Malware holding data ransom

Cryptowall, Cryptolocker and Cryptodefence; all malware looking to hold your computer ransom. Here’s what you need to know about these viruses.

Cryptowall is one of the worst malwares out there that can maliciously encrypt your network and system files, holding them ransom in exchange for a Bitcoin payment. Typical Bitcoin payments can vary between $500 to $1000. Since there’s many hacker groups in existence in the wilderness, Cryptowall  has evolved from Cryptolocker to practically do the same thing. And to confuse matters even more, there’s another variant like Cryptowall known as Cryptodefense.

Cryptowall Decrypt Message

The ransom message from a Cryptowall infection

Cryptowall in a nutshell

  • Cryptowall works by using encryption to change all of your network files, making them unreadable.
  • It affects Windows XP to Windows 8 Operating Systems.
  • It also cleverly deletes Shadow Volume Copies to stop any admins from restoring encrypted files.
  • Only the attacker holds the key to decrypt the files that makes them readable again.
  • The ransom increases after 7 days to nearly double the amount and is only payable with Bitcoin.

With this angle of attack, it’s no wonder why hackers are using this hostile method to forcibly siphon Bitcoin payment from their prey.

Examples of attacks

Durham Police

Durham Police Department hit with Cryptowall

  • One prime example that has gained recent media coverage is Durham town police in New Hampshire. As a typical response from any law enforcement agency, the police refused to pay the ransom to cooperate with the cyber criminals.
  • It had impacted 1500 of their own computers, with most of their police e-mail system, spreadsheets and word processing functions being affected. It had bypassed their spam and AV filters, and was masked as an attachment in an email.
  • The danger lies in that the police receive plenty of emails with attachments to notify them of complaints such as potholes from residents, which of course, aren’t to be ignored. For this very reason an infected email attachment was opened, executed and it ran through the system.
  • Fortunately for them, they were able to stop the attack from spreading to other company functions and police networks in other towns by isolating their network and recouping their system from offline back-ups.

Business Decisions

Another example of an attack came from a client of Stu Sjourwerman’s security training firm knowB4.  The attack happened after an administrator opened an infected file, which ran through onto their 7 mapped server drives, encrypting all 75 GB of data held there.

There were many negative factors against them:

  • Firstly, they had unverified backups, which would take time to see whether they worked or not, a risk which would be costly to the time in terms of extended downtime with no guarantee of a successful restore.
  • Secondly, setting up a Bitcoin account involves a lengthy process to set up with society checks that can take days to complete.
  • In desperation with shortening their downtime, they decided to pay the ransom. It was a business decision, meaning either losing out $500  in Bitcoin or thousands for operation downtime.
  • The problem was, they didn’t have the Bitcoin to pay the ransom.

The turning point:

Bitcoin

  • Luckily, they had sought Stu Sjourwerman’s help, where he had Bitcoins at hand, ready for such an event like this one.
  • This company’s IT admins had, prior to this event, taken a security awareness course lead by ex- hacker Kevin Mitnick and with Stu Sjourwerman.
  • Contrary to the police case, this company had taken the advice from the course, and with Stu Sjourwerman’s Bitcoins, they managed to pay the ransom to avoid further downtime.
  • In the end they did recover their files; however there was corruption to one of their databases, which all in all took another painstaking 18 hours to return to normal.

Not all cases end well and not all ransoms release the files as promised. It’s really at the discretion the criminal cyber gangs controlling the attack.

For more ways to strengthen your office security and IT policy enforcement, contact your local IT professionals.

Read More


How Reliable is your Hard Drive?

Your hard drive contains irreplaceable data, pictures and personal info. A new Backblaze study gives us insight on the most reliable hard drives out there.

We’ve compiled a summary based on Backblaze’s new findings on hard drive reliability, covering the brands that tend to fail the most and how often it has been reported.

Backblaze

Backblaze, a backup service provider, has data centers that hold more than 100 petabytes of data on over 34,000 drives, impressive right? They’ve done all the hard work in testing a wide range of hard drives, some of which have failed and others that have remained in full working order.

They began documenting their study in January 2014 and have since updated their observations.

Here is a summary of what you need to know:

  • The worst failing drives have been the 3 TB Western Digital and the 3 TB Seagate. This has been tested from 3,846 Seagate hard drives with an average age of 1.9 years and an initial 9% annual failure rate, which is now up to 15%. From the 776 Western Digital hard disks tested, the report shows that they have averaged 0.5 years in lifespan and had an annual failure rate of 4%, which has increased to 7%.
  • Interestingly, the HGST drives (previously branded as Hitachi) have been the most reliable brand with their annual failure rate averaging around 1% out of over 1600 tested hard drives in the datacenter.
  • Despite Seagate and Western Digital having a poor reliability record compared to the HGST drives, the reliability on these two problematic brands have continued to perform better with the Seagate 1.5TB and 4TB sized drives, along with the 1 TB Western Digital drives.
  • Western Digital and Seagate’s 3 TB drives continue to be the worst performers. One assumption could be that these drives may buckle easily under a datacenter environment. Another possibility could be due to a difference in how they run within a drive farming setup (using enterprise drives) as opposed to removing them from external USB hubs.
  • From their extensive testing, Backblaze noted that the standard external USB drives, such as Seagate’s 3TB (priced at around $100 for consumers), performed just slightly better than enterprise drives which are over double the price!
  • There’s also a big difference between different hard drive models and their failure rates. Seagate’s Barracuda range has two different 3 TB drives, with Barracuda XT performing nearly three times as well as the struggling Barracuda 7200.14 model, with a 15.7% annual fail rate.
  • The same goes for Seagate’s 1.5 TB drives, such as the Barracuda LP, performing significantly better as a hard drive with an annual failure rate of 9.6% compared to the Barracuda 7200.11, which has a 25% fail rate.

Overall conclusion

When it comes to looking for a reliable hard drive, especially those that are of 1.5 TB and 3 TB capacities, we have a clear winner and that is the HGST brand. One thing is clear; there’s no hard disk that is ever 100% fail proof, even the HGST drives have been noted to fail at times. The highest HGST annual fail rate of 1.4%, from over a thousand tested hard disks, is still a very impressive record.Hitachi Western Digital Seagate 3tb Hard Drive reliability

Regardless of your hard drive brand, model and style, it is extremely important to replicate and backup your data on a regular basis, as you never know when a hard drive will fail.

We hope that Seagate and Western Digital improve their current 1.5 and 3 TB drives and pay attention to this continued study. Although most drives will come with a 3 year warranty, in the event of a hard disk failing, this shouldn’t be much of a financial setback to their customers.

For more information on storage for your office or home based business, contact your local IT professionals.

Read More