It is mind-boggling that, despite the world being warned, the past week’s ransomware attack almost took down a country’s healthcare system. ARTHUR GOLDSTUCK reports.
If the world didn’t know what ransomware was before, the incessant global headlines of the past week have provided an instant education.
The healthcare system in the United Kingdom was almost brought down by the WannaCry virus, which locks and encrypts computer files, rendering entire networks useless until a ransom is paid. The National Health Service had staff working overtime, not on patient care, but on using paper systems to manage patient information.
IT security company Kaspersky Lab defines ransomware as “a type of malware that severely restricts access to a computer, device or file until a ransom is paid by the user”. It can be installed through deceptive links in an email message, instant message or website, and can encrypt important files with a password.
Kaspersky Lab has detected at least 45 000 WannaCry (also known as WannaCrypt) infection attempts in 74 countries. While most have been in Russia, an animated map of infections published online by the New York Times (See http://bit.ly/wannaRSA) shows that targets were hit in every South African city.
Kaspersky explains that the ransomware infects victims by exploiting a Microsoft Windows vulnerability described and fixed in a Microsoft Security Bulletin in March 2017. The exploit is called Eternal Blue, and was stolen from the American National Security Agency (NSA) by a hacking gang going by the name of Shadowbrokers.
“Once inside the system, the attackers install a rootkit, which enables them to download the software to encrypt the data. The malware encrypts the files. A request for $600 in Bitcoin is displayed along with the wallet – and the ransom demand increases over time.”
Kaspersky is hoping to develop a decryption tool similar to those created for previous ransomware attacks, and available at noransom.kaspersky.com.
It should not have come to this, however. When the Windows vulnerability was revealed two months ago, it came with warnings that ransomware attacks and other cyber exploits were certain to follow. All Windows users were advised to update their software immediately, and IT administrators were advised to download and install the latest security patches. Users of the latest Microsoft operating system, Windows 10, were safe, as it did not contain the vulnerability.
Two months later, hospitals in the UK and elsewhere, along with businesses, public transport systems and even police stations globally, found themselves in crisis mode as their systems were brought down. By a known and well-publicised vulnerability.
It’s little wonder that scorn has been poured on UK Home Secretary Amber Rudd’s claim that there were “good preparations in place by the NHS to make sure they were ready for this sort of attack”. Guardian technology columnist Charles Arthur wrote that underfunding of the NHS “made the events of the past few days a disaster waiting to happen”.
In truth, it’s an ongoing disaster. As Arthur reports, between mid-2015 and the end of 2016, 88 of the UK’s 260 NHS trusts had been hit by ransomware.
In South Africa, it’s also an ongoing threat. Numerous individuals – particularly older users – have fallen for scammers supposedly phoning from Microsoft to say they have detected a virus on the user’s computer.
For some reason, the most suspicious of old-timers become like gullible children when receiving a call about their computers from a stranger. It does not cross their minds for a moment that the giant Microsoft is not about to phone an individual user about an issue on their system.
They are then persuaded to open a specific web address, download a piece of software and open it. Which instantly locks down their computer, and encrypts all files. They are told that, if they don’t pay a specific ransom amount by a given date, all the contents of their computer will be deleted.
Unfortunately, there is no Windows patch for gullibility. However, the same thing can happen via any number of exploits. In most cases, it is a result if clicking on a link or attachment in an email from a stranger.
The methods are going to keep evolving, and the trickery will keep getting more sophisticated.
“People in ransomware are thinking like business people,” said Ton Maas, digital coordinator of the Dutch National Police, during Kaspersky Lab’s annual Cyber Security Weekend in Malta last year. In 2015, he personally arrested two young ransomware creators, brothers who were conducting the business in their parents’ home.
“In this case, they were both the coders and the distributors,” said Maas. “Usually, you start with the coder, who offers code to distributors, who then target end-users. You even get code specifically written for the distributor, on request.
“The distributors buy the codes and earn their own money, but sometimes have to pay a percentage back to the coder. It is also possible to have a service contract, paying a fixed amount a month, so if you have problems and want to change something in the code, the coder will do it for you. You can call this ransomware-as-a-service.”
Kasperksy Lab’s 2016 Corporate IT security Risks Survey, presented at the Malta event, revealed that 20 per cent of businesses across the world experienced a ransomware attack in the previous 12 months. In South Africa, 19 per cent of businesses had come under attack.
The Lab helped the Dutch police track down the hackers responsible for a ransomware program called CoinVault, which added a new element: if victims did not pay immediately, the ransom “fee” steadily increased. That exact approach has now been taken by the WannaCry creator.
For now, WannaCry appears to be contained, but that is merely a respite in an escalating crisis. Expect worse. Far worse.
ConceptD: Creatives get a tech brand of their own
The unveiling of a new brand by Acer recognises the massive computing power needed in creative professions, writes ARTHUR GOLDSTUCK
It’s a crisp Spring morning in Brooklyn. The regular water taxi from Manhattan pulls up at Duggal Greenhouse on the edge of the East River. It’s a building that symbolises the rejuvenation of Brooklyn as a hub of artistic and creative expression.
Inside the vast structure, global computer brand Acer is about to unveil its own tribute to creativity. Company CEO Jason Chen takes to the stage in faded blue jeans and brown t-shirt, underlining the connection of the event to the informality of the area.
“Brooklyn is become more and more diverse,” he tells a gathering of press from around the world, attending the Next@Acer media event. “It’s an area that is up and coming. It represents new lifestyles. And our theme today is turning a new chapter for creativity.”
Every year, Next@Acer is a parade of the cutting edge in gaming and educational laptops and computers. New devices from sub-brands like Predator, Helios and Nitro have gamers salivating. This year is no different, but there is a surprise in store, hinted in Chen’s introduction.
As a grand finale, he calls on stage Angelica Davila, whose day job is senior marketing manager for Acer Latin America. But she also happens to have a Masters degree in computer and electric engineering. A stint at Intel, where she joined a sales and marketing programme for engineers, set her on a new path.
For the last few months, she has been helping write Acer’s next chapter. She has shepherded into being nothing less than a new brand: ConceptD.
Click here to read more about ConceptD.
Which voice assistant wins battle of translators?
Take the most famous phrase from the Godfather – “I’m going to make him an offer he can’t refuse” – or “The only thing we have to fear is fear itself” from the inaugural address of US President Franklin Delano Roosevelt and see just how the virtual assistants do in translating them using their newly introduced Neural Machine Translation (NMT) capabilities. One Hour Translation (OHT), the world’s largest online translation service, conducted a study to find out just how accurate these new services are.
OHT used 60 sentences from movies and famous people ranging from the Godfather and Wizard of Oz to Neil Armstrong, the first man to set foot on the moon, US presidents Franklin Delano Roosevelt and John Fitzgerald Kennedy and historical figures like Leonardo da Vinci and Aesop. The sentences were translated by Google Assistant, Amazon’s Alexa and Apple’s Siri from English to French, Spanish, Chinese and German and then given to five professional translators for their assessment on a scale of 1-6.
Google Assistant scored highest in three of the four languages surveyed – English to French, English to German and English to Spanish and second in English to Chinese. Amazon’s Alexa, whose translation engine is powered by Microsoft Translator, was tops in the English to Chinese category. Apple’s Siri was second place in English to French and English to Spanish and third place in English to German and English to Chinese. (See chart). All three virtual assistants are compatible with mobile phones.
“The automated assistants’ translation quality was relatively high, which means that assistants are useful for handling simple translations automatically,” says Yaron Kaufman, chief marketing officer and co-founder of OHT. He predicts that “there is no doubt that the use of assistants is growing rapidly, is becoming a part of our lives and will make a huge contribution to the business world.”
A lot will depend on further improvements in NMT technology, which has revolutionized the field of translation over the past two years. All the companies active in the field are investing large sums as part of this effort. “OHT is working with several of the leading NMT providers to improve their engines through the use of its hybrid online translation service that combines NMT and human post-editing,” notes Kaufman. He adds that this will no doubt have a huge impact on the use of assistants for translation purposes.
OHT has made a name for itself in assessing the level of translations by NMT engines. Its ONEs Evaluation Score is a unique human-based assessment of the leading NMT engines conducted on a quarterly basis and used as an industry standard.