also be spread through by malicious websites exploiting outdated browser plug-ins. More information about how it works can be found here. Though the malware itself is surprisingly easy to remove, decrypting files is not so easy. Thus the tools. There is, however, an easier way of dealing … Continue reading

Posted in Security, Warnings | Tagged , , , , , , , | Leave a comment

Dangers of Public WiFi

[Note: This is derived from articles originally published in the July and August editions of the SWCP Portal, our monthly newsletter. Due to the importance of the security information they contained, we’re republishing them here for everyone.] Ars Technica tech news site recently warned that public WiFi hotspots can post a security risk to users. It’s not that the hotspots are themselves insecure. It’s the way most computers, tablets, and phones implement WiFi logins that poses a danger. AT&T and Comcast, among others, are promoting large networks of WiFi hotspots which are free for their customers to use. For example, AT&T’s free WiFi hotspots are available at McDonald’s and Starbucks. When you see the “attwifi” network at any of these places around the country you can log in with your AT&T login. The same goes for Comcast’s “xfinitywifi“. It’s as convenient as it is dangerous. The trick is that once you have logged in to one of these networks, your computer or tablet saves the login information so you can reconnect to these networks without entering a password the next time you are near one of their hotspots. This is the window that can let the bad guys in. What the criminal can do to the unsuspecting device owner is set up his own WiFi hotspot using the network name “attwifi” or “xfinitywifi“. But the crook’s hotspot has some tricks up its sleeve. First, it allows you to connect regardless … Continue reading

Posted in News, Security, Warnings | Tagged , , , , , | Leave a comment

Is Cyberwar the New Normal?

The Internet these days is often compared to the Wild West. It, too, is a wide open frontier with endless possibilities, loose rules, limited government controls and not a few rustlers and bandits lurking along its trails. But unlike other frontiers, the Net seems to steadily becoming more dangerous, not less. And there are now armies on the move. Hackers aren’t just computer whiz kids, online scam artists, or even criminal networks any more. Hacking has become a weapon of war. Stunning accusations in a recent report by Mandiant, a US online security firm, provide insights of just how persistent threats from government hackers working for certain enemy states have grown. The company has been investigating security breaches at hundreds of organizations around the world since 2004. Their tracking of threats has allowed them to identify more than 20 hacking groups within China. The largest of these, which they called APT1, for “Advanced Persistent Threat” has conducted vast hauls of information from hundreds of organizations since 2006. Madiant’s detective work on over 150 corporate victims for over 7 years paid off. They were able to identify APT1 as a unit of the People’s Liberation Army of China with a code designation of Unit 61398, precisely located its facilities in the middle of Shanghai, and even named three key developers. They watched APT1 compromise 141 companies in 20 industries, and studied in detail APT1’s sophisticated methodology – in one case, as … Continue reading

Posted in How the Net Works, Interesting Items, News, Security | Tagged , , , , | Leave a comment