Discussing Cryptolocker and Internet of Things security on ABC Radio

This morning with Linda Mottram on ABC 702 I’ll be discussing Cryptolocker ransomware and the security of the Internet of Machines.

If you missed the program, you can listen to the segments through Soundcloud.

Tuesday morning with Linda Mottram on ABC 702 I’ll be discussing Cryptolocker ransomware, the security of the Internet of Machines and the tech industry’s call for less internet surveillance.

It’s only a short spot from 10.15am and I’m not sure we’ll have time for callers, but one of the big takeaways I’ll have for listeners is the importance of securing your systems against malware, there’s also some security ideas for business users as well.

We’ll probably get to mention the ACCC’s warnings on smartphone apps and the current TIFF bug in Windows as well.

If you’re in the Sydney area, we’ll be live on 702 from 10.15, otherwise you can stream it through the internet.

Similar posts:

  • No Related Posts

Potentially unwanted applications – what are we are installing on our smartphones?

Do we really understand what we are installing on our smartphones? Sophos Labs thinks potentially unwanted applications or PUAs are a growing problem.

One of the notable things about the technology industries is there are always new terms and concepts to discover.

During a visit to Sophos’ Oxford headquarters last month, the phrase ‘Potentially Unwanted Applications’ – or PUAs – raised its head.

PUAs come from the problem application developers have in making money out of apps or websites. The culture of free or cheap is so ingrained online that it’s extremely hard to make a living out of writing software.

As result, developers and their employers are engaging in some cunning tricks to get customers to download their apps and then to monetize them, particularly in the Android world which lacks the tight control Apple exercises over the iOS App Store.

“What’s interesting about Android,” says Sophos Labs’ Vice President President Simon Reed, “is it’s attracting aggressive commercialisation.”

The fascinating thing Reed finds about this ‘aggressive commercialisation’ is where the distinction lies between malware and monetisation and when does an app or developer cross that line.

Reed’s colleagues Vanja Svajcer & Sean McDonald explore where that line lies in a paper titled Classifying PUAs in the Mobile Environment which they submitted to the Virus Bulletin Conference last October.

In that paper Svajcer and McDonald discuss how these applications have developed, the motivations behind them and the challenge for anti virus companies like Sophos and Kaspersky in categorising and dealing with them.

The authors also flag that while the bulk of the revenue generated by these apps comes from advertising, there are serious privacy risks for users as developers try to monetize the data many of these packages scrape from the phones they’re installed on.

Svajcer and McDonald do note though that potentially unwanted applications aren’t really anything new, we could well classify many of the drive by downloads that plagued Windows 98 users at the beginning of the century as being PUAs.

What we do need to keep in mind though that what is driving the development of PUAs is users’ reluctance to pay for apps and that it’s going to take a big change in customer attitudes for this problem to go away.

For businesses, this is something managers are going to have to consider as they move their line of business applications onto mobile devices, as Marc Benioff proposed at the recent Dreamforce conference.

Sophos’ Simon Reed believes potentially unwanted apps won’t be such a problem in the workplace however. “Consumers may have a different tolerance towards PUAs than commercial organisations,” he says.

The prevalence of PUAs on mobile devices does underscore though just how careful organisations have to be with who and what can access their data. It’s another challenge for CIOs.

Similar posts:

  • No Related Posts

Social malware and cunning tricks

Malware writers are moving onto using social media apps to harvest addresses and personal information.

Last week an interesting media release from anti-virus company Bitdefender appeared in the inbox describing a tricky little scam that promises to change Facebook page colours but actually grabs a user’s information to set up fake blogs associated with the victim’s email address.

Those fake blogs in turn link to a working from home scam, the type which are becoming depressingly common online. No doubt the malware authors have some sort of interest in that scheme.

What makes this malware interesting is how it brings together a range of opportunities for the malware writer – social media, apps, data aggregation, identity spoofing and the Ponzi affiliate schemes that are prevalent as people try to find new ways to supplement their income.

Many people say “I’d never get caught by these scams” but the reality is the scammers are rat-cunning, if not clever. Assuming you’re immune to these because you’re too smart, or you use a Mac or there’s nothing of value on your computer is a risk in itself.

Here’s the media release from Bitdefender.

Google Chrome App grabs identities, forges blogs in victims’ name to promote scam

Bitdefender catches Facebook colour scam with both hands in cookie jar

SYDNEY/AUCKLAND November 19, 2012 – A Google Chrome app that promises to change the colour of Facebook accounts instead nabs authentication cookies and generates dozens of blogs registered to the victims’ Gmail address, in a new scam analysed by Bitdefender, the leading global antivirus company.

Once the malicious app is installed from Google’s Chrome Web Store, it starts displaying a large Google Ads banner redirecting users to a “work from home scam.” When clicking the sign-up link, users are redirected to a fraudulent website.

“Scammers gave a new twist to the old change-your-Facebook-colour scheme that’s been luring users to fraudulent websites to grab credentials and other sensitive data,” says Chief Security Strategist, Catalin Cosoi. “By creating dozens of blogs for a single account, the scam spreads like wildfire among Facebook friends.”

The blogs generating under the email address of the victims, which are used in further disseminating the scam, have registered a large number of hits among users in the US, the UK, Germany, Spain, Romania, and other countries.

The app can also post wall messages on the victims’ account. The messages use friend tagging to convince the victim’s friends to visit the blog domains. Each time the app posts on a users’ timeline, it links to one of the auto-generated blogs as to avoid blacklisting.

Bitdefender encourages users to use an antivirus solution and the free application Safego, which protects Facebook and Twitter accounts from scams, spam, malware and private data exposure.

Similar posts:

ABC Nightlife: Apps down the farm

For the October ABC Nightlife spot we’ll be looking at how the agriculture sector is using smartphone and tablet computer apps

If you missed this program where we covered a wide range of subjects, you can listen to the ABC Nightlife podcast of the show.

Paul Wallbank joins Tony Delroy to discuss how technology affects your business and life.

This week we’re talking about how the agricultural industry are using smartphone apps and the web. A list of apps for farmers is available from the NSW Department of Primary Industry website.

We’ll also be looking at how machines are talking – in agriculture, the next generation of farm equipment will be sending data straight to the farmers’ tablet or laptop computer using the technologies we’re seeing in jet engines and other high tech equipment.

Connecting everything does come with risks. A US report found that networked medical equipment is rife with malware and the Defense Signals Directorate points out that out-of-date computer systems are one of the main causes of data breaches.

One of the things driving the apps world is cloud computing and Google have given a rare glimpse into the data centres that run their services.

Social media is one of the things that are driving cloud computing, but there’s traps for businesses in posting information about customers and staff. We’ll be looking at those as well.

We’d love to hear your views and comments so join the conversation with your on-air questions, ideas or comments; phone in on the night on 1300 800 222 within Australia or +61 2 8333 1000 from outside Australia.

Tune in on your local ABC radio station or listen online at www.abc.net.au/nightlife.

You can SMS Nightlife’s talkback on 19922702, or through twitter to @paulwallbank using the #abcnightlife hashtag or visit the Nightlife Facebook page.

Similar posts:

Dealing with the DNS Changer Trojan

On Monday computers infected with the DNS Changer Trojan will stop surfing the net. Make sure you aren’t infected.

On Monday, thousands of computers around the world will be cut off the web as the servers behind the DNS Changer Trojan Horse are shut down.

The DNS Changer did exactly what the name says – it changed a computer’s Domain Name Service (DNS) settings so that all web traffic went through servers belonging to the virus writers.

Eventually the writers were caught and the computers were seized, in order to avoid disruption the servers were left running but they will be shut down on Monday.

On Monday, those computers still infected won’t be able to surf the net until the problem is fixed.

How Do I Know I’m infected?

As part of the Shutdown, the DNS Changer working group was set up. On their site they have a  detection tool website that will tell you if your computer is infected.

How can I fix the problem?

The easiest fix is with the Microsoft Malware Scanner which will check your computer for the DNS Changer virus along with other malware. If the scanner detects a problem it will remove the virus. IT Queries also have instructions on Removing A Trojan.

To prevent further infections, it’s necessary to install an up to date anti virus. A good free one is the Microsoft Security essentials tool.

The DNS Changer Trojan was very effective malware and it illustrates why computer users need to be careful of where they go on the mean streets of the Internet.

Similar posts:

Malware’s third party path

How to take care in a changing world of cybercrime.

One of the few constants with computer security is that threats are constantly evolving.

Malware – malicious software like computer viruses, worms or Trojan horses – are the most common security threat the ordinary technology home or business users will encounter on their PC, laptop or smartphone.

During the big computer virus epidemic of the early 2000s the main target were Windows 98 or XP machine running Internet Explorer as these were so easy to infect.

Today, it’s harder to infect Windows systems and the malware writers have become more sophisticated in the tools and methods they use to catch victims.

Right now, we’re seeing the malware writers focusing on  weaknesses in third party software such as Java, Flash and Microsoft Office.

Mac users have been affected by the Flashback worm which used flaws in the Java computer program and now Adobe have released an emergency update to their Flash application to fill a security hole that could affect all operating systems.

Along with being more sophisticated in their methods, today’s malware writers are also more organised with real criminal objectives as opposed to the earlier generations that were derided as “script kiddies”.

So there’s real risks in not taking basic steps to protect your computer system.

Have the latest updates

When your system asks you if you want to install updates, do so. Both Macs and PCs have an automatic update function which you should enable and pay attention to.

Individual software packages like Java, Flash and Microsoft Office have their own update reminders which you should also pay attention to.

Sometimes though the malware writers distribute fake updates to fool people into installing their software so if you are suspicious about an update, check online to see if you have the latest version.

Run computers in Restricted User mode

One of the big weaknesses for all systems is there is a tendency to run as an Administrator. In older Windows systems this gives almost complete control over the system and can still create problems in newer systems as well as with Mac or Linux systems.

Every user should be run as a Restricted User and this can be set up in the Windows Control Panel or Mac Preferences.

Have an antivirus

While the antivirus industry loves flogging overpriced and overfeatured software that generally slows your computer down as much as it protects the system, it’s still worthwhile having.

For Windows users, the free Microsoft Security Essentials is fine for most users. For Mac users, the free ClamAV or Sophos Anti-Virus for Mac are good choices.

Use a third party browser

Generally using the built in web browsers – Internet Explorer in Windows and Safari on the Mac – tends to amplify security risks. So use a third party browser like Firefox, Google Chrome or Opera.

Be careful

Malware writers, like all crooks and conmen, try to exploit human weaknesses so their tricks often appeal to our greed, fear or lust.

Try to avoid websites offering pirated software, movies, music or pornography and never click on emails or pop up adverts that claim you’ve won the lottery or been infected with a virus.

Cybercrime is real and growing although we should keep in the threat in perspective and not fall for the hysterical headlines we often see in the media.

The risks are going to continue to evolve as the crooks move onto trying to exploit weaknesses in smartphones, social media platforms and cloud computing services.

Despite this, most people won’t be affected by malware or other computer crime by being careful. Just don’t count on being lucky.

Similar posts:

Ending the era of Mac complacency

Does the Flashback bug end the Mac’s virus free status?

The news that the Flashback Trojan has infected an estimated 600,000 Apple Mac computers has been greeted with joy by the dozens of industry experts that have predicted a virus holocaust for smug Mac users for nearly a decade.

While the Flashback malware – the earlier versions could be described as a computer Trojan Horse while the later editions are more like a computer worm – is a real risk to Mac users and it’s important to take this risk seriously.

The Netsmarts business site looks at how Mac and Windows users can protect themselves from Flashback and its variants.

One of the key things in the advice is to make sure anybody using the computer has limited rights; as a Managed User on the Mac and as a Limited User in Windows. This dramatically reduces the opportunity for bad things to happen while online.

I’ve discussed previously while user privileges are one of the reasons why the Mac has historically been less prone to infection to virus infections than their Windows cousins.

Microsoft made the decision in the 1990s not to tighten Windows’ security settings and their customers paid the price for the next decade. This was compounded by some poor implementations of various technologies in Microsoft Windows.

This isn’t to say the Mac, or any other computer system, doesn’t have security bugs. Every operating system does and it’s a conceit of everybody immersed in new technologies, be it cloud computing back to horse drawn chariots, to believe their products are magically infallible.

Part of the crowing from the security experts and charlatans who’ve been desperately predicting a “Macapocalypse” for nearly a decade overlook this.

Even with the proven problem of the Flashback virus, its unlikely we’re see the deluge of malware like that of the early 2000s simply because the Mac OSX, Windows 7 and all the other mobile and computer operating systems don’t have the structural flaws that Windows 98, ME and early versions of XP had.

Much of the Mac versus PC argument in security is irrelevant anyway; the main game for scammers and malware writers has moved to social media services like Facebook and this is where computer users need to be very careful.

However the stereotype of the “Smug Mac” user was true, one caller to my radio show claimed he didn’t have a problem with spam because he had a Mac. Nothing could convince him that email spam wasn’t related to the type of computer you used.

To be fair to Apple they never made the claim their computers were invulnerable to malware, apart from the odd dig at Microsoft. Their users did it for them.

That type of smug Mac user are those who do need a wake up call. For the industry though, it’s business as usual although some will be feeling a little smug their hysterical predictions of the last decade came true in a small way last week.

Similar posts: