Ransomware is on the increase, and while most threats request money in return for encrypted files, hackers are using other ways to extract payment from their victims, explains DOROS HADJIZENONOS, country manager, Check Point South Africa.
Ransomware is an ever-increasing threat worldwide, claiming new victims on a regular basis with no end in sight. While most ransomware families prevent the victims from accessing their documents, pictures, databases and other files by encrypting them and offering a decryption key in return for a ransom payment, others use different, but no less creative ways to extract payment from their victims. Here are some examples:
Smart devices are known to be a soft spot targeted by threat actors for various purposes. In August 2016, security researchers demonstrated their ability to take control of a building’s thermostats and cause them to increase the temperature up to 99 degrees Celsius. This was the first proof of concept of this kind of attack, showing a creative way to put pressure on victims and drive them to pay ransom or risk consequences such as a flood or an incinerated house.
In November 2016, travellers in the San Francisco MUNI Metro were prevented from buying tickets at the stations due to a ransomware attack on MUNI’s network. In this case the attackers demanded $70,000 in BitCoins. In January 2017, a luxurious hotel in Austria was said to suffer an attack on its electronic key system, resulting in guests experiencing difficulties in going in or out of their rooms. The attackers demanded $1,500 in BitCoins. Whether or not this story is accurate, it demonstrates how creative this type of attack can get.
The growing use of IoT devices will likely make this attack vector more and more common in the future. For example, the potential exploitation of vulnerabilities inside smart, implantable cardiovascular defibrillators, can allow an attacker to put a victim’s life at risk until the ransom is paid. As IoTs become more widespread in our everyday life, threat actors will find new, horrifying ways to subjugate victims for profit.
Hostage data ransomware
A more direct approach is to steal data from victims and threaten to expose it unless a ransom payment is received by a certain deadline. This generic modus operandi has been used by different malware families and campaigns. For example, in May 2016, over 10 million customer records of a leading South Korean online shopping mall were stolen, including names, addresses and phone numbers. The attackers demanded a ransom of $2,664 in BitCoins to prevent release of the information online.
Another example is Charger, a screen-locker Android ransomware discovered by Check Point researchers in January 2016. The attackers threatened to sell stolen data from targeted devices unless they receive a ransom of 0.2 BitCoins (approximately $180). The malware is embedded in a mobile app named EnergyRescue, downloaded from Google Play.
Another method for attackers is threatening to conduct a denial of service attack unless a ransom is paid. With the growing use of botnets for DDoS attacks, this attack vector is especially common against banks, and is very attractive as it is far simpler than developing a ‘traditional’ file-encrypting ransomware. This attack vector made headlines in January 2017 when it was used in an attack against the web portal of the British Lloyds Bank. The attackers issued a DDoS threat with a demand of 100 BitCoins (worth approximately $94,000).
Some ransomware simply prevent victims from using their devices by locking their screens. There are different ways to conduct a screen locking attack, but common features include cancelling all options to close a program or to shut it down. Examples of such ransomware are DeriaLock (December 2016), which targets PCs and demands a payment of $30 for unlocking; and Flocker (May 2015), an Android screen locker which targets smartphones and Android-run smart TVs, and demands an iTunes gift card worth $200 as payment.
Ransomware attacks are a popular way for threat actors to make easy profits, as the payment is made anonymously using anonymous BitCoin wallets rather than bank transfers. The motivation for victims to cooperate is high, as their personal data is on the line. While most ransomware families encrypt files, some use creative ways to drive victims to pay. By preventing victims from accessing their machines, creating real damage or exposing sensitive data, the attackers are able to bypass the complexities of managing an encryption and decryption process. We estimate that the use of alternative ransomware, especially DDoS and IoT ransomware, will keep on growing in the near future, as IoT devices and web services continue to become more widespread.
How to protect yourself
We highly recommend you take these steps to protect yourself from ransomware or mitigate their effects:
- Backup your most important files – Make an offline copy of your files on an external device and an online cloud stage service. This method protects your files not only from ransomware but from other hazards as well. Note: external devices should be used for backup ONLY and be disconnected immediately after the backup is completed.
- Exercise caution – We usually don’t sense any danger while using our computers or other devices, but it’s there. Threat actors are constantly trying to steal your money, your private data and your machine resources – don’t let them have it. Don’t open e-mails you don’t expect to receive, don’t click links unless you know exactly what they are and where they lead, and if you are asked to run macros on an Office file, DON’T! The only situation in which you should run macros is in the rare case that you know exactly what those macros will do. Additionally, keep track of the latest major malware campaigns to ensure that you will not fall victim to a new and unique phishing technique or download a malicious app, which can lead to malware installation on your computer or theft of your credentials.
- Have a comprehensive, up-to-date, security solution – High quality security solutions and products protect you from a variety of malware types and attack vectors. Today’s Anti-Virus, IPS and sandboxing solutions can detect and block Office documents that contain malicious macros, and prevent many exploit kits from exploiting your system even prior to the malware infection. Check Point Sandblast solution efficiently detects and blocks ransomware samples, and extracts malicious content from files delivered by spam and phishing campaigns. Installing your IoT devices behind a Security Gateway will keep them safe as well.
AWS gives SMEs R365m to build cloud companies in SA
Amazon Web Services works with Department of Trade and Industry on Equity Equivalent Investment Program to help more South African businesses innovate in the cloud
Amazon Web Services (AWS), an Amazon.com company, has announced the launch of the AWS Equity Equivalent Investment Program (AWS EEIP). Designed by AWS South Africa and Amazon Data Services South Africa, the EEIP will see over R365-million invested in the development of black-owned South African small businesses within the Information Communications Technology (ICT) sector.
The intention is to support them to become cloud computing experts using the AWS Partner Network (APN). EEIP is a program of the Department of Trade and Industry (dti), aimed at providing multinational companies an opportunity to take part in the development of South African black-owned small businesses and to contribute towards the broad-based black economic empowerment of South Africa.
The AWS EEIP is a seven year program that will support the growth of new black-owned small businesses, helping them to develop their skills in advanced technologies such as cloud computing, Internet of Things (IoT), Machine Learning (ML), and mobile technologies.
“The AWS EEIP will lead to the development of numerous highly skilled jobs in the local economy,” said Minister of Trade and Industry Ebrahim Patel. “The intention of the program is to give the black-owned small businesses the knowledge, resources, and skills to be successful. This will enable them to provide professional services to organisations, in both the private and public sectors, supporting them with their ICT strategy and helping them to take advantage of cloud computing and other digital technologies in order to innovate and grow. We seek to develop local businesses and ensure net job creation in the South African economy.”
The AWS EEIP will support 100% black-owned small businesses through an 18-24-month enterprise development and incubation program. AWS will provide training and education and support the development of these businesses’ technical expertise in cloud computing – resulting in new AWS Certified Developers and Solutions Architects. These businesses will also receive business enablement support, such as exposure to industry leaders, coaching, mentorship, and funding, to help take their business to the next stage of growth. As these businesses complete their training, and gain AWS competencies, they will go up a tier in the APN, becoming Select or Advanced Partners. Upon completion of the program, the businesses will have access to AWS’s ecosystem of millions of active customers, of every size, across virtually every industry around the world. AWS says successful completion of the programme will also enable the businesses to have exposure to opportunities beyond that of AWS.
“We have been blown away with the high quality of technical talent we have already seen in South Africa and are excited to see the creativity and unique thinking that the AWS EEIP will now drive,” said Prabashni Naidoo, a director at AWS South Africa. “Through this new program, we are committed to producing a new generation of highly skilled and productive black-owned South African small businesses.These new APN Partners will help create limitless opportunities for our customers, helping them to innovate and further contribute to economic growth of South Africa.”
About Amazon Web Services
For 13 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud platform. AWS offers over 165 fully featured services for compute, storage, databases, networking, analytics, robotics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management. The services are provided from 69 Availability Zones (AZs) within 22 geographic regions, with announced plans for 13 more Availability Zones and four more AWS Regions in Indonesia, Italy, South Africa, and Spain.
Girls get 50,000 toy cars to combat stereotypes
“That’s for boys, not for girls” – a social stigma Mercedes-Benz USA and Mattel are determined to change, and they are hoping that donating 50,000 toy cars can help. Kicking off today for National STEM/STEAM Day, 50,000 young girls across the nation will engage in programs to challenge gender stereotypes that research shows can impact decisions later in life. It’s all part of “No Limits,” an initiative created by Mercedes-Benz in partnership with Mattel and the National Girls Collaborative Project (NGCP), a network of organizations that encourages girls to pursue science, technology, engineering and math (STEM) careers.
The first “No Limits” programs launch today with special workshops in Atlanta, Los Angeles and New York City, where thousands of young children will be inspired to think outside of the box when it comes to career aspirations. Through February 2020, girls across the U.S., through more than 100 organizations, will engineer toy racetracks, design cars, engage with female role models and attend STEM workshops through programs designed to expand how they see their future.
As a tangible reminder that they can do anything they set their minds to, MBUSA and Mattel will gift 50,000 Matchbox die-cast toy replicas of a very special Mercedes-Benz 220SE to participating children. It was in this car that Ewy Rosqvist defied all odds to become the first woman to compete in and win one of the most grueling races, the Argentinian Grand Prix, shattering records and the notion that women could not compete.
“Whatever they aspire to be – an astronaut, engineer, judge, nurse, even the President, we want all children to dream big, dream bold and never give up on that dream,” said Mark Aikman, general manager of marketing services for MBUSA. “We’ve seen that stories like Ewy’s – championing women trailblazers and achievers – can have a big impact by calling into question the gender stereotypes that children may inadvertently adopt.”
In fact, according to the National Science Board, women only represent 29% of the current science and engineering workforce. When asked their reasons for not majoring in STEM, young women often cite a lack of encouragement and role models.
“The No Limits initiative is important to the future success of our young girls,” said Karen Peterson founder and CEO of the NGCP. “Demand for workers with STEM-based skills is rapidly growing, yet women are still significantly underrepresented in these fields. We know that gender associations are formed at a very young age. We applaud Mercedes-Benz and Mattel in their efforts to breakdown the gender stereotypes that keep young girls from engaging in STEM studies.”
Earlier this year, Mercedes-Benz released a video capturing young girls designating an assortment of traditionally gendered toys. After being shown the short film, Ewy Rosqvist: An Unexpected Champion, each girl has a visible attitude shift towards toys they previously identified as just “for boys.”
Last month, Digital Girl, Inc., a Brooklyn-based non-profit dedicated to empowering the underserved youth of New York City, especially young girls, to pursue studies and careers in STEM fields, tested this theory with similar results. A new video documents the results as the girls realize that they can be the next generation of female trailblazers and they themselves talk about the need to inspire more girls.
“Our goal is to inspire children to imagine all that they can become and break down gender stereotypes in the toy aisle with purpose-driven programs like this,” said Amanda Moldavon, Senior Director, Vehicles Brand Creative. “Most people don’t know that the creator of Matchbox made the first vehicle for his daughter who was only allowed to bring toys to school that fit inside a matchbox. So, from its origin, it has been an inclusive way for kids to explore the world around them.”
More than 100 organizations across the country will participate in No Limits including Atlanta Public Schools, Digital Girl, Inc., Beyond the Bell, among others. A list of all participating organizations can be found here. A discussion guide is available for those who have an opportunity to encourage and mentor young children and would like to help advance this conversation.
In addition to the toy cars that will be gifted by MBUSA and Mattel (also in support of closing the Dream Gap) through the National Girls Collaborative, the Ewy Matchbox toy replica will be sold in stores nationwide beginning in December. Follow the No Limits initiative on social using #GirlsHaveNoLimits.
Both “No Limits” videos were produced by R/GA, New York.
About Ewy Rosqvist
Ewy Rosqvist is a Swedish racing champion who in 1962 made history for being the first woman to enter and win one of the toughest rallies in the world. After watching her husband race for years, she decided to take it up herself and entered the Argentinian Grand Prix – a gruelling three-day journey across rough terrain. Ewy was ridiculed for entering the race and told she wouldn’t be able to complete the course. Not only did she finish, she went on to be the first person to win every stage of the race, set a speed record and beat the previous champion by over three hours.
About Mercedes-Benz USA
Mercedes-Benz USA (MBUSA), the sales and marketing arm for Mercedes-Benz in the United States and headquartered in Atlanta, is responsible for the distribution, marketing and customer service for all Mercedes-Benz products in the United States from the sporty A-Class sedan to the flagship S-Class and the Mercedes-AMG GT R.
MBUSA’s philanthropic focus is on educating and empowering youth. On a national level, the company supports Laureus Sport for Good which uses sports to help at-risk youth and the Johnny Mac Soldier’s Fund which provides scholarships to children of the fallen military.
In Atlanta, MBUSA is involved with over 50 organizations in its effort to educate and empower the next generation to achieve success and address local needs in its community, particularly Atlanta’s Westside, the area surrounding the Mercedes-Benz Stadium that includes under-resourced neighbourhoods. MBUSA has won numerous awards for its community efforts including, A Gold Stevie® Award for its Greatness Lives Here campaign, Corporate Champion Tree recognition from Trees Atlanta and a Community Impact Award from the Georgia Department of Economic Development.