Archive for November, 2018

More About CryptoWall Ransomware

In the wake of rising cyber-attacks, it has become important to be constantly vigilant as well as make efforts to protect data from CryptoWall and its variants. Detected in early 2014; CryptoWall is a nasty ransomware and some reports suggest CryptoWall 3.0 has caused damage of over 325 million dollars since its appearance. It encrypts the files available on the system and the cyber-criminals demand ransom to decrypt these files. The ransomware has been updated time and again and the threat hovers around in 2018 as well.

How Does It Work?

CryptoWall 3.0 uses RSA-2048 encryption to lock away your files and forces you to pay the ransom in order to decrypt them. Some variants of the ransomware have add-on features such as CryptoWall v4 not only encrypts the files but also the filenames thus disabling you to look up the filename to check if you have a file backup available. Whereas CryptoWall v5.1 is based on the HiddenTear malware that uses an AES-256 encryption which is quite different from its previous versions.

The ransomware can be distributed through a variety of ways, some of which have been listed below –

  • Phishing Emails: Often the target victim is sent an email containing malicious files hidden in a zipped folder. As the victim opens the files, the malware is installed in the system. CryptoWall then scans the system for data files and encrypts them.
  • Exploit Kits: The exploit kit takes advantage of the vulnerabilities in the operating system, applications used or websites visited to install the malware and thereby launch a ransomware attack.
  • Advertizements: Malware can be installed into the system through malicious internet advertizements that are hacked by the cyber-criminals. These advertizements run JavaScript in the browser to download the malware. Most of the times the victim fails to notice that a malware has been injected into the system.

CryptoWall hides inside the OS and injects a new code to explorer.exe that installs the malware, deletes the volume shadow copies of your files as well as disables window services. It then runs throughout the system and communicates with Command and Control Server to receive an encryption key to encrypt the files. The encrypted files become inaccessible and can only be decrypted using the encryption key.

Post encryption, the victim gets a ransom note with instructions to pay certain amount of bitcoins as ransom to decrypt the files. However, most of the times it is a trap. A report by the CyberEdge Group reveals that only 19% of the ransomware victims actually got their files back.

How To Protect Against CryptoWall Ransomware?

  • Update your Operating System timely and keep the applications patched
  • Install an anti-virus scanner and update it regularly
  • Use a firewall as it may prevent the connection between CryptoWall and home base
  • Be wary of emails sent from unknown sources and never click on the links attached
  • Always keep a backup of your files at a source other than your system

For more information about IT Security, call Centex Technologies at (254) 213-4740.

,

No Comments

Stages Of A Cyber-Attack

Cyber-attacks are increasing at a soaring rate. As per a report by Juniper Research, the average cost of data breach will exceed $150 million by 2020. Also, it is projected that cybercrimes will cost businesses over $2 trillion by 2019. The figures are alarming, and the businesses need to do something to prevent falling prey to a cyber-attack.

No wonder, better security and anti-virus systems are being designed but even the cyber-attacks are getting sophisticated & more complex with each passing day. Cyber criminals are finding one way or the other to infiltrate into the systems and get hold of private & confidential data.

In order to avoid falling prey to a cyber-attack, it is important to understand the life cycle of an attack. Following are the stages of a cyber-attack.

Step 1: Reconnaissance
Reconnaissance is often used in military and refers to the process of conducting a planned observation on the target area. Thus, before an attack is launched, cyber criminals tend to identify their target victim & explore the possible ways to exploit them. They gather sufficient information about the victim through various open sources such as business website, social media handles, etc.

Step 2: Scanning
Attackers often try to find a weak link which can act as an entry point. Once identified they infiltrate and tend to spread the malware throughout the system.

Step 3: Access
After identifying the vulnerability point in the target network, the next step in the process is to gain access to the system. Hackers plan the modus operandi of gaining the access and once successful they take over the network and exploit it.

Step 4: Exfiltration
When they have gained access to the system they are free to move around the network. They use this opportunity to gather the organization’s private & confidential information. They might also change or erase files for their benefit.

Step 5: Sustainment
After gaining an unrestricted access throughout the target network, they now tend to sustain in it quietly to avoid being caught before they have hands on the organization’s confidential information. They disguise their presence to maintain access so that there is no dependence on a single access point. This is done so that cyber attackers can come and go as per their choice.

Step 6: Assault
This is that stage of the attack when things get really nasty. It is generally too late for the victim organization to defend itself as the cyber criminals by this stage have taken full control of the network.

In order to mitigate a cyber-attack it is important to be able to control privileged access. Also make sure that you remove all the weak links and educate your employees to identify such attacks.

For more information, call Centex Technologies at (254) 213-4740.

,

No Comments

Future of AI

PDF Version: Future-of-AI

,

No Comments

What Is Smart Data?

Data that is being collected at an exponential rate is collectively known as big data. In its raw form, data is meaningless. So, to gain maximum benefit, it needs to be processed and turned into actionable information. As per an article by Forbes, keeping the rate of data growth in mind, approximately 1.7 megabytes of new information will be created every second for each human being on the planet by the year 2020.

Smart data is formatted digital information that can be acted upon before being sent for further data consolidation & analytics. It is a result of clear focus on purpose, insights, actions & resulting outcomes. Thus, it refers to the data that is decisive, valuable and actionable in real time. Smart data facilitates analysis and interpretation of data for better decision making and optimized data driven functions. The term smart data is often associated with IoT (Internet of Things).

Application Of Smart Data

  • Retail – Smart data can help in understanding customer requirements as well as help in localized promotions.
  • Telecom – It assists in bandwidth allocation.
  • Manufacturing – Can be used for proactive maintenance.
  • Healthcare – Monitor patient’s health reports to ensure complete safety & care.
  • Transportation– In driverless cars and also in detecting unsafe driving.
  • Financial Services – It can help in detecting & preventing financial frauds.

Difference Between Big Data & Smart Data?

The primary difference between big data & smart data is that the latter is actionable and adds more value to the data. Big data refers to the humungous amount of data that is collected whereas smart data is much more useful and applicable. So even though there is abundance of data in case of big data, it is usually unintelligent and needs to be churned up before it can be used for analysis. Smart data on the other hand is accurate & agile that can give better insights.

Collecting Smart Data

It is common for organizations to collect everything and store it in their data warehouse with an aim to use it for decision making. However, since the data is collected without any specific purpose in mind it often lacks quality. To curb this problem, an organization needs to be smart enough in its way to use the resources to collect data that is relevant to their business. Smart data is gaining popularity due to its relation with the coming algorithm economy. So, collecting only important and useful data does not

For more information about smart data, call Centex Technologies at (254) 213-4740.

,

No Comments