Thursday, January 5, 2017

Four Rising Stars on the Ransomware Stage

By George Anderson: Director of Product Marketing - Webroot

Rising Stars on the Ransomware Stage

By now, everybody has probably heard of CryptoLocker. It makes sense that CryptoLocker would get a fair amount of media attention, since it’s been involved in several high-profile hacks, but there are a number of other players on the ransomware stage that deserve a place of distinction among the list of players. Managed service providers (MSPs) like you know the value of staying up to date on the variety of different types of threats—in addition to their individual stats and characteristics—to keep clients safe.
Cast of Ransomare Players
  1. CryptoWall 4.0 
    A bit like the Barrymores, the Sheens, the Coppolas, (the Kardashians?), the CryptoWall family gets more media coverage with every generation. Following in the family tradition, CryptoWall 4.0 uses phishing emails for distribution. This is hardly a surprise, since phishing is still the single most effective way to drop a malware payload. But CryptoWall 4.0 marches to the beat of its own drum; not only are the victim’s files encrypted, this ransomware randomizes the filenames so the victim can no longer tell which file is which. By fanning the flames to create confusion around how much file damage there actually is, the new CryptoWall increases its chances that victims will pay up.
    Additionally, CryptoWall 4.0 includes a free decrypt video to convince victims that the decryption steps they need to get their files back is effortless, and that handing over the ransom will get them their files back.
    • Phishing email attachment is source of payload
    • Randomizes victim’s filenames to create confusion
    • Offers free decrypt demo to add credibility
  2. PadCrypt 
    Rather than hiding out and concealing its plans, what makes PadCrypt different from its contemporaries is its willingness to interact with the public. Embedded into the “product”, PadCrypt includes a chat interface. The ransom process of setting up a Bitcoin wallet, filling it with bitcoins, and sending payment can be complicated. By offering this chat feature, PadCrypt lends a more human support element to the ransomware process, providing so-called support to its victims. (How sweet!)
    • First ransomware with chat support
    • Communicates via Darknet to avoid being traced
    • “Helps” even less savvy victims pay up
  3. TeslaCrypt 
    Because it targeted gamers specifically and encrypted the files they need for their games, TeslaCrypt is more of what you’d call a cult fave. The files it takes hostage included saves, mods, and profiles. But since TeslaCrypt was being sold by non-authors on the Darknet, the original authors leaked the master decryption key to the public to permanently diffuse the threat. While it’s laying low for now, we wouldn’t be surprised if TeslaCrypt showed up again next season.
    • Accounted for ~11% of distributed ransomware
    • Attacked over 200 extensions on newer variants
    • Targeted gamers (Valve, Bethesda, Unreal Engine files)
    • Circumvented 3rd party defense to deliver polymorphic payloads at root level
  4. RaaS (Ransomware-as-a-Service) 
    Not an actor, per se, but RaaS is more like a local theater company that encourages audience participation. Created for criminals by criminals, it opens up the ransomware stage to hackers of all skill levels. Thanks to RaaS, almost anyone can distribute encrypting ransomware payloads of their own design. In return, hackers pay for the service by sharing a cut of their spoils with the original author.
    • Enables almost anyone to make ransomware
    • Portal for malware generation is exclusively in Darknet (typically invite-only)
    • Intended for less-skilled cybercriminals who rent botnets
    • The malware author who created the portal takes a commission
Conclusion
Even though the number of ransomware stars keeps growing, and their methods keep getting more diverse and advanced, managed service providers (MSPs) can take steps to maximize defense and help clients stay ahead. Keeping yourself and your customers in the know about the latest tactics and types of exploits favored by today’s ransomware is vital—as well as putting together an all-star cast with next-generation endpoint protection that utilizes collective threat intelligence to proactively protect against the rising stars of malware.


Posted by at No comments:

Tuesday, January 3, 2017

5 Totally Achievable Resolutions

By Mike Rush - Webroot


If you’re anything like me, you probably make a bunch of lofty resolutions every year that you probably won’t, or even can’t, achieve. (For instance, I’ve been promising to hit the gym a little harder for about 6 years now.)
But enough is enough. Here are 5 completely achievable resolutions to help keep you and your identity safe in the New Year. Best of all, they’re not too hard and don’t take long, so you get the satisfaction of checking things off your list right away!
1.     Layer Your Wi-Fi Security
Remember over the holidays, when you had to read your super long and complicated router password to everyone in your family so they could connect to the Wi-Fi? Wouldn’t it have been great if they’d taken a seat and listened all at once so you wouldn’t have to repeat it 50 times in between trips to the kitchen to baste your bird or check a timer? Wouldn’t it be even better if you could have your own guest network with a friendly password that the whole family can remember?
Well… you can.
These days, continuing technological advances have given most routers dual-band technology. The “dual” part means you have a 5 GHz band for devices that are centrally located and more or less stationary near your router, giving you the best possible speeds, while there’s a 2.4 GHz connection for devices that are more mobile and need a longer range.
If you activate Guest Networking for both your 5GHz and 2.4GHz bands within your router’s settings, you can create separate passwords for residents and guests. That way, you can manage who gets access to your secure network, and then your connection won’t get bogged down the next time you want to stream the football game while your 3-year-old niece is glued to the Disney Holiday Special.
Be sure to enable WPA2 security on both networks to protect your houseguests and to keep holiday opportunists from leeching off of your connection.
2.     Enable Biometric Screening or a PIN on your New Device
Did you get a new toy over the holidays? Make sure to enable two-factor authentication and either a security PIN or biometric access to your devices whenever possible. Although it might add another second or two to the time it takes to unlock your devices, it’ll be worth it when you realize your mom won’t casually stumble across those pictures from so-and-so’s bachelor/ette party.
3.     Avoid Opening Emails On the Go
This one might be the easiest of all, and a lot of recent studies have suggested that ignoring your email a bit more often can have incredible benefits for your stress levels and overall mental health. And, let’s face it, who couldn’t use a little help de-stressing after the holidays?
Unsecured Wi-Fi in coffee shops and the like is a prime spot for cybercriminals to take advantage. If you absolutely have to open your emails while you’re out and about, we recommend staying connected to your mobile data plan. And if you’re worried about data rates, try to wait until you’re connected to a secure Wi-Fi network that you trust, and one that you know has encryption in place. Besides, if you really take stock of it all, those emails can probably wait.
4.     Activate Automatic Updates
You’d be amazed how many breaches could be avoided by keeping software/firmware up to date. Hackers often exploit known vulnerabilities that companies like Adobe and Microsoft have already patched or are close to patching, figuring that the numbers game will still come out in their favor. After all, there are a lot of people out there who ignore updates or may not realize how important they can be. If you don’t have time to stay on top of every update, enabling automatic updates on your devices is an easy way to close the window of opportunity for cyber thieves and other hackers.
5.     Install a Unified Threat Management Appliance (UTM)
Think of a UTM as a souped-up firewall. The average family has at least 4 connected devices in their home, and many have more than double that amount. For larger families, not to mention people who run a business from their home, a Unified Threat Management appliance will add another layer of network protection for your highly connected gateway.
In all seriousness, you could probably complete most—if not all—of these tasks in the span of a Sunday afternoon, and they could save you from spending countless hours on the phone with banks and creditors as you try to retrieve a stolen identity or dispute fraudulent charges. How many of your other resolutions have that going for them?
So what are you waiting for? Take the initiative in 2017 and follow these tips to protect your family, your home, your identity, and your privacy from modern cyberattacks.
Posted by at No comments:

Thursday, December 29, 2016

What to Expect at CES 2017

By Mike Rush - Webroot

Why wait for news on the next big thing in technology, when you can get a sneak peek at the hottest, up-and-coming consumer tech and innovations at CES 2017? For the last 50 years, the yearly CES event has served as a showcase and springboard for the latest advancements in tech as they enter the marketplace.
But, before your gobble up the newest, smartest gadgets, it’s important to consider their implications for our overall security. Here are some things we’re thinking about in preparation for this year’s event.
Artificial Intelligence and the Internet of Things
Devices of all types keep getting smarter and the number of connections between them grows in size and variety. The “Internet of Things,” isn’t just a sci-fi movie fantasy anymore—it’s here, and it raises some serious concerns.
Hypothetically speaking, if my phone were connected to my fridge and other appliances, my thermostat, my home security system, and even my car, what would happen if a hacker stumbled across a vulnerability in my toaster’s firmware? Could they lift my banking credentials? Or stop my car’s engine while I’m on my commute? Sure, it might sound unlikely or extreme, but you can see how increasing connectedness doesn’t just bring benefits and convenience; it also offers up an assortment of new opportunities for hacks and other cybercrime.
This year’s CES event will address IoT cybersecurity concerns, such as regulations around self-driving cars, what smart thermostats and other advances in the domestic future will bring.
CES Sessions to Consider:
  • The IoT Becomes Personal: Bosch shows how “things” become partners, and covers advanced tech in the areas of connected mobility, industry, smart home, and smart city.
  • Smart Technology for Smarter Cars: Valeo presents its groundbreaking technologies for intuitive, clean, and connected driving.
  • Next Big Thing: Smarter Homes for Everyone: From urban apartments to country mansions to smart cities, this talk discusses the technology at the heart of it all, and how close to this future we really are.
Architecting Smart Cities
Many organizations around the world are working on solutions to help make smart cities even smarter; more energy efficient, more comfortable, and more automated. Unfortunately, a lot of these innovations can suffuse city networks and the devices connected to them with cybersecurity vulnerabilities.
For more information about smart cities and their implications, the CES panel Smart Cities, Smart States, Smart Mobility will discuss the symbiotic relationship cities and mobility have enjoyed for centuries while considering the societal promises that connected technologies offer.
Additionally, to raise awareness and connect organizations working to address these vulnerabilities, CES 2017 will be launching The Smart Cities Hackathon, where developers, makers, and smart cities specialists can collaborate on solutions for sustainability, safety, and efficiency.
Hackathon participants will get to play with:
  • Amazon Alexa Skills Kit
  • IBM Watson Cognitive and Bluemix APIs
  • Intel’s Grove IoT Dev Kit
  • Honeywell’s Connected Home API
  • UL’s Safety Index
  • Open Data from the City of Las Vegas
  • Other leading IoT technologies TBA
Technology Rising Stars
In addition to various security concerns, we can’t forget that CES is a smorgasbord of new technology. Seasoned techies and n00bs alike, be sure to check out the 2017 Tech Trends to Watch session for a guided tour through key trends and emerging technologies, as well as how the Internet of everything, artificial intelligence, virtual reality, autonomous vehicles, wearables, and more are shaking up everything we take for granted.
Other sessions to consider:
  • Last Gadget Standing: Yahoo! Tech’s David Pogue and his team of experts, along with the audience, predict which product on the CES show floor that’s destined for greatness.
  • Mobile Apps Showdown: App producers will have just 4 minutes to demo their app before judges, both on and offline, will identify the winner. Bonus: this year, CES is introducing the 10under20: Young Innovators to Watch!
  • Extreme Tech Challenge: The Extreme Tech Challenge is the world’s largest startup competition, and identifies emerging leaders with the potential to dominate their markets.
There will be a lot to take in at CES 2017, and we look forward to hearing about the newest advances technologies, as well as how we can all collaborate to continue building a smarter, more secure future for everyone.
Posted by at No comments:
Subscribe to: Posts (Atom)