Ransomware.

For all those techno questions

Ransomware.

Postby Workingman » 08 Jun 2016, 15:30

The need for more security?

I have done a bit of reading about this type of malware. It hijacks your machine, encrypts your files, and you have to pay to get it working again.

"Why are you reading up about it?" you might ask. The short answer is because I got hit! :roll: :shock: :shock:

I was downloading old mp3s from a far away place, but on one link up popped the demand. My mouse was locked, my keyboard shortcuts were locked, in fact the only keys working were the alphanumeric ones. I was asked to "buy" 3 bitcoins ($300 ish) to be released!.

Now the difference with me over many of you is that I was running my browser in a Sandbox. So, armed with a strong index finger, I pressed and held the on/off button till the laptop closed down. When I booted up again all was well - no damage.

My point is that without the sandbox I would have been screwed and one problem is that these ransomwares are out there just waiting for your innocent drive-by clicks. They also get in using email, but most of you already know not to open strange emails and if you do then not to click on links. Another problem is that the original code is open source so anyone can get hold of, and modify, it.

So what can we do to avoid innocent infection? Running browsers in a sandbox if you can is a good first step. Most decent AV suites have one, with the exception of AVG, for that you will need a standalone sandbox, have a look here. If you are not sure try right clicking your browser shortcut and see if a sanbox option is there. Avast!, BitDefender and 360 Total Security all have one.

Another quick step to take is Control panel>>>System>>>System Protection>>>Remote tab and make sure the Allow Remote Assistance box is clear...OK your way out.

At the moment the big AV companies are releasing anti-ransomware as fast as they can run but they are always playing catch up as new variants emerge. Some of the new tools are a bit clumsy and not user-friendly at all and I think it will be a while before a comprehensive anti-ransomware suite emerges.

For me that means continuing to browse the Internet from a sandbox or a virtual machine.
User avatar
Workingman
 
Posts: 21740
Joined: 26 Nov 2012, 15:20

Re: Ransomware.

Postby Suff » 09 Jun 2016, 08:54

Sadly I don't have the time for running sandboxes or even using my VM's for general stuff. Anything special, certainly but I do less and less of that as time goes on.

I go into my AV suite and make sure Heuristic scanning is on and aggressive. It warns that this may hit performance when I turn it on but I'm happy to accept the hit. Especially when you think of the consequences.

But the advice is very good. As they say, protecting yourself is never a bad thing. Safe surfing is as important to your online life as safe sex is to your physical life... :o :shock: :lol:
There are 10 types of people in the world:
Those who understand Binary and those who do not.
User avatar
Suff
 
Posts: 10785
Joined: 26 Nov 2012, 08:35

Re: Ransomware.

Postby Gal » 09 Jun 2016, 09:14

Never heard of a sandbox!

I did the thing you suggested WM re the system settings - shall be back here if anything odd crops up :)
Gal
 

Re: Ransomware.

Postby Workingman » 09 Jun 2016, 11:06

VM, Sandbox 101.

Basically a VM is an emulation of another operating system running on a physical computer but in its own environment. It is utilising your hardware, CPU, RAM, phsical links etc, but isolated from your computer's operating system. With a VM you can run, say, Win XP or a Linux distribution, and all their programs, even though your normal operating system is Win10. They are probably too much for most users.

A sandbox is somewhat similar except that it runs within your operating system down at program/app level. Your apps then become software running within another software, which is isolated from your physical system. Anything done when running in a sandbox should, in theory, stay separate from your computer's operating system.

Say, for example, you have your browser working in a sandbox and you download some software you think you need, but when you go to install it you find that it is offering all sorts of other nonsense. In a sandbox you can install and run it to see how it works, but when you close it down it is held in the sandbox. You can recover potentially "good" things from a sandbox, though do run an AV/Malware check on them before doing anything else, otherwise they will be locked in. Some sandboxes clean themselves when they are shut down, others have to be emptied manually.

As I said before; Avast!, BitDefender and 360 TS all have built in sandboxes and they are easily accessible with a right click on a programs shortcut. Just about anything can be run in a sandbox, from installers to pdf, images, office apps and so on.

Worth a play if nothing else.
User avatar
Workingman
 
Posts: 21740
Joined: 26 Nov 2012, 15:20

Re: Ransomware.

Postby Suff » 09 Jun 2016, 11:26

In short a VM or Virtual Machine, is a computer within a computer. It looks as if you have another machine there as far as Windows (or any other computer is concerned). You can run anything you want on it, another version of windows, or Linux or even Apple operating systems (I've done that a time or two, I used to have Tiger running in a VM on my PC).

A sandbox is different in that it just gives you a small secure piece of your current machine (windows, whatever), that looks to the virus as if it is the real Windows. But when you shut down the sandbox, whatever the virus did is lost as it could not get at your real Windows.

I know this computer within a computer thing seems a bit like two mirrors facing each other, but it's a bit more like having a spare computer you can carry around in your pocket and run it.

The main difference between a sandbox and a VM is that the sandbox is really just a bit of what you are currently running in which you can break everything and it's gone the next time you start. A VM is a whole other computer (literally), on which you can run anything. With the VM, normally, it is just as susceptible to being attacked as your main computer, but is easier to make sure you can get it back.

A VM can be set to nonpersistent which just meant that every time you start it up, it forgets everything you did the last time you started it up. Making it perfect for running all those horrible nasty things.

Alternatively a VM can be persistent and is your "other" computer and you need to take care of it.

The real power of a VM is that it is nothing more than a bunch of files in a directory. Like word documents or spreadsheets or music. So I could just take a copy, just like that music file you love so much. No arcane backup media or anything like that, just click, copy, paste, done. (well after the 2 hours for the copy to complete)

I know that's probably a LOT more of an explanation than you wanted but I have tired to bring the level of the technical jargon down a lot.
There are 10 types of people in the world:
Those who understand Binary and those who do not.
User avatar
Suff
 
Posts: 10785
Joined: 26 Nov 2012, 08:35

Re: Ransomware.

Postby Workingman » 10 Jun 2016, 17:17

Suff, you and I are probably more aware of the risks than the average user, which is why we take more of an interest in ways of staying as secure as possible. Having said that, the greater media exposure of such threats and scams in recent times has made people sit up and take notice about things such a phishing, online banking and online shopping. Just about everyone now knows of firewalls, anti-virus and anti-malware programs, even if all they do is use them in their default modes.

What worries me is that many of these articles say roughly the same thing - patch Windows, keep your AV up to date, do regular scans, and so on. The impression given is that by doing so you will be safe and secure. That might be true for people who only use well known sites on a regular basis.

For those who use a search engine then follow a link from the original result, and then follow another link from the second site, it is anything but true. Many of us use the Internet that way and we are vulnerable - it's why I surf in a sandbox: always.
User avatar
Workingman
 
Posts: 21740
Joined: 26 Nov 2012, 15:20

Re: Ransomware.

Postby Suff » 10 Jun 2016, 20:56

Yep I know.

How many people know that when Apple told everyone they didn't need AV, the scammers quietly created a work for the Mac which could be delivered from a website. Yes the Mac was very secure from outside attack. But totally open to the user letting it in.

End result? 17 thousand Mac's in one botnet. The largest % of any operating system on the planet. Roughly equivalent to several million Windows PC's.

What you and I are aware of is that by the time you need to scan the damage is done. It took me more than a day to get rid of a Trojan from my daughter's PC, I had to use a Kaspersky offline boot disk to do it.
There are 10 types of people in the world:
Those who understand Binary and those who do not.
User avatar
Suff
 
Posts: 10785
Joined: 26 Nov 2012, 08:35

Re: Ransomware.

Postby Aggers » 13 Jun 2016, 11:20

I know you won't agree with me, but I often think that if all these Internet rogues become so
powerful that the Internet becomes unusable, forcing mankind to go back to the days before
I.T., that might not be such a bad thing. I.T. has certainly changed human behaviour, and not
for the better in many respects.
Aggers
 

Re: Ransomware.

Postby Suff » 13 Jun 2016, 12:48

IT is just a tool like any other.

If you go back to the beginning of the Industrial revolution, you'd find that Ned Ludd was absolutely right. But then measles would probably still be one of the biggest killers and an infection would still be touch and go as to whether you survived or not and the lower classes would still be having 10 children because child mortality would be around 80%.

Oh and there would still be a HUGE class divide and any talk about "sharing the wealth" would be just that, talk. Because without a digital economy, it would not be possible to share that kind of wealth...

Technology is not bad in and of itself. It is what we make of it. If we don't have the personal discipline to use the technology for good whilst dumping all the bad, then we can't blame the technology.

Yes I do think it will come to a sorry end, but without IT we would not have genetically structured cancer cures which look likely to take Breast Cancer off the radar forever. When it comes to computing power, nuclear weapon modelling is ABC building block status compared to Genetic Engineering....

Let's put it this way. We have to advance because we can't go on burning the fossil fuels of the planet forever. Eventually we will run out of resources and our society will collapse in chaos. We must use extreme technology advances to get out of that trough and that comes at the price of frivolous IT use.

Which pays for it....
There are 10 types of people in the world:
Those who understand Binary and those who do not.
User avatar
Suff
 
Posts: 10785
Joined: 26 Nov 2012, 08:35

Re: Ransomware.

Postby Workingman » 14 Jun 2016, 20:58

Aggers, when I started playing with a Spectrum there was a magazine called Everyday Electronics. It gave us little programs in the Basic language, but you had to take care because the print version and Basic sometimes did not match. The thing is that IT did not exist, it was Computing.

We now do have IT, but what is it? Is it coding new software, developing new websites, using spreadsheet, presentation or document software, setting up firewalls or security software, network admin? It's a meaningless and all-encompassing phrase.

What I think many people now see as IT comes down to the Internet, and all it offers. The ease of banking, shopping, 'real' information and organising our lives in real time is a big bonus. The downsides; well, there are so many.

For me social media and group think are right up there. Opinion, forcefully presented, rather than facts, appear to prevail. I hate scams that cleverly catch people out; though we are getting more wise to them. I am also not sure about 24 hr news services. We now appear to get so many more non=news items to meet certain agendas -see the BBC.

However, I would prefer today with the party phone lines, snail mail, three TV channel days of my youth.
User avatar
Workingman
 
Posts: 21740
Joined: 26 Nov 2012, 15:20


Return to Computers etc

Who is online

Users browsing this forum: No registered users and 111 guests