Connect with us

Featured

Ransomware defence must go beyond just files

Published

on

Ransomware is on the increase, and while most threats request money in return for encrypted files, hackers are using other ways to extract payment from their victims, explains DOROS HADJIZENONOS, country manager, Check Point South Africa.

Ransomware is an ever-increasing threat worldwide, claiming new victims on a regular basis with no end in sight. While most ransomware families prevent the victims from accessing their documents, pictures, databases and other files by encrypting them and offering a decryption key in return for a ransom payment, others use different, but no less creative ways to extract payment from their victims. Here are some examples:

IoT ransomware

Smart devices are known to be a soft spot targeted by threat actors for various purposes. In August 2016, security researchers demonstrated their ability to take control of a building’s thermostats and cause them to increase the temperature up to 99 degrees Celsius. This was the first proof of concept of this kind of attack, showing a creative way to put pressure on victims and drive them to pay ransom or risk consequences such as a flood or an incinerated house.

In November 2016, travellers in the San Francisco MUNI Metro were prevented from buying tickets at the stations due to a ransomware attack on MUNI’s network. In this case the attackers demanded $70,000 in BitCoins. In January 2017, a luxurious hotel in Austria was said to suffer an attack on its electronic key system, resulting in guests experiencing difficulties in going in or out of their rooms. The attackers demanded $1,500 in BitCoins. Whether or not this story is accurate, it demonstrates how creative this type of attack can get.

The growing use of IoT devices will likely make this attack vector more and more common in the future. For example, the potential exploitation of vulnerabilities inside smart, implantable cardiovascular defibrillators, can allow an attacker to put a victim’s life at risk until the ransom is paid. As IoTs become more widespread in our everyday life, threat actors will find new, horrifying ways to subjugate victims for profit.

Hostage data ransomware

A more direct approach is to steal data from victims and threaten to expose it unless a ransom payment is received by a certain deadline. This generic modus operandi has been used by different malware families and campaigns. For example, in May 2016, over 10 million customer records of a leading South Korean online shopping mall were stolen, including names, addresses and phone numbers. The attackers demanded a ransom of $2,664 in BitCoins to prevent release of the information online.

Another example is Charger, a screen-locker Android ransomware discovered by Check Point researchers in January 2016. The attackers threatened to sell stolen data from targeted devices unless they receive a ransom of 0.2 BitCoins (approximately $180). The malware is embedded in a mobile app named EnergyRescue, downloaded from Google Play.

DDoS ransomware

Another method for attackers is threatening to conduct a denial of service attack unless a ransom is paid. With the growing use of botnets for DDoS attacks, this attack vector is especially common against banks, and is very attractive as it is far simpler than developing a ‘traditional’ file-encrypting ransomware. This attack vector made headlines in January 2017 when it was used in an attack against the web portal of the British Lloyds Bank. The attackers issued a DDoS threat with a demand of 100 BitCoins (worth approximately $94,000).

Screen lockers

Some ransomware simply prevent victims from using their devices by locking their screens. There are different ways to conduct a screen locking attack, but common features include cancelling all options to close a program or to shut it down. Examples of such ransomware are DeriaLock (December 2016), which targets PCs and demands a payment of $30 for unlocking; and Flocker (May 2015), an Android screen locker which targets smartphones and Android-run smart TVs, and demands an iTunes gift card worth $200 as payment.

Summary

Ransomware attacks are a popular way for threat actors to make easy profits, as the payment is made anonymously using anonymous BitCoin wallets rather than bank transfers. The motivation for victims to cooperate is high, as their personal data is on the line. While most ransomware families encrypt files, some use creative ways to drive victims to pay. By preventing victims from accessing their machines, creating real damage or exposing sensitive data, the attackers are able to bypass the complexities of managing an encryption and decryption process. We estimate that the use of alternative ransomware, especially DDoS and IoT ransomware, will keep on growing in the near future, as IoT devices and web services continue to become more widespread.

How to protect yourself

We highly recommend you take these steps to protect yourself from ransomware or mitigate their effects:

  • Backup your most important files – Make an offline copy of your files on an external device and an online cloud stage service. This method protects your files not only from ransomware but from other hazards as well. Note: external devices should be used for backup ONLY and be disconnected immediately after the backup is completed.
  • Exercise caution – We usually don’t sense any danger while using our computers or other devices, but it’s there. Threat actors are constantly trying to steal your money, your private data and your machine resources – don’t let them have it. Don’t open e-mails you don’t expect to receive, don’t click links unless you know exactly what they are and where they lead, and if you are asked to run macros on an Office file, DON’T! The only situation in which you should run macros is in the rare case that you know exactly what those macros will do. Additionally, keep track of the latest major malware campaigns to ensure that you will not fall victim to a new and unique phishing technique or download a malicious app, which can lead to malware installation on your computer or theft of your credentials.
  • Have a comprehensive, up-to-date, security solution – High quality security solutions and products protect you from a variety of malware types and attack vectors. Today’s Anti-Virus, IPS and sandboxing solutions can detect and block Office documents that contain malicious macros, and prevent many exploit kits from exploiting your system even prior to the malware infection. Check Point Sandblast solution efficiently detects and blocks ransomware samples, and extracts malicious content from files delivered by spam and phishing campaigns. Installing your IoT devices behind a Security Gateway will keep them safe as well.

Featured

Load-shedding leads
local searches

South Africans are searching in the dark, according to the latest Google Search trends.

Published

on

With more 1 million search queries generated in the space of 76 hours, load-shedding was by far the top trending search on Google South Africa this week.

Valentine’s Day came a distant second.

After news emerged last Sunday of the impending stage 3 load shedding, South Africans had generated more than 1-million load-shedding search queries by the time Tuesday came around:

  • “Loadshedding schedule” – generated more than 100k searches on Sunday
  • “Load shedding schedule” – generated more than 100k searches on Sunday
  • “Eskom load shedding” – generated more than 100k searches on Sunday
  • “Load shedding Cape Town” – generated more than 50k searches on Sunday
  • “Load shedding schedule” – generated more than 400k on Monday
  • “Load shedding Johannesburg” – generated more than 20k searches on Monday
  • Load shedding schedule” generated more than 200k search queries on Tuesday

Leading up to Valentine’s Day, South Africans generated close to 300k search queries related to the romantic festival, including searches for quotes and gift ideas:

  • “Valentines Day” generated more than 100k search queries on Thursday
  • “Happy Valentines Day Images” and “Valentines Day Images” generated more than 10k search queries each on Thursday, with “Happy Valentines Day 2019” generating more than 20k search queries on Wednesday
  • “Valentines Day Specials 2019” generated more than 5k search queries on Thursday
  • “Love quotes” generated more than 5k search queries on Thursday
  • “Valentines Day quotes” generated more than 100k search queries and “Valentine messages” generated more than 50 000 search queries on Wednesday

Search trends information is gleaned from data collated by Google based on what South Africans have been searching for and asking Google. Google processes more than 40 000 search queries every second. This translates to more than a billion searches per day and 1.2 trillion searches per year worldwide. Live Google search trends data is available at https://www.google.co.za/trends/hottrends#pn=p40

Continue Reading

Featured

Showmax invites
student films

Published

on

Thanks to the growing popularity of video-on-demand services, there’s a new opportunity to help kickstart the careers of local filmmakers.

Numerous Hollywood blockbusters (District 9Tomb Raider 2018, and The Avengers: Age of Ultron to name a few) have featured substantial shoots in Johannesburg and Cape Town. While providing great opportunities for SA’s production talent, aspiring writers and directors don’t get the same benefit.

So where can local creatives showcase their work? Broadcast TV isn’t a natural home for unknown short films, and while self-publishing platforms are readily available hosting options, it’s tough to get noticed and get traffic when competing with videos from across the planet.

But with the emergence of video-on-demand services into the mainstream, there’s now a solution. The African film school AFDA has teamed up with the streaming service Showmax to give local talent a much larger platform than ever before. From 18 February, eighteen of the best recent short films made by AFDA students from their Johannesburg, Cape Town, Durban and Port Elizabeth campuses will be live on Showmax. Drama, documentary, fantasy, and animation are all represented, in pieces running from under eight minutes to almost half-an-hour long. The full list of movies is included below.

Teresa Passchier, CEO of AFDA, said: “AFDA, Africa’s number-one school for the Creative Economy, is proud to kickstart this exciting and meaningful journey with Showmax and AFDA students, ensuring emerging young African filmmakers’ voices are heard and given a platform. It’s ground-breaking to share young, local, culturally relevant content on the same platform as Hollywood blockbusters. I am certain that this unique initiative will serve to boost and develop the African film industry and the careers of many young South African and African students alike.”

Included in the short films coming to Showmax are the award winners Junior and O-PunchaJunior, directed by Bert Dijkstra, picked up the Audience Award in the Made in South Africa Competition at the shnit Worldwide Shortfilmfestival Awards 2017. O-Puncha, directed by Adam Hansen, won two awards at the 5th annual Eldorado Film Festival: Best Student Made Short, and Best Editing – Alexander La Cock.

Another celebrated film is Sicela Amanzi directed by Mlu Godola, which talks to the subject of water shortage. The film’s heroine Zoleka is a mild-mannered young woman forced to go to extreme lengths when a small community’s only source of water unexpectedly collapses. The power of films like this is they shine a light on critical topical issues in new ways.

Speaking about working with the film school, Candice Fangueiro, Head of Content for Showmax, said: “There’s immense depth of filmmaking talent in Africa and it’s a privilege to be able to give that talent a home and a platform. Showmax is becoming part of the fabric of film and TV production in Africa, and importantly we’re doing this as a partner rather than just as a consumer. This is a key competitive advantage of being local and something we aim to continue to work on.”

AFDA is an Academy Award-winning institution, founded in 1994, and the first and only African film school to win an Oscar – for the Best Foreign Student film in 2006, the postgraduate film Elalini, directed by Tristan Holmes.

The full list of AFDA short films coming to Showmax is as follows:

Film titleDirectorGenre
Lullaby from the CryptKeenan Lott & Raven DavidsAnimation
Ko Ga CherenyaneSibonokuhle MyatazaDocumentary
IzilwaneKyllian RouxDrama
MallemeuleJaco Van BoschDrama
Canal StreetBrodie MuirheadDrama
On the FenceWarrick BewsDrama
The Righteous FewLindo LangaDrama
Hlogoma PeakLuke AhrensDrama
Frozen FlameCameron HeathmanAnimation
WolfBrett van DortFantasy
The Walk HomeSisanda DyantyiDrama
BearWesley RoodtDrama
JuniorBert DijkstraDrama
O-PunchaAdam HansenDrama
UmngenoSiphosethu NdungeDrama
DoreenLuvuyo Equiano NyawoseDrama
ForeverLindo LangaMusical
Sicela AmanziMlu GodolaDrama

Continue Reading

Trending

Copyright © 2018 World Wide Worx