Prepare Against Ransomware

In recent months you may have come across articles depicting the chaos that ransomware is causing to businesses and individuals alike across the globe. You may ask what is ransomware? In short it is a malicious software that encrypts your computer system so you are unable to access your data. The reason for this is that the distributor of this software is a criminal and they want you to pay them a fee to release your files. Now the fact that they are a criminal you should not pay but in some cases such as hospitals and other critical services where not paying may have a worse knock on effect then sometimes business and individuals are left with little choice but to cough up the dough. In recent month's however a number of companies and state bodies have started to crack different strains of ransomware and release the keys so if you get infected have a look to see if your key is out there you might get lucky. For the rest of you I have compiled a list if useful precautions to take.


Backup regularly and keep a recent backup copy off-site. There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.

Don’t enable macros in document attachments received via email. Many ransomware attacks arrive in documents, and rely on persuading you to enable macros (embedded document scripts). Don’t do it: Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure.

Consider installing the Microsoft Office viewers. These viewer applications let you see what documents look like without opening them in Word or Excel itself. In particular, the viewer software doesn’t support macros at all, so you can’t enable macros by mistake!

Be cautious about unsolicited attachments. Crooks who send malware in documents are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt, leave it out.

Don’t give yourself more login power than you need. Most importantly, don’t stay logged in as an administrator any longer than is strictly necessary, and avoid browsing, opening documents or other “regular work” activities while you have administrator rights.

Patch early, patch often. Malware that doesn’t come in via document macros often relies on security bugs in popular applications, including Office, your browser, Flash and more. The sooner you patch, the fewer open holes remain for the crooks to exploit.

 UPDATE:
In the past week I came across a case of the .Locky strain of ransomware which seems to be particularly nasty. In researching this strain I came across the below article and it is very much worth a read. You can find the original article here.
-------------------------------------------------------------------------------------------------------------------------

How Just Opening an MS Word Doc Can Hijack Every File On Your System

If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it.

Doing so could cripple your system and could lead to a catastrophic destruction.
Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing a deadly ransomware, dubbed "Locky," into their systems.

So if you find .locky extension files on your network shares, Congratulations! You are infected and left with just two solutions: Rebuild your PC from scratch or Pay the ransom.

Locky ransomware is spreading at the rate of 4000 new infections per hour, which means approximately 100,000 new infections per day.

Microsoft MACROS are Back

It is hard to digest the fact that, in this 2016, even a single MS Word document could compromise your system by enabling 'Macros.'

This is where the point to appreciate hacker's sheer brilliance of tactics.

Locky ransomware is being distributed via Microsoft 365 or Outlook in the form of an Invoice email attachment (Word File that embeds vicious macro functions).

The concept of macros dates back to 1990s. You must be familiar with this message: "Warning: This document contains macros."
Now macros are back, as cyber criminals discover a new way to get internet users to open Microsoft Office documents, especially Word files that allow macros to run automatically.

How Does Locky Work?

Once a user opens a malicious Word document, the doc file gets downloaded to its system. However, danger comes in when the user opens the file and found the content scrambled and a popup that states "enable macros".
Here comes the bad part:

• Once the victim enables the macro (malicious), he/she would download an executable from a remote server and run it.
• This executable is nothing but the Locky Ransomware that, when started, will begin to encrypt all the files on your computer as well as network.

Locky ransomware affects nearly all file formats and encrypts all the files and replace the filename with .locky extension.
Once encrypted, the ransomware malware displays a message that instructs infected victims to download TOR and visit the attacker's website for further instructions and payments.
Locky ransomware asks victims to pay between 0.5 and 2 Bitcoins ($208 to $800) in order to get the decryption key.
One of the interesting note on Locky is that it is being translated into many languages, which heighten its attack beyond English boundaries to maximize the digital casualties.

Locky Encrypts Even Your Network-Based Backup Files

The new ransomware also has the capability to encrypt your network-based backup files. So it's time for you to keep you sensitive and important files in a third party storage as a backup plan in order to evade future-ransomware infections.
A researcher named Kevin Beaumont along with Larry Abrahms of BleepingComputer initiallydiscovered the existence of Locky encrypted virus.
To check the impact of Locky, Kevin successfully intercepted the Locky traffic yesterday and realized that the cryptovirus is spreading out rapidly in the wild.

"I estimate by the end of the day well over 100,000 new endpoints will be infected with Locky, making this a genuine major cybersecurity incident — 3 days in, approximately a quarter of Million PCs will be infected," Kevin said in a blog post.

One hour of infection Statistics:

Among the highly impacted countries include Germany, Netherlands, United States, Croatia, Mali, Saudi Arabia, Mexico, Poland, Argentina and Serbia

5 golden rules for staying safe online

If you have been reading my posts you will notice that a number of points keep popping up. The reason for this is of course that these particular points are vital to keeping yourself safe online. For the few out there who want to do the minimum in order to stay safe I am laying out 5 golden rules to follow.

1) Keep your software updated

Updating software, whether it be on your phone, laptop, or television, is extremely important. When hackers discover new ways to steal your data, gadget and software companies usually work quickly to release fixes for those vulnerabilities. Once a fix is in place an update becomes available and you should download this update, I try to set as many applications as possible to do automatic updates or in the case of my phone I set it running at night time when its not been used.

2) STOP using the same password everywhere

You are living in an age of big hacks and data breaches if you use the same password everywhere once your details are stolen once all your accounts are compromised. And you can be guaranteed that there is a high possibility your details have already been stolen from somewhere.  

3) Don't fall for phishing scams

These scams are getting more and more frequent and the attacks been used are becoming more professional. I recently received an email claiming to be a free password security tester, the email asked me to enter my password to test how strong it is and of course I deleted it as its purpose was of course to steal my password. Be smart when you receive phone calls and emails that you are not expecting and never open an application you receive in an email with the file extension .exe.

4) Add recovery contact information to your accounts

This is important you should always have two different contact methods on your accounts. The reason for this is if you forget your password and lose your phone well then your snookered and you may be locked out of that account forever, leaving your information hanging in cyber space. The second reason for this is If your account is compromised, companies will probably try to let you know. But that’s only possible if they have some means of getting in touch with you on file.

5) Enable two factor authentication 

Two-factor authentication adds an extra layer of security to your accounts by requiring another code in addition to your memorized password. That code can be sent to your smartphone via a text or generated by an app. With two-factor authentication, even if a hacker has your username and password, he or she won’t be able to access your account unless they also have your smartphone — not a likely scenario. I ask if you don't do any of the above at least do this one and give yourself some chance of staying protected.

Staying anonymous online (The Basics)

This is a topic that seems to keep popping up over and over again for many different reasons some good and some bad. In my opinion everyone should have the right to remain anonymous online if they choose to do so. I know in the extreme cases Governments are claiming that terrorists and criminals are using encryption of a means to carry out organised crime and nation attacks, however does this mean the rest of free society should give up the right to remain anonymous online? If you believe that the answer to this question is no then you can take a number of steps to help keep your     online identity non-existent. The steps below in no way mean that the FBI won't know who you are if you start doing some illegal shit like hiring an assassin on the dark-net so I strongly advise against doing so.

1)  If you are the type of person who wants no digital footprint then you might not want to join social media sites. The amount of personal data that social networking sites like Facebook, Google Plus and Twitter have harvested from their billions of users is shocking. Head to facebook.com/settings and click ‘Download a copy of your Facebook data’ and you might be surprised to see just how much information is on file. More or less everything you have ever done on Facebook is saved in this file so you can kind of get a feel for just how much information these sites hold on you.

2)  My second tip is another rather simple approach, go incognito The top four most popular browsers - Google Chrome, Mozilla Firefox, Internet Explorer and Safari - have a private browsing mod. With private browsing activated, your browser will not store cookies or internet history on your computer. This is quiet a limited function and is really only of use to hide information from others such as a significant other. I say this because Private browsing does not securely hide your identity or browsing activities beyond your local machine as your IP address can still be tracked.

3)  It is a known fact that many websites track and monitor their users activity, this can actually cost you money. An example of this is that plane ticket that you want to buy so you regularly check to see if its sold out, then when you have the cash the bloody ticket has gone up in price, the reasons for this could very well be website tracking. The issue with website tracking is you can't see if the websites you are visiting are actually tracking you. Ghostery is a free browser extension - available on all major web browsers - that will reveal these trackers, also known as web bugs. You can then decide which web bugs you’re comfortable with tracking you and which ones you’d like to block.

4)  Stop using Dropbox, I know that its a handy tool but as Edward Snowden once stated about Dropbox "they are a cloud service hostile to privacy". Lucky enough if you still want a way to share your files Snowden himself recommends that you use Spideroak to do so. The reason for this being that Spideroak is a zero-knowledge encrypted data backup, share, sync, access and storage service.

5) Use an alternative search engine to the mainstream, I suggested in a previous post that the best search engine for this is DuckDuckGo, which promises never to track your searches and “emphasizes protecting searchers’ privacy and avoiding filter bubble of personalized search results.

6) Reconsider your phone options, if you have a smartphone then staying anonymous just became a whole lot harder. The reason for this is for some reason every app you download these days wants access to your location,contacts,camera,microphone etc which makes staying off the grid impossible really. If you are super parnoid may I suggest investing in the super cool name "Blackphone" This is an ‘NSA-proof’ smartphone that claims to provide privacy features for texts, emails, web browsing and phone calls.

7) Use a Virtual Private Network (VPN)!!! I am sick of repeating this and if you really are serious about staying anonymous online this is simply a must have. You ask what is a VPN? Well essentially it hides your IP address and runs all your online data via a secure and encrypted virtual tunnel, which can keep websites from tracking your online activity or even knowing which country you’re browsing from (which is great for American Netflix). The catch with a using a VPN is don't ever trust a free one so you will need to shell out a few quid every month for the privilege of the service. Their has been a lot of talk recently about how secure certain VPN's are so do some of your own research and find the best one for you.

8) If you are using a popular webmail service such as Gmail then you might want to either change to a more secure provider or else add some security to your current provider. To do this I would suggest installing Mailvelope. Mailvelope is a browser extension for Google Chrome or Mozilla Firefox that brings OpenPGP encryption to your webmail service. Similar extensions exist, such as SecureGmail, which encrypts and decrypts emails you send through Gmail. Alternatively you could start using a webmail service such as Hushmail. Hushmail is currently very popular, it provides a private email account with no ads, built-in encryption and unlimited email aliases. Their is a limited free version of Hushmail however like everything you need to pay to get all the bells and whistles. For the more paranoid their is always the option of Disposable Email Addresses (DEAs). These are anonymous and temporary. They allow users to quickly create new email addresses as-and-when they’re needed, which can then be disposed of after use. There are many companies that provide this type of service however the more reliable one may come in the form of Guerrilla Mail and Mailinator.

Securing your iPhone 5 +

As the title suggests for this post I am just focusing on the iPhone 5 and up. For the most part Apple are pretty slick when it comes to patching their devices and keeping things secure, however a lot of the features of the iPhone that may make your life a bit easier may also create an area of insecurity around your device. Lets take siri for example, shes great to have a chat with on cold nights when there is no one else around. The issue with siri is she's a bit of a gossip and will talk to anyone. Let's take the following scenario your phone is stolen, you have a lock code on it so even though your pissed your not going to panic just yet. Lets say who ever stole your device has been watching you and they want to find out where you live, they cant do that right? WRONG if you have spent a bit of time setting siri up chances are she can be accessed from the lock screen of your phone, so all our thief/stalker needs to do is ask siri a few simple questions.


Who am I?

Where do I live?

What are my upcoming appointments?


Try this yourself see what information you get back....


Am I starting to paint a picture of how this can all go wrong so fast..... Hold on just before we start to panic I have created a list of 10 things you can do to help protect yourself and your family. Of course you can completely ignore my list and keep living life on the edge if that's your thing :).

1) Disable Siri on a lock screen

Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Allow access when locked” section –> “Siri: off” and “Settings” –> “General” –> “Siri” –> “Allow “Hey Siri”: off”.

2) Use a strong password instead of a 4 digit code

This is important I cant stress enough, how simple it has become to smash out your 4 digit passcode in a few hours. You might think who the hell would bother doing that I'm not some Government spy no your not but you do have lots of juicy personal data in their that can be used to steal your identity or exploits your friends and family. As an extra option, you can also turn the “erase data” feature on, so the device will wipe everything from its memory after 10 failed passcode attempts. But keep in mind that all the data will be erased forever and you won’t be able to recover it i.e DON'T FORGOT YOUR PASSWORD!!!!!

Where can you set these requirements? Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Require passcode: immediately”; “Simple passcode: off”.

3) Turn off lock screen notifications

This is similar to the stalker/possible killer type scenario or just the nosy work colleague keep your shit private! The more information you allow to your screen the more exposed you are, you may not think that matters until you are sitting in the pub and your friend sends you a message to ask: "is that asshole Dave there?", and you can then respond saying "yup hes here and by the way he read the message cause I let my phone display everything to the screen.... sorry plus Dave said he wants the €50 he lent you back!".... Maybe that's exaggerated but don't take any chances.

Where can you set these requirements? Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Allow access when locked” section.

4) Turn on two-step verification for Apple ID and iCloud

This is a big one, in my opinion it will only be a matter of time before every device that requires a log in will force people to use two-step verification, but just in case I'm wrong you should set it up anyway. Apple makes you wait a few days before you can actually set this up so if you start the process don't forget to log back in and finish it off after.. 3 days I think.

Where can you set these requirements? Go to https://appleid.apple.com –> “Manage your Apple ID” –> “Password and Security” –> “Two-Step Verification”.

5) Turn off automatic sync to iCloud

This is one of those things that could really come back and bite you in the ass literally! If you have iCloud set up you have 3G/4G or wifi and you take a picture boom its in the cloud... FOREVER!!! So I don't know but I'm guessing after a crazy night out you may want to review what picture leave your phone and head off to god knows where.

Where can you set these requirements? Go to “Settings” –> “iCloud”.

6) Turn off cookies in your browsers

Your now thinking "cookies" what the hell is this guy on about there is no "cookies" in my phone, I can't dip this thing in tea! No you cant and please don't try your phone won't taste great it will just stop working. Cookies are small files which almost any website generates and leaves on your device. They may contain some information about you, your computer or smartphone, and your preferences. It helps websites keep you logged in, or to show you some relevant content including ads, but in some cases they may be very helpful to cybercriminals as they can contain credentials and other sensitive data. The only issue here is some site just wont work when you disable this so its one of those catch 22 situations.

Where can you set these requirements? For Safari: Go to “Settings” –> “Safari” –> “Privacy & Security” section –> “Do Not Track: on”, “Block Cookies: Always Block”; For third party browsers: see similar browser settings.

7) Don’t let apps access your contacts, photos, messages and other private data

This is one of my pet hates, when I download an app for getting dinner recipes why the hell does it want access to my contacts, my camera and my microphone???? And secondly why would anyone allow it access to any of these things? This really is one that you should spend a bit of time looking into.

Where can you set these requirements? Go to “Settings” –> “Privacy”.

8) Turn off the AutoFill option in your browsers

This is another of those be less lazy common sense type things, if this feature is turned on and someone gets your phone chances are they will be able to log into a number of sites..As you!

Where can you set these requirements? For Safari: Go to “Settings” –> “Safari” –> “General” section –> “Passwords & AutoFill”; For third party browsers: see similar browser settings.

9)Discard automatic WiFi connections to known networks

I don't like this feature at all, and I'm going to tell you why. By having this enabled your phone will not only automatically connected to any wifi network that you logged onto before, but it will also log onto any network with the same SSID (name) of a network that you logged on before. This is dangerous, think of shopping areas that offer public wifi (which of course you wouldn't use because your smarter than that) most of these networks have the same name a common one in Ireland is "eircom". Therefore your phone will automatically connect to these networking if you ever connected to one of that name before, so I really shouldn't have to explain why this can be a fruitful play ground for a cybercriminal.

Where can you set these requirements? Go to “Settings” –> “Wi-Fi” –> “Ask to join networks: on”.

10) Get used to VPN

A VPN or virtual private network is the best way to go to really ensure some safety when browsing the web especially on those public wireless networks that you would never use. There is also no point going for a free VPN as the speeds and reliability and all that other stuff that you don't really understand wont be great. You can make up your own mind on who to go with for this I use AirVPN they charge around €30 for 6 months with unlimited bandwidth.






So guys, that's it for today if anyone has any questions post them below and I guarantee to get back to you within one working year.