BREAKING: Massive Ransomware Attack Spreading Across The Globe

Posted in Commentary with tags on June 27, 2017 by itnerd

Many news sites including Motherboard are reporting that a massive ransomware attack is underway. Computers in Spain, France, Ukraine, Russia, and other countries have apparently been hit by this:

The attacks bear some resemblance to the recent WannaCry outbreak, in which thousands of computer systems were locked down with ransomware around the world.

Motherboard has seen several reports of infections shared by victims on Twitter. We were not able to immediately confirm the veracity of the reports, but several security researchers and firms also reported the attacks.

“We are seeing several thousands of infection attempts at the moment, comparable in size to Wannacry’s first hours,” Costin Raiu, a security researcher at Kaspersky Lab, told Motherboard in an online chat.

Judging by photos posted to Twitter and images provided by sources, many of the alleged attacks involved a piece of ransomware that displays red text on a black background, and demands $300 worth of bitcoin.

“If you see this text, then your files are no longer accessible, because they are encrypted,” the text reads, according to one of the photos. “Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.”

I suspect that this will be a very long day for IT admins in various places around the world. And we shouldn’t be shocked that this is happening as it was only a matter of time before something like this happened. The question is, how bad can this get?

Watch this space for updates as they come.

UPDATE: The ransomware in question is called Petya. Many security experts are theorizing that it is spreading so fast because it is leveraging the same NSA supplied attack vector that the last epic cyberattack used. Thus a fully patched Windows system should be able to be resistant to this ransomware.

Advertisements

Guest Post: Cloud Storage Boss Discusses 11 Things You Need to Know About Cloud Security

Posted in Commentary with tags on June 27, 2017 by itnerd

lionel-abrial-17205.jpg

When it comes to storing data, cloud storage is pretty much the best option out there – no matter who or what you are. The reasons why that statement is true, are numerous and include:

  • Ease-of-use.
  • Flexibility.
  • Value for money.
  • You can quickly scale your storage needs up or down

Sure, not all cloud storage firms are created and run equally. But, the best ones have some great innovations that will keep your data safe, easy to access from anywhere and only by those people who should be able to access it.

An Industry in its Infancy

As a collective, the cloud storage industry is still young, but it’s developing rapidly. Just as other digital industries are evolving, so too is the cloud storage industry.

There’s a lot more to cloud storage than the highlights that we’ve outlined here. Check out this guide to learn more essential details about cloud storage.

 

Ohio Government Websites Pwned…. Pro IS Messages Displayed

Posted in Commentary with tags on June 26, 2017 by itnerd

I’m going to go out on a limb and say that heads are about to roll over this…. If they already haven’t. I say that because according to many outlets including Bloomberg, numerous Ohio Government website have been pwned by hackers who defaced the websites with messages purported to be from the terrorist group known as the Islamic State or IS:

Ten state websites and two servers were affected, and they’ve been taken off line for an investigation with law enforcement into how the hackers were able to deface them, said Tom Hoyt, a spokesman for the Ohio Department of Administrative Services.

The Ohio governor’s website wasn’t loading on Sunday afternoon, and a cached version showed the message “hacked by Team System Dz.’’ It said, “You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries’’ and added, “I love the Islamic state.”

Lovely. But I’m really not focused on whomever did this. The real question is why in 2017 was anyone actually able to do this? Website defacement isn’t new. Neither is how to defend against this sort of thing. Take these suggestions, or these suggestions for example. I’m sure as I am typing this there is a root cause analysis going on to figure out how these hackers got in, and who they are. The public will likely never see it, but it’s a safe bet that if someone in the IT department in Ohio screwed something up or missed something, they may be mass e-mailing their CV to find a new job in short order.

Google Home Lands In Canada…. And It Speaks Canadian French

Posted in Commentary with tags on June 26, 2017 by itnerd

Google Home is available from Canadian retailers as of today. The key thing to note is that Google Home now speaks Canadian French. But other than that, it’s the same Google Home device that Canadians have been wanting for some time as it includes the following key features:

  • Google Assistant – Get real-time answers including the latest on weather, traffic, finance, sports, and local businesses. With your permission, Google Home will learn about you and retrieve your calendar information, set alarms and timers, and even tell you about the traffic on your way to work.
  • Music – A simple voice request triggers Google Home to play music, podcasts or radio from services like Google Play Music, Spotify and more.
  • Smart Home Control – Connecting seamlessly with smart devices like Nest and Philips Hue, you can use your voice to set the perfect temperature or turn down the lights.

Telus reached out to me to say that they will have Google Home available for $179.99 at Telus stores or online at telus.com. But you can also pick it up at the Google Store, Bell, Best Buy, Fido, Indigo, London Drugs, Rogers, Staples, The Source, and Walmart among other retailers.

Australia to Push for Greater Powers on Encrypted Messaging at “Five Eyes” Meeting

Posted in Commentary with tags on June 26, 2017 by itnerd

There’s a group of five nations that collaborate on collecting and sharing intelligence. Known as the “Five Eyes” they are the U.S., the U.K, Canada, Australia, and New Zealand. Australia at a meeting this week of the “Five Eyes” will push for greater international powers to thwart the use of encrypted messaging services by terrorists and criminals. Here’s what Reuters had to say on this:

Australia has made it clear it wants tech companies to do much more to give intelligence and law enforcement agencies access to encrypted communications.

“I will raise the need to address ongoing challenges posed by terrorists and criminals using encryption,” Australian Attorney General Senator Brandis said in a joint statement.

“These discussions will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies.”

While I fully support any and all reasonable methods for law enforcement to stop “evil doers” from doing “evil things,” this isn’t going to accomplish that goal. Simply put, those who want to inflict chaos and destruction on the world will move to unregulated open source solutions with end to end encryption which will put them out of the reach of law enforcement. Thus the only thing that will be accomplished is the weakening of security consumer devices and software that “evil doers” will move away from to stay out of the reach of the good guys. Do I have a better idea? Short of putting some sort of “backdoor” into every device and software that has encryption, no. But I do know a bad idea when I see it. And this qualifies as a bad idea.

In Depth: Citrix Discusses How A Company Can Embrace Remote Work Without It Being A Pain

Posted in Commentary with tags on June 26, 2017 by itnerd

In today’s digital world, employees want flexibility to work outside the traditional constraints of the office. While more companies have begun accommodating remote workers, other companies have pulled back from allowing remote work. The best example of the latter being IBM who pulled the plug on remote work in May of this year which lead to many people leaving IBM. However on the other end of the spectrum, Automatic who owns WordPress closed some rather expensive real estate in San Fransisco because almost everyone worked remotely.

The fact is that remote work isn’t going away, a recent Oxford Economics study indicates that work now comes to you, and with you, wherever and whenever you decide. Mobile technology and new approaches to management are creating a new kind of digital workplace that can increase productivity, lower costs, and reduce stress. In other words, working remotely isn’t going away and companies need to embrace this trend. To better understand how companies can do just that, I had a conversation with Ching Mac of Citrix Canada to get his thoughts as this something that Citrix has been on the leading edge of for years.

According to Mr. Mac, what Citrix sees is that work is not about being in a 9 to 5 environment. It’s about getting stuff things done and that can between say 6 AM to Midnight wherever you happen to be with breaks in between to run an errand or something similar. He calls is work slicing which is an appropriate term from my perspective. It increases your productivity and people are a lot more happy.

For companies to successfully pull this off, they need a proper IT infrastructure to support that, along with a strong mobile work policy that is applied across the organization fairly. These are areas that Citrix can help an organization who wishes to roll out something like this as most of their workers are remote and they’ve been doing this for years successfully. I say that because they have proven solutions be it XenApp and XenDesktop or XenServer that can make this largely pain free for companies because it allows for a consistent user experience regardless of whether you use a iPad or a Windows 10 desktop while ensuring security for your organization. That’s important  because the security needs of one organization are often different from another organization.

Finally, employers will have to adapt to this new reality. Mr. Mac’s advice is that there’s no point in fighting it. People do want this sort of flexibility and the millennial generation especially expect it. So be open to employees using the device of their choice from wherever they want to use it from. Just have the infrastructure and policies in place. At the end, it’s only going to help that employer get higher employee satisfaction and productivity from their workforce. Both of those are things that any company should want at the end of the day.

 

Snapchat Has A New Map Feature That Should Worry You

Posted in Commentary with tags on June 26, 2017 by itnerd

First the marketing spin. Snapchat has a new mapping feature. Called Snap Map, it lets users track each other’s movements in real time. Here’s a video of it in action:

Here’s the problem with this feature. When you update Snapchat and get to the Snap Map walkthrough, it mentions sharing your location. But it’s vague on what that exactly means. Thus you may end up enabling this feature and giving all sorts of people access to your location in real time, all the time. Worse yet, a lot of users of Snapchat are under 18, thus you can imagine how horribly sideways this could go with that group of humans.

#Fail.

My advice is to enable “Ghost Mode.” If you’ve already enabled location sharing for Snap Map, tap the settings gear in the top right while viewing the Map, and select Ghost Mode from there. Or just enable it from the get go when you update Snapchat.

You have to wonder what Snapchat was thinking when they came up with this. I suspect that with the potential blowback that this feature will likely generate, they may be rethinking how this feature works right now.