If you are having trouble viewing this email, click here to view this online

 

VOLUME 87

   ISSUE 87

22 October 2018
Article of the Month Around the World

 

RANSOMWARE
A WALK THROUGH THE TECHNO KIDNAPPERS



 

�Information is wealth.�


�Money, Gold and Land are not only the assets you have but every single detail from your first name to your email address are your assets that you need to protect in the modern world.�

From the dawn of mankind human race always had the habit of acquiring valuable assets on their own. Only the magnitude and canvas are the things which gone under the spin of change not the habit of acquiring assets. It was gold and treasure in the past. But now everything shrinks into the palms of every human being. The whole history and existence of every single individual depend on those electronic devices and its data.
 

There were also a group of people who were keen in gaining some tradeoffs by capturing those properties. It was called as kidnaps in the recent past decades. Culprits tend to kidnap people or rob properties and ask for ransom in order to release the captures. Ransomware is also something which was cooked up in those kinds of minds. But the trend now is to block or hijack an individual�s or organization�s assets such as data and servers in order to get ransom from the victims.

As the word suggest Ransomware is a combination of two words Ransom and Malware. Malware, or malicious software, is any program or file that is harmful to a computer user. Any program or software which hijack or block the access of dates and require and amount of ransom to revert it back falls directly into the category of Ransomware. Usually the attackers block the device or make the data inaccessible by sending an executable file through email or other carriers and when the user clicks on it, the execution starts. And the files get locked which needs a decryption code to unlock them.


 

 

Some Examples for Ransomware

� CrySis Ransomware

 

 

CrySiS ransomware is a dangerous crypto-virus that was discovered by security experts in March 2016. Since then, ransomware has been changing constantly.

� WannaCry Ransomware
The WannaCry ransomware attack was a May 2017 worldwide cyberattack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency

Usually these ransoms are paid through Bitcoins or crypto currency in order to protect the identity of the attacker because these transactions cannot be traced back. After receiving the ransom attackers gives the key to unlock the system. There are cases reported that the attacker doesn�t give away the decryption code even after receiving ransom. There is no guaranty for the data and its security when it comes to ransomware. It can be observed with our plain sight that novice to pro users pay the ransoms even though the future lies blurred.
You can derivate the seriousness of this problem, When the word ransomware is added to the Oxford dictionary. Ransomware takes the spotlight among other malwares for more than a decade now with its adverse effects are on the rising side. Keep yourself up to date and save yourself.

�Prevention is always better then cure.�

 

By:

Brayan Benett

Brayan is an undergraduate following BSc (Hons) in Information Technology Specializing in Cyber Security at Sri Lanka Institute of Information Technology since 2016, currently working as Intern-Information Security Engineer at Sri Lanka CERT|CC.




 

 

 

 

 

 

 

 

 

 


 




 

 

 

 

 

 

 

 

 

 

 

 

References

1 Statistics on the Internet growth in Sri Lanka
http://www.trc.gov.lk/images/pdf/
statis_sep_2012.doc
2.The Dragon Research Group (DRG)
http://www.dragonresearchgroup.org/
3.TSUBAME (Internet threat monitoring system) from JPCERT | CC
https://www.jpcert.or.jp/english/tsubame/
4.Shadowserver Foundation
http://www.shadowserver.org/wiki/
5. Team Cymru
http://www.team-cymru.com
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
  
  Facebook Offers Details on �View As� Breach, Revises Numbers
  

  

"...Facebook�s VP of product management was able to discuss more specifics about how the breach itself occurred.

The data breach first disclosed by Facebook in September has directly impacted the access tokens of 30 million accounts, the social media giant confirmed Friday. .."

 

Scaling the IoT product security lifecycle with automation

  

"...Recent events around the globe once again shine a limelight on the security issues the IoT community is facing. From claimed attacks on chlorine plants in Ukraine to potential threats to entire medical systems, IoT devices have left their users at a disadvantage against attackers, and the reason might just be that the security minds of our generation are still approaching product security in a traditional way � manually...."

  Tim Cook Publicly Denies Apple Was Hacked by China�s Military
   

 

'...Apple CEO Tim Cook, interviewed for a BuzzFeed News article published today, Oct. 19, categorically denies that the company was the victim of any spying from Chinese authorities.....'

Researchers Have Discovered a Way to Track 3D Printed Guns

   

  

'...One of the key reasons policymakers and law enforcement agencies find 3D printed guns worrisome is their so-called "untraceable" nature, but researchers may have found a way to match a gun to a printer.....'

Global Cyber Workforce Shortage Mirrors Government�s Struggle

  

'....There�s a shortage of nearly 3 million cybersecurity professionals worldwide and nearly 500,000 in North America, according to a study released by a major cybersecurity certification organization Wednesday......'

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in September 2018
     
  Statistics - Sri Lanka CERT|CC

5G technology: A business leader�s guide

'...It�s still early days for 5G services, but as they�re being trialed and deployed, they�re on track to have a far-reaching impact for both consumers and businesses. This ebook looks at current and future 5G developments. ...'

Twitter publishes information ops data from Russia, Iran for research

"...Twitter has published data on information operations from Russia and Iran since 2016.

The company had previously disclosed that third parties were trying to influence various groups since 2016. Tech giants such as Facebook, Twitter and Google have been under fire for being lax about shutting down groups such as the Internet Research Agency and Iran operatives...."
​'Security budgets are rising, but is it enough?

�...A majority of companies (54 percent) are worried that they will soon outgrow their security solutions, according to Threat Stack. While budgets are expected to increase by 19 percent over the next two years, organizations are struggling with a disconnect between security and DevOps and are facing difficulties in determining where to allocate this budget in the face of rapidly evolving infrastructure....�
Phishers are after something unusual in ploy targeting book publishers

."...Several global book publishing houses and an international literary scouting agency have warned their staff of a flurry of phishing emails that seek authors� and publishers� sensitive information, including book manuscripts, The Bookseller reports.

Penguin Random House (PRH) North America, for one, issued an urgent warning to all employees last Wednesday, coinciding with the opening of the Frankfurt Book Fair....."

 
Notice Board
  

Training and Awareness Programmes - October  2018

  
DateEventVenue

Brought to you by:                           

  
 

Sri Lanka Computer Emergency Readiness Team | Coordination Centre
Room 4-112, BMICH, Bauddhaloka Mawatha, 
Colombo 07 
Tel. +94 - 112 691 692
www.cert.gov.lk