Learn more about how to stay safe online with some simple helpful tips !!!
Hang ten, dude! It’s summertime and surfers are taking to the ocean to go catch some gnarly waves. Experienced surfers know that there are dangers out in the water and are trained to look out for them. These dangers include rip currents, shallow water, and of course, sharks.
Just like there are dangers in the ocean, there are many dangers lurking on the Internet. And a savvy web surfer and searcher knows that there’s ways to protect themselves. Here are some tips to keep you safe while you surf the internet.
Ransomware is malicious software that cyber criminals use to hold your computer or computer files for ransom, demanding payment from you to get them back. Sadly, ransomware is becoming an increasingly popular way for malware authors to extort money from companies and consumers alike. There is a variety of ransomware can get onto a person’s machine, but as always, those techniques either boil down to social engineering tactics or using software vulnerabilities to silently install on a victim’s machine.
One specific ransomware threat that has been in the news a lot lately is Cryptolocker (detected by ESET as Win32/Filecoder -check the ESET Knowledge Base for updated information on detection of Cryptolocker and other ransomware). The perpetrators of Cryptolocker have been emailing it to huge numbers of people, targeting particularly the US and UK. Like a notorious criminal, this malware has been associated with a variety of other bad actors – backdoor Trojans, downloaders, spammers, password-stealers, ad-clickers and the like. Cryptolocker may come on its own (often by email) or by way of a backdoor or downloader, brought along as an additional component.
You may wonder why the big fuss over this one particular ransomware family – in essence, it is because Cryptolocker’s authors have been both nimble and persistent. There has been a concerted effort to pump out new variants, keeping up with changes in protection technology, and targeting different groups over time.
Since the beginning of September, the malware authors have sent waves of spam emails targeting different groups. Most of the targeted groups have been in the US and the UK, but there is no geographical limit on who can be affected, and plenty of people outside of either country have been hit. Initially emails were targeting home users, then small to medium businesses, and now they are going for enterprises as well.
The malware also spreads via RDP ports that have been left open to the Internet, as well as by email. Cryptolocker can also affect a user’s files that are on drives that are “mapped”, which is to say, they have been given a drive letter (e.g. D:, E:, F: ). This could be an external hard-drive including USB thumb drives, or it could be a folder on the network or in the Cloud. If you have, say, your Dropbox folder mapped locally, it can encrypt those files as well.
At this point, tens of thousands of machines have been affected, though it is estimated that the criminals have sent millions of emails. Hopefully the remainder of recipients simply deleted the malicious emails without opening them, rather than them sitting unopened, waiting to unleash more pain.
Those people that have been affected have had a large number of their files encrypted. These files are primarily popular data formats, files you would open with a program (like Microsoft Office, Adobe programs, iTunes or other music players, or photo viewers). The malware authors use two types of encryption: The files themselves are protected with 256-bit AES encryption. The keys generated by this first encryption process are then protected with 2048-bit RSA encryption, and the malware author keeps the private key that would allow both the keys on the user’s machine and the files they protect, to be decrypted. The decryption key cannot be brute-forced, or gathered from the affected computer’s memory. The criminals are the only ones who ostensibly have the private key.
On the one hand, ransomware can be very scary – the encrypted files can essentially be considered damaged beyond repair. But if you have properly prepared your system, it is really nothing more than a nuisance. Here are a few tips that will help you keep ransomware from wrecking your day:
1. Back up your data
The single biggest thing that will defeat ransomware is having a regularly updated backup. If you are attacked with ransomware you may lose that document you started earlier this morning, but if you can restore your system to an earlier snapshot or clean up your machine and restore your other lost documents from backup, you can rest easy. Remember that Cryptolocker will also encrypt files on drives that are mapped. This includes any external drives such as a USB thumb drive, as well as any network or cloud file stores that you have assigned a drive letter. So, what you need is a regular backup regimen, to an external drive or backup service, one that is not assigned a drive letter or is disconnected when it is not doing backup.
The next three tips are meant to deal with how Cryptolocker has been behaving – this may not be the case forever, but these tips can help increase your overall security in small ways that help prevent against a number of different common malware techniques.
2. Show hidden file-extensions
One way that Cryptolocker frequently arrives is in a file that is named with the extension “.PDF.EXE”, counting on Window’s default behavior of hiding known file-extensions. If you re-enable the ability to see the full file-extension, it can be easier to spot suspicious files.
3. Filter EXEs in email
If your gateway mail scanner has the ability to filter files by extension, you may wish to deny mails sent with “.EXE” files, or to deny mails sent with files that have two file extensions, the last one being executable (“*.*.EXE” files, in filter-speak). If you do legitimately need to exchange executable files within your environment and are denying emails with “.EXE” files, you can do so with ZIP files (password-protected, of course) or via cloud services.
4. Disable files running from AppData/LocalAppData folders
You can create rules within Windows or with Intrusion Prevention Software, to disallow a particular, notable behavior used by Cryptolocker, which is to run its executable from the App Data or Local App Data folders. If (for some reason) you have legitimate software that you know is set to run not from the usual Program Files area but the App Data area, you will need to exclude it from this rule.
5. Disable macros in Microsoft Office files
Most people may not be aware that Microsoft Office Files are like a file-system within a file system, which includes the ability to use a powerful scripting language to automate almost any action you could perform with a full executable file. By disabling macros in Office files, you deactivate the use of this scripting language.
6. Disable RDP
The Cryptolocker/Filecoder malware often accesses target machines using Remote Desktop Protocol (RDP), a Windows utility that allows others to access your desktop remotely. If you do not require the use of RDP, you can disable RDP to protect your machine from Filecoder and other RDP exploits. For instructions to do so, visit the appropriate Microsoft Knowledge Base article below:
7. Patch or Update your software
These next two tips are more general malware-related advice, which applies equally to Cryptolocker as to any malware threat. Malware authors frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto your system. It can significantly decrease the potential for ransomware-pain if you make a practice of updating your software often. Some vendors release security updates on a regular basis (Microsoft and Adobe both use the second Tuesday of the month), but there are often “out-of-band” or unscheduled updates in case of emergency. Enable automatic updates if you can, or go directly to the software vendor’s website, as malware authors like to disguise their creations as software update notifications too.
8. Use a reputable security suite
It is always a good idea to have both anti-malware software and a software firewall to help you identify threats or suspicious behavior. Malware authors frequently send out new variants, to try to avoid detection, so this is why it is important to have both layers of protection. And at this point, most malware relies on remote instructions to carry out their misdeeds. If you run across a ransomware variant that is so new that it gets past anti-malware software, it may still be caught by a firewall when it attempts to connect with its Command and Control (C&C) server to receive instructions for encrypting your files.
If you find yourself in a position where you have already run a ransomware file without having performed any of the previous precautions, your options are quite a bit more limited. But all may not be lost. There are a few things you can do that might help mitigate the damage, particularly if the ransomware in question is Cryptolocker:
9. Disconnect from WiFi or unplug from the network immediately
If you run a file that you suspect may be ransomware, but you have not yet seen the characteristic ransomware screen, if you act very quickly you might be able to stop communication with the C&C server before it finish encrypting your files. If you disconnect yourself from the network immediately(have I stressed enough that this must be done right away?), you might mitigate the damage. It takes some time to encrypt all your files, so you may be able to stop it before it succeeds in garbling them all. This technique is definitely not foolproof, and you might not be sufficiently lucky or be able to move more quickly than the malware, but disconnecting from the network may be better than doing nothing.
10. Use System Restore to get back to a known-clean state
If you have System Restore enabled on your Windows machine, you might be able to take your system back to a known-clean state. But, again, you have to out-smart the malware. Newer versions of Cryptolocker can have the ability to delete “Shadow” files from System Restore, which means those files will not be there when you try to to replace your malware-damaged versions. Cryptolocker will start the deletion process whenever an executable file is run, so you will need to move very quickly as executables may be started as part of an automated process. That is to say, executable files may be run without you knowing, as a normal part of your Windows system’s operation.
11. Set the BIOS clock back
Cryptolocker has a payment timer that is generally set to 72 hours, after which time the price for your decryption key goes up significantly. (The price may vary as Bitcoin has a fairly volatile value. At the time of writing the initial price was .5 Bitcoin or $300, which then goes up to 4 Bitcoin) You can “beat the clock” somewhat, by setting the BIOS clock back to a time before the 72 hour window is up. I give this advice reluctantly, as all it can do is keep you from having to pay the higher price, and we strongly advise that you do not pay the ransom. Paying the criminals may get your data back, but there have been plenty of cases where the decryption key never arrived or where it failed to properly decrypt the files. Plus, it encourages criminal behavior! Ransoming anything is not a legitimate business practice, and the malware authors are under no obligation to do as promised – they can take your money and provide nothing in return, because there is no backlash if the criminals fail to deliver.
Don’t you just hate it when you’re browsing or listening to music on your phone and it suddenly heats up? If you’re lucky to have a smartphone with removable batteries, you can change the battery and get some reprieve. But sometimes even such quick fixes don’t work. The phone then starts hanging every time you browse the web, play a game, text or even as you make a call. Eventually, it breaks down. It then hits you that there could have been a teething problem with the phone the moment it started heating up.
You learn this lesson as you take your phone for repair or as you plan to buy a new one. But why go such a long way while there are preventive measures that can save you from the aforementioned agonies? Read on to learn a thing or two on how to prevent your smartphone from overheating.
Charge your phone correctly
Is there a correct way to charge your phone other than just plugging it into the socket? Yes, there is! First off, always charge your phone in ‘small portions’ other than waiting for it to completely run out of battery then charging it at a go. Then avoid using your phone as it charges, as this will strain it and force it to heat up within minutes. The phone, just like a laptop has a processor which can get overworked with many functions and applications running at the same time. Be sure too to remove your phone’s case as you charge it. Leaving it on will only subject the phone to hot conditions, something that can easily cause an explosion as the phone charges.
Keep the phone in a cool place
Observe this rule especially during summer. You will need to seek shade several times during summer. But what about your phone? It needs some shade as well. In other words, keep it away from direct sunlight. You can imagine what will happen to the phone when it’s already hot from directly sun, then one plugs it into a socket to charge it. Allow it to cool first then plug it in. Then try not to keep your phone in a tight pocket especially if you are likely to get sweaty. Like other devices, moisture and your phone never hand in hand. Keep the phone in a larger pocket, a purse or a bag.
Invest in a good cover
A good smartphone cover will go a long way to help your phone last if you are an outdoor person. Water, sand and dust has already been listed by smartphone experts as the three biggest smartphone killers today. Exposing your phone to these elements will cause accumulation around the charging and USB ports. Some may find their way into your phone. Before long, your phone will start heating up. Remember a good cover will also protect your phone’s screen from damage. The cover may look or even feel like a ‘killjoy’ while using your phone outside. Look at the bigger picture though – a slight loss of responsiveness is far much bearable than a total loss of functionality.
Avoid sudden temperature changes
It is easy to feel tempted to put your phone in a freezer or a refrigerator once it heats up. Experts refer to such a move as a terrible idea. Your phone will eventually cool down but before then, it may end up shutting down completely. That is because sudden temperature changes strain phone components. It also attracts moisture, which is a surefire of breaking your device. As any Birmingham iPhone repair expert will tell you, simply let your phone cool down the natural away. Put it aside for a few hours if you have to.
So, you finally have you dream laptop. Perhaps it is the best machine you’ve ever had the privilege of calling your own. It has just the right hard disk capacity, the RAM you’ve always wanted, a speedy processor, cutting edge graphics and of course, the right bag. You can play tons of games, design anything and store huge files.
But somewhere along the line, the machine’s performance drops. It becomes slow, produces a funny sound and keep on letting you down on extremely important projects. You try to figure out where the problem is, but you can’t find any cue. Take it easy, the problem as you are about to find out, lies on how you take care of the laptop. How you turn it on, off, store it, carry it and so forth. So just how should you go about it? Read on to learn more.
Never pull the plug out cold
People do this all the time out of sheer laziness or for no reason at all. They pull the battery charger from the socket by the cord. This significantly takes a toll on both the lifespan of the charger and the laptop. The thumb rule here is simple; be gentle with the cord. Do not pull it from the laptop’s charging port or the socket. Then ensure no furniture rests on the cord or you don’t step on it from time to time. All these cons often end up resulting into a short-circuit in the long run, something that can shut your laptop completely or destroy it badly.
Be keen with food near your laptop
Be keen when eating or drinking anything near your laptop. Spilled drinks can cause short-circuits and eventually erase all your data. That is simply because the motherboard and moisture never go hand in hand. So if you really have to eat or drink anything as you use your laptop, exercise caution.
Ensure the fan works well
Everyone knows this, but only a few people take it seriously. Your laptop radiates heat anytime it’s on. It will therefore need to cool down after hours of continuous usage. Buy a cooling pad if you use your laptop for hours daily. It is an inexpensive one time investment that can easily be the link between your laptop and costly repairs. The pad is designed to prevent condensation of moisture around the motherboard area. It also ensures the fan runs well so as to keep dust and other small particles off the internal components of the laptop.
Shut the laptop gently
This will not cost you much. Unfortunately, it happens all the time. You are in a hurry to leave class or the office, so you just cold boot your laptop or ram the monitor on the keyboard. Or you feel sleepy as you watch a movie and you cold boot the laptop. Such acts will only damage your monitor in the long run and you may end up replacing the monitor. Simply be patient as you turn off your laptop. Then once off, ensure that there is nothing between the keyboard and the monitor.
Get a good antivirus software
Imagine losing crucial data because of a virus! It is frustrating. You may eventually get the data back if you are lucky to find a good data retrieval company. But why take the risk while you can avoid it? Update your software if it has expired or simply buy a new one. This will save you from potentially hazardous Trojans that are all over the internet. Be extra cautious if you download files online from time to time. Then remember to always keep your firewall on anytime you are online. A trusted Birmingham laptop repair service provider can always recommend the best antivirus software, so feel free to ask!