A guide to avoiding ransomware in 2018

A guide to avoiding ransomware in 2018

With 2017 now a distant memory, it is clear that it was the worst year ever in regards to ransomware, with severe attacks noted all over the world. There has never been a year in which attacks caused so many problems worldwide for so many private individuals, companies and federal organisations, with many struggling to properly protect against ransomware.

Malwarebytes Labs, a data security firm, states in their latest report that ransomware attacks have risen in comparison from 2015 to 2017 by 2,000 per cent with last year´s attacks being the worst ever. The two worst ransomware variants that attacked companies and organisations in 2017 around the globe were NotPetya and WannaCry.

WannaCry

The WannaCry attack caused serious damage around the world in May 2017, when it infested around 300,000 computers in 150 countries. It primarily targeted Windows operating systems which were not properly patched or were too old to be patched. The ransomware encrypted the data and demanded Bitcoins to be paid to release the data.

The spread of this malware was stopped by a new Microsoft patch and the detection of an implemented kill switch, although the reason why the kill switch was available in the first place is still unknown.

WannaCry relied heavily on an exploit that was released by the ‘Shadow Brokers’ (who previously hacked the NSA and made their zero-day exploits public). One victim was the German railways, which then had problems with their information terminals not showing arrivals or departures. Instead, you could just see the WannaCry screen demanding the ransomware money in Bitcoins.

NotPetya

NotPetya started off as a Ukranian Tax Software update just one month later in June and infected hundreds of thousands of computers in more than 100 countries all over the world in just a few days. The financial impact was enormous, for example, the global pharmaceutical company Merck suffered a loss of more than $300 million just in the third quarter of that year alone from this attack.

Why are ransomware attacks so successful?

Carbon Black, an anti-malware software solutions provider, released a study in last October identifying an increase of 2,500 per cent in ransomware software sales in the major dark web marketplaces between 2016 and 2017. According to them, more than 6,300 sites are currently offering ransomware solutions to carry out your own attack.

With so many tools available on the dark web, it is no wonder that Sophos Labs, a data security software provider based in the UK, projects in their annual security forecast for 2018 a further increase of ransomware attacks in 2018. They state that “it is a fair bet that Android and Windows will continue to be heavily targeted with ransomware and other malware, given the success attackers have had thus far”.

What’s more, according to the data security analyst and software provider Kapersky Lab even more ransomware attacks will be aimed at companies. From those attacks that they were able to fight off, around 26 per cent were targeted against firms. This is an increase of over three per cent compared to 2016.

The experts from Kapersky also stated that 65 per cent of the companies that were hit either suffered a severe data loss or were not able to access their files anymore. While Kaspersky doesn’t explicitly predict more ransomware attacks for this year, they warn about more advanced attacks to come for mobile devices and a rise in so-called destructive attacks.

What are destructive attacks?

A new breed of ransomware arrived on the scene last year, except it’s not actually a real ransomware, but more of a destruction tool. The ExPetr/NonPetya ransomware late last year appeared as a ransomware, but actually aimed at wiping the data of the victim completely. Kaspersky believes that more of these attacks will happen during this year, and since the attackers are not specifically targeting the victims, everybody is in danger being hit by such a ‘wiper ransomware’.

Avoiding ransomware in 2018

There are many things to consider when fighting ransomware this year. As there are many different types of these viruses around these days, keep in mind the following three main tips and execute accordingly:

1.     Email security is king

According to Sophos and other experts; “Email will remain the primary attack vector threatening corporate cyber security, especially in the case of targeted attacks”. Therefore securing this main source of vulnerability is essential to everybody who runs a network or connects to the Internet.

Remember: Most ransomware attacks are triggered by a normal email with an infected attachment such a document, photo, video or other type of file. Hackers don’t even need much knowledge to insert a piece of malware into a file; in many cases there are many articles and YouTube tutorials on how to hide code, making it child’s play.

With this in mind, opening an email attachment from an unknown sender should always be avoided. If you are sure that this email is not addressed at you, delete it immediately and also inform your company data security advisor or IT team.

If you think it might be from a colleague but you are unsure, do not open it until you have made a phone call or reached the sender in another way, to check their identity and ensure the legitimacy of the file. Remember, keeping your company’s IT systems and data secure is always the right decision.

2.    Make your network and IT environment secure

One single computer encrypted by ransomware is undoubtedly a serious problem, but when it spreads all over the network it can become not only a nightmare for the IT department, but endanger the business as a whole.

Companies who have not already done so should consider implementing a data security software solution which is specifically designed to check all incoming emails before they are delivered from their Exchange server to the intended recipient. With such a solution, the risk that a virus spreads over inside a company network is reduced dramatically. Additionally, IT administrators and management should consider implementing network security software, which automatically monitors the network and its files for threats.

Such a solution would alert administrators if a ransomware attack is trying to encrypt vast quantities of files over the network. These solutions also frequently check outgoing traffic, so when the ransomware tries to connect to their external server to start the encryption process this could be terminated as early as possible to mitigate damage.

And last but definitely not least: Always update your software and operating systems with the latest patches as they are available. As pointed out so often, hackers only really get successful when the victim has gaps in their data security policies.

3.    Make your employees smart

We have written about ransomware and malware in our blog before, but what we see is that in the case of an encryption attack even the most experienced computer users get into a panic. Therefore, every employee in a company should exactly know what to do if they get attacked by ransomware, even high-level execs and IT Directors.

A ransomware attack should not only be part of a business continuity plan for higher management or IT experts, but precise tips on what to do, when hit, should be visible and understood in every office. These can be simple, but effective, for example:

  • Disconnect from the internet and internal network
  • Try to properly shut down the device or immediately call IT security/IT administration

IT security and administration staff alike should always be best informed about the latest developments in cyber security and hacking. Reading the latest blog news, keeping up to date about new developments in this scene and loop holes in networks or software solutions should therefore be a necessity for these employees.

What should you do if you’re hit by ransomware?

If for one reason or another a ransomware got through your defense line and your data has been encrypted, you should do the following:

  • Never pay the ransom! We do not say that lightly; if you pay the criminals you do not have a guarantee that you will get a decryption key from them. In many cases (and most definitely if it is a ‘ranscam’ or wiper malware) you will not get your data back, leaving you with no data and having unnecessarily lost your money.
  • Do not try to decrypt your data by yourself if you are not familiar with it. For some older ransomware versions there are decryption tools already available on the internet. While for some computer specialists it is possible to recover their own data, you have to have some expertise and it is risky – if something goes wrong, you could destroy your data forever.

A better alternative is to try contacting a data recovery specialist like PF Consultants, who will have all the necessary tools and experience to attempt to rescue your data.

Can your ransomed data be recovered?

From the perspective of a data recovery specialist, every ransomware case is different. There is not only a big difference in how ransomware variants encrypt the data and spread through the network but also how they target different areas of data storage systems.

Some systems and data structures are more challenging and need more time to recover than others. As each case is different, it makes sense to contact a specialist and ask if they have seen your type of ransomware strain before. They will be able to advise you on whether it is worth sending in to attempt data recovery work and if they have been successful with similar cases already.

With all the attacks in 2017 ransomware will most likely be a serious threat to both private individuals and companies in 2018 too. It therefore pays to revisit your data security, network policies, user training and backup procedures.

From a backup perspective, it is highly recommended to store backups of your business critical data on external storage devices which are not connected to your network and are regularly tested for accuracy and functionality.

If your backups are not working or they have been infested by a ransomware virus, it is best to try contact a professional data recovery service provider who can attempt to recover your information from the problematic backup media or work around the ransomware itself to get to the data.

Is Your Amazon Echo Always Listening To You?

By Michael Nuncic
Is your Amazon Echo always listening to you?

The world of the Internet of Things (IoT) devices is expanding rapidly, the most prominent product is the Amazon Echo and its smaller counterpart Echo Dot. Since its arrival two years ago it has received a lot of attention both from tech journalists as well as everyday users. When first purchased, the Amazon Echo and Echo Dot are limited in their functionality. Users can play music, set alarms, explain terms, manage the user´s calendar, etc. However, the user is not limited to this: the user can activate ‘skills’ as extensions, this adds more functions to the device through the Alexa App.

Tricks are for kids

There are now 15,000 ‘skills’ available for activation on the device. The skills are voice control commands and once they are activated using the Alexa App, they are more or less sentences like: “Alexa, tell mytaxiservice to get me a cab” or “Alexa, tell lampproducer to turn on my bedroom light”. While mytaxiservice and lampproducer are only examples, there are a lot of offerings for similar services.

Syncing your life

Lighting up your home has become easy using the Amazon Echo, there are YouTube tutorials of individuals who demonstrate how to connect the Echo device together with other hardware like a PC card and a remote control to start up your computer just via voice control. Tuning of the device like this is not yet possible with Google Home since it only has 118 actions, which adds up to the normal functionality.

What’s all that storage for?

In contrast to other IoT devices, both Amazon Echo and Google Home do not save data on their devices, even though both Echo and the Echo Dot have large data storage capacities available. For example, version 2 of Dot has 4GB of  memory built-in. However, Amazon states that it only uses this storage space for the firmware and data buffer. In the Echo, there is a 4GB  inside. These two devices transfer all the voice recordings to Amazon´s cloud data centre instead of saving them locally.

What’s the issue with IoT?

Even though the recorded sound data is not saved on the device itself, it is still slightly worrying. If they are enabled and connected to the Internet, it is fair to assume these devices are always listening to what the users say in their home.

These devices respond when they hear certain ‘trigger words’. In case of Amazon Echo, it´s “Alexa”, for Google Home it’s “O.K. Google”. But this is the issue; every word spoken after that trigger word is recorded and transferred to the provider´s data centres and servers. Since the recorded data is then kept ‘forever’ by Amazon, Google or others, it is important to ask what do these major tech companies do with that data.

The reason why these companies are gathering this data is simple; they want to find out information about their customers. In Amazon´s view, everybody is a potential future ‘subscription’ customer for their Prime offering.

Money talks

This is why these companies have put so much money into this project and try to connect every part of ordinary life into their offerings. By having devices connected with Amazon Echo or Google Home, it is possible to survive without ever leaving the house. For an example a connected refrigerator can order missing items independently, lamps can order new light bulbs when the old ones are broken and much more. The objective is to offer the customer everything out of one platform. However, exactly how companies analyse your data often remains a secret.

Amazon Echo murder mystery

IoT devices do not just hold voice recordings from orders and commands. This was proven in a recent murder case investigation in the US earlier this year, which clearly showed that there is much more to be found on these servers. In the case, investigators demanded the Amazon Echo/Alexa recordings from a party with friends in Bentonville, Arkansas, where one of the guests was later found dead.

The homeowner is on trial for the murder of his friend and the prosecution demanded that Amazon hand over the voice recordings from the night on his Echo device in his home. According to the court records, Amazon turned over the recordings the same day they received the request. Later they contested this police request with a referral to the First Amendment of the US constitution, but since the defendant himself gave the permission to use the data this data security issue was quickly ended. Now the police are investigating the voice recordings, however, no information on the findings has been released to the public.

Future forensic impact

This case demonstrated that IoT devices will have a big impact on future computer forensic work. Today data on devices is physically available to the prosecution, public and company internal investigators. This includes but is not limited to computers, servers, smartphones or tablets, but also data stored in the cloud or external data centres, where Amazon is operating its Echo data mining. Since it is not easy to gain access to this data, in most cases data retrieval must be legally enforced.

The next steps

When the data is available for computer forensics specialists, then the work is the same as if it would be an ordinary case, after they have first made a 1:1 image of the original storage media; a hard disk drive, SSD, removable flash card, tape or any other storage media. Forensic specialists then analyse the information regarding the case and after this assessment is complete they then use specialised software tools to search through the data and find evidence that can be used for prosecution or a trial.

Hot tip

Remember, if you don’t want your recordings from IoT devices to be stored, there is a way to delete them. Inside the Alexa App on your smartphone, there is an option to delete your voice requests one by one. If you would prefer to do a bulk delete you can do that by signing into your Amazon Account and checking your devices.

Smart Jackets: A New Era Of Wearable Technology

Only a few years have passed since wearable technologies first appeared with smartwatches and a new revolution is already knocking at the door. It’s now not just about wearing a hi-tech watch on your wrist – you can take it even further with a ‘smart jacket’! The technology behind it all is called the ‘Jacquard Project’ and was developed by Google ATAP (Advanced Technology and Projects).

What is the Jacquard Project?

This is the name Google has chosen for a particular weaving system (this weaving system and fabric take its name from the inventor Joseph-Marie Jacquard) that allows you to combine electronic yarns with natural yarns. In other words, it is possible to obtain a fabric made of metal alloys and natural elements such as cotton, creating a kind of technological fibre (see more details on https://atap.google.com/jacquard/). Natural materials and electronic materials combined together can be successfully processed with existing industrial looms and gives rise to a fabric that can transform coated normal surfaces in technological surfaces.

A surface covered with Jacquard fabric becomes sensitive to the touch of the finger; at this point, the electronic weave detects the input and transmits it to miniaturised circuits that are able to send signals wirelessly to a smartphone or other device. It therefore no longer becomes necessary to interact directly with the smartphone directly – all you need to do now is to brush or tap on the sleeve to send a command.

Reducing distractions for cyclists

The first commercial use of this unique Jacquard weave looks to be coming from Levi’s. The company, in partnership with Google, has in fact created the Levi’s® Commuter™ Trucker Jacket that allows those who wear it to stay connected with their smartphone without having to hold it in their hands.

On the Levi’s website, the Levi’s® Commuter ™ jacket line is presented as a collection designed for the modern urban cyclist. In fact, for those who usually ride a bicycle to get to work or around the city, the jacket greatly reduces distractions from traffic and other obstacles caused by manually controlling a smartphone. You can simply brush your hand on the sleeve of the jacket to carry out actions such as:

  • Manage calls
  • Play music
  • Check messages, calendar and nearby places
  • Get directions from Google Maps

You can do this while you are pedalling without having to pull your phone out of your pocket and risk a dangerous incident in the process. Different hand gestures control the various actions that are available. The sensor, located on one of the cuffs, detects the right-hand movements that are sent via a Bluetooth transmitter to an app installed on the smartphone. Three types of gestures are currently recognised:

  • Scrolling from top to bottom
  • Scrolling from bottom to top
  • A touch on the cuff

A smart idea?

The ‘smart’ version of Levi’s jacket will be available in autumn 2017 at a cost of around $350. Regardless of the cost; using the new Jacquard weaving technology this demonstrates that it is now possible to weave electronic yarns along with natural ones to create interactive and connected fabrics.

Even though the jacket has been designed primarily for urban cyclists, it could be useful to anyone who wants to avoid being distracted by their smartphone while engaged in other activities. Although it is made up of a technological fabric, it can also be washed in a normal washing machine. All you need to do is remove the Bluetooth transmitter first, which will occasionally need recharging through a USB port.

Any surface could now potentially become ‘smart’ if designed in such a way. In the industry of clothing and fashion, a new opportunity has now opened up to offer customers interactive cyber-clothing, where until now technology in clothing has been marginal or absent. This certainly could pave the way for a real revolution in wearable technology, as it is no longer about having an additional physical device like a smartwatch – it can now be woven straight into the fabric of everyday items of clothing.

Find Out How Data Gets Corrupted And How It Can Be Recovered

By Michael Nuncic     

Have you ever tried opening a digital photo or a file inside an application, only to be prompted that it could not be opened due to corruption? You are not alone. Data corruption is far more common than one might think and has been an issue ever since the beginning of the computer era. Data corruption, in simple terms, is used to describe when the data inside a file has been changed from its original state.

However, it is entirely subjective if data or file corruption should be considered as a serious matter. If you cannot open a private text document or you have been left with a partial photo, it might not be worth mentioning. But if you work in a company, which can have thousands of files rendered unusable, then it could certainly be considered as a business-critical issue. Therefore it is very important to immediately check your whole system after a corruption incident has occurred, to determine the reasons for the corruption and to solve the problem as fast as possible to prevent further damage.

Why does data get corrupted?

There are various causes of data or file corruption and in many cases; files can become corrupted when storage devices get old.  Several studies about the lifespan of traditional hard disks show that the failure rates in the last two years of the disk increases to its peak. The result of these ‘normal’ wear-out related failures can be that during operation (or even when the disk is not in use) the data stored is changed from its original form. Files then get corrupted and cannot be used anymore. If this happens to pictures, the result can often look like the image above!

Another likely reason for corruption can be a sudden loss of power. When files are being saved onto the hard disk drive and an unexpected power outage takes place, only parts of a file may be transferred correctly, leaving the entire file corrupt.

This also happens to SSDs; when the controller in an SSD stops working or is not communicating with the storage chips correctly, the result is the same as if the power went down and any files being transferred can become corrupted. Even if the corruption is not that serious and the file can still be opened, this doesn’t mean that all of the content is still correct. For example, one possible and dangerous result is when an Excel sheet or a database is missing important figures and in the end the whole calculation turns out to be false.

Is it possible to recover corrupted data?

Think of two common types of files which could be corrupt: a Word (.docx) file and an image file like a .jpg or a .png file. In both cases when you try and open it you may get a prompt that the file is corrupt and cannot be read. But what are you supposed to do now?

To keep it simple, there are two different ways to retrieve corrupted data: using a data recovery software tool and getting help from a professional data recovery service provider.

In some cases the damage is not that severe and data recovery software can successfully find fragmented parts of the file on other sectors of the disk and rebuild it.

Be warned, though, as DIY data recovery is always a risky business. Using data recovery software (as well as trying other DIY methods) can be hazardous when used incorrectly. As a rule, these tools shouldn’t be used on the original drive – instead they should be used with an image or copy of the drive. By doing so, there is still a chance for data recovery experts to forge a successful recovery if DIY attempts fail. What’s more, it prevents more damage to the drive and eliminates the chance of destroying the files for good. Files recovered by software tools should also not be written back to the original volume until they have been fully tested and verified.

Expert data recovery engineers can do far more than even the best software can do. If there is an underlying hardware issue, they often can repair the damage and recover the underlying data or can repair the drive to the point where they can fill in the missing or corrupted data. It is also possible for specialists to use data from spare blocks or parity to correct other types of logical damage and rebuild corrupted files. All of these measures are not possible for an average user due to the experience, knowledge and specialist tools required to determine if a corrupted file is recoverable or not.

Minimising the risk of further damage

So, what can you do to get back corrupted files without causing further damage? First, don´t panic! Try to stay calm and carefully evaluate your options. When dealing with data corruption it is wise to follow a plan that includes the following steps:

  • Make a sector level image of the drive that contains the corrupted file(s). There are a lot of free tools on the market that do this. As mentioned before; only attempt DIY recovery on the image and not the original drive! Set the original drive aside in case things don’t go well during your attempts to recover the data – it can be used later on by data recovery experts if needed.
  • After you have successfully recovered your corrupted data, you can try and use a reputable file repair tool. There are lots of products available on the market, so make sure that you choose a well-known, quality product for your specific use case. These types of tools work best for office documents, however there are still some tools available for databases, videos or photos which may be able to help.
  • Don´t use the built-in OS volume repair tools to fix the disk (like CHKDSK or FSCK). Using built-in tools will often cause more damage and prevent the data from being recoverable.
  • If none of these steps work and you still need the data, contact an IT professional or an experienced data recovery service provider for further advice.

In many cases data recovery specialists are able to retrieve data using highly specialised tools, which greatly surpass any DIY method. If your data is important then it’s worth trusting it with a professional rather than attempting a recovery yourself. If you’re in doubt, get in touch with a reputable data recovery company, like PF Consultants, as you’ll be able to get some advice on the best course of action based on your exact data loss scenario.

First WannaCry, Now Petya – How To Protect Your Data

By Shira Caldie  

Spanning back to the early 1990s and making a brief reappearance in early 2016, a variant of Petya (also called Petrwrap) Ransomware has resurfaced once again, this time referred to as Petya A or NonPetya.

The recent attack hit companies, public health care and government organisations as well as airports from the US, Russia, Ukraine, Germany, France, Italy Poland and the UK. This new and more robust version was inspired by the recent WannaCry attack in May. Much like the WannaCry ransomware attack, this new strain of virus also requires the victim to pay a digital ransom through Bitcoin in order to regain control of their data.

However, with this particular ransomware criminals do not encrypt all files on your computer, but rather attack a part of the operating system called the Master File Table (MFT), which then overwrites the MBR (Master Boot Record).

Impact of Petya

The MFT is critical for the system to know where to find files on the computer. It holds the same effect as if each file had been locked separately. Why is this significant? It is a lot faster to attack the MFT than to encrypt each file separately, which can make this a seamless and fast-moving attack.

According to researchers at the computer security company, Symantec, the new attack is using the same hacking tool (Eternal Blue) that was initially created by the National Security Agency (NSA) to combat the WannaCry Ransomware. The tool was leaked last April by a group known as the Shadow Brokers.

According to a researcher at Armor, the Petya attacks are projected to be much more damaging than WannaCry, with thousands of dollars of ransoms already reported to have been paid to the hackers. So far there is no obvious killswitch with this virus, which has proven to be difficult in mitigating the effects. As this version of Petya carries significantly upgraded features, it is expected to infect the latest and even patched Windows PCs, including version 10, whereas WannaCry focused primarily on older systems.

If infected by Ransomware…

Even with the best precautions and policies in place, it is possible to fall victim to an attack. In the event that your data is held hostage by Ransomware, here is some advice to keep in mind:

  1. Remain calm. Rash decisions could cause further data loss. For example, if you discover a ransomware infection and suddenly cut power to a server, versus powering it down properly, you could lose data in addition to the infected data.
  2. Check your most-recent set of backups. If they are intact and up-to-date, the process of restoring data to a different system becomes easier.
  3. Never pay the ransom because attackers may not unlock your data. There are many cases of Ransomware victims paying the ransom demanded and not receiving their data in return. Rather than running this risk, companies should work with data recovery experts who may be able to regain access to the data by reverse engineering the malware.
  4. Contact a specialist for advice and to explore recovery options. A reputable data recovery company can examine your scenario to see if we have a solution already in place or if we are able to develop one in time.

To date, data recovery engineers at Kroll Ontrack have identified over 225 variations of ransomware that infect user devices and there are more variations created every day, plus others that may not have been reported already.

Stay up to date

It pays to ensure that all of your systems have all of the latest security updates installed so you are safeguarded against any exploits. There have been reports that security researchers have found a method of preventing a machine from being infected, but this doesn’t help stop the spread of the virus to other computers on a network, therefore updating all of your systems should be a priority in the interest of data security.

Got A Smart TV? Beware Of Data Loss

Got A Smart TV? Beware Of Data Loss

Smart TV

TV of the future

The beautiful new world of ‘smart’ TV was one of the highlights at last year’s IFA, one of the major events for consumer electronics and home appliances in Berlin, Germany. Watching TV on giant screens and in top quality has become almost taken a side step and instead the idea of having a connected TV is becoming more sought after.

All in one place

TVs with an Internet connection are starting to replace traditional PCs in some homes, allowing access to apps like YouTube and Facebook without being confined to the small screen of a smartphone. With a built-in webcam Skype can be used and TV is no longer dependent on the standard channels and schedule – you can choose the content you want on demand and watch whenever you like. The HbbTV format (Hybrid Broadcast Broadband TV) has since become the standard worldwide.

Technically-minded users can store all of our videos, pictures and music on a NAS system connected to the home network, in order to be able to view or listen to them on all connected devices. Now your last holiday movie can also be viewed on your smart TV – it’s almost like having your own home cinema! It is obviously also now possible to stream, which makes (with fast internet connections) the storage of movies on an external hard drive unnecessary.

How good is too good?

A disadvantage of these smart TVs is that data is not only received, but it is also sent back to the manufacturers and the broadcast stations. Also potential espionage possibilities were detected, as the microphone and webcam can be switched on from outside.

If you want to record anything from your TV, you’ll need an external storage medium like a USB hard drive or a digital disk drive recorder. In some cases, the connected USB hard drive is formatted into a vendor format, and content stored on it is no longer as easily accessible from other devices, like your laptop. Manufacturers usually have their own, different Linux-like operating system, which means that direct playback is not possible on Windows or Apple devices. The same applies to the hard disk recorders; in most cases, the film files have to be converted into common formats, in order to be able to view them on other devices such as your mobile or home computer.

As with anything ‘smart’, there are risks involved

If you’ve got a hard drive or the recorder connected and it gets knocked off your TV stand or fails without warning, you might find that the films and shows are no longer accessible. What’s more, there is not usually the possibility of restoring the data using free tools from the Internet. To successfully restore the information, a good amount of Linux knowledge would be needed to dig deep into the file system.

If you have suffered a loss of data on an (internal or external) TV or recorder hard drive and do not wish to part ways with the content you’ve recorded, do not connect the hard drive to a PC – it will try to format the drive and this will mean losing everything.

If you can’t download your content again and you’re looking for options to get it back it is better to get in contact with a professional data recovery service provider like PF Consultants. It may be possible to recover your information using specialist tools and equipment, no matter how exotic the file system is.

 

Can Bitcoin Replace Currency As We Know It?

Can Bitcoin replace currency as we know it ?

Bitcoin

In late 2008, an electronic payment system called Bitcoin made its way into the world.  Created by an unidentified programmer (or group of programmers) under the pseudonym Satoshi Nakamoto. Bitcoin’s main purpose was to allow the secure move of the cryptocurrency ‘bitcoin’, without utilising a central bank or third-party.

Blockchain

The technology behind Bitcoin is called blockchain; a distributed database that maintains a continuously growing list of ordered records called blocks. The blockchains are stored across a decentralised, distributed network of personal computers (nodes), creating several benefits:

  • Transparency
  • No single point of failure
  • Not easily hacked or corrupted
  • Cannot be controlled by a single person, entity, or company

Due to the rise and success of Bitcoin over the last several years, blockchain technology is being researched and evaluated by a wide range of government entities, corporations, and industries to improve efficiencies and security.

Blockchain concerns

The Chamber of Digital Commerce, along with the US Department of Health and Human Services recently co-hosted a blockchain Code-a-thon, looking to the public to create ideas on how blockchain could be used to address the challenges of managing electronic health records, such as;

  • Privacy
  • Security
  • Scalability

It was the first ever blockchain hackathon hosted by a government entity.  Last year, the US Postal Service conducted a study to better understand the technology and identify potential areas of interest.

At the beginning of 2017, McKinsey & Company, a global management consulting firm for governments and NGOs, submitted a report regarding blockchain technology.

They surveyed over 200 companies and discovered that out of at least 80 promising opportunities to apply blockchain technology without bitcoin, nearly a quarter of them exist within the insurance industry, followed by the payments industry at 13 per cent.

In general, the Financial Services industry made up 50 percent of the total mix.  Blockchain technology has the potential to disrupt this industry by removing the “middleman” and creating efficiencies through various parts of the value chain, such as payments, pricing, transfers, smart contracts, identity fraud, and investments.

The future of blockchain

Looking further into the future, experts and researchers are predicting that blockchain will allow companies to be run only by algorithms, improve artificial intelligence, and track and manage IoT devices.

Blockchain is essentially a ledger of encrypted data exchanges between it and other devices, web services, and human users, so it would also provide a way to track the unique history of your individual device.  Imagine having smart appliances that communicate and set priority with one another to run at the most opportune time, minimising electricity costs and keeping your appliances in good working condition.

The potential applications and benefits of blockchain are seemingly unlimited, but like any technology, there are still disadvantages and questions that need to be answered.

Blockchain limitations

One major disadvantage is that it requires constant power from several sources to run. For example, one article found that every bitcoin transaction requires the equivalent energy to power 1.57 US households for a day.  There are still uncertainties within financial industries on how to regulate and adopt blockchain policies. Bitcoin was unprecedented and modern currencies have always been created and regulated by governments. Nevertheless, blockchain seems to be on pace to become one the most powerful, game-changing technologies to date, disrupting industries and making processes more efficient, transparent, and secure.

Worried About WannaCry RansomWare? Here’s How To Avoid It

Experts have previously warned about the threat of ransomware attacks on businesses, but last Friday it became a reality; over 220,000 computers were infected by a new, previously unknown ransomware virus. Many NHS hospitals, the French car maker Renault and the German state-owned railroad operator Deutsche Bahn have already been infected and it is expected that other companies will be victims of the attack too. Once activated, the ransomware (called ‘WannaCry’ or ‘WannaCrypt’) encrypts files, drives, and entire networks. Once a system has been infected, a screen will show that the computer and the data are locked and can only be unlocked by paying a ransom in the form of the crypto currency Bitcoin.

Security updates

This type of malware was only able to spread so quickly because the cyber criminals had used a zero-day gap in the Windows operating system. Microsoft had already released an important security bulletin and important patches of this vulnerability in March with security update MS17-010. You can find the full details here:

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Even though Microsoft discontinued support for Windows XP, Windows 8 and Windows Server 2003, in light of this huge ransomware attack the released new patches to fix the security gap on systems still running these two OS versions, even if you’re not on a custom support plan. Check out this link for the full article from Microsoft explaining what to do next:

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft note that users who are running supported Microsoft OS versions should have received update MS17-010 back in March; if you installed this update (or you have automatic updates turned on) then there should be nothing to worry about. If you have not already done so, it is strongly advised to install the appropriate patch for your respective Windows OS as soon as possible.

If infected…

Even with the best precautions and policies in place, you may still suffer from a ransomware attack. In the event your data is held hostage by ransomware, here’s some advice to bear in mind:

  • Remain calm. Rash decisions could cause further data loss. For example, if you discover a ransomware infection and suddenly cut power to a server (versus powering it down properly) you could lose more data in the process.
  • Check your most-recent set of backups. If they are intact and up-to-date, the data recovery becomes easier to restore them to a different system.
  • Seek help from a specialist and never pay the ransom. There have been many cases of ransomware victims paying the ransom demanded and not receiving their data back in return. Rather than running this risk, companies should work with data recovery experts who may be able to regain access to data by reverse engineering the malware.

Engineers have so far identified over 225 variations of ransomware infecting user devices, however there are more being created every day, plus others that may not have been reported already.

Safeguarding your data

With this particular ransomware strain hitting the headlines and large organisations, now is a good time to prepare your systems against potential cyber-attacks. Here’s some of the preventative measures you can take to safeguard your data:

  • Create and follow a backup and recovery plan. Ensure that a plan includes storing backups offsite.
  • Be prepared by testing backups regularly. Organisations and individuals must be familiar with what is stored in backup archives and ensure the most critical data is accessible should ransomware target backups.
  • Implement security policies. Use the latest anti-virus and anti-malware software and monitor consistently to prevent infection. Always keep your systems up-to-date and apply the latest security patches.
  • Develop IT policies that limit infections on other network resources. Companies should put safeguards in place, so if one device becomes infected with ransomware, it does not permeate throughout the network.
  • Conduct user training, so all employees can spot a potential attack. Make sure employees are aware of best practices to avoid accidentally downloading ransomware through malicious files, or opening up the network to outsiders.

By following this advice you should be better prepared against ransomware attacks, including any resurgence of the WannaCry malware that is currently circulating.