Massive Ransomware Cyber Attack Spreads Around the Globe

Although a majority of the attacks targeted Taiwan, the Ukraine, and Russia, web security firm Avast has tracked more than 75,000 ransomware attacks in 99 countries.

Ransomware locks down all files on an infected computer and “asks” the user to pay a ransom in order to regain control over the files.

This particular variant which goes by the name “WannaCry” is spreading through a Windows exploitable vulnerability. Microsoft released a patch for this exploit back in March of this year, but any Windows system that has not applied the patch is at risk.

Kurt Baumgartner, a researcher for Kaspersky Lab has been quoted as saying, “Affected machines have six hours to pay up and every few hours the ransom goes up…Most folks that have paid up appear to have paid the initial $300 in the first few hours.” Kaspersky Lab has also cautioned that while non-patched computers are the most vulnerable, even patched systems can be at risk. What makes this malware even more diabolical is the inclusion of a “hunter module” allowing it to scan for additional systems on an internal network. This means that an infected computer could compromise other computers sharing the same network – the significance of this is great with the vast number of people who use WiFi networks at coffee shops, restaurants, airports and the like. The ransomware has even affected National Health Service (NHS) organizations in the UK and the Spanish telecom Telefónica.

The bottom line: While it may be an inconvenience, make sure you keep your computer systems patched will all of the most recent security updates and have virus protection turned on.

References:

Pleading the Fifth in the New Digital Age

Sometimes an unlikely source can be a catalyst for a major change in legal circles. While nothing has happened quite yet, a so-called “Sextortion” case may change the playing field for how well protected our information is on our phones.

Background:
The parties involved include Hencha Voigt, Wesley Victor, and Julieanna Goddard, aka YesJulz. Voigt and Victor were arrested in July 2016 on charges of extortion. They threatened to release sexually explicit photos and photos of Goddard if she did not pay them $18,000 in cash within 24 hours. When arrested, authorities confiscated four cell phones to be examined during the investigation.

The Issue:
The Fifth Amendment of the United States Constitution reads in part, “…No person…shall be compelled in any criminal case to be a witness against himself….” This is the section of the Constitution related to self-incrimination. Prosecutors against Voigt and Victor (who have plead not guilty) have asked for a judicial order to release phone passcodes in order to search the mobile devices as part of the ongoing investigation. Defense attorneys are arguing that the passcodes themselves equate to self incriminating testimony. A ruling is expected on May 3rd, 2017 and the impact may have a ripple effect on future legal decisions.

The Impact:
With the advent of social media and mobile devices, the stakes for legal search and seizure of property for evidence have gone up. Crucial evidence can be held on a phone, tablet, or other device that can be locked by use of a passcode – the incorrect entry of which could potentially completely lock out future attempts at data recovery. This issue was highlighted in the 2016 case of Apple vs. the FBI. Apple refused to allow the FBI into the phone of the “San Bernadino Shooter” and argued that the creation of a “backdoor” into the iOS would potentially compromise the privacy of their users. There is no doubt that the outcome of this case will help shape policy, public perception and legal maneuvering for years to come.

References:

Net Neutrality and Why You Should Care

Perhaps you have heard of Net Neutrality. Maybe you haven’t. Maybe you don’t care. You should. If you use the Internet, it affects you. According to the Merriam-Webster Dictionary, Net Neutrality is defined as, “The idea, principle, or requirement that Internet service providers should or must treat all Internet data as the same regardless of its kind, source, or destination.” In simple terms, everything (legal) on the Internet should be equally accessible to everyone.

Net Neutrality stops Internet Service Providers (ISPs) from playing “Big Brother” and choosing what content is available (via Content Providers) to you at what speed it might be available. Content Providers like Amazon, Netflix, and Apple need ISPs to provide connectivity. The concern is that these connectivity providers (AT&T, Verizon, Comcast, Charter, and others) can pick and choose what content they want to deliver based on financial or other restrictions. As a practical (theoretical) example, without Net Neutrality rules in place, Netflix could pay or otherwise coerce (IE: by withholding premium programming) Charter Communications so that Netflix content streams significantly faster than Amazon content. As large as Charter’s customer base is (over 6.7 million people), this could be an inconvenience for Amazon users potentially causing them to stop using the service because it’s simply not fast enough. This example illustrates the potential financial impact and doesn’t even touch on the potential repercussions of small business vs. big business. Lack of rules means that the big companies can stifle innovation by simply forcing out upstart competition.

As consumers, how we access our work or entertainment is now completely enmeshed in our ability to access data online or “in the cloud”. Having the company or companies with the most money deciding what we can have access to goes against the idea of free speech. It’s not free speech if the mechanisms to access the message are controlled by those with the most money or political clout.

This makes it that much more important for you to be aware of the position of the new chairman of the Federal Communications Commission. FCC chair Ajit Pai proposes to eliminate “the so-called Internet conduct standard.” While the speech itself can be found here, our recommendation is that you take some time read up on Net Neutrality and how it might affect you and your business – if not just for you, but for generations to come.

References:

Tracking Transactions Online

Have you heard of BitCoin? If you have, blockchain technology is probably not new news. If you haven’t heard of it, be prepared. Blockchain technology has potential uses in a number of industries and can affect how you or your company do business in the 21st century.

“The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.”
Don & Alex Tapscott, authors Blockchain Revolution (2016)

In essence, the blockchain acts as a decentralized database in which publicly available and verified records are kept. Because records are stored over millions of computers across the Internet at the same time, no single person has control over the records, nor do they have a single point of failure. This technology has been around since 2008 and looks to be around for long time coming.

Resources:

Your Internet Privacy At Risk

While I can see both sides of the argument, it is important for people to understand that their right to privacy on the Internet is changing. On March 23rd, 2017, the Trump administration moved to dismantle consumer Internet privacy protections that were put in place during the Obama administration.

This means that YOUR Internet Service Provider (ISP) has the ability to track and share and/or sell your website browsing and mobile app information without your permission.

To learn more about how this can or will affect you, we suggest doing your own due diligence and reading up on what has happened. Here are some excellent articles that can start you on that path:

NASA’s EM Drive Takes a Step Forward

NASA has an experimental engine that has huge potential for space exploration. In November of 2016, it took it’s next step forward by passing peer review. Whether it’s a step, shuffle, or leap remains to be seen.

The EM Drive is amazing because it appears to violate the fundamental laws of physics by creating thrust when there should not be any. Some enthusiasts point out that the drive’s efficiency could get a spacecraft to Mars in as little as 70 days.

Forbes does provide an appreciated disclaimer to the hype, “It’s important to note that passing peer review means that experts have found the methodology of the experiments reasonable.” In other words, peers have reviewed the overview of the experiment’s setup and results. That’s it. It doesn’t mean that the engine will be integrated into NASA spacecraft next year, or even that it is a 100% viable system. It only illustrates to others that the steps taken into understanding and hopefully building out this technological marvel are serious.

There is still lots of criticism and commentary on both sides. Read more at the links below: