Daily Archives: March 23, 2016

5 things you need to know about ransomware, the scary malware that locks away data

869cbb32-a1c0-47d3-8364-6a4e39983484-large

Over the past few years millions of PCs from around the world have been locked or had their files encrypted by malicious programs designed to extort money from users. Collectively known as ransomware, these malicious applications have become a real scourge for consumers, businesses and even government institutions. Unfortunately, there’s no end in sight, so here’s what you should know.

It’s not just your PC that’s at risk

Most ransomware programs target computers running Windows, as it’s the most popular operating system. However, ransomware applications for Android have also been around for a while and recently, several variants that infect Linux servers have been discovered.

Security researchers have also shown that ransomware programs can be easily created for Mac OS X and even for smart TVs, so these and others devices are likely to be targeted in the future, especially as the competition for victims increases among ransomware creators.

Law enforcement actions are few and far between

There have been some successful collaborations between law enforcement and private security companies to disrupt ransomware campaigns in the past. The most prominent case was Operation Tovar, which took over the Gameover ZeuS botnet in 2014 and recovered the encryption keys for CryptoLocker, a notorious ransomware program distributed by the botnet.

In most cases, however, law enforcement agencies are powerless in the face of ransomware, especially the variants that hide their command-and-control servers on the Tor anonymity network. This is reflected in the multiple cases of government agencies, police departments and hospitals that were affected by ransomware and decided to pay criminals to recover their files. An FBI official admitted at an event in October that in many cases the agency advises victims to pay the ransom if they don’t have backups and there are no other alternatives.

Back up, back up, back up

Many users back up their sensitive data, but do it to an external hard drive that’s always connected to their computer or to a network share. That’s a mistake, because when a ransomware program infects a computer, it enumerates all accessible drives and network shares, so it will encrypt the files hosted in those locations too.

The best practice is to use what some people call the 3-2-1 rule: at least three copies of the data, stored in two different formats, with at least one of the copies stored off-site or offline.

You might get lucky, but don’t count on it

Sometimes ransomware creators make mistakes in implementing their encryption algorithms, resulting in vulnerabilities that allow the recovery of the files without paying the ransom. There have been several cases where security companies were able to create free decryption tools for particular versions of ransomware programs. These are temporary solutions though, as most ransomware developers will quickly fix their errors and push out new versions.

There are other situations where security researchers take control of command-and-control servers used by the ransomware authors and make the decryption keys available to users for free. Unfortunately these cases are even rarer than vulnerabilities in the ransomware programs themselves.

Most security vendors discourage paying the ransom, because there’s no guarantee that the attackers will provide the decryption key and because it ultimately encourages them.

If you decide to hold your ground, keep a copy of the affected files as you never know what might happen in the future. However, if those files are critical to your business and their recovery is time sensitive, there’s little you can do other than pay up and hope that the criminals keep their word.

Prevention is best

Ransomware programs get distributed in a variety of ways, most commonly through malicious email attachments, Word documents with macro code and Web-based exploits launched from compromised websites or malicious advertisements. Many are also installed by other malware programs.

As such, following the most common security best practices is critical. Always keep the software on your computer up to date, especially the OS, browser and browser plug-ins like Flash Player, Adobe Reader, Java and Silverlight. Never enable the execution of macros in documents, unless you have verified their senders and have confirmed with them that the documents should contain such code. Carefully scrutinize emails, especially those that contain attachments, regardless of who appears to have sent them. Finally, perform your day-to day activities from a limited user account, not from an administrative one, and run an up-to-date antivirus program.

5 Ways to Keep your Domain Name Safe from Being Hacked

http_Hack

The proliferation in the number of people using the internet had led to a significant number of new websites and blogs popping up every day. The huge platform for sharing views and personal opinion about anything or host content that one deems suitable to share, casual users today have understood how good a business owning a website or even a personal blog can be.

However, although many people easily set up their own website or blog, there are hardly any who are knowledgeable enough in protecting their domains from hackers once they become the legal registrants of domains. Today, we discuss this issue to help owners of personal blogs and small websites.

How to protect your domain from hackers

The following methods can be used to protect your domain from the attacks of hackers:

1. Activity alerts

This is similar to receiving notifications about your Facebook activity. Whenever an activity is performed using your domain account, you can get a notification. Many good domain registrars provide this feature free of cost. This is a good way to keep track of any unauthorized activity on your domain account.

2. Make sure writeable and executable files and directories are not in web root

Not doing so basically means that any unauthorized user can access readable and/or writeable directories or archives. This is as easy as it can get for hackers to exploit non-secured scripts to run or place data on your web hosting account.

3. Keep your domain locked

Enabling your domain registrar’s lock is a simple yet effective way to prevent illicit third-party domain transfer request. Such domain transfer requests are frequently used to steal domains. Simply enabling domain registrar lock can prevent your domain from falling prey to this malicious practice.

4. Do away with unwanted Directories, Scripts, and Subdomains

It is a common mistake by website owners to leave old and less used directories and scripts on their website. The gravity of this mistake cannot be emphasized on enough. This is because hackers can use this information for the purpose of hacking into your website. Therefore, it is important that you routinely chunk out files and directories that you no longer need or use.

5. Use strong and complex passwords

All accounts that require security are secured by passwords, but users can be so naïve as to use passwords that can be guessed easily to protect their sensitive information. This is a textbook mistake, one which hackers never get tired of exploiting. Always, ALWAYS, use passwords that are a combination of letters and numbers and are not short in length. Also, make it a practice not to use common English words as your passwords, for there are a lot of password cracking tools that crack passwords quickly because the password includes common words.

Conclusion

A lot of people are victimized by hackers by stealing or hacking their domain names. It is most important to pay close attention to your domain’s security, especially when your blog or website becomes really popular. With the help of this article and perhaps a little more research on the matter, you will be much more secure than you previously were (if not using these methods already) against hackers.