Tags: cyber criminal | malware | ransomware | scareware

If it wasn’t bad enough that cybercriminals figured out how to hold your computer and files hostage now they have figured out how to make it even harder to get rid of their nasty malware.

This Website Is For Financial Professionals Only

In October we wrote about a scary uprising in malware called ransomware.   

http://www.financialcomputer.com/2012/10/did-you-ever-image-a-day-when-your-computer-and-files-would-be-held-hostage/

This malware locks your computer and flashes a message seemingly from the FBI.  The message comes in various versions that read similar to “You have been viewing or distributing child porn…violating article 202 of the Criminal Code of the United States of America.”  In some versions they can even turn on your webcam and display a picture of you with the message.  You are then asked to pay anywhere from $250 and up, in order to have your computer released.  Of course this message is not from the FBI.

Recently we have seen an increase in our clients receiving these ransomware messages.  Unknowingly they have clicked on an infected site causing malware to be downloaded on their computer.  This time however, the cybercriminals have made the malware harder to remove.  In October we were able to remotely access our client’s computer and remove the malware.  This latest round of ransomware is requiring us to physically be in front of the computer to remove it.

Cybercriminals are playing on our fears and tricking us into paying.  They are hoping the victim will both be scared or embarrassed by the message and pay the “fine” instead of seeking a technology professional to help them.  Should this scare tactic work on an unsuspecting victim, there is no guarantee that their computer will be unlocked.  Worst, the malware will still be hidden on their computer stealing their personal information.

We suggest to our clients to make sure they have continuous up-to-date backups of their data.  In case of a situation where the malware cannot be removed you will still have your important data, and your downtime will be minimal.

If you receive this ransomware message the first thing you should do is power down your computer.  Although you can try and remove this malware yourself, it is best to seek the help of an IT professional.  No matter what you do, do not pay these cyber thieves.

Read more:

http://www.nbcnews.com/business/latest-ransomware-attacks-are-scarily-sophisticated-969766

http://redtape.nbcnews.com/_news/2013/04/26/17917497-ransomware-tricks-victims-into-paying-hefty-fines?lite

Tags: Chinese hackers | cyber espionage | cyber-warfare

The U.S. is taking a stand in the fight against cyber-espionage.  

This Website Is For Financial Professionals Only

This step comes after months of warnings from government officials that Chinese hackers have increased their efforts to steal information from U.S. companies.

At the end of March, U.S. President Barack Obama signed a funding law which included restrictions for buying information-technology (IT) systems from China for certain U.S. government agencies.  Until September 30, NASA, the National Science Foundation, the Justice and Commerce Departments will be required to get clearance from the FBI before buying IT systems from companies with links to the Chinese government. 

On May 1, China struck again, infecting the U.S. Department of Labor’s website with malware.  This Chinese based malware is used to attack a vulnerability in older versions of Internet Explorer.  An unsuspecting victim visiting the Department of Labor’s website would be redirected to an infected page.  Once on the infected page the malware seeks the vulnerability to exploit and take control of your computer.

What is even scarier is the fact that Chinese computer spies have been hacking into the databases of U.S. defense contractors since 2007.  Each time these spies have made off with the United States’ most closely guarded technology secrets.  These secrets include data on our weapons, fighter jets and the deployment and capabilities of our combat helicopter fleet.  These secrets are what help keep our military ahead of other countries, helping keep us safe.

We are all unknowingly at risk of having our computers hacked or receiving a piece of IT equipment with spyware embedded on it.  This spyware can open up your computer and give the hacker access to all of your information.  On April 23 Verizon released their Data Breach Investigations Report for 2012 data breaches.  They found that more than 95% of the cyber-espionage attacks on both small and large organizations originated from China.

If our government isn’t buying hardware from China for risk of it having spyware on it, do you think it is safe for your company? 

Read more:

http://www.networkworld.com/news/2013/040313-us-china-268347.html?page=1

http://www.pcworld.com/article/2032505/us-limits-agency-use-of-chinese-gear-citing-cyberespionage.html

http://www.computerworld.com/s/article/9238842/U.S._Department_of_Labor_website_infected_with_malware

http://www.computerworld.com/s/article/9238611/One_in_five_data_breaches_are_the_result_of_cyberespionage_Verizon_says?taxonomyId=17&pageNumber=1

Tags: backup | privacy; security

Hopefully nobody who reads A4A would get caught without a backup of their data, but just in case: here is a video interview with someone who retrieves data from damaged drives.

This Website Is For Financial Professionals Only

The hook here is that even if you smash a drive to bits, there's a chance that a firm like this one, Flashback Data of Austin, Texas, can still retrieve data from it.

Tags: security

An Associated Press Twiitter account was hacked this morning, and hackers posted a bogus tweet saying two explosions had rocked the White House.

Here is a webinar in which computer consultant Brian Edelman and I recently discussed security practices for advisors to avoid such a fate. (You must be an A4A member to see the video.)

This Website Is For Financial Professionals Only