Today is the first day of National Cyber Security Awareness Month. Information Technology Services will be providing a number of informational pieces throughout the month. We pondered starting with phishing scams, but this led to a deeper discussion of security in general. As a result, our first piece is about something as equally frightening as being scammed for your password.
Ransomware and Malvertising
You may remember the CryptoLocker Ransomware that was going around in late 2013. The software would encrypt files and send the keys related to encryption to another site. The keys (and your data) were then held for ransom. Pay a certain amount of money and you could get your files back.
That environment was eventually shutdown and those that were affected by CryptoLocker can recover those files using a site that was put up in August of 2014. The outcome was truly a stroke of luck. Law enforcement managed to get a copy of keys from the thieves’ networks before it was taken down.
A new strain of this, called CryptoWall, is going around. It delivers its payload by way of a method called Malvertising. Malicious, signed advertisements are appearing on web sites that are obtained through Zedo and Google’s DoubleClick.
As of Sept. 29, 2014 the majority of antivirus software still cannot accurately detect the malicious software. It is imperative to avoid advertisements on web sites, especially Facebook, Google and Yahoo since there is no way to tell what is malicious.
It is also being alleged that a bug in the software may be losing the keys thereby creating a situation where paying the ransom may not lead to recovery of your data.
There are reports that CryptoWall also is being delivered via e-mail, but Cisco is still trying to confirm these infections.
It cannot be stressed enough that you should stay ever vigilant in e-mail and on the web. Keep your home PC operating system and antivirus software up to date.
There are cyber-based dangers lurking everywhere.
Stay safe.
Published: Wed, 01 Oct 2014 12:29:22 +0000 by w.jojo