Search this Blog

Does Ransomware Make you Want to Cry?

How Hacker Threats are Turning the Internet into a Financial Minefield

Courtesy of Wikimedia Commons

By Hector Cisneros

Every year since 2011, we have been writing about the tremendous threat that internet hacking poses. The number of hacks has continuously gone up every year since then. The financial cost has skyrocketed, and the number of lives this menace affects is mind boggling. In this episode of Working the Web to Win, we will cover how this threat exploits your digital life, we will explore new ways to protect yourself, and we will provide a checklist of items that must be deployed to stop these hack attacks in their tracks.

The internet has brought us many marvelous benefits including worldwide instant communications, the ability to share information, music, entertainment and knowledge at the touch of a button. It has created a worldwide commerce system that has benefited hundreds of countries and billions of people.

But the internet has always had a dark side. Viruses and malware predate the internet. In fact, computer viruses have been with us since the beginning of the microcomputer age. When the internet came along, it just offered more ways for malware to arrive, replicate and spread. Today the economic cost of hacking and malware attacks is in the billions, 500 billion a year to be more precise. In a Fox Business News Article by Matt Egan, he reports, that the newly-released Global figures by McAfee show that cybercrime is costing the world around $500 billion each year. That number far exceeds the GDP of many countries around the world.
Courtesy of Wikipedia

A recent article in WIRED on the WannaCry Ransomware attack points out many of the details of how this attack happened. The WannaCry ransomware attack was predictable. In fact, this was not the first WannaCry attack. It’s just the most recent and most notable one because it affects 100+ countries and millions of computer systems. This Malware has its roots based on hacking tools that the NSA lost when hackers stole a number of sensitive NSA files. This vulnerability is linked to a flaw in Windows based systems (Vista through Windows 10). Microsoft released a patch (MS17-010) for this vulnerability on March 14, but for whatever reason, millions of computers were not updated.

There is Good News

The WannaCry Ransomware virus uses AES and RSA encryption to lock up your data files. They then ask for approximately $300 in Bitcoin untraceable currency to free your files. The good news is that if your system has not been infected, you can protect it by installing the latest Microsoft system patch and updating your antimalware applications and browsers.

Courtesy of Wikimedia Commons
We also had some help mitigating this attack. March Hutchins has been credited with stopping the  WannaCry virus attack from spreading across the globe. In an article from The Telegraph News entitled “IT expert who saved the world from ransomware virus is working with GCHQ to prevent repeat,” the details are spelled out. This article goes on to show how he found a “kill switch “which he triggered that slowed the spread of the virus.

Three Things you Must Know to Mount an Adequate Defense

If you want to be able to defend yourself from current and future attacks, you need to educate yourself on three subjects: #1, What hackers are doing and why. #2, What are the tools of they use for these attacks. And #3, what can you do to defend yourself and increase your own internet security. Let's look at each of these individually.

Understanding the Hackers

Courtesy of Pixabay
Hackers come in a variety of forms. You have your juvenile hackers who hack for the fun of it. You have activist hackers (aka hacktivist) who are basically anarchists railing against the system.  You have cyber criminals looking to steal your financial information to make money. You have corporate hackers who are motivated to steal corporate secrets and sell them to other corporations. And last, you have government agencies who hack for national espionage, surveillance, and even to institute cyber attacks before, during and in lieu of war.  Now we also need to mention that hackers also wear two hats. Black and white. Black hat hackers are the bad guys. They hack people, businesses, and governments. White hat hackers are the people looking to stop black hat hackers from succeeding in hacking people, companies, and countries. They do this by exposing vulnerabilities in digital systems, businesses, and governments.

Hackers employ social media psychology to gather information which they can use to gain access to a person’s computer, tablet, smartphone or other digital device. They then use phishing emails to trick people into inviting them into their system. The hackers usually deploy malware as an email payload or a drive-by payload which is uploaded to the user's system and then quietly takes over their digital device. For more detail on social hacking read; Tick or Tweet? The Vulnerabilities Inherent to Twitter and All Social Networks.

Tools of The Trade
Courtesy of Wikipedia
Here is a partial list of some of the tools hackers use to perpetrate their crimes. If you want a more detailed explanation of this information, read: Are You Prepared for the Onslaught of Cyber-Attacks? It provides more details on how hackers work and what tools they use.
  • Password cracking software, such as Ophcrack and Proactive Password Auditor.
  • Network scanning software (a.k.a., Sniffers)  programs or devices that monitor all data passing through a computer network. I
  • Wireless network analyzer software, such as Aircrack-ng andCommView for WiFi. Networks.
  • File search software, such as FileLocator Pro and Identity Finder The Hex Dump (a.k.a., Voodoo).  
  • Attacking Defaults. Virtually every piece of hardware on the market comes with a set of standard defaults, including username and password that provide access to the system. 
  • SQL Injection.  SQL Injection attacks are conducted by entering unexpected entries into a database and then probing the returned error messages to reveal information that can be used to hack the system.  

Along with these tools, hackers also employ Bots of various types. Here's a partial list of bad bots to watch out for. For a more detailed review of their danger, read Attack of the Botnets.
Courtesy of Wikipedia
  • Spam Bots – These bots crawl the Internet to collect data from forms that have been filled out online, spreading advertisements and pop-ups throughout the Internet, and collecting email addresses for the purpose of spamming.
  • Hacker Bots – Used by hackers to crawl around the Internet and find vulnerabilities in websites and online applications so they can exploit them for malicious purposes.
  • Download Bots – These forcibly download a Web page that the hacker wants surfers to see instead of a Web page surfers had requested.
  • Malware/Virus Bots – These bots can infect and turn your computer into a zombie. 
  • Click Bots – These can eat up your Pay Per Click funds or trick you into following them by showing up in your Analytics.
  • Scraper Bots – These can scour websites collecting various types of ID information.

Your Protection Start with Employing Greater Security
There is light at the end of this dangerous tunnel we call the internet. Yes, there are lots of things you can do to protect yourself. We have written dozens of articles on that subject, and most of them end by providing a list of items you can implement to protect yourself.
It’s on your Shoulders - The first thing you must do is take responsibility for your own privacy and internet security. You do this by thoroughly doing your due diligence and implementing system updates, anti-malware products and checking out the security of any IoT product you plan on purchasing or using. You must implement backup safeguards to protect your personal information and assets. Check out our article called “The Crypto Crunch – Ransomware Run Amuck” - it provides 13 things you can do to protect your digital devices.

Courtesy of Flickr
 Businesses Can Protect themselves as Well! Check out our article called; “Are You Prepared for the Onslaught of Cyber-Attacks?” It lists more than two dozen ways a business can implement procedures, install security products and use techniques to protect themselves.

There are dedicated security devices you can purchase to increase network protection. Businesses can also employ intruder traps like honey pots and a variety of hardware, software detection devices to help stop cyber-attacks. Commercial grade secure smartphones are available for anyone’s use as well. Anyone can buy a Blackphone or encryption software from Silence Circles, and most current smartphones (Android and Apple) employ encryption as a standard feature. Many even have fingerprint readers and remote wipe features (via antimalware software).

A VPN can Mask your IP Address for additional Privacy - VPN’s have been getting a lot of attention lately. Virtual Private Networks are not new, however, using them as a gateway for general internet access is. Hiding your IP address makes your internet usage much more anonymous and eliminates many forms of censorship and tracking. Read:  the Article on Guiding Tech by Yadon called - How to Hide Your IP, Browse the Web Anonymously and Access Restricted Sites. It provides lots of details on how to mask your IP address for greater privacy and security.

Don’t Forget to Plug the Browser holes - There are many plugins and browser settings that
Courtesy of Flickr
can increase privacy and security.  You can turn off cookies, run in incognito mode or use a privacy plugin. Your browser store can provide many privacy plug-ins that you can research and try. You can also get popup/Adware blockers and an array of other plugins to boost your security.  My article, the “Piracy of Privacy - The looting of Privacy in America,” provides 12 ways you can improve your privacy without spending a fortune. Another article of mine called; “Is Google Watching you,” provides another half dozen ways to protect your privacy as well. 

Courtesy of Public Domain Pictures
The Holidays are a Cybercrime Field day -  The holidays are a time when people are particularly vulnerable because they are focused on other things and become easily distracted by events of the season. We have written about cybersecurity during the holidays on several occasions. I recommend reading; “The Grinch Goes Digital,” and “It's a Black Hat Christmas - Are Hackers in Your Stocking?”, to get more insight.

Your Cell Phone and Tablet are Computers! - All too often digital device users are complacent with their smartphones and tablets. These devices are the most vulnerable because of this complacency. If you ask the average user if they have installed any antimalware software on their smartphones or tablets, the answer you often get is a big fat NO! On top of that, there are hundreds, if not thousands of free un-vetted apps that can infect, compromise your personal information or take over your smart device without your knowledge. Make sure you read: How to Safely Whet Your Appetite for Smartphone Apps

Must Do Items to Stay Protected. - #1 Always Use and Keep Up to Date, Anti-Malware Software -  There are many antivirus/malware products on the market. I recommend doing your due diligence so that you can choose the ones that currently work best. #2 Set up a multi-layer defense. I have yet to find any one product that can protect my system from all threats. That is why I use multiple vendor’s products simultaneously. It can be a little tricky getting multiple
Courtesy of Pixabay
antivirus/malware products to play nice with each other. The trick is to load them in the right order. I personally load TrendMicro antivirus first, followed by Advanced system care, I Obits Malware Fighter and then upload Malwarebytes last. These products often recognize competing products as malware. You must make sure that these products don’t recognize each other as threats. You must exclude each of these products in all four of these programs databases by either entering them in a whitelist or by adding them to an ignore list during a scan. #3 Create a full backup daily on the cloud with revision management. This way, if you are compromised, you can restore your data back onto your digital devices. #4, Update all software as soon as patches are released, especially browsers, email and Microsoft products. #5, Refrain from visiting dubious sites. Porn, magical offers that seem too go to be true, free first run movies and more are all used as bait by hackers and cyber criminals. There is no protection that will fix stupid behavior.

Courtesy of Wikimedia Commons
It is our hope that people will finally begin to take the cybercrime threat seriously. We have written about how our government has done little more than pay lip service to attacks from China and other countries. Check out our articles called: “Chinese Hack Attack!”, “ How Close is the US to Experiencing a Digital Pearl Harbor?” and “The Hack Attack Is Back.” Those articles clearly show that for the most part, our government was not seriously engaged in anti-cybercrime and warfare.  For a comprehensive list of cyber security articles, I recommend reading: “The State of Internet Privacy & Security in America Today.” It provides dozens of tips and techniques on how to protect your privacy and security along with a list of 25 articles we have written on this subject.

This threat is real, and it is a matter of time before it reaches out and touches you personally. By doing your due diligence, being vigilant, engaged and proactive you can greatly reduce the chances of being victimized by any hacker or cyber criminal. Heed these warning and enjoy your internet.

That’s my opinion; I look forward to reading yours.

In this article, I have discussed what has lead up to and transpired with the recent massive global WannaCry Ransomware attack. I have discussed the types of hackers, their tools and a wide array of tips, techniques, and tools that people or business can use to protect themselves from these types of attacks. This article also provides links to dozens of reference articles that offers the details one would need to understand this threat and to protect themselves.

Get your FREE copy today!
If you feel your business could use some help with its marketing, contact us at 904-410-2091. You can also fill out the form in the sidebar of this blog where we will provide a free marketing analysis to help you get better results. Our claimed to fame is that we are one of a few companies who actually provide real guarantees.

If you found this article useful, please share it with friends, family, and co-workers. I recommend checking out the links in the blog, along with checking out other related articles on our Show Notes Page.  Also, don’t forget to listen to the BlogTalkRadio show on this subject.  If you have a useful comment or opinion related to this article, leave it in the comment section of this blog.  Also, don’t forget to plus us, on Google+ and share us on Facebook, Twitter, and LinkedIn as well.

Hector Cisneros is COO and Director of Social Media Marketing at Working the Web to Win, an award-winning Internet marketing company based in Jacksonville, Florida.  He is also co-host of the weekly Internet radio show, "Working the Web to Win" on, which airs every Tuesday at 4 p.m. Eastern. Hector is a syndicated writer and published author of “60 Seconds to Success.” 

Related articles

1 comment: