Beware CryptoLocker Virus!

I typically don't like to put out a warning every time a new virus rears its ugly head. I worry that by issuing a warning about specific computer viruses that it creates the perception that people should only worry about viruses we talk about it - instead of being constantly on the alert.

The sad reality is that hundreds of viruses and variants of existing viruses are flung onto the Internet every single day. So, raising an alert about one particular virus seems silly in some respects. However, in this case, I think that reminding people of the need to be ever vigilant by talking about this particular piece of nasty is worthwhile.

I spent much of my Thanksgiving weekend recovering about 50,000 files that were damaged by one single infection of the virus generally called CryptoLocker. Here's what it does. First, it applies strong encryption to any documents (Word, Excel, PDF, etc) it can find on the host computer or any network shares. This encryption essentially makes the files unreadable (unless you have the decryption code). Second, the virus posts a ransom message asking for $300 on the user's computer! It's simply a 21st century shake-down.

Apparently, if you pay the $300 (through untraceable online payment methods) they will decrypt your files and make them accessible to you again. Sometimes, though, the decryption doesn't work - they didn't spend as much time developing the decryption component as they did the encryption part. Scary huh?

You can't decrypt the files on your own. Your only option, if you don't want to pay the ransom, is to restore your files from backup (which is what I did for this particular client).

How did they get the virus? It's hard to tell but it appears this one can come from various sources. It could have been from an attachment on an e-mail, or from an infected website, or maybe it was dropped by another virus.

But, you say, it couldn't happen to you because you have antivirus installed. Right? Wrong! The major antivirus software vendors don't seem to be able to catch this virus before it does its damage. Now, that's scary! The good news is that there is a way to block the virus by making a configuration change on your network. If you're a client of ours, we've already done that for you. If not, contact me and I'll tell you how.

The bottom line? It's always education and awareness. People need to be suspicious of unexpected file attachments. They need to understand that banks, couriers nor Microsoft will e-mail you asking for credentials or information. It's common sense. If you aren't sure about a website or an e-mail, then pick up the phone and call. Be suspicious. A little bit of paranoia can save you a lot of headaches and lost time.

How Spammers Find Your Email Address

Spammers use a variety of techniques to harvest email addresses. However the two main techniques are (a) the use of automated spiders and (b) directory harvesting.

Automated spiders

These are software agents that are known under a variety of names... spiders, crawlers, robots and bots. These spiders are the seekers of content on the internet. They form the basis of how search engines, such as Google and Yahoo!, work.

Search engine spiders trawl the internet unceasingly looking for content. Their searches are based on important words known as key words. The engines keep an index of the words they find and the website where they find them. Users of the search engines can then find these sites by keying in the search words. A major search engine will index hundreds of millions of pages, and respond to tens of millions of queries every day.

A spammer collects email addresses in a similar way... by sending an automated spider throughout the internet looking for addresses that are found on web pages or in links used to send emails. The spider sends them back to the person who is compiling the spam list.

The spammer's spider will trawl a variety of websites looking for addresses. These include dating sites, chat rooms, message boards, Usenet newsgroups; in fact any type of webpage that might conceivably contain an address.

If you have ever sent your address to anyone on the internet, have inserted it in a form or have you own webpage with your address on it, you can be absolutely sure that your email address has been harvested by numerous spiders working for compilers of spam lists.

Directory harvesting

A directory harvesting attack, aka a dictionary attack, is another common technique for creating lists of addresses. It is used to collect addresses from internet service providers (ISPs), mail services such as Yahoo!, Hotmail and AOL, and large companies with their own mail servers.

The attacking software sends millions of emails to addresses on a particular server. It makes these addresses up using sequences of minor variations on a basic address. For example, the software could send the same email to a series of addresses such as akennedy / bkennedy / / ckennedy@yahoo.com and so on.

Nearly all these addresses will be invalid, in which case the server will respond with an SMTP 550 error message. The harvesting software will ignore these addresses. But every now and then the software will get lucky and the server will respond with a message that an email address is valid. The software will compile all the valid addresses into a list for spamming.

The software will probably send out millions of email messages just to find a few hundred valid addresses, so this seems a very inefficient way to harvest email addresses. But the whole process is automated, so it costs the spammer very little.

Other email collection techniques

There are several other ways email addresses can be harvested.

One of these is to set up a webpage offering to send a product or service free of charge as long as the user provides an email address. Examples of these kinds of sites are those that promise to send a joke-of-the-day, daily quotes from the bible, news or stock alerts, and so on. I recently came across a site that stated that there could be a registered sex offender in my area and that I could get further information by email!

In sum... there is little you can do to avoid having your address harvested by spammers. The best you can do is to make sure you are running good anti-spam software and that you keep it up to date.

Stop Leechers From Compromising Your Website And Your Computing Resources

Leeches are worms that predominantly suck blood and feed on blood from vertebrate and invertebrate animals. Historically, leeches were widely used for medical purposes in Greece and India to remove blood from patients. Modernly, in the internet world however, web administrators and website owners associate leeches with more subtle ends, rather than the sucking of blood, merely the sucking of computing resources. This historical association is modernly used to associate users across the internet who use resources on a network without paying for them or giving anything back to the network.

On a torrent network a leecher is someone who downloads files without adequately contributing to the network, in a meaningful way - typically by disconnecting from the network as soon as he/she has completely downloaded the file. On other networks, a leecher is someone who benefits from the network or gathers information from the network and offers nothing in return. In economic terms, such users are called free riders. For example, a member of a labor union who does not pay any dues but benefits from the efforts of the union.

As a website owner, you should be concerned about leechers using your resources such as disk space, bandwidth and other computing resources such as processing power or memory. This may occur when users that are authorized by you to use the website use it in a manner that is not authorized or intended by you. For example, a university may offer its students a cloud storage space for educational purposes, and some students may maliciously use such storage space to store movies or mp3 files, which is not necessarily illegal or wrong - but is not the intended use of the resource offered to the students.

This may also occur in a small or medium business, where employees are offered storage space on the network to store the data they need, so that they can access it from multiple locations through the internet - but the employees may end up using the storage space for completely unrelated purposes, such as to store personal information and files. Users may also end up sharing the login information with other people and allow them to use those resources for unintended uses.

As a website owner, depending on whether your resources are scarce and based on the cost benefit of having such leechers, you may want to terminate such leechers. The next obvious question that arises is, how you would identify such leechers, and how you would terminate them. Obviously it is not feasible to individually eliminate each user and verify each user, but there ought to be a system to identify usage patterns and alert you when there is a risk of leechers being on your network.

Many popular web hosting interface providers offer leech protection, and it is widely used in the industry to prevent leeching activity. Mr. Ruzbeh Raja a web administrator at a popular web hosting company said that "Preventing leechers is a priority for many website owners and, indeed widely used by our clients to prevent waste of resources". Mr. Raja further said that users being offered an unlimited web hosting plan in particular should be concerned about leechers given that they do not have a particular set limit of the resources they can use, he said that this would cause them to run the risk of being caught as abusing their account as a whole.

Article Source: http://EzineArticles.com/8271667

What Are Security Best Pratices? Why Follow Them?

Everyone should be concerned about computer security. It determines whether your confidential information is safe from cyber thieves. Computers with weak defenses can endanger your financial health and your family's personal safety.

The number of computer criminals and attacks continues to grow and so does the sophistication. Cyberspace is becoming increasingly dangerous. You must take steps to protect yourself. You can do so by implementing what is known as "security best practices".

What are security best practices? The phrase refers to procedures; awareness of processes and habits that you routinely perform to "harden" your computer. Let's examine a few. 1. Use robust passwords - Your password should consist of at least 11 characters and include one uppercase letter and one special character. Avoid using common, pop culture words, birthdays of families and friends, the name of your pet, or other easy terms that could be easily discovered.

2. Always lock you machine - When you leave your computer unattended lock the workstation. Otherwise your machine would be accessible to anyone who is nearby.

3. Avoid downloading apps, screen savers and software from unknown sources. Malicious hackers frequently use malware embedded inside desirable products and offer them free. Once you have downloaded the software it can borough into your computer system and wreak havoc. Your computer may even become a "bot" and attack others.

4. Avoid opening email attachments from unknown senders - Malicious software could be installed on your system.

5. Double-check requests for information that you receive from a company with whom you do business. It could be a "phishing attack". Cyber criminals are skilled and can present to you a screen that appears to be from a trusted source. Crackers have duplicated a fake request for information from PayPal, for example, to gain personal information under false pretenses.

6. Avoid questionable websites that focus on gambling, porn or get rich quick schemes. Many of these sites will automatically scan your computer for known vulnerabilities and, once found, exploit them. Your system will be compromised.

7. Install an antivirus software package and use it. There are a number of excellent products on the market. Antivirus software looks for virus signatures and blocks them.

8. Change your wireless router's password from the factory setting. Certain routers ship with a default password that may be known to hackers. Anyone who is within range trying of your signal can intercept it and access your network.

9. Avoid sharing media with your computer. Malicious software could be downloaded onto your machine from a friend or associate's USB drive, for example, without your knowledge.

10. Perform a "white hat hack" on your system. Such a procedure can identify any vulnerabilities that exist. Gibson Research has an excellent and free program.

11. Keep your software updated. Install recommended patches from the publisher. Consider automating the process. Malicious computer users are up-to-date on vulnerabilities and know what to attack.

12. Install and use a firewall. There are both hardware and software firewalls. You can block specific senders when using a firewall.

13. Terminate your Internet connection when you finish your work. The Internet is one of the biggest attack venues. Disable your connection to the Internet and reduce the attack surface that nefarious hackers can use.

14. Encrypt your critical information. A number of free or inexpensive encryption programs are published, such as PGP (Pretty Good Privacy).

15. Consider using more than one way method to access your computing resources. A password is one level of authentication (something you know). Consider using a token (which you possess). Use a fingerprint reader (something you are).

16. Be discrete when using social media. Cyber criminals prowl sites of this type for scraps of information that can be used in exploits against you.

Computer Viruses: All You Need to Know

A virus could be a sort of malware that, once dead, replicates by inserting copies of itself (possibly modified) into different laptop programs, data files, or the boot sector of the exhausting drive; once this replication succeeds, the affected parts are then "infected".

We all apprehend laptop viruses and other forms of malware that will cause issues starting from irritating to ruinous. Some malware replicates itself till it fills up all offered area on your drive, turning your laptop into a brick. Other forms corrupt information on your machine or create your laptop unstable. Many can even decide to use your e-mail programs to distribute the malicious code to everybody in your contacts list. And there is invariably the likelihood a cracker a malicious hacker that can use malware to induce remote access to your laptop.

No one desires to have a laptop infected with a nasty virus. That is why it is very vital to practice safe computing habits and to put in reliable anti-virus software system. You'll avoid most malware simply by being attentive and staying far from many common traps. If your anti-virus software system is up so far, you will be in pretty fine condition.

But not so often, viruses get past our defenses. Perhaps our anti-virus software system is out of date or is compromised by a very clever little bit of code. At times we tend to click on a link inadvertently and activate a virus. Or somebody else used our laptop and downloaded some malware by mistake.

How does one understand if your laptop has been hit by a virus? If your anti-virus software system is powerful and updated, you will probably receive a message because the application scans your laptop. That makes detection of a virus easy. What if your software system is out of date or the virus has managed to switch off the anti-virus program? There are signs that can tell you if a virus is present on your computer.

A virus is a program that spreads by first infecting files or the system areas of a pc or network router's disc drive then creating copies of itself. Some viruses are not damaging, others could harm information files, and a few could destroy files. Viruses were easily spread when people shared portable devices and email messages.

Unlike worms, viruses typically need some variety of user action (e.g., opening email attachment or visiting a malicious internet page) to unfold.

Malware Surged in 2013

Malware, short for malicious software, is a general term for hostile or intrusive software that is used to disrupt computer operations, gather sensitive information, or gain access to computer systems.

According to industry sources, 20 percent of all of the malware that's ever existed was created in 2013. That is, 30 million new threats were created in just one year or about 82,000 a day. This represents a dramatic malware surge over previous years.

A threat is any new release of malware. This may be a totally new threat or a variation on an existing piece of malware. A very minor change to the code of an existing threat is counted as a new threat because the change will probably have been devised to get around anti-virus or other security systems.

Here's a summary of the malware that was created in 2013:

Total threats... 30 million (100%)

Trojans... 21 million (70.0%)

Viruses... 2.5 million (8.5%)

Worms... 4 million (13.3%)

Adware / spyware... 2 million (6.9%)

Other... 0.5 million (1.3%)

A Trojan is a hacking program that gains access to your computer's operating system by offering something desirable such as a free app which, when you download it, includes malicious code.

A virus is a program that infects executable files (in which the name ends in.exe) such as an app. A worm is a standalone program that actively transmits itself to other computers.

Adware shows advertisements automatically. Spyware gathers your information, such as internet surfing habits, user logins, and banking or credit card information, without your knowledge.

As regards actual infections, Trojans accounted for nearly 80% of infections detected in 2013.

The most infected country was China with 54 percent of the total infections. This may be because China has the highest percentage of users running Windows XP, which is considered to be a very vulnerable operating system.

Targeted attacks

While the sheer volume of malware created last year is extremely worrying, the most disturbing aspect of Internet security in 2013 was the successful assaults on Twitter, Facebook, Apple and Microsoft. These are major tech companies whose security systems should be unbreachable. So, if the experts are vulnerable, what about the rest of us?

Starting with Twitter in February, these four companies were targeted in sophisticated attacks that exploited an unpatched vulnerability in Java. Unpatched is geek-speak for "not fixed yet".

The attack on Adobe was one of the worse incidents in 2013. Source code for some of company's products was compromised, and the usernames and passwords of more than 38 million users were lifted.

The attacks on Twitter were laughable in a way but could have had deadly serious effects. Hackers used the Associated Press' Twitter account to send out fake news alerts claiming that bombs had been detonated at the White House and that President Obama had been injured.

The Twitter account of Burger King was also hacked. The attackers changed the site's images to images lifted from McDonalds and tweeted that Burger King had been taken over by its rival. It would be interesting to see who bought and sold shares in both those companies on that day.

Passwords... lessons learned?

The breach at Adobe revealed the extent of users' laxity when it comes to passwords.

An analysis of what happened at Adobe reveals that nearly two million account-holders (about five percent of the total) used the extremely insecure password "123456", even though this type of password has been shown to be easy breachable in the past.

Another half million users relied on "123456789," while nearly 350,000 accounts simply used the term "password" as the password.

It seems that the message security experts have been pumping out for years - to use complex and therefore more robust passwords - is being steadily ignored by users.

Threats to mobile banking

The number of new or modified malicious programs tailored for smartphones and tablets more than doubled to nearly 100,000 in 2013. The vast majority were focused on users' banking details and hence their money.

Mobile users in Russia were particularly hard hit, accounting for 40 percent of all attacks, well ahead of India (8 percent), Vietnam (4 percent), the Ukraine (4 percent) and the UK (3 percent).

It's probably correct to say that the hackers were testing and refining their mobile malware in Russia which is said to be less security conscious and therefore more vulnerable. So it's only a matter of time before cyber-thieves move on to more lucrative mobile banking in the West.

It seems that this move is already occurring. At the end of 2012, there were only 64 known mobile banking Trojans, but by the end of last year, that number had multiplied by 20 to more than 1,320.

According to the industry, 98 percent of all of last year's mobile malware were targeting Android devices. Android is an operating system (OS) designed primarily for touchscreen devices such as smartphones and tablets. It enables users to use swiping, tapping, pinching and reverse pinching to manipulate on-screen objects quickly and easily. It's no surprise than that, in most markets, Android-powered phones are the most popular, comprising more than half of all smartphone sales. There are at least one billion Android devices in use.

Android is owned by Google which releases the source code under a free licence, making it a favourite among app developers. Android's share of the global smartphone market exceeds 80 percent and there are over 1 million apps available for this operating system.

According to security experts, vulnerabilities in the Android OS architecture as well as the devices' popularity, account for the surge in Android banking Trojans last year. Being Trojans, this malware gets into smartphones bundled with some innocent-looking app.

The takeaway:

As you can see, the Internet is getting more dangerous year by year and mobile banking is now becoming the target of choice for sophisticated hackers. The chances that your system will be compromised in 2014 are extremely high.

Nevertheless, there are plenty of things you can do to protect yourself from malware:

1) Keep updated... make sure your operating system and other software is updatedregularly as the latest versions will contain patches for security vulnerabilities.

2) Install anti-virus software... to guard against viruses, worms, spyware and trojans. This software should scan files are they are being downloaded and block the activities of malware components. It should also intercept attempts to install start-up items or modify browser settings.

3) Scan... your computer regularly for malware, at least once every month, to detect and remove malware that has already been installed on your computer.

4) Be careful... when following links on the internet. Be especially cautious on social networking sites... images and videos that go viral can infect huge numbers of computers very quickly indeed.

5) Don't install unknown software... some websites offer you free software. Before you download, ask yourself: 'why would anyone give away software for free?' More than likely there's a catch, such as an unwelcome piece of malware hidden within the freebee.

6) Don't click on pop-up windows... many malicious websites try to install malware on your system by making images look like pop-up windows.

7) Perform regular back-ups... to an external hard-disk or other media so that, if the worse comes to the worst and the only way to get rid of malware is to format your hard disk and reinstall your operating system, you don't lose your files.

8) Be ultra-cautious when using mobile banking... It might be best not to use the same smartphone for mobile banking as you use for other online activities such as telephoning, texting and messaging etc.

How to Reduce the Risk of Your Online Accounts Being Hacked

Internet security and protecting your online identity is becoming one of the major threats of the current day. With the increase in social media and access to personal data being more available, we must be more vigilant and careful what we are posting out on to the web. It is important to limit who can view certain data about ourselves on social media platforms. We may want our friends and family to view all of our details on social media platforms however; it is important that we are careful of who is actually viewing this personal information.

There are some simple steps that can be taken to reduce the risk of your data being hacked. Remember these steps will reduce the opportunity for hackers but cannot guarantee your accounts will not be hacked.

It is important that you have strong passwords. That does not mean using your pet's name; your favorite football team or your high school name and many other similar answers to these types of questions do not count as a strong password. If asked this for security questions do not provide real answers as these can be easily figured out. I know it can be a pain to change your passwords often and then you often find yourself having to reset them as you keep forgetting them. It is better to spend a few extra minutes generating passwords on a regular basis then spending hours trying to resolve the issues of your account being hacked. The stronger passwords contain both upper and lower case letters and special characters. Passwords should not be actual words, as this is more difficult to detect for hackers. Do not use the same password for different sites. It can be difficult to remember all these different password combinations however; there are many tools that you can use to store these passwords. One used by many currently is RoboForm. You will have to create one master password that will allow you to access your all saved passwords. There are great tools to simplify your password management.

With the increase in use of social media it is important to update your privacy settings on a regular basis. Only share your contact information with people you know and keep your social media profiles private as can be. Simply displaying an email address, screen names, phone numbers and other contact information can become an advantage for a hacker.

By implementing the changes to your online details you will be at less risk of your data and information being accessed. Even if you do regularly update passwords, create strong passwords and follow the advice above there is still a chance of your information being accessed, but there is less of a chance than if you do not do follow this.