TechByter Worldwide

Speak softly and carry a large microphone

 

Nov 08, 2015

Good News in the Fight Against Crimeware

The Cyber Threat Alliance, a group that includes Fortinet, Intel Security, Palo Alto Networks, and Symantec, says that it has cracked the code on CryptoWall, malware that's associated with $325 million in payments to crooks. This shows what can happen when organizations that normally are rivals work together.

"Lucrative Ransomware Attacks: Analysis of the CryptoWall Version 3 Threat" is the first published report using combined threat research and intelligence from the founding and contributing members of the Cyber Threat Alliance (CTA). The organization's whitepaper provides valuable insight into the attack lifecycle of this lucrative ransomware family, which thus far has netted some $325 million in payments to crooks.

The document's findings include:

  • Information about how $325 million in revenue that went to the attackers included ransoms paid by victims to decrypt and access their files.
  • The 406,887 attempted CryptoWall infections.
  • A description of more than 4 thousand malware samples.
  • More than 800 command-and-control URLs for servers used by cybercriminals to send commands and receive data.
  • The breadth of the threat: Hundreds of millions of dollars in damages across the globe. North America was a key target for the campaigns, but other areas suffered attacks, too.
  • All of the key findings and intelligence in the report are based on the collective visibility the members of the CTA have into the CryptoWall threat.

The report lists key recommendations by the CTA to aid users and organizations in avoiding CryptoWall victimization. For example:

  • Ensure that your operating systems, applications, and firmware are updated with the latest versions of the software.
  • Understand typical phishing techniques and how to thwart them, such as by not opening e-mail from unknown addresses as well as not opening certain file types that may arrive as attachments.
  • Keep web browsers updated and enable settings that disable browser plugins such as Java, Flash, and Silverlight to prevent them from running malware automatically.
  • Review access and security policies within corporate networks to limit access to critical infrastructure from systems and users who don't need it.

To download a copy of the report or learn more about the CTA, visit the Cyber Threat Alliance website. The organization will hold a webinar on December 1 to discuss the report. Registration is free.

On the Other Hand, 10% of Enterprises Compromised Devices

As employees choose smartphones and tablets to perform business tasks, mobile apps become critical business tools. With recent mobile attacks such as XcodeGhost, Stagefright, Key Raider, and YiSpecter, corporate data on those mobile devices is at risk.

MobileIron has released its "State of App Security" report that describes some of the dangers. The white paper is available on the MobileIron website.

"Hackers look to mobile apps to capitalize on enterprises' inability to prevent and detect mobile threats," says MobileIron Director of Security Research, Mike Raggo. Enterprises need to rethink their security approach, he says, because mobile devices are fundamentally different from office-based hardware.

Some of the most popular applications involve enterprise file sync and sharing (EFSS). Examples include Dropbox, OneDrive, Google Drive, Box, and SugarSync. Often these kinds of applications are blacklisted by corporate IT departments because they frighten IT administrators. Many of these applications have enterprise versions, Raggo says, so that organizations can give their employees the experience they want while protecting corporate data. A key difference, he says, is that using these applications "requires a mindset shift from one of restriction to one of enablement."

One in 10 enterprises has at least one compromised device accessing enterprise data according to research by MobileIron and more than 50% of enterprises have at least one device that is not in compliance with corporate security policies. This means that traditional security technologies can't protect corporate data. That's where the sales pitch comes in. Raggo says that when a device falls out of compliance, MobileIron can take action to protect corporate information, for example, by sending an alert to the user, blocking the device from accessing corporate resources, or even wiping all corporate e-mail and apps from the device.

Recent attacks have targeted mobile apps and operating systems to grab proprietary data. IOS apps that are infected with XcodeGhost malware can collect information about devices and then encrypt and upload that data to servers run by attackers. Malware detection company FireEye identified more than 4000 infected apps in the App Store and mobile app risk management company Appthority found that almost every organization with at least 100 IOS devices had at least one infected phone or tablet.

Some of the Things We No Longer See or Hear

It occurred to me the other day that every digital photograph I make is as large as the first hard drive I owned. That hard drive was large at the time, more than 60% larger than IBM's standard 10MB hard drive. Today that 16MB hard drive wouldn't hold even one raw image from a camera. Disk space is no longer something we run out of.

Press ESC to close.I upgraded to a 20MB drive, then a 40, an 80, two 80MB drives, and eventually to a breathtakingly large 1GB drive. How could anyone ever fill all that space? Now it's uncommon for computers to have less than a 1TB drive.

And floppy disks? For some reason, even the 3.5-inch disks in solid plastic boxes were called "floppy disks" even though they didn't flop at all. Even the 5.25" floppy disks weren't all that floppy, but maybe you remember the 8" versions. They were floppy. But how long has it been since you've seen a computer with a floppy disk drive?

Thinking about disk drives led to thoughts about other things that have changed. We once had 2 phone lines at the house, one for voice calls and the other for the computer. A 1200-baud modem connected me to the office and eventually I was able to upgrade to a 2400-baud modem. The fastest baud rate supported is 9600 and higher speeds were achieved with technology tricks. The fastest modems, 56Kbps, are insufficient for today's websites. One thing I definitely do not miss is the screechy sound of two modems connecting and negotiating the operating speed.

Press ESC to close.Most modern computers don't even have modems now, even in notebook computers. That's probably because virtually all hotels and motels offer Wi-Fi service. If you still need a modem, you can buy an adapter that plugs into a USB port. Take a look at the back of your computer. You won't find serial or parallel ports back there. USB has eliminated them.

Have you seen a typewriter recently? IBM hasn't made a Selectric typewriter since 1991. Selectrics had 75% of the United States market for electric typewriters used in business, but the division was spun off to Lexmark in 1991.

Press ESC to close.Or a dot-matrix printer? They were popular and some models had the ability to shift into a high-quality mode. You'll still find them in some specialized applications but even auto dealership service departments usually have laser printers these days.

Press ESC to close.Remember taking a roll of film to the drug store or to a a little box named Fotomat in a shopping center parking lot? Founded in the 1960s, the company became a giant and was eventually listed on the New York Stock Exchange. Fotomat provided next-day processing, but drugstores installed one-hour minilab systems that hurt Fotomat in the 1980s. Then came digital photography. Now the picture you take can be seen halfway around the globe a few minutes later. Kodak bought the name, but later sold it to Digital Generation, an advertising technology company and successor to Viewpoint Corporation.

Press ESC to close.Oh, and Polaroids? The cameras created finished black and white pictures in a minute, but users had to smear a smelly fixative on the pictures. Later cameras created color images that didn't need any additional work. This is another technology that was killed by digital photography. Polaroid filed for chapter 11 bankruptcy protection in 2008. The brand still exists, but the only products are highly specialized materials.

The C: prompt? I still use the command prompt a few times a week, but today's C prompt is called CMD. Most people who perform command-line functions probably use Windows Powershell and Windows 10 even offers to start Powershell in place of the command prompt. Mac users have access to the Unix command line, but how many Mac users even know about it?

Press ESC to close.Do you miss receiving an America Online disks or CDs in every magazine you subscribe to? Probably not. America Online has apparently given up on attempting to attract new customers, but they're holding on to about 2 million subscribers who have dial-up connections.

And speaking of magazines, how many do you receive these days? Most magazines now make their content available on-line. Some (Time, for example) charge the same for print and on-line content as they charge for on-line only. Others (Newsweek) charge extra for the print version. This makes sense because it costs the publisher considerably more to print and distribute paper copies.

Fax was like magic. If you needed to get a document to someone hundreds or thousands of miles away, all you needed was a fax machine. Feed papers into your machine and a few minutes later a copy would come out of the receiver's machine. Sometimes the copies were even readable. Today you'll just send a Word document or save it as a PDF and e-mail it.

Images in this article are sourced from Wikipedia under terms of Creative Commons licensing.

Short Circuits

Alert! Windows 7 Fans: The End is Near!

Speaking of things we no longer see or hear, Windows 7 has been living on borrowed time, but not for much longer. Microsoft usually discontinues sales of an operating system 2 years after the operating system's successor ships. For Windows 7, that would have been October 2014. Now that Windows 10 is out, Windows 7 will no longer be available after October of next year.

Windows 8.1 will also cease being available at the end of October 2016.

Microsoft extended sales of Windows 7 Pro "indefinitely" last year and some manufacturers still promote machines with Windows 7 heavily because some buyers just don't want any of the new versions.

Although Windows 7 will no longer be sold, enterprise customer will still be able to downgrade from a later version to Windows 7. (I still have to figure out why a company would want to do that, though. Downgrade from 8 or 8.1, maybe, but 10 has so many enterprise-friendly features that downgrading just seems illogical.)

Updates for Windows 7 ended in January of this year, but extended support (bug fixes and security updates) will continue until 2020.

At least most users seem finally to have migrated away from Windows XP.

On1 Photo 10 Looks Like a Winner

In July, I took a look at the On1 Perfect Photo Suite 9. It's an application I hadn't mentioned for several versions. One shortcoming I found then was that Perfect Photo Suite 9 couldn't deal with raw images from certain cameras. That's been fixed.

Four months ago, I wrote "the OnOne1 website states that the SRW raw format created by the Samsung camera is acceptable and initially that appears to be the case, but then the thumbnail images are removed and opening the file results in a low resolution file that's not usable."

At the time, On1 support explained that version 10 would add support for the SRW format. That turned out to be true, but it's only the tip of what appears to be a very large iceberg.

For starters, its name is now On1 Photo instead of On1 Photo Suite. The interface has been completely reworked. Black-and-white effects are no longer segregated from the rest of the application. And, although On1 Photo works as a plug-in for Adobe Lightroom, Photoshop, and Photoshop Elements, it also functions as a stand-alone program.

The new version arrived too late for inclusion in this week's program, but you can be sure that I'll have more to say about it in a few weeks.

The Incredible Shrinking Firefox

Browsers come and go. Netscape was once king of the browser hill, but Internet Explorer destroyed it. Firefox looked for several years as if it would be the long-time champion, but now Firefox usage his hovering around 11%.

Incredibly, the worst browser (although it is improving) still has 51% market share according to NetMarketShare. That browser, of course, is Microsoft's Internet Explorer. The IE replacement for Windows 10, Edge, hasn't yet shown up on the radar, but probably will as Windows 10 continues to expand. Edge, by the way, is a pretty good browser and is particularly viable on tablets.

These numbers are somewhat slippery because they vary considerably depending on whether the device being used is a desktop, a phone, a tablet, or something else. NetMarketShare's numbers are based on desktop usage.

Firefox's current user share is 11.3%, which is down slightly from the month before. The last time Firefox's market penetration was that low was in 2006. The browser was introduced in 2004 and at that time 11% was an all-time high as it continued to gain market share. Back then, IE's penetration was nearly 85%.

Less than a year ago, Firefox was approaching the 10% mark, but climbed back to about 12% at mid year. Then in July, the declines resumed.

Chrome is in second place with 31% of the market. Microsoft can ensure that Internet Explorer (and now Edge) have a place of honor on every Windows computer. Google makes sure that Chrome is on every Android device. To obtain Firefox, users need to visit the Mozilla website and download it.

Is this the end for Firefox? Sometimes companies come back. Remember when just about everyone (including me) thought that Apple would go out of business in 2007 or 2008? That didn't happen. So don't write Firefox off just yet.