Connect with us

Featured

Ransomware: Expect it to get worse. Much worse.

Published

on

It is mind-boggling that, despite the world being warned, the past week’s ransomware attack almost took down a country’s healthcare system. ARTHUR GOLDSTUCK reports.

If the world didn’t know what ransomware was before, the incessant global headlines of the past week have provided an instant education.

The healthcare system in the United Kingdom was almost brought down by the WannaCry virus, which locks and encrypts computer files, rendering entire networks useless until a ransom is paid. The National Health Service had staff working overtime, not on patient care, but on using paper systems to manage patient information.

IT security company Kaspersky Lab defines ransomware as “a type of malware that severely restricts access to a computer, device or file until a ransom is paid by the user”. It can be installed through deceptive links in an email message, instant message or website, and can encrypt important files with a password.

Kaspersky Lab has detected at least 45 000 WannaCry (also known as WannaCrypt) infection attempts in 74 countries. While most have been in Russia, an animated map of infections published online by the New York Times (See http://bit.ly/wannaRSA) shows that targets were hit in every South African city.

Kaspersky explains that the ransomware infects victims by exploiting a Microsoft Windows vulnerability described and fixed in a Microsoft Security Bulletin in March 2017. The exploit is called Eternal Blue, and was stolen from the American National Security Agency (NSA) by a hacking gang going by the name of Shadowbrokers.

“Once inside the system, the attackers install a rootkit, which enables them to download the software to encrypt the data. The malware encrypts the files. A request for $600 in Bitcoin is displayed along with the wallet – and the ransom demand increases over time.”

Kaspersky is hoping to develop a decryption tool similar to those created for previous ransomware attacks, and available at noransom.kaspersky.com.

unnamed

It should not have come to this, however. When the Windows vulnerability was revealed two months ago, it came with warnings that ransomware attacks and other cyber exploits were certain to follow. All Windows users were advised to update their software immediately, and IT administrators were advised to download and install the latest security patches. Users of the latest Microsoft operating system, Windows 10, were safe, as it did not contain the vulnerability.

Two months later, hospitals in the UK and elsewhere, along with businesses, public transport systems and even police stations globally, found themselves in crisis mode as their systems were brought down. By a known and well-publicised vulnerability.

It’s little wonder that scorn has been poured on UK Home Secretary Amber Rudd’s claim that there were “good preparations in place by the NHS to make sure they were ready for this sort of attack”. Guardian technology columnist Charles Arthur wrote that underfunding of the NHS “made the events of the past few days a disaster waiting to happen”.

In truth, it’s an ongoing disaster. As Arthur reports, between mid-2015 and the end of 2016, 88 of the UK’s 260 NHS trusts had been hit by ransomware.

In South Africa, it’s also an ongoing threat. Numerous individuals – particularly older users – have fallen for scammers supposedly phoning from Microsoft to say they have detected  a virus on the user’s computer.

For some reason, the most suspicious of old-timers become like gullible children when receiving a call about their computers from a stranger. It does not cross their minds for a moment that the giant Microsoft is not about to phone an individual user about an issue on their system.

They are then persuaded to open a specific web address, download a piece of software and open it. Which instantly locks down their computer, and encrypts all files. They are told that, if they don’t pay a specific ransom amount by a given date, all the contents of their computer will be deleted.

Unfortunately, there is no Windows patch for gullibility. However, the same thing can happen via any number of exploits. In most cases, it is a result if clicking on a link or attachment in an email from a stranger.

The methods are going to keep evolving, and the trickery will keep getting more sophisticated.

“People in ransomware are thinking like business people,” said Ton Maas, digital coordinator of the Dutch National Police, during Kaspersky Lab’s annual Cyber Security Weekend in Malta last year. In 2015, he personally arrested two young ransomware creators, brothers who were conducting the business in their parents’ home.

“In this case, they were both the coders and the distributors,” said Maas. “Usually, you start with the coder, who offers code to distributors, who then target end-users. You even get code specifically written for the distributor, on request.

“The distributors buy the codes and earn their own money, but sometimes have to pay a percentage back to the coder. It is also possible to have a service contract, paying a fixed amount a month, so if you have problems and want to change something in the code, the coder will do it for you. You can call this ransomware-as-a-service.”

Kasperksy Lab’s 2016 Corporate IT security Risks Survey, presented at the Malta event, revealed that 20 per cent of businesses across the world experienced a ransomware attack in the previous 12 months. In South Africa, 19 per cent of businesses had come under attack.

The Lab helped the Dutch police track down the hackers responsible for a ransomware program called CoinVault, which added a new element: if victims did not pay immediately, the ransom “fee” steadily increased. That exact approach has now been taken by the WannaCry creator.

For now, WannaCry appears to be contained, but that is merely a respite in an escalating crisis. Expect worse. Far worse.

  • Arthur Goldstuck is founder of World Wide Worx and editor-in-chief of Gadget.co.za. Follow him on Twitter and Instagram on @art2gee

Featured

Broadband gets a helping hand

Behind this week’s news that MTN fibre provider Supersonic has launched a fixed LTE service is an effort to rethink home connectivity, writes ARTHUR GOLDSTUCK

Published

on

This week, MTN made its biggest play yet into the market for fibre connections to homes, but its biggest impact may well be within the home.

The mobile operator’s fibre-to-the-home subsidiary, Supersonic, launched a Fixed LTE offering on a month-to-month basis, meaning that homes in areas not yet wired for fibre can receive high-speed broadband. More important, they can get that access at rates that seem unprecedented for mobile data. 

There are two differences from regular packages, however. For one thing, the SIM card that comes with the package only works in specific routers that have to remain plugged into a power supply. For another, the data allocation is split half-half between regular hours and a Night Owl timeframe: the hours between midnight and dawn.

“It just needs users to adjust their internet behaviour a little,” says Calvin Collett, MD of Supersonic. “Conducting massive mobile phone updates or downloading an entire library of Netflix content shouldn’t be prioritised during the day, but should be scheduled for Night Owl data consumption.”

The biggest benefit, aside from pricing, is that one does not have to wait for fibre to arrive in a specific area. While Supersonic’s core business is fixed-line fibre-to-the-home, it is now set to leverage its parent company’s massive mobile data network.

“MTN’s LTE network coverage sits at 95%, after billions of rand was invested in network upgrades in recent years. There is absolutely no reason why those waiting for a fibre connection shouldn’t move to Fixed LTE.”

Collett argues that consumers are far more savvy and well informed of developments in the telecoms space than observers think. They carefully investigate the products and services they choose to spend on, and are looking for the best deals available.

The result is that Supersonic has quietly built up a side business in installing what is called a Mesh Wi-Fi network, consisting of a main Wi-Fi router connected to the standardfibre or LTE or router, and a series of additional access pointscalled plumes, placed in areas of low coverage through ahome.

The plumes – small pods that plug into any power point –connect to one another to expand the network across a wide area. Where traditional WI-FI extenders lose up to half the fibre bandwidth with every extension, the plumes maintain most of the speed regardless of how far the network is extended. All the pods connected to the same router form a single network with the same network name, eliminating the complications Wi-FI extenders usually introduce.

“The traditional Wi-Fi router has replaced the dial up connection, and we’re all happy about this – the infamous dial up tone is ingrained in the brains of anyone over the age of 30,” says Collett. “Wi-Fi revolutionised our way of life as the router gave us access to the internet without directly connecting to a modem. 

“We’ve moved forward, transitioning from ADSL to fibre. While fibre allows for high speed internet access, it is still connected to your Wi-Fi router. Naturally, the further you move away from the hub, the poorer your internet connection will be. Those dead spots around the house can become frustrating when your Wi-Fi signal shows 1 bar and it takes 5 minutes to load a single web page. Mesh Wi-Fi is the solution.”

Collett says he specifically researched a product that looked good, offered app-based management and required no cables. His research led him to Silicon Valley, and the result is the Supersonic Plume Mesh network system.

The drawback is that installation can be complicated for the non-technical consumer. To plug the gap, so to speak, Supersonic sends out technicians who conduct a Wi-Fi sweep of a home and advise how many Plume devices will be needed for 100% coverage. Based on this the technicians make a recommendation for an optimal “smart Wi-Fi”solution. Once installed, though, the network can be monitored and managed from a Supersonic App.

We tried it out and found it was a tale of two experiences. The initial experience was frustrating, as the pods tried to find each other. This is a necessary evil, it seems, as the Plume Mesh network optimises itself over a period of several days. That means the experience at the edge of the network can be very poor at the time of installation. After a few days, however the network was flying.

With a 100Mbps line, the experience next to the main router was around 105 Mbps, both up and down. That in itself was something of a marvel. But the biggest impact was felt at the furthest point from the router: where a Wi-Fi extender had previously delivered speeds of below 10Mbps, download speeds of 80Mbps became not only commonplace, but almost taken for granted.

One of the most useful features of the Plume Mesh is the level of monitoring offered through the Supersonic app. One can observe exactly what devices are connected to which pods – each is given a name, typically of the room, that is visible only through the app.

The biggest surprise of the plume solution is that it has not become a standard solution for Wi-Fi networks everywhere. In an era when we have become deeply dependent on a decent Wi-Fi signal, it has become a necessity rather than a luxury. As a result, home connectivity should be taken far more seriously than merely fobbing consumers off on low-performance extenders. 

MTN seems to have taken this message to heart, rethinking its own approach to home usage.

“Internet access has become the third utility behind electricity and water,” says Collett. “Our goal is to ‘own the home’ but not just by connecting a bunch of devices to a central point. It’s really about how these devices can pioneer habitual change in the home that’s convenient and saves valuable time and money.”

Click here to read about SuperSonic’s pricing.

Previous Page1 of 2

Continue Reading

Featured

Location data key to transforming SA’s transport system

Published

on

Location technology can transform South Africa’s transport system – but don’t expect to see self-driving cars on our roads any time soon. What’s more relevant is the need for the public and private sectors to work together more closely to unlock the significant social and economic benefits that more efficient transport and mobility systems would bring to the country, including less congestion and fewer road accidents. 

That was the message from Michael Bültmann, Managing Director, in charge of international relations  atHERE Technologies, a global leader in mapping and location platform services, at an event hosted by the international law firm Covington & Burling in Johannesburg last week, to discuss how digitization could support better mobility, safety and integration in South Africa. 

“Society needs to solve some fundamental challenges, and relevant location data can play a key role in creating a better future for mobility in South Africa. If we know where the goods and people are, and how and why they move, we have the basis for a system that matches demand and supply far more closely, and uses our transport infrastructure more efficiently,” saidBültmann.

“But no company, government or individual can do it all themselves. It’s all about collaborating. If we get real-time data use right, it would have a profound effect on the way the entire economy works: less congestion, fewer accidents, more efficient use of vehicles and public transport, less air pollution, greater quality of life, and potential savings of billions of rands in fuel, time and safer roads.”

Speaking at the event, the CSIR’s Dr Mathetha Mokonyama said that despite the billions of rands pumped into the country’s mass public transport network in recent years, 90% of commuter seats available are still provided by either cars or taxis.

“We have the right to dignity. If you want to see indignity, look at people getting up at 2am to get unreliable transport to a job that only pays R3500 a month. In our country, access to transport is critical for people to make a living, and our focus as a country should be to implement an equitable and just transport system that caters to all sectors of society,” he said.

“It was a pleasure to support the event that brought together so many viewpoints on the question of the effective use of data and location intelligence to enhance the mobility of goods, people and services,” said Robert Kayihura, senior advisor in Covington’s Johannesburg office.  “While the harmonization of regulatory regimes around the continent will take time, a key takeaway from our discussions is the critical need to build a shared vision of the future through consistent public-private dialogue and collaboration in order to accelerate and ensure the sustainable and safe digitization of Africa.”

Paul Vorster, the chief executive of the Intelligent Transport Society of SA (ITSSA), said the effective sharing of data between metros, government and the private sector would ‘go a long way’ to improving the efficiency of existing transport infrastructure.

“The starting point is to improve what we already have. Once we know what we have – that is, data – we can start solving real problems, like knowing where the demand and supply are. But to do this, metros will need to learn from each other, and they often face political hurdles in the process,” he said.

Bültmann said increasing levels of urbanisation across the world were creating the need for cities to better predict, manage and plan future urban movement. Combining and analysing data from different, complementary sources could help South African cities to improve urban planning, relieve congestion and curb pollution for better quality of life.

The event was also attended by Presidential Investment Envoy Phumzile Langeni, the National Planning Commission’s Themba Dlamini; SANRAL’s Alan Robinson; and Dr Rüdiger Lotz, the Deputy Head of Mission at the German Embassy. The guests were welcomed by Witney Schneidman, the head of Covington’s Africa practice and former Deputy Assistant Secretary of State for African Affairs (1997-2001) in the U.S. Government.

Continue Reading

Trending

Copyright © 2019 World Wide Worx