Sunday, March 09, 2014

Thieves who offer Customer Suport to victims? It's called "Ransomware"

Just when you thought you'd seen it all:

'Perfect' ransomware is the scariest threat to your PC
Nothing spurs malware development like success, and that’s likely to be the case in the coming months with ransomware.

Ransomware has been around for around a decade, but it wasn’t until last fall, with the introduction of CryptoLocker, that the malevolent potential of the bad app category was realized. In the last four months of 2013 alone, the malicious software raked in some $5 million, according to Dell SecureWorks. Previously, it took ransomware purveyors an entire year to haul in that kind of money.

So is it any wonder that the latest iteration of this form of digital extortion has attracted the attention of cyber criminals? A compromised personal computer for a botnet or Distributed Denial of Service attack is worth about a buck to a byte bandit, explained Johannes B. Ullrich, chief research officer at the SANS Institute. “With ransomware, the attacker can easily make $100 and more,” he said.

What distinguishes CryptoLocker from past ransomware efforts is its use of strong encryption. Document and image files on machines infected with the Trojan are scrambled using AES 256-bit encryption, and the only way for a keyboard jockey to regain use of the files is to pay a ransom for a digital key to decrypt the data.


Honor among thieves
The CryptoLocker crew also know the value of maintaining good customer relations. “They’re honoring people who do pay the ransom,” said Jarvis, of SecureWorks.

“In most cases they’re sending the decryption keys back to the computer once they receive payment successfully,” he explained. “We don’t know what the percentage of people who successfully do that is, but we know it’s part of their business model not to lie to people and not do it.”

Moreover, in November, they began offering support to victims who, for whatever reason, fail to meet the hijackers’ ransom deadlines. By submitting a portion of an encrypted file to the bad actors at a black website and paying the ransom, a victim can receive a key to decrypt their files. “You have to reinfect yourself with the malware but once you do that, you can get a successful decryption,” Jarvis explained.


Ransomware Inc.
"It is inevitable that we will see a cryptographic ransomware toolkit,” he added, “maybe even multiple toolkits because it’s clear that there’s a business opportunity here for criminals.”

Moreover, that opportunity is likely to reach beyond the consumer realm and into the greener pastures of business. “Going after consumers is small fish,” said Bruen, of the Digital Citizens Alliance. “The next step is to conduct ransom operations on major companies. This has already happened,” he said.

“From an attacker’s perspective, there’s definitely a higher risk in getting caught because companies are going to throw more money at the problem than an ordinary consumer can,” he continued, “but the payoff from one of these companies—a Target or a Nieman Marcus—will be much larger.”

Current ransomware attacks involve encrypting select file types on a hard drive, but a business attack will likely choose a higher value target. “Cryptographic keys and digital certificates are ripe for ransom,” Venafi’s Bocek said.

"Whether it’s taking out the key and certificate that secures all communications for a bank or the SSH keys that connect to cloud services for an online retailer, keys and certificates are a very attractive target,” he observed. [...]
Welcome to the Brave new world. The orginal article has embedded links, and more details about the evolution of this software, the way it spreads, and it's potential future applications.

I've already come across a lesser "scareware" version of Ransomeware, that was mentioned in the article. It locked up one of my Linux computers, and wanted payment to unlock it, so this isn't just a Microsoft thing. I was able to get rid of it by uninstalling my browser, clearing the cache, and reinstalling Firefox. But what they are talking about in this article is much more advanced.

Scary stuff.

What happens when vaccinations stop?

The green is Whooping Cough, the red is Measls:

The toll of the anti-vaccination movement, in one devastating graphic
[...] A couple of manifestations stand out. One is the prevalence of measles in Europe -- especially Britain -- and the U.S. Measles is endemic in the underdeveloped world because of the unavailability of the MMR (measles, mumps and rubella) vaccine.

But in the developed world it's an artifact of the anti-vaccination movement, which has associated the vaccine with autism. That connection, promoted by the discredited British physician Andrew Wakefield and the starlet Jenny McCarthy, has been thoroughly debunked. But its effects live on, as the map shows.

Vaccine panic also plays a role in the shocking incidence in the U.S. of whooping cough, also beatable by a common vaccine. Researchers have pointed to the effect of "non-medical exemptions" from legally required whooping cough immunizations -- those premised on personal beliefs rather than medical reasons -- as a factor in a 2010 outbreak of whooping cough in California.

These manifestations underscore the folly and irresponsibility of giving credence to anti-vaccination fanatics, as Katie Couric did on her network daytime TV show in December. We examined the ethics of that ratings stunt here and here.

Among other worthwhile examinations of the impact of the anti-vaxxers, see this piece about growing up unvaccinated in Great Britain in the 1970s, and this disturbing piece by Julia Ioffe about her battle with whooping cough, a disease no American should have. [...]
The original article has embedded links.

Measles Outbreak Spreads from Coast to Coast
State health officials in New York recently reported 16 cases of Measles in northern Manhattan and the Bronx, and others say the Measles are becoming a coast-to-coast problem. The New York City outbreak consists of 7 adults and 9 children, and while 2 of the children were too young for the immunization, 2 others were children whose parents refused to get them their shots. Massachusetts, Rhode Island and Pennsylvania have also witnessed a Measles outbreak in recent weeks.

Measles is a contagious illness spread through respiration. Classic symptoms of Measles include fever, cough, runny eyes or nose, and a recognizable rash. Less severe side effects of Measles include diarrhea to more serious and life-altering ones such as pneumonia, brain damage, and corneal ulceration. Risk factors for Measles are malnutrition, immun0deficiency, pregnancy and Vitamin A deficiency. In developed countries such as the U.S., children are immunized against Measles by the age of 18 months. Un-vaccinated individuals are at risk of contracting Measles. [...]
But what about the nine adults? Had they been vaccinated, and got it anyway? I got measles when I was 15, even though I had a vaccination when I was younger. I don't think it always works.

Sunday, March 02, 2014

Is the 21st Century going to be the begining of the Robotic Revolution?

This video suggests it's an actual possibility.

Future is Today - Humanoid Robots 2014
In an earlier post I did with a video of a fantasy android, I suggested that such a technologically advanced AI machine was no where near being developed. I stand by that opinon. However, THIS video gives us a look at what IS near in our future. It's astounding.

Much of the video centers around Japan, where robotics are at an advanced stage. Since the earthquake and nuclear accident of 2011, there has been a new emphasis on developing robots for dangerous work in disaster areas where it's unsafe for humans to go.

I've previously posted about Asimo, Honda's domestic robot. In the video, you will see how much Asimo has evolved since then, as well as many other robots from other countries.

Someone says at one point in the video, that the 20th century began with the industrial revolution, and ended with the computer revolution. And that now the 21st century is beginning with the Robotic revolution. What the video shows, gives a lot of credence to that assertion.

Human-like androids may be far off, but what is near, is going to be quite interesting in it's own right.