How to prevent ransomware attacks

The possibility of ​​ransomware, a kind of malware, is straightforward: square and encode the information of the unfortunate casualty's PC or gadget, and afterward request a payment to reestablish get to.

Much of the time, the unfortunate casualty must compensation the cybercriminal inside a predetermined timeframe or hazard for all time losing access. What's more, since noxious assaults are regularly utilized by cybercriminals, paying a payoff doesn't ensure that entrance will be reestablished.

Ransomware keeps your own records prisoner, concealing your archives, photographs and money related data. These documents are still on your PC, yet the malware encoded your gadget, making the information put away on your PC or cell phone difficult to reach.

Despite the fact that the possibility of ​​ransomware might be straightforward, repulsing it in the event that you are the casualty of a malevolent ransomware can be troublesome. Furthermore, if aggressors don't give you the unscrambling key, you won't have the option to recapture access to your information or gadget.

Knowing the sorts of ransomware attacks, just as a portion of the activities and denials related with these assaults, can incredibly help shield yourself from turning into a casualty of ransomware.

Ransomware Types

Ransomware assaults can be conveyed in different structures. A few choices might be more hurtful than others, yet they all make them thing in like manner: deliver. Here are the seven most regular kinds of ransomware.

Crypto malware . This type of ransomware can do a great deal of harm since it scrambles things like your records, organizers, and hard drives. One of the more well-known models is the 2017 obliterating WannaCry Ransomware assault. It targets a great many PC frameworks around the globe that sudden spike in demand for Windows and are disseminated across corporate systems around the globe. The unfortunate casualties were approached to pay a payoff in bitcoins so as to get their information.

Storage . Storage Ransomware is known to taint your working framework to totally square access to your PC or gadget, making it difficult to get to any of your documents or applications. This sort of ransomware is regularly founded on Android.

Scareware . Scareware is a phony programming that goes about as an antivirus or cleaning device. Scareware frequently claims to have identified issues on your PC, expecting cash to illuminate them. A few sorts of projects obstruct your PC. Others populate your screen with irritating cautions and pop-ups.

Doxware . Ordinarily, doxware takes steps to distribute your taken data on the Internet in the event that you don't pay the payment. As an ever increasing number of individuals store secret records and individual photographs on their PCs, obviously a few people frenzy and pay a payment when their documents are taken.

RaaS . Something else, referred to as "Ransomware as a Service," RaaS is a kind of malware that is put secretly by a programmer. These cybercriminals procedure everything from ransomware appropriation and assortment of installments to overseeing decryptors - programs that reestablish access to information - in return for a decrease in emancipate.

Macintosh ransomware . Macintosh working frameworks were contaminated with their first ransomware in 2016. This malware, known as KeRanger, tainted Apple client frameworks through the Transmission application, which, after dispatch, could scramble the records of its unfortunate casualties.

what are ransomware attacks

During such attacks, malware is installed on the victim’s computer, which encrypts files important to the user or blocks the entire system, after which the attacker requires a ransom for unlocking. The growing number of such attacks is forcing organizations to increase investments in protecting data, networks and client devices.

A large number of attacks using ransomware have been observed in the healthcare sector in the USA after the transition to the use of electronic medical records. The banking sector and financial services firms are also increasingly affected by ransomware viruses due to the increasing use of mobile and web applications for transactions and payments.

According to the forecast of the research firm MarketsandMarkets, by 2021 the market for protection against ransomware will reach $ 17.36 billion in revenue and will show an average annual growth rate (in compound interest, CAGR) of 16.3% compared with the previous five-year period. The Asia-Pacific region offers the greatest growth opportunities thanks to increased cybersecurity spending in China, Australia, and India.

As part of its traditional Cybersecurity Week, CRN / USA talks about new features of the use of ransomware that are used during long-term targeted attacks that organizations must be able to defend against.

what are ransomware attacks

Sight backups

Attackers are now looking for not only mission-critical files, but also backups of files, images, and documents, says Terry Ray , senior vice president and honorary employee (Fellow) of Imperva (Redwood Shores, Calif.), Specialist in cybersecurity. Therefore, organizations should not store their copies where their system and work files are located.

Even when backing up, organizations often store backups in the same data center as all their data, and this makes it easier for cybercriminals to find and block such copies, says Rey. To eliminate such risks, you should use third-party storage or SaaS backup services, he says.

At the same time, Ray does not recommend sending backups to the AWS or Microsoft Azure cloud, since if attackers manage to gain access to the internal servers in the organization, then they can then do whatever they want with the files that are stored in the public cloud. And even if the backup copy is stored outside the corporate data center, there should not be an open channel of communication with such a storage so that attackers could not reach it, Ray said.

Combined attacks

Programs-extortionists are increasingly used in combination with other attacks, such as rootkits or Trojan horses to carry out hacking method "brute force" and to receive registration data as an administrator, says Adam Kudzhava (Adam Kujawa), director of the research laboratory of Malwarebytes (Santa Clara, California). Using exploits such as EternalBlue or EternalRomance helps further expand the front of the attack.

This method allows you to infect not just a single computer, but all the systems in the company's corporate network, says Kujava. After the entire network was covertly infected with the ransomware virus for several days or even weeks, it is not known where and when the strike will be delivered. Therefore, Kujava recommends that you determine which data is most valuable to the organization or can cause the most damage if lost, and introduce additional security measures to make it more difficult for attackers to reach them.

Database encryption

Ransomware viruses are now able to encrypt not just individual files, but database items and even pull data from the database, leaving a ransom request message instead, says Rey from Imperva.

When using even ad hocless attacks, file servers are often infected, because the organization has open access to them and all employees can store their data on them, says Rey. Therefore, it can be easy for attackers to gain access to file servers without even phishing them.

Unlike file servers, databases tend to have a very limited number of users in an organization, says Rey. Therefore, attackers have to target their phishing account to the database administrator in a particular organization in order to obtain a username and password from the application server that accesses this database. but the actions themselves to encrypt or steal data from the file server and from the database are essentially the same, says Rey.

Loaders and stylers

Typically, a password stealer or malware downloader will first be sent to the organization’s network, says Ryan Kalember , Executive Vice President, Cyber ​​Security Strategy at Proofpoint (Sunnyvale, CA). The first is designed to collect registration data, web logins and cookies and to try to find out exactly where the most important files for the organization are located.

The bootloader behaves differently: it is covertly installed on the victim's computer and for the time being does not manifest itself in any way so that the attacker could install his exploit at the right time. Crackers have become more likely to use such bootloaders, as they help to introduce ransomware viruses that bring fast money, and the stylers are behind them after Emotet went into the shadows at the end of May, Kalember says.

Be that as it may, attackers will use the access given by the styler or bootloader for larger-scale attacks involving ransomware, says Kalembert. In other words, the primary function of malware in a phishing attack is to set the stage for the introduction of ransomware.

Encryption is improving

At first, most ransomware programs were poorly implemented with encryption algorithms, so many affected organizations were able to decrypt the data themselves, ignoring the ransom demand, says Kuware from Malwarebytes.

The fact is that many crackers were newbies, not professional developers, and often ineptly, manually made their encryption keys, says Kujava. As a result, they could not create correctly working decryption tools, that is, the victim would still not return his data, even if he paid.

The situation has changed since Microsoft created a new cryptography platform for Windows, and CryptoLocker performed encryption perfectly, reminded this story of Kujava. Today ransomware viruses are generally well-made, and most attackers are now deciding the question: how to correctly perform encryption on a massive scale.

Geofence attacks

Geofence scanning malware only works on specific IP addresses, allowing attackers to target their attacks in specific geographic regions, says Kalembert from Proofpoint. For example, it was noticed that many types of malware do not affect Russia and other former Soviet republics at all, he says.

Today, many attackers are creating ransomware options to target specific countries, he said. For example, they can create bait in Italian or German to try to catch employees of some organizations in these countries.

Manifestations of such a virus on other IP addresses, outside Italy or Germany, pose an unnecessary risk of detection without any benefit to attackers, since recipients in other countries simply cannot read the message, Calember explained.

Attacks on Weaker

Ransomware used to attack companies, indiscriminately, but now that more established organizations have strengthened their defenses and protected backups more reliably, they are increasingly able to restore work after an attack without paying any ransom, Kalember says. Therefore, the attackers shifted the sight to small firms and municipal authorities that are not so well equipped in terms of protection.

Attackers are guided by a demographic profile, identifying small organizations in sectors with a traditionally low budget and low level of staff training, says Kalembert, and then they look for freely available online email addresses with a common mailbox to increase the likelihood of success, as several people see the letter at once.

Also, crackers partially abandoned attempts to process the first user with the help of phishing, selecting the necessary victim within the organization and attacking it with the “brute force” method. Hackers also began to use the remote desktop protocol to infiltrate the known resources in the organization’s ecosystem that were open to the Internet, Callember added.

Extortion-as-a-service

The creators of ransomware began to attract botnet owners, offering them to distribute malicious code for “commissions,” said Kuware from Malwarebytes. If everything went well and a ransom is received, such an accomplice partner will receive a certain share, and the creator of the virus will take the rest of the money.

If an attacker tries to create and distribute his own viruses, he uses only one channel and method of distribution, says Kujava. When a network of partner accomplices operates, it is much more difficult to block certain types of ransomware programs, since 15-20 people are engaged in their distribution , each acting differently and taking different targets on target, explained Kujava.

Building a “supply chain” of ransomware programs helped their creators monetize their creation and keep their strains active for several years after discovery, says Kujava. However, the creation of such a network implies a certain trust in accomplices whom they actually do not know, and there is always a risk that they will use reverse decoding, restore the source code and, having created their own strain of the ransomware virus, put it into business.

what is ransomware

what is ransomware

Ransomware is a genuinely youthful sort of malware that encodes data on contaminated PCs and requires a payoff for its unscrambling. After the ransomware claims the important data put away on the PC, the injured individual has not very many opportunities to recoup it, but to consent to the requests of the crooks. 

Ransomware infections are normally spread by incredible botnets, sending a great many tainted messages to irregular clients. The objective of the assailants is to acquire generally little payoffs from whatever number clients as could reasonably be expected. As of late, in any case, assaults by ransomware infections have gotten more focused on, and exploited people are focused on. Typically they become organizations that can pay for information recuperation very huge sums. 

In the wake of accessing a PC, aggressors attempt to contaminate different machines on the system and gather data about the organization's business exercises, IT foundation and other potential vulnerabilities. 

From that point onward, the ransomware program is propelled, which encodes the significant data contained on PCs and makes an impression on the unfortunate casualty with a payoff demand, the measure of which is set up in the wake of considering the information on the size of the organization, its money turnover and benefit. Frequently, installment is required to be made in cryptographic money and typically its size is from 35 to 100 bitcoins (at the hour of production of the article, the cost of bitcoin is about $ 4000). 

Another mainstream assault technique is the supposed "focused on phishing" or "chasing for an enormous mammoth". This procedure includes discovering individuals who are engaged with the organization's funds and sending them a letter probably for the benefit of another worker. The content of the message infers that the beneficiary must open the connection - generally a record in Word or Excel position, which contains the vindictive code. 

Regularly, this kind of coordinated assault is completed by proficient programmers, the thought process of which is only to get cash. Be that as it may, a few assaults are done to decimate organizations. The coordinators of such assaults are exceptionally talented and continually advancing, concocting new procedures and strategies.

Will smart mobile phones reduce family time share?

The speculation of the utilization of cell phones concurs with an expansion in the time kids spend at home, yet it has not decreased the sum committed to shared family exercises, for example, suppers or sitting in front of the TV.

An examination directed in the United Kingdom on the effect of advanced cell phones on various parts of family time uncovers that kids invest more energy at home with their folks. The expansion happens in the time they spend imparting the home space to the recognition that they are "separated from everyone else", except not in shared exercises.

Exercises that have generally been done as a family, for example, eating or sitting in front of the TV, have not been dislodged. In spite of the fact that it might appear that the utilization of cell phones has diminished conjunction, the examination shows that families in the United Kingdom with kids somewhere in the range of 8 and 16 years old devote indistinguishable time to these common exercises from toward the start of the century.

Scientists at the University of Warwick and Oxford have found that the time youngsters go through at home with their folks doing free exercises has just expanded by around 30 minutes per day somewhere in the range of 2000 and 2015, a period where the fast scattering happened High quality Internet at home and individual cell phones, for example, cell phones and tablets.

As per the aftereffects of the overviews, the hour of utilization of the cell phones in 2015 was amassed in these snapshots of "separation" of the youngsters, wherein they are at home with their folks however they think about that they are distant from everyone else.

The examination, directed by Dr. Stella Chatzitheochari and Killian Mullan, depends on a broadly agent test of around 5,000 day by day records for around 2,500 kids and their folks.

From 2000 to 2015, the normal number of minutes kids spent at home expanded from 347 to 379 (simply over thirty minutes). The time spent on shared exercises stayed pretty much the equivalent, and just the hour of being separated from everyone else expanded.

Read more

Web technician Job Description

Web technician Job Description

It deals with the conception, design, development and updating of websites published on the Internet. Depending on the level of experience gained and the working reality in which it operates, you can take part or all of the stages of conception and development of a website (or website as it is more commonly called):

definition of communication strategies, content management and control, identification of the techniques to be adopted, site promotion, development and updating of web pages and maintenance.

Furthermore, once the site is complete, this figure is generally the point of reference for users, to whom it provides support and assistance and of which it collects observations and comments.

METHODOLOGY

The didactic action can make use of the use of information and multimedia technologies in order to strengthen its effectiveness and project students in an innovative environment that is in step with the times. The training methodology will focus on teaching techniques aimed at combining the theoretical and notional aspects of the topics covered with practical and operational ones. Therefore the adopted intervention methodology will be developed through lectures and practical laboratory.

RECOGNITION OF THE ACQUIRED TITLE

The course will be delivered as part of the regional training offer in compliance with the programs envisaged by the professional qualifications contained in the repertoire of the Campania Region and recognized in the European Community context.

ACQUIRED SKILLS

1. Requirements analysis
2. Installation on the server and publication of the website
3. Website development
4. Site maintenance and user assistance
5. Website design

Read more  to  Find a Freelance Web Technician

Telekom customers asking for printed bills

More and more telephone bills are sent digitally instead of by mail. If you do not have internet, you will not be able to see your bills anymore, criticizes an MDR-NEWS-listener. However, customers without an Internet connection can insist on being sent by mail under certain conditions.

Many companies only send their invoices digitally via e-mail and save paper and postage. So also the German Telekom. But what happens to older people who do not have Internet access? That's what MDR-AKTUELL listener Frau Scholz from Uhlstedt-Kirchhasel near Rudolstadt would like to know. She fears that her mother will no longer get her telecom bill, and asks: "Are there any telephone bills only in digital form or are they still sent to customers by mail?"

Recipient can request bill on paper

For the Cologne-based lawyer Christian Solmecke, who specializes in digital topics, the question must be answered clearly: "The sales tax law states that an invoice may be issued either on paper or in electronic form, but if the recipient of the invoice wishes to have a paper form, then he can explicitly demand that, "says Solmecke. The recipient must, however, pay for receipt in paper form.

These fees are only due, if the company has a pure online offer. Deutsche Telekom also offers its services in regular shops - and therefore the bill is always free of charge, confirms company spokesman Markus Jodl:

Upon request, Telekom customers can still receive their telephone bill at no additional cost on paper and by mail. This applies to fixed and mobile customers.

Markus Jodl, press officer Deutsche Telekom

Telekom prefers digital invoice sending
However, as the current example of our listener shows, this possibility is not always obvious. "Of course we would be very happy if more and more customers do without the paper bill, save the invoice digitally and no longer print it," says Jodl.

About 90 percent of all invoices are already sent digitally, according to Telekom. The interest of the company in this is understandable, because by the digital dispatch by E-Mail postage is saved. How much is saved, there are no numbers. Sustainability and the protection of resources are in the foreground, says Jodl.

Biller can contractually stipulate shipping
Back, however, to the legal aspect: Attorney Christian Solmecke points to a special situation for customers: Every biller can advance agreement in the contract that he sends invoices only in digital form. "Then the bill recipient can not switch later and say he wants to have the paper now," says Solmecke.

The Scholz family from Uhlstedt-Kirchhasel have solved the problem by now. The phone bill arrives again as a printed letter - completely analog and without the Internet.

Read more