Archive for April 27, 2022

State of Ransomware 2022 Report Released By Sophos

Posted in Commentary with tags on April 27, 2022 by itnerd

Sophos has released the State of Ransomware 2022 report, which surveyed 5600 mid-sized organizations across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East and Africa. The 2022 report shows that 66% of organizations were hit with a ransomware attack in 2021, a 37% increase from 2020. Additional key findings include:

  • The average ransom paid by organizations that had data encrypted increased nearly five-fold to $812,360
  • 11% of organizations surveyed admitted paying ransoms of over $1M or over in 2021, up 4% from 2020.
  • 46% of organizations which had data encrypted in a ransomware attack paid the extortion demand. 
  • 26% of organizations that were able to restore encrypted data using backups still paid ransom

I think the part of this that bothers me is the fact that the ransom was paid as if enough organizations had prevention methods in place, robust backup strategies and took the stance that they don’t pay the ransom, nobody would bother with ransomware.

I have two comments on this. The first is from Saryu Nayyar, CEO and Founder of Gurucul:

“It’s clear that ransomware is an escalating threat that costs organizations worldwide dearly. It’s not just the cost of paying the ransom, which is a staggering $1M or more. It’s also the cost of business disruption or loss, and the time required to restore data and operations. Almost half of all organizations paid the extortion demands if their data was encrypted. The lesson is clear: you will end up paying for ransomware one way or the other. Either you’ll pay cyber criminals to get your data back, or you’ll pay for protection. It is infinitely better and less costly to implement security controls to detect and stop malware payloads, including ransomware. True machine learning powered behavior analytics is a proven cyber defense that will prevent ransomware from getting ahold of your data and your business. Exact revenge by strengthening your defenses.”

Chris Olson, CEO of The Media Trust adds to this:

“The frequency and cost of ransomware attacks have been rising steadily for years in a row, but 2020 saw an acceleration in this trend which has continued until now. Although concerning, it isn’t surprising – from the COVID pandemic to international conflict and the continued growth of darknet markets, multiple factors have exacerbated the incidence of malicious cyberactivity.”

“Above all, organizations have largely neglected digital surfaces like Web and mobile apps which are increasingly used by cyber actors to target their employees. At the Media Trust, we have observed an alarming rise in digital attacks based on polymorphic and obfuscated code, rapid URL shifting and other advanced techniques to deliver ransomware, phishing attacks, and more.”

Ransomware isn’t going away anytime soon. Thus organizations need to take action on multiple fronts to protect themselves. And if the worst happens, they should make the option of paying the ransom a non-starter. The sooner that happens, the better off we will all be.

Leave a comment »

TELUS Brings Wearable, Discreet Personal Security to Canada Through Partnership With invisaWear

Posted in Commentary with tags on April 27, 2022 by itnerd

Today, TELUS launched TELUS SmartWear Security, a line of discreet wearable accessories that provides our customers with emergency support, 24/7 monitoring, and peace of mind wherever they go. In partnership with US-based tech brand invisaWear, TELUS SmartWear Security provides customers with a stylish personal safety device disguised as jewelry or a key charm powered by TELUS’ world-leading wireless network, and TELUS SmartHome Security’s 24/7 monitoring team. TELUS SmartWear Security is the latest innovation in our comprehensive line of security solutions to bring customers a greater sense of security at home or on the go.

TELUS SmartWear Security is managed through an easy-to-use smartphone app, which provides customers with quick access to alerts and updates. The app provides 24/7 monitoring, instantly connecting your smartphone to TELUS’ monitoring service. Customers can tailor TELUS SmartWear Security with a selection of alert modes in the app. In the event of an emergency, once the device is double clicked, TELUS SmartWear Security will alert your preselected five emergency contacts or connect you immediately to our 24/7 monitoring team for emergency assistance, where the TELUS agent will stay on the line with you.

TELUS SmartWear Security features include: 

  • Notify Emergency Contacts: Send notifications, GPS location, and SMS updates to up to five emergency contacts.
  • Reassurance Calls: 24/7 access to a professional emergency response TELUS agent by phone. They will stay with you on the phone anytime you feel unsafe.
  • Live Chat SMS: 24/7 access to a two-way SMS conversation with a professional emergency response TELUS agent. They will stay with you and provide assistance discreetly through text.  
  • Activity Tracking: Be proactive about your safety by inviting our monitoring team and your emergency contacts to track you via GPS for up to 4 hours. You will then alert the app once you’re safe and no longer need tracking, and if the timer expires before you have responded, agents will alert your emergency contacts and share your location with local law enforcement.

For every new subscription of TELUS SmartWear Security, TELUS will donate a SmartWear device and one-year subscription to the TELUS Mobility for Good®, providing wireless connectivity to marginalized individuals, including Indigenous women at risk of or experiencing violence. TELUS will donate a maximum of 250 devices and subscriptions.

TELUS SmartWear Security is available across Canada, excluding Quebec. Full pricing and product details can be found at telus.com/smartwear.

Leave a comment »

SAP Labs Canada Designated As One Of Seven SAP Global Research Hubs 

Posted in Commentary on April 27, 2022 by itnerd

SAP Canada is proud to announce SAP Labs Canada has been named an SAP Global Research & Development Hub, a designation that reflects SAP’s commitment to driving innovative research in Canada, being a strategic partner to SAP customers and creating a vibrant ecosystem in the tech industry. This news comes on the heels of the company launch of a new, state-of-the-art office in downtown Montreal. This new office showcases all the hallmarks of a ‘Future of Work’ space and is purpose-built for employees to perform a variety of activities when they come on site.  

SAP Labs Canada designated as a major SAP global research hub

SAP Labs are research and development (R&D) facilities located in high tech clusters around the globe that drive SAP’s culture of innovation. SAP Labs Canada – with Labs in Montreal, Vancouver, and Waterloo – is joining the ranks of SAP Labs Walldorf, SAP Labs US, SAP Labs India, and SAP Labs China as part of the Global Hub Network, which also has recently introduced Labs Latin America and CEE Hub – including Labs Czech Republic, Labs Hungary, Labs Poland and Labs Slovakia – to its alliance.  

As the backbone of the SAP Labs Networks, comprised of 21 labs globally, Hubs represent SAP’s most significant R&D locations, in terms of size, who deliver best-in-class solutions across many of SAP’s product portfolios. Hubs influence the development of global programs and receive additional investment to enable regional initiatives.  

With over 2,550 employees across Canada, SAP Labs Canada is leading the creation of the technology that will drive the next frontier of intelligent enterprise thanks to its 35 years of development experience in analytics, database technologies, customer experience. The Waterloo Lab drives SAP’s IoT Edge and HANA Database and Analytics technologies, Vancouver Labs is home to SAP Analytics Cloud as well as SAP Concur teams, and Montreal Labs is innovating SAP CX solutions as well as SAP S/4 HANA Industry Cloud and Quote to Cash solutions  

Employee experience placed front and center in new Montreal office

SAP has always prided itself on being forward-thinking and always putting employee experience first and the new Montreal office is an example of this mindset. 

With just under 1,000 employees in Montreal, the company views the Quebec market as a world-class technology hub. This new office will continue to strengthen SAP’s position as a hub for retail, e-commerce, and industry cloud solutions. 

SAP Canada has always understood that its employees had unique work preferences and patterns – while some people are more productive and engaged in an office environment, others are more efficient when working remotely.  

The new SAP Labs Montreal office demonstrates their commitment to SAP’s Pledge to Flex, allowing employees to build work habits that support optimal productivity all in the interest of creating best-in-class employee experience. The 65,000 square foot office is on the top floors of the Place Ville Marie (PVM) building, located in the heart of Montreal, close to customers and partners. Close to public transportation and in a building rich with amenities, SAP is making it easy for employees to get to the office and an opportunity to enjoy the surrounding culture when they come into the office.  

Leave a comment »

Guest Post: Microsoft Was The Most Impersonated Brand In Phishing Attacks In 2021 Says Atlas VPN

Posted in Commentary with tags on April 27, 2022 by itnerd

Phishing actors frequently impersonate well-known brands, taking advantage of consumer trends to scam unsuspecting customers.

According to the recent findings by the Atlas VPN team, Microsoft and illegal streaming sites were the most impersonated brands in phishing attacks in 2021. Furthermore, the retail and government sectors experienced the most significant growth in phishing attacks last year.

Cybercriminals impersonated Microsoft product pages in 36.6% of phishing attacks in 2021. Microsoft has a wide range of products used by millions of users globally who could become potential victims of a phishing attack.

Threat actors imitated illegal streaming websites in 13.6% of phishing attacks. Illegal streaming websites are generally dodgy, as they do not have decent security. However, when cybercriminals put their hands on them, it is a disaster waiting to happen.

COVID-19-themed phishing attacks accounted for 7.2% of social engineering scams. COVID-related phishing websites can be exceptionally deceptive to internet users as they are relatively new.

Cybercriminals impersonated Telegram in 6.5% of phishing attacks. At the same time, Amazon-related phishing attacks accounted for 5.8% of social engineering attacks.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on phishing attacks:

“Phishing attacks require the user to recognize and evaluate the potential danger. However, people are prone to making mistakes, and a well social engineered attack could trick almost anyone. Therefore, being aware of how phishing attacks work is essential when mitigating threat risks.”

Phishing targets retail businesses and government

Threat actors launch phishing attacks on industries that hold large amounts of sensitive customer information.

The retail and wholesale industry suffered 436% more phishing attacks in 2021 than in 2020. When phishing attacks target retailers, the actual losses are consumer trust and brand reputation.

Phishing attacks on the government sector increased by 110% in 2021. State-sponsored threat actors usually perform cyberattacks against the government.

The finance and insurance industry experienced a 101% jump in phishing attacks in 2021. On the other hand, the phishing rate in the healthcare industry dropped by 59%.

To read the full article, head over to: https://atlasvpn.com/blog/microsoft-was-the-most-impersonated-brand-in-phishing-attacks-in-2021

Leave a comment »

Review: Kensington SmartFit Easy Riser Go

Posted in Products with tags on April 27, 2022 by itnerd

So what started out as a revamp of my desk setup has turned into a complete revamp of the den that my wife and I work out of because my wife is redoing her desk setup, and we’re also making some changes to other parts of the den. In regards to what my wife is up to, she’s running two computers. A Lenovo ThinkPad and my old 2015 15″ MacBook Pro. And she needs to have them both on her desk in a way that works for her. To help her with that, I set up her ThinkPad on a Kensington SmartFit Easy Riser Go laptop riser.

Now this laptop riser folds up into a thin package that allows you to put into your laptop bag and take it with you. It’s made of plastic that feels solid and it appears to be well engineered. This specific one is designed for 14″ laptops or tablets. But Kensington makes a 17″ version of this as well.

You’ll note the colour coding in this picture. This is the unique feature that sets this laptop riser apart from pretty much everything else on the market. These colours allow you to size this riser so that it is ergonomically correct for you. Kensington calls this their SmartFit System.

What you need to do is place your palm on this diagram and see what colour you match up to. In my wife’s case, she was green. That led me to set the stand up like this:

And when you add her ThinkPad to the mix, this is what you get:

For her, this is the perfect angle to view the screen of her ThinkPad. And so far this is working for her. Now one thing that I should point it is this is not meant for you to type on. Which is why she also got this Kensington keyboard from me which she is now using with both this ThinkPad and with her 15″ MacBook Pro as it supports multiple connections. The net result is that this setup is a win for her. The Kensington SmartFit Easy Riser Go laptop riser has an MSRP of $29.99 CAD and this is an easy recommendation from me whether you are on the go, or working from home like my wife is.

1 Comment »

Apple Launches Self Repair Store…. And So Far I Am Not Impressed

Posted in Commentary with tags on April 27, 2022 by itnerd

Last year Apple announced that they would be starting up a self repair program. At the time I said this:

The bottom line is that this is an optics exercise for Apple. If they really wanted to embrace right to repair, they would go further than what was announced. But they haven’t. So don’t be fooled by this announcement. It isn’t what you think it is, and it’s not going to get the results that you think it will.

Since then we’ve heard nothing from Apple. Meanwhile both Samsung and Google have launched self repair programs that simply destroy anything that Apple said that they were going to do. I guess that forced Apple into the position where they had to do something. And today they did:

Apple today announced Self Service Repair is now available, providing repair manuals and genuine Apple parts and tools through the Apple Self Service Repair Store. Self Service Repair is available in the US and will expand to additional countries — beginning in Europe — later this year.

The new online store offers more than 200 individual parts and tools, enabling customers who are experienced with the complexities of repairing electronic devices to complete repairs on the iPhone 12 and iPhone 13 lineups and iPhone SE (3rd generation), such as the display, battery, and camera. Later this year the program will also include manuals, parts, and tools to perform repairs on Mac computers with Apple silicon.

I went to the Self Repair Store and to be frank, it looks like someone used a template from GoDaddy to create this as it is as far as you can get from Apple’s look and feel without going to another planet. It’s almost as if they don’t want to be associated with this website. Which tells you what you need to know about Apple’s view on self repair.

Apple also did this today:

Also today, Apple published a paper, “Expanding Access to Safe, Reliable, and Secure Service and Repair,” which details Apple’s approach to designing long-lasting products and increasing access to repairs.

This is just spin to make it look like that they are on the good side of right to repair when in reality they haven’t.

I have a bunch of random thoughts on this. For starters, It seems the cost of the repairs via this site are on par with the cost of a repair in the Apple Store – which is odd because you’re repairing it yourself. Thus you think it would be cheaper. But clearly not. I’m guessing that Apple doesn’t want to lose a cent of income here. Second, it seems odd to offer self service on the newest devices first as those are the devices less likely to need to be serviced. An iPhone XS or 11 is more likely to need a new battery than a 2 month old SE or 6 month old 13. I don’t see the logic here unless Apple is doing this to limit the number of repairs. Further to that, digging around the site I found warnings that parts such as a battery and a display require a “System Configuration Tool”. And you need to contact them after the repair to be able to remove the warnings iOS gives about the battery or display being changed. Which implies that you still need Apple’s help after the repair is completed via calling Apple or taking a trip to the Genius Bar. Which doesn’t exactly sound like you’re fully in control of the repair to me.

All of this smells of the same optics exercise that I thought it was when this was first announced. Though an alternate view is that Apple threw this together when Samsung and Google upstaged them with their announcements. Either way I’m not impressed by this launch. And I wonder if Apple will do something to improve this. I guess we’ll have to wait and see.

UPDATE: One thing to consider is the credit that you get when you return the parts to Apple. That lowers the repair price a bit.

Leave a comment »

Russian-Linked Hackers Stormous Claim To Have Pwned Coca Cola

Posted in Commentary with tags on April 27, 2022 by itnerd

A group of Russian-linked hackers named Stormous claimed that they have pwned Coca Cola:

A ransomware gang known as STORMOUS has claimed responsibility for the attack. The Russian-affiliated hacking group claims it hacked some of Coca-Cola’s servers, making off with around 161 GB of information without the company’s knowledge. STORMOUS is apparently looking to sell off the data for $64,396.67 or 1.6467 BTC.

Though the group is relatively new — first appearing in late 2021 — this isn’t the first time it has claimed a high-profile cyber theft. Earlier this year, STORMOUS claimed a breach of Epic Games, attempting to sell off over 200GB of data.

It has not yet been confirmed or verified by cybersecurity analysts and experts if Epic Games, nor any of STORMOUS’s other alleged victims, has actually been breached or not.

Coca Cola had this to say:

In response to the claims, a Coca-Cola spokesperson told The Record that the company has informed law enforcement about the possible breach. Scott Leith, the company’s communications vice president released a statement saying: “We are aware of this matter and are investigating to determine the validity of the claim.”

Anurag Gurtu, CPO of StrikeReady had this comment:

Well, time will tell if we are seeing a wave of Russian-backed threat actors compromising big organizations such as Coca-Cola.

Known for its website defacement and information theft, the Stormous ransomware gang represents itself as a group of Arabic-speaking hackers. The group has been active since 2021, and recently announced its support for the Russian government and its intention to attack Ukrainian government institutions. This ransomware provides the actor with the ability to upload custom payloads to the affected server via open-source resources such as Pastebin and remote upload. Since the actor can modify encryption and decryption keys, as well as copy ransom messages in the wild, the actor’s capabilities, which include dropping malware, encryption, and sending a ransom note, can be hard to identify. In addition, the actor’s ransomware is PHP-based, so it is easy to modify on the fly.

This is big if this is true. Clearly what we’re seeing is hacker groups graduate to bigger and more bold activities. And on top of that, this specific group has aligned itself with Russia. Making all of this a bad combination. Potentially.

Leave a comment »