1. Home
  2. Ransomware threat: Get patched, find a firewall or upgrade fast

Ransomware threat: Get patched, find a firewall or upgrade fast

[email protected] (Agencies)
May 15, 2017

New Delhi, May 15: It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.

wannacry

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Once Microsoft released the patch for the vulnerability — exploited by hacker group “Shadow Brokers” after stealing a software from the US National Security Agency (NSA) — some Window XP users installed the update called “Microsoft Security Bulletin MS17-010” on their desktops and laptops.

But several didn"t.

There are nearly 150 million computers running Windows XP operation system globally. Those who didn"t pay heed to the Windows XP patch are the ones who have fallen prey to the world"s biggest ransomware attack.

Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.

Meanwhile, “WannaCrypt” locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.

According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.

“Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab"s solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on,” Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told.

“Run the "Critical Area Scan" task in Kaspersky Lab"s solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours),” he added.

According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines.

“We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers,” Sahu told.

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

The news led software security providers to ramp up anti-malware software.

“Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks,” Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told.

If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:

“Disable SMBv1 (a server component) with the steps documented at "Microsoft Knowledge Base Article 2696547" and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445,” said a report in the technology website Engadget.

“This is big and set to get bigger. We haven"t seen anything like this since Conficker in 2008,” Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
Always make sure your files are backed up.

“That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats,” suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.

Remember this: “WannaCrypt” probably won"t work across the internet for PCs behind a firewall or router.

“But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly — which is exactly what has happened,” the Engadget report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 3,2020

Giving each and every app access to personal information stored on Android smartphones such as your contacts, call history, SMS and photos may put you in trouble as bad actors can easily use these access to spy on you, send spam messages and make calls anywhere at your expense or even sign you up for a premium "service", researchers from cybersecurity firm Kaspersky have warned.

But one can restrict access to such information as Android lets you configure app permissions. 

Giving an app any of these permissions generally means that from now on it can obtain information of this type and upload it to the Cloud without asking your explicit consent for whatever it intends to do with your data.

Therefore, security researchers recommend one should think twice before granting permissions to apps, especially if they are not needed for the app to work. 

For example, most games have no need to access your contacts or camera, messengers do not really need to know your location, and some trendy filter for the camera can probably survive without your call history, Kaspersky said. 

While decision to give permission is yours, the fewer access you hand out, the more intact your data will be.

Here's what you should know to protect your data.

SMS: An app with permission to send and receive SMS, MMS, and WAP (Wireless Application Protocol) push messages, as well as view messages in the smartphone memory will be able to read all of your SMS correspondence, including messages with one-time codes for online banking and confirming transactions.

Using this permission, the app can also send spam messages in your name (and at your expense) to all your friends. Or sign you up for a premium "service." You can see and conrol which apps have these rights by going to the settings of your phone.

Calendar: With permission to view, delete, modify, and add events in the calendar, prying eyes can find out what you have done and what you are doing today and in the future. Spyware loves this permission.

Camera: Permission to access the camera is necessary for the app to take photos and record video. But apps with this permission can take a photo or record a video at any moment and without warning. Attackers armed with embarrassing images and other dirt on you can make life a misery, according to Kaspersky.

Contacts: With permission to read, change, and add contacts in your address book, and access the list of accounts registered in the smartphone, an app can send your entire address book to its server. Even legitimate services have been found to abuse this permission, never mind scammers and spammers, for whom it is a windfall.

This permission also grants access to the list of app accounts on the device, including Google, Facebook, and many other services.

Phone: Giving access to your phone means permission to view and modify call history, obtain your phone number, cellular network data, and the status of outgoing calls, add voicemail, access IP telephony services, view numbers being called with the ability to end the call or redirect it to another number and call any number.

This permission basically lets the app do anything it likes with voice communication. It can find out who you called and when or prevent you from making calls (to a particular number or in general) by constantly terminating calls. 

It can eavesdrop on your conversations or, of course, make calls anywhere at your expense, including to pay-through-the-nose numbers, Kaspersky warned.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 24,2020

Pune, Jul 24: Agile and dexterous, 85-year-old Shantabai Pawar wields sticks with absolute ease as she displays 'lathi-kathi' on the streets of Pune.

A video of her, displaying her skills in the Indian martial art form for livelihood, has gone viral on social media.

Pawar told media persons that she learnt the art form when she was only eight and has been practising it since then. The ancient martial art s believed to be linked to Dombari community, a nomadic tribe in Maharashtra.

"I have been pursuing the art of lathi-kathi since I was eight. I have never left it. It is part of me and it is an honour to practice it. My father taught me this. He taught me to work hard," Pawar told media persons.

In the video, the sari-clad octogenarian takes a warrior-like stride and effortlessly rotates a stick several times in a second in her hand and around her head and then does it with two sticks together with a smile on her face. She also tosses a stick in the air and catches it with ease.

The assembled gathering is impressed and enthused.

"People come and say, 'Well done Daadi!' I practice it to earn money for my children and grandchildren," she said.

Pawar leaves her home in the morning in the conditions created by coronavirus and performs the art form on roads and streets.

"I go to various areas to perform the art form and people give money," she said.

The artiste also uses thali and stick to gather the attention of people as most of them are indoors due to conditions created by COVID-19.

Senior citizens have been advised against venturing out due to their greater susceptibility to coronavirus but Pawar said she is not afraid to step out.

"People do advise me to not go out due to fear of COVID-19 but I am not scared. Whenever I step out, I pray to my God and he has kept me safe so far," she said.

Aishwarya Kale, a dancer and the person who uploaded the video on social media, said that it is "only an artist who can understand what help another artist needs".

"I was in that area shopping for some items and it was then I saw her performing and thought that I should film her and upload her video on social media. But I never thought that the video would go viral and she would receive financial help not just from people in the country but overseas as well," Kale told media persons.

"She is now getting honour for her craft that she couldn't get in the last 85 years. I feel good that through my small video, her art form has become viral," she added. 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 19,2020

Denser places, assumed by many to be more conducive to the spread of the coronavirus that causes COVID-19, are not linked to higher infection rates, say researchers.

The study, led by Johns Hopkins University, published in the Journal of the American Planning Association, also found that dense areas were associated with lower COVID-19 death rates.

"These findings suggest that urban planners should continue to practice and advocate for compact places rather than sprawling ones, due to the myriad well-established benefits of the former, including health benefits," says study lead author Shima Hamidi from Johns Hopkins Bloomberg School of Public Health in the US.

For their analysis, the researchers examined SARS-CoV-2 infection rates and COVID-19 death rates in 913 metropolitan counties in the US.

When other factors such as race and education were taken into account, the authors found that county density was not significantly associated with county infection rate.

The findings also showed that denser counties, as compared to more sprawling ones, tended to have lower death rates--possibly because they enjoyed a higher level of development including better health care systems.

On the other hand, the research found that higher coronavirus infection and COVID-19 mortality rates in counties are more related to the larger context of metropolitan size in which counties are located.

Large metropolitan areas with a higher number of counties tightly linked together through economic, social, and commuting relationships are the most vulnerable to the pandemic outbreaks.

According to the researchers, recent polls suggest that many US citizens now consider an exodus from big cities likely, possibly due to the belief that more density equals more infection risk.

Some government officials have posited that urban density is linked to the transmissibility of the virus.

"The fact that density is unrelated to confirmed virus infection rates and inversely related to confirmed COVID-19 death rates is important, unexpected, and profound," said Hamidi.

"It counters a narrative that, absent data and analysis, would challenge the foundation of modern cities and could lead to a population shift from urban centres to suburban and exurban areas," Hamidi added.

The analysis found that after controlling for factors such as metropolitan size, education, race, and age, doubling the activity density was associated with an 11.3 per cent lower death rate.

The authors said that this is possibly due to faster and more widespread adoption of social distancing practices and better quality of health care in areas of denser population.

The researchers concluded that a higher county population, a higher proportion of people age 60 and up, a lower proportion of college-educated people, and a higher proportion of African Americans were all associated with a greater infection rate and mortality rate.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.