“Don’t Let Your Independence Be Hacked”

  • 0

“Don’t Let Your Independence Be Hacked”

Dear Blast Readers,

 

From everyone here at FDS Global we would like to wish you a Safe and Happy Fourth of July! As we celebrate this national holiday, Cyber Threats are continuing to get more advance.

 

The recent outbreak of the ransomware known as “Expetre” is not really a ransomware attack. It is really a form of malware known as a “Wiper Attack”, which can disguise itself so its victims are unaware of how serious it is.

 

A “Wiper attack” is a type of attack that sabotages PC computers. It is different from ransomware because it was created to destroy the data that is located on the computers disk.  While ransomware is a form of malware that blocks data, and threatens to delete or publish the data unless the user pays the ransom.

How does a “Wiper Attack” destroy data?

It destroys the data on the disk by overwriting the Master Boot Record, also know as the MBR. This form of malware is called a “Wiper” because it wipes part, if not all, of the drive.

 

It can be mistaken as a ransomware because the infected computer displays a message on the screen. This message states that the user’s files have been encrypted, and if the users pay a ransom then the encrypted files will be decrypted and returned. The user is then provided with an email address to send their payment information to.

 

But, little does the user know the ransom will have no affect when it comes to decrypting their files.

 

Why will the ransom have no affect?

The ransom will not have any affect because the email address provided to the user is inactive. Unfortunately, even if the email was active and the ransom could be paid in full, recovery of the MBR is impossible once wiped.

 

So, how are you supposed to protect yourself and/or your organization from this type of malware attack?

Here are a few tips:

  1. Any crucial and confidential information should be stored in hardened systems. Systems that can only be accessed one way, through privileged connections.
  2. Important data should be backed-up and stored somewhere offsite.
  3. It is important to institute and test an emergency recovery & response plan.

 

If you have any questions about Ransomware, Malware, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global. Enjoy your holiday!



  • 2

“How Your Anti-Virus Can Turn On You”

Dear Blast Readers,

 

Imagine, you are sitting at your computer knowing that you did everything that you could to protect the files that are on it. You bought the best anti-virus software on the market, thinking that this would be your last line of defense. Now imagine the day you find out that your anti-virus software has been flipped and now works for the hackers. No one wants to believe that something that protects them could also be used against them. It is a nightmare when you find out that your anti-virus software is a double agent working for the hackers.

 

An Anti-Virus software is a computer program that is used for scanning, identifying, and removing viruses from your computer. Primarily, they are used to protect your computer. Now, image that this program that has access to all your files has gone to “the dark side” and has provided unfettered access to hackers. This type of attack used by hackers is called a “Double Agent” attack.

 

A “Double Agent” attack is an attack that takes over the anti-virus software of PC computers running Windows. This type of attack is performed by hackers. Once in control of the anti-virus software the hacker converts the anti-virus software into malware. The malware then acts on the hacker’s behalf to encrypt the files on the computer holding them for ransom.

 

A “Double Agent” attack can compromise the 14 major anti-virus software available. This type of attack can easily be executed by someone working out of their parent’s basement or a 13-year-old script kid. The way in which these individuals would infect a computer with a double agent attack can include having the user:

·        Access Malicious URLS

·        Download Malicious Attachments

 

To prevent the “Double Agent” attack from occurring, organizations and businesses should:

·        Monitor for spoofed emails.

·        Set up administration controls to prevent downloads from unknown sources.

·        Regularly update anti-virus software in all systems.

 

If you have any questions relating to “Double Agent” Attacks or Computer Forensics and Cyber Security contact FDS Global. You can reach us at your office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.


  • 0

“Cyber Extortion”

Dear Blast Readers,

 

As the number of companies and enterprises whose companies rely heavily on the Internet rises, so does the number of opportunities that the cyber extortionist have. The Extortionists now have more chances to get inside a company’s/enterprises systems and extort their data for money.

cyber-extortion

“Cyber Extortion” can be described as a crime that involves an attack or threat of attack with a demand for money to stop the attack. Cyber Extortion can take on many forms, including then following:

  • Denial of Service Attack, also known as a DoS attack. (A DoS attack is a cyberattack where the cybercriminal looks to make a machine or network unavailable to the intended users. This happens when the cybercriminal temporarily to indefinitely interrupt or suspend services of an internet connected host
  • Ransomware (Ransomware can be defined as a malicious software that has been created to block access to a computer system until the cybercriminal(s) are paid a sum of money.)

 

Most Cyber extortion efforts are started because of a malware infested email and/or compromised website. The website/Email/Email attachment has been infected before the user has opened it. Once the victim has opened the infected URL, Email and/or Email attachment then the device that it has been opened on is infected.

 

Cyber extortion is quickly becoming a permanent feature in the cybercrime community, and it is a feature that can potentially affect any organization, enterprise or business. Even the companies that are best defended do get breached. Those that work with the thought that they are going to be targeted sooner or later, and adapt their techniques are less likely to suffer greatly.

 

The following are suggestions for how your Business, Company, Organization and/or Enterprise can prepare for a Cyber Extortion Attack:

  • Understand the evolving cyber threat your organization faces at granular level. (Who is likely to attack you?, What would they attack?, What is their capability to do so?)
  • Have systems in place that allow you to detect attacks. (If you can stop them this system will allow you to get on the front foot terms of response.)
  • Ensure your critical data is regularly and securely backed up (So you can restore from recent backups if hit with ransomware).
  • Ensure corporate response plans are fit for purpose for likely extortion scenarios. (Make sure these plans are tested and exercised so they operate smoothly if/when there us a crisis.)
  • Do not deal with an extortion attack as an IT Incident. (Make sure you manage the business crisis too.)
  • Ensure that you are able to call a specialist in the event of serious extortion.

 

If you have any questions about “Cyber Extortion” feel free to visit our website at www.FDS.Global, or give our office a call at (954) 727-1957

 

 

 

 

**Relate Material**

To lessen to risk that comes with Cyber Extortion, experts believe (and recommend) for users to educate themselves about Phishing Exploits and back up their devices regularly.

  • To Read FDS Global’s Blast on Phishing, Click Here To Watch—http://bit.ly/2eDfYww
  • To Read FDS Global’s Blast on the importance of backing up your devices, Click Here To Watch—http://bit.ly/2e7MtCj
  • Watch as Robert Moody takes a cell phone and retrieves hundreds of contacts that were thought to be lost, as well as talk about the importance of device backups on “Help me Howard”. Click Here To Watch—http://bit.ly/1XO0iWR

  • 0

“Hack-A-Boo”

Dear Blast Readers,

As children most people loved the idea behind Halloween, unlimited candy, jokes and a reason to dress up and scare/shock your friends and neighbors. What if you were the victim of a trick designed to trick you into buying and installing potentially dangerous software. This trick is called Scareware. It has become evermore common in the age of constant computer use. This malignant software is made to create shock, anxiety, Hack-a-boo- Blastand/or the idea of a threat. Usually, it begins with a pop up or email that informs the user that his or her device has been compromised by cyber criminals. There are two types of Scareware. The difference between the two types of Scareware is that one actually contains malware and the other does not.

The first type of Scareware targets users who are more likely to believe pop ups or emails. This type of Scareware targets the elderly, or is sent out in mass. The hope of this type of Scareware is to convince the computer user that his or her computer has been ”infected” by a harmful program. The Scareware then prompts the user to buy and download a “critical antivirus” to remove the software. In reality if the user buys and downloads this “critical antivirus”, he or she has infected their computer.

So, what should you do if you experience one of these pop-up ads or emails?

Continue using the Internet or your email, but don’t disclose any of your personal information. Avoid clicking “download’ on any suspicious messages or pop up ads.

The second type of Scareware is much more malicious. This type of Scareware affects users by first infecting them with malware. This malware can include Ransomware. Ransomware encrypts a users computer. This encryption is unauthorized and can prevent further use of the computer. Once the computer has been fully taken over a message prompt appears on the computer. This message directs the user to pay a “ransom” to unencrypt the computer. Paying this “ransom” is not a guarantee, a lot of the time cyber criminals will take the payment and never be heard from again, leaving the user locked out of their computer possibly forever.

So, what should you do if your computer becomes infected and starts encrypting your files?

Turn off your computer immediately. The less time the program has to work the more likely the infection can be quarantined. Next, leave the computer off and contact a computer forensic specialist. This form of Scareware is especially nasty. Do not connect this infected computer to USBs, hard drives, or your home network; this can lead to more devices becoming compromised.

Some tips to help avoid becoming a Victim:

1.       Don’t put off buying and installing anti-virus software, as well as other Internet security software.

2.       Research the anti-virus software before purchasing it.

3.       Do not click on any links or pop-ups from unknown sources.

4.       Do not open emails from an untrustworthy source.

Scareware is designed to trick users and has the potential to be devastating. For more information on Scareware and how to protect your system feel free to contact FDS Global by visiting our website at www.FDS.Global or give our office a call at (954) 727-1957.