I am posting this blog post again for the simple fact that it has shown up in the news again. On November 28, 2016 the San Francisco transit system was hit by a ransomware attack. Read below for the original blog post on ransomware/encryption viruses.
There have been ransomware/ encryption viruses spreading at an alarming rate, with an estimated half a million victims so far. We have seen it here personally, infecting many of our personal computer users and some of our business clients as well. It is called the Locky Virus (other names include, CryptoLocker and many others) and unfortunately, there is nothing that a user can really do to prevent the virus except be vigilant in their computer usage.
The Locky Virus is a ransomware type virus; it encrypts all of your data with the design of forcing you to pay to get your data back, usually in Bitcoin currency. I cannot stress this enough, DO NOT PAY. The Locky virus uses a AES 128 military grade encryption, rendering your files unusable and inaccessible, and simply deleting the virus is not enough.
Based on what we have seen the Locky virus is arriving to your system via email, usually with an compressed folder attached. Often times, the email references some receipt or invoice. Sometimes, the email in questions is spoofed, coming from a reputable business or maybe even someone in your contact list, leading the user to believe the email in questions is safe and legitimate. Opening the email and the compressed file themselves is not enough the allow the Locky virus access to your system. When you open the document in the compressed folder however, it will likely ask your permission to run some sort of executable or Macro, which then installs the virus to your system or server.
That is when the work begins. The virus, having been downloaded to your system begins its work in relative secrecy. Slowly encrypting your data without your knowledge. Although, there are signs. Your system may be running unusually slow; programs may take significantly longer to open or execute. One thing about the Locky virus is it hogs your computers resources, your CPU and memory will display signs of exertion. If you look in your computers task manager, under performance and see a program or service that is taking a lot of your computers resources (sometimes masked as a Microsoft program or service), it is best to immediately end that process and delete any files that may be associated with it. Eventually, if you do not realize you are infected or otherwise failed to prevent the spread, you will soon realize you have become a victim of the Locky virus.
As I mentioned earlier there is not much you can do to prevent a ransomware attack on your system. The best thing you can to do is be extra vigilant when opening programs and emails of which you are not 100% percent certain are safe. If you get an email and a compressed folder, even if it is from someone you know, I strongly suggest you DO NOT open it. If you do open a document, for example, a word document and it asked you to download Macros, again, I suggest to don’t and immediate exit that program. Additionally, and I cannot stress this enough, create a back up of your system and important documents and backup your backup. Keep at least one backup that is not online. The Cloud is great and convenient but can be susceptible to infection more so than an offline backup.
In our ever growing desire to make our lives more efficient and hassle free, we find ourselves turning more and more to technology to alleviate the bottleneck in our lives. As someone who works in the tech industry and genuinely enjoys new and breakthrough technology I am generally all for a more tech-based society. Often times, however, I think as a society we get so excited about new tech and their potential to make our lives easier we overlook the potential risks. If you have read any of my articles you will know that I have pressing concerns when it comes to privacy and security. This is one of the things we overlook. We are so excited about a new program, new phone or new smart device that we fail to ask important questions. It could be that as a society we are becoming numb to the potential risk or perhaps we need to be more proactive in our education – maybe a little bit of both.
Smart devices by their very nature present privacy and security issues because they log information that can be potentially accessed by others. Therefore, when we start talking about smart homes and smart security systems red flags go off in my head regarding the potential privacy and security risks. Smart homes and smart security systems are connected to your home network and can be potentially accessed and controlled remotely. A concerning statistic for me is that, while 92 percent of potential smart home consumers are concerned about privacy and security 89 percent say they would live or equip their home with smart devices without any real regard for their individual privacy.
Consider if you have camera’s, baby monitors, smart locks and alarms connected to your home network. They are designed in a manner that you can access these devices from your office or any other remote location you have access to the internet. But, hackers have already demonstrated that they can with relative ease breach these devices.
The separation between accessibility and conveniences, privacy and security are too large to ignore. What then can be done? The fault really lies with both the consumers of these products and the producers of these products.
As producers, they need to actively work on providing simple security solutions that alleviate the possibility of these devices being compromised. Now, let's just make something clear, with technology and smart devices, you can never be 100 percent protected. There is no such thing as an unhackable device. However, producers owe it to their customers to provide the most secure option as possible. I also get that by adding more complex security and authentication you could potentially remove some of the convenience, but when comes to convenience versus security (especially when it comes to our homes) then security should take precedent. I have read that wearable technology that can authenticate our identity through individual heart rate could act potential solution.
On the other hand, as consumers, we have a responsibility to ourselves to not only ask the questions about security and privacy that need to be asked but also, if these devices don’t meet a certain standard we have a responsibility to hold those companies accountable by simply not investing in their products. Eventually, they will get the hint and up their game.
Some security experts and people in the tech field might say that I am being overly cautious. The intention is for consumer awareness. Consumers should be aware of what they are buying and as with anything you buy, I strongly suggest that you do your research.