1. Home
  2. Ransomware threat: Get patched, find a firewall or upgrade fast

Ransomware threat: Get patched, find a firewall or upgrade fast

[email protected] (Agencies)
May 15, 2017

New Delhi, May 15: It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.

wannacry

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Once Microsoft released the patch for the vulnerability — exploited by hacker group “Shadow Brokers” after stealing a software from the US National Security Agency (NSA) — some Window XP users installed the update called “Microsoft Security Bulletin MS17-010” on their desktops and laptops.

But several didn"t.

There are nearly 150 million computers running Windows XP operation system globally. Those who didn"t pay heed to the Windows XP patch are the ones who have fallen prey to the world"s biggest ransomware attack.

Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.

Meanwhile, “WannaCrypt” locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.

According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.

“Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab"s solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on,” Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told.

“Run the "Critical Area Scan" task in Kaspersky Lab"s solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours),” he added.

According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines.

“We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers,” Sahu told.

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

The news led software security providers to ramp up anti-malware software.

“Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks,” Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told.

If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:

“Disable SMBv1 (a server component) with the steps documented at "Microsoft Knowledge Base Article 2696547" and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445,” said a report in the technology website Engadget.

“This is big and set to get bigger. We haven"t seen anything like this since Conficker in 2008,” Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
Always make sure your files are backed up.

“That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats,” suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.

Remember this: “WannaCrypt” probably won"t work across the internet for PCs behind a firewall or router.

“But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly — which is exactly what has happened,” the Engadget report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 2,2020

Leiden, Jul 2: Astronomers have discovered a luminous galaxy caught in the act of reionizing its surrounding gas only 800 million years after the Big Bang.

The research, led by Romain Meyer, PhD student at UCL in London, UK, has been presented at the virtual annual meeting of the European Astronomical Society (EAS).

Studying the first galaxies that formed 13 billion years ago is essential to understanding our cosmic origins. One of the current hot topics in extragalactic astronomy is 'cosmic reionization,' the process in which the intergalactic gas was ionized (atoms stripped of their electrons).

Cosmic reionization is similar to an unsolved murder: We have clear evidence for it, but who did it, how and when? We now have strong evidence that hydrogen reionization was completed about 13 billion years ago, in the first billion years of the universe, with bubbles of ionized gas slowly growing and overlapping.

The objects capable of creating such ionized hydrogen bubbles have however remained mysterious until now: the discovery of a luminous galaxy in which 60-100 percent of ionizing photons escape, is likely responsible for ionizing its local bubble. This suggests the case is closer to being solved.

The two main suspects for cosmic reionization are usually 1) a population of numerous faint galaxies leaking ~10 percent of their energetic photons, and 2) an 'oligarchy' of luminous galaxies with a much larger percentage (>50 percent) of photons escaping each galaxy.

In either case, these first galaxies were very different from those today: galaxies in the local universe are very inefficient leakers, with only <2-3 percent of ionizing photons escaping their host. To understand which galaxies governed cosmic reionization, astronomers must measure the so-called escape fractions of galaxies in the reionization era.

The detection of light from excited hydrogen atoms (the so-called Lyman-alpha line) can be used to infer the fraction of escaping photons. On the one hand, such detections are rare because reionization-era galaxies are surrounded by neutral gas which absorbs that signature hydrogen emission.

On the other hand, if this hydrogen signal is detected it represents a 'smoking gun' for a large ionized bubble, meaning we have caught a galaxy reionizing its surroundings. The size of the bubble and the galaxy's luminosity determines whether it is solely responsible for creating this ionized bubble or if unseen accomplices are necessary.

The discovery of a luminous galaxy 800 million years after the Big Bang supports the scenario where an 'oligarchy' of bright leakers emits most of the ionizing photons.

"It is the first time we can point to an object responsible for creating an ionized bubble, without the need for a contribution from unseen galaxies.

Additional observations with the upcoming James Webb Space Telescope will enable us to study further what is likely one of the best suspects for the unsolved case of cosmic reionization," said Meyer.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 9,2020

Soon, you may be able to withdraw cash from an ATM without touching any part of the machine. AGS Transact Technologies, a provider of cash and digital payment solutions and automation technology, on Monday said it has successfully developed and tested a touchless ATM solution in light of the COVID-19 pandemic.

The ‘contactless' solution, currently under demo at interested banks, enables a customer to perform all the steps required to withdraw cash from an ATM using the mobile app itself. 

The customer simply has to scan the QR code displayed on the ATM screen and follow the directions on their respective bank's mobile application. 

This includes entering the amount and mPIN required to dispense the cash from the ATM machine. 

According to the company, the QR code feature makes cash withdrawals quicker and more secure, and negates the chances of compromising the ATM Pin or card skimming.

"The new Touchless ATM solution is an extension of the flagship QR Cash solution which ensures safety of the users and will provide a seamless cash withdrawal experience with enhanced security," said Ravi B. Goyal, Chairman and MD, AGS Transact Technologies Ltd.

With minimum investment, the banks can enable this solution for their ATM networks by upgrading the existing software.

AGSTTL has so far installed, maintained and managed a network of over 72,000 ATMs across the country and also provides customised solutions to leading banks. 

The company earlier introduced UPI-QR based Cash withdrawal solution in partnership with Bank of India. 

This is how the solution works.

Open the Bank mobile application on your smartphone and select QR Cash Withdrawal. Enter the amount you wish to withdraw on the mobile app and scan the QR code on the ATM screen.

Next, confirm the amount by clicking on ‘proceed' in the app and enter the mPin to authenticate the transaction. Now collect the cash and receipt and you are done.

"The seamless, cardless and touchless withdrawal method is designed to provide easy transaction flow, without the need to touch the ATM screen or enter the pin," said Mahesh Patel, President and Group Chief Technology Officer, AGS Transact Technologies.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 4,2020

Washington D.C: One of the greatest spectacles of modern art is still thriving in the Australian outback as confirmed by satellite imagery of NASA. The Marree Man is a massive geoglyph depicting an aboriginal hunter, that spans over 2.6 miles in the Southern Australian region.

Discovered by a pilot in 1998, its origin still remains a mystery even to this date.

The Marree Man was given a new lease of life in 2016 when a group of people from the neighboring town of Marree plowed its lines to avert its fading due to erosion.

After NASA shared the image of the art-work that was taken in June, the efforts of the good samaritans turned out to be a total success, reported CNN Travel.

The restoration team believes that the refurbished Marree Man would last longer than its original version.

According to NASA, "They [the team] created wind grooves, designed to trap water and encourage the growth of vegetation. They hope that eventually, the man will turn green."

In a previous article, CNN reported that an entrepreneur by the name of Dick Smith took upon himself to unravel the geoglyph's mystery in 2016. His team combed through all the available evidence but couldn't find anything conclusive.

In 2018 he even offered a 5,000 Australian dollar reward for anyone who knows the identity of its creator.

Nobody turned up with an answer but it was speculated that unknown artist lives in Alice Springs or even might be an American.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.