Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

Posts Tagged ‘#hackers’

hackers-cybercriminals-kris-fenton-under-attack

New ransomware offers to restore your files for free — if you infect two friends

December 13, 2016

The days of random mischief on the internet are not over, but the most skilled hackers have moved on to more lucrative ventures. Stealing personal data and banking details has been a moneymaker for years, but more recently the threat of ransomware has appeared. These pieces of malware encrypt your files and won’t unlock them unless you pay, but the new “Popcorn Time” ransomware offers an alternative: Just infect some friends and you get your files back free.

This malicious piece of software is currently set up to find all files on the desktop and the Windows My Documents folder, then encrypt them with AES-256. Like all ransomware, Popcorn Time (not related to the BitTorrent-based streaming client) demands payment in Bitcoin in order to provide the encryption key to unlock your personal files. In this case, the price tag is one Bitcoin. That works out to $780 right now. The payment screen includes instructions on how to get Bitcoin and where to send it. There are various warnings about losing access to your files, and even a function that can delete your files completely if you enter the wrong decryption key four times.
html-ransom-note
If you’re short on cash and don’t mind being a jerk, the HTML payment screen gives you another option. There’s a link containing a unique ID that will download the malware when clicked (it resolves to a hidden TOR server). If you can get two other people to install that file — thus encrypting their files — and pay the ransom, you get your files decrypted for free.

The ID in the URL acts like a referral code you’d see in an Amazon link. The malware authors are essentially trying to recruit their victims to double the amount they make from a single infection. But what happens if one of those people infects two others? Do you get credit for that too, like some sort of extra-awful pyramid scheme? Now that’s innovation in terribleness.

The truly weird thing about ransomware is that the people behind the attack usually live up to their end of the bargain. If you pay the ransom, you get the decryption key and can restore your files. If not, the key is deleted and your data is gone forever. There have been cases where the key was not provided or the ransomware just demanded more money, but your only options are usually to pay or give up.

Security firms have been working to find the decryption keys to prominent ransomware infections, offering victims a free way to unlock their files. However, that’s of little help when new variants like Popcorn Time pop up. Your best bet is just to be careful what you install, and don’t open random Onion links sent to you by “friends.”

Tags: , ,

shutterstock_104336624

Ransomware Targets UK Hospitals, But NHS Won’t Pay Up

August 31, 2016

Ransomware has caused massive headaches for hospitals. In February of this year, at least a dozen hospitals around the world had been seriously infected with malware demanding cash to retrieve their files. Some even resorted to pen-and-paper systems, and others gave the hackers over $10,000 worth of bitcoin to unlock their systems.
But judging by responses to Freedom of Information requests, UK hospitals are not paying hackers when ransomware strikes.
Motherboard asked National Health Service (NHS) trusts for details on attack figures and payments stretching back to January 2012. Many had been successfully hacked at some point (although on a limited scale, infecting only a small number of computers). Another piece of research carried out by cybersecurity company NCC Group found nearly half of 60 NHS Trusts suffered a ransomware attack in the last year.
All of the hospitals that said they had been successfully infected with ransomware said they had not paid the attackers
But successful infections are not necessarily the most important thing here. Successful payments are: a ransomware operator gets nothing for their time and effort if the victim doesn’t cough up the bitcoin. If a hospital hasn’t paid a hacker, presumably it has managed to protect patient or other files from permanent loss.
That’s exactly what many of the hospitals contacted by Motherboard did. All of the hospitals that said they had been successfully infected with ransomware said they had not paid the attackers.
The East and North Hertfordshire NHS Trust said it had faced two successful infections of “Crypto Locker,” a particularly popular form of ransomware. “In both cases for the Trust, we did not pay the ransom, we simply recovered the data from an internal backup,” Freedom of Information Officer Jude Archer wrote in her response. “We backup all Trust data each and every day. I can confirm that there is no evidence the data that was encrypted [by the ransomware] was copied or moved off site at any time.”
The Health and Social Care Information Centre (HSCIC) had the same strategy, and added that it has a policy of not paying attackers.
“According to records HSCIC has been infected with ransomware on 3 occasions since January 2012, in every instance HSCIC has been prepared for this eventuality and has been able to contain and eradicated the ransomware infection and restore all affected systems and files from full backups, without any breaches to patient data or disruptions to the delivery of patient care,” Information Governance Advisor Graeme Holmes wrote in his response.
The NHS may have a decent track record of not paying hackers, but clearly there is still money to be made elsewhere: Earlier this month, researchers from FireEye spotted an uptick in the number of Locky infections hitting US-based hospitals.

Tags: , , , , , , , ,

leikkausali_neo

Are Unsecure Medical Devices Opening the Backdoor for Hackers?

August 17, 2016

The increased adoption of connected devices into medical services and processes is streamlining and improving the manner in which medicine can be tracked, developed, sourced and distributed.
On call/off site medical staff are also able to access information and source medicine on site, improving service levels and productivity. However, the exponential advantages of integrating connected devices into this industry can potentially open up points of vulnerability which should increase security fears for decision makers.
The biggest threat to any organization, large or small, is understanding who actually has access to information and at what levels they can access the network. With the Internet of Things (IoT), access can come in many shapes and sizes, from an off site doctor accessing medical history and prescription requirements to ambulance and emergency staff needing to log cases.
Medical/health institutions must prioritize the management of user access if they want to ensure they have the adequate security levels around these access points. The variety of job roles that need to access a vast array of files from a connected network will also require different levels of access, for example a doctor on call will need access to all previous medical history and prescription requirements, whereas an on-call care worker may only need medical history and is not qualified to distribute or access prescriptive files.
Therefore organizations must ensure that the right person is accessing the network or device, each time a request takes place with the correct level of attributed trust. However, individual access identification may now not be sufficient enough to fully eliminate security and safety fears in this area.
Although the correct person may have access to a network from a specific place and use the correct logins, there is no guarantee that a rogue infiltrator hasn’t “piggy backed” the connection giving them the same level of access as the individual.
Through effectively moonlighting as the employee or third party, hackers can utilize the open connection to the network to gain the same level of access as the member of staff. This may encourage hackers to potentially target gateway devices such as medical distribution tools that require a network connection. The device in this instance doesn’t hold or contain sensitive information, however it does act as a gateway onto the network.
Now, it is here that access management solutions must be considered to allow damage limitation to take place if a hack does happen, providing granular access controls and monitoring for every access request.
We know hackers use a variety of methods to gain access from rogue emails to downloadable PDF’s that open access to personal and organizational data. However, security implications must also be considered on a more tangible level, in addition to digital and internet driven attacks. If we take reference from the Barclays hack that took place in 2013 and cost the bank £1.3 million, it helps us uncover the level of simplicity, but outright tenacity that some hackers will go to in hope of gaining access to data. This hack saw insiders pose as IT engineers and fitted a device that gave access to its network remotely and allowed them to transfer money into their own accounts.
There are two recommended strategies for organizations to protect themselves against hacks such as this. Firstly, to ensure all staff are trained on the variety of risks that are present when exchanging emails or other digital communications. Secondly, organizations need to protect their networks by securely supervising, auditing and controlling access to their assets, data and IP via a privileged access managed solution.
The increased adoption of connected devices into medical services and processes is streamlining and improving the manner in which medicine can be tracked, developed, sourced and distributed.

Tags: , , , , , , ,

ransomware

Ransomware Is So Hot Criminals Are Sabotaging Each Other’s Ransomware

August 1, 2016

Ransomware, the strain of malware which cryptographically locks a victim’s hard drive until they pay the author an electronic ransom, is super popular among cybercriminals right now. The strategy is so successful, in fact, that some ransomware-makers have apparently begun sabotaging each other’s ransomware to try and take out their competition.
Earlier this week, 3,500 keys for a ransomware known as “Chimera” leaked online, purportedly allowing anyone targeted by it to safely decrypt their ransomed files without having to pony up bitcoins. The decryption keys were apparently posted by the authors of a rival ransomware package called Petya and Mischa, who claimed they had hacked Chimera’s development system, pilfered the keys, and stolen parts of the code.
“Earlier this year we got access to big parts of their deveolpment [sic] system, and included parts of Chimera in our project,” the authors write in a post on Pastebin. “Additionally we now release about 3500 decryption keys from Chimera.”
Chimera is a particularly nasty strain of ransomware which not only locks a victim’s hard drive but threatens to leak their private files online if the ransom isn’t paid. It’s still not clear whether the supposedly-leaked keys will actually decrypt machines affected by the malware, however—the security firm MalwareBytes, which first noticed the leak, says that verifying all the keys will take some time.
In any case, Petya and Mischa’s authors seem to have timed the leak to promote their own ransomware, which is based on the stolen Chimera code and is now being offered as a service to any two-bit cybercriminal willing to shell out bitcoins for it.
The in-fighting seems to indicate another significant, albeit predictable shift in the criminal hacking economy. Previously, ransomware authors have expressed anger at a recent rash of fake ransomware, which display scary messages but don’t actually lock or unlock a victim’s hard drive when the ransom is paid; the thinking is that enough of this fake ransomware could cause people to stop believing they can get their files back when they’re hit with the real thing, endangering future profits.

Tags: , , , , , , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
venmo
What’s Wrong With Your Venmo Account, and How to Fix It
December 4, 2018

ILLUSTRATION: RICHARD BORGE By Katherine Bindley Dec. 4, 2018 9:02 a.m. ET Few social-media e...

Read more
private
Private Blockchains Could Be Compatible with EU Privacy Rules, Research Shows
November 12, 2018

Private blockchains, such as interbanking platforms set to share information on customers, could be...

Read more
apple
Apple launches privacy portal, initiatives
October 18, 2018

Apple (NASDAQ:AAPL) launches a new privacy website letting users find personal data the company has ...

Read more
private
Just Don’t Call It Privacy
September 23, 2018

What do you call it when employers use Facebook’s advertising platform to show certain job ads onl...

Read more
static2.politico.com
Privacy and security: no simple solution, warns Rachel Dixon
September 18, 2018

The tide is turning when it comes to privacy and security, with Australians gradually becoming more ...

Read more