Thursday, November 16, 2017

ROBOTS TODAY - What's New Atlas

I know you've seen a robot walk, but have you ever seen one do a backflip?

Sunday, October 22, 2017

PC GAMING - Sniper Elite 4

Weeks ago I installed Sniper Elite:Italia and some DLCs (Steam) on my Win7 Pro 64bit desktop.

I also have Sniper Elite v2 and Sniper Elite 3.

This is the best of the series from Rebellion.

It has all the elements of Sniper Elite 3 and more.

What I like about this game series is using and improving my tactics to complete missions.

In addition to the Main Mission (several parts) operations in Italy, there are 4 DLC Missions.

  • "Target Fuhrer" (one mission)
  • "Deathstorm" (3 part mission)
And there's "Bullet Time where you watch your shot in slow-mo.

    Below are some screenshots from the game:

    Your target is one of Hitler's top henchman, and what he carries, in the mansion in the far background.

    When you start a mission you can choose weapons and supplies.  Your primary is (of course) a sniper rifle, secondary is an SMG, and third is your pistol.

    Your Level changes weapons effects:

    Those bullet drop and wind.  Of course you still have the "Hold Breath" option which puts a red target where your shot will hit.

    As you play, at the start of each mission you can adjust your "Skill Tree" with the skills you earned during missions.
    The yellow [i] means these have not been assigned, one you have not earned are grayed-out.

    Then there's your "Service Record" (aka Stats):

    I have played several rounds over the weeks and have reached the Level "Ghost" and am working on the Level "Elite" (2,481,370 out of 3,000,000 pts).  And I am Death Incarnate.

    And now videos:

    Monday, October 9, 2017

    THE RUSSIA FILE - Hacked NSA Documents

    "Report: Russia hacked NSA documents with aid from antivirus software" PBS NewsHour 10/5/2017


    SUMMARY:  The Wall Street Journal reported that Russia obtained classified information about how the U.S. military protects its computer networks and conducts electronic spying.  The breach occurred when data was stolen by an NSA contractor, then hacked by Russia.  Hari Sreenivasan speaks with The Wall Street Journal's Shane Harris.

    Monday, July 31, 2017

    SIMULATIONS - X-Plane Flight Sim (updated)

    Finally done something I've been thinking about for years.  Got me a flight simulator and joystick.

    Way, way back I did try Microsoft's flight sim but I had only keyboard-mouse.  Flight sims are almost impossible to use with keyboard-mouse.

    So, finally, I got X-Plane 11 fight simulator and the Thrustmaster T-Flight Hotas X Flight Stick.

    X-Plane 11

    Example Cockpit View
    You can change your view from the cockpit including exterior like looking at the airport tower.

    You can use your mouse to click on most controls and switches.  Like when starting engines, turning on lights, etc.

    Where you chose your aircraft and customize for your flight
    Usually the first screen you go to after launching X-Plane is to start [New Flight].  This gets to  the "Flight Configuration" window.  This is where you choose your aircraft and customize it, set weather conditions and Time of Day (includes a checkbox to use your system time).

    The 'stock' aircraft:
    • X-15
    • Beechcraft Baron 58 
    • Cessna Sky Hawk 
    • McDonnell Douglas KC-10 Extender
    • Boeing 747-800, 747-400, 747-100
    • Boeing 737-80
    • Stinson L-5, L-5G, L-5G Uurated Sentinel 
    • ASK-21 glider 
    • Boeing B-52G Stratofortress
    • Skorsky S-76C  helicopter
    • Beechcraft King Air C90B
    • Lockheed SR-71
    • Blackbird F-4 Phantom II
    • Space Shuttle Orbiter
    • Beechcraft Baron 58
    • Cirrus Vision SF50
    • Beechcraft King Air C90B
    • Cessna 172SP
    • McDonnell Douglas MD-82
    You can buy/download more aircraft from X-Plane Org.

    Thrustmaster T-Flight Hotas X

    This version can be use for PC or PS3 via USB.  Features:
    • Wide hand-rest for optimal comfort
    • Programmable:  The 12 buttons and 5 axles are entirely programmable
    • Dual-system aerodynamic control, by rotating handle (with integrated blocking system) or by progressive tilting lever
    • Internal memory, to save all of your programming, even with the joystick disconnected
    • High-precision joystick with adjustable resistance
    • Programmable:  12 buttons and 5 axles are entirely programmable
    • Detachable, real-size, ergonomically-designed throttle control
    • Exclusive "MAPPING" button:  All functions may be instantly switched around between each other
    • High-precision joystick with adjustable resistance
    • Exclusive "PRESET" button to switch, while playing, instantly from one program to another
    • Plug & Play for ultra-simple and fast installation with all functions pre-configured for immediate takeoff (without worrying about configuration)
    • Trigger for brakes (civil flight) or for rapid fire (military flight)
    • Multi-directional Hotas button to change views (panoramic view)
    • Weighted base for greater stability
    This is my setup

    This pic was taken while going to "Flight School" sims included in X-Plane.  Note I have Thrustmaster 'detached' for easier use.

    The things I learned while using X-Plane:
    • This is a simulation, which means if you fly from San Diego International (aka Lindbergh Field) to Las Vegas and your route takes 2hrs, you spend 2hrs at the sim.
    • To fly, you need a Flight Plan.  X-Plane comes with just one default Flight Plan.  You have to go to various WEB sites to get a flight plan:  Online Flight Planner , SkyVector (professional flight planer not for sims, but easy to get basic info, including airport charts and info), SimBrief (this is for sims, use it to actually produce a Flight Plan file for X-Plane)
    • Flying ain't easy.  Really.  Especially landings.
    So far, I've spent 3 consecutive days on X-Plane (Fri-Sun).  Now it's time to give it a rest.


    I made/published a Flight Plan via SimBrief from KSAN (San Diego International aka Lindbergh) to KSDM (Brown Field Municipal Airport) with routing.

    I actually made it!  The full flight in a BeechCraft Baron 58 (twin prop).  OK, very sloppy landing but I didn't crash.  It only took me several weeks (only 'flying' weekends), with much frustration.

    I also created the reverse Flight Plan, KSDM TO KSAN (same routing).

    My next challenge is to figure out how to use the Baron's autopilot.

    Found an outstanding site for Sim training videos:  WEH Videos
    Provided many of the answers I had about Sim flying.

    Today 8/20/2017, I completed a Flight Plan "Montgomery Field" to "Palm Springs International Airport" and landed without crashing.  Although I missed the designated runway.

    Monday, May 15, 2017

    CYBER WARS - Impact of Worldwide Attack

    "Analyzing the impact of the worldwide cyber attack" PBS NewsHour 5/13/2017


    SUMMARY:  Nearly 100 countries around the world worked to restore services after a massive cyber attack on Friday.  The ransomware attack appeared to exploit a vulnerability in Microsoft Windows, which was identified by the U.S. National Security Agency and later leaked to the internet.  Former Assistant Attorney General for National Security John Carlin joins Hari Sreenivasan for more on the attack.

    Monday, May 8, 2017

    MEDIA - Instagram

    "How Instagram pictures the world" PBS NewsHour 5/1/2017


    SUMMARY:  A startup no longer, Instagram boasts 700 million monthly active users and counting.  As it grows, the free, photo-sharing mobile app is grappling with how to innovate and stay relevant, as well as how to foster a safe community.  But with 95 million uploads a day, monitoring is a tall order.  Judy Woodruff reports from California.

    WILLIAM BRANGHAM (NewsHour):  The rapid rise of one of the world's biggest social media networks, Instagram.

    It's building up steam, with 700 million people now using it each month, and it just took four months to pick up its latest 100 million new accounts.

    But along the way, the company has faced concerns over how it can be used, and even some criticism for the way it essentially copied ideas from its rival, Snapchat.

    Judy Woodruff recently got an inside look during her trip to Silicon Valley.

    JUDY WOODRUFF (NewsHour):  One of the first things that greets you inside Instagram is, no surprise, a place to take pictures.  The free photo-sharing mobile app was born in 2010 with its first post, a foot in a flip-flop alongside a stray dog.

    Turns out it was taken in Mexico by co-founder Kevin Systrom.

    KEVIN SYSTROM, CEO and Co-Founder, Instagram:  It's a mixture of teams.  So, we have got design teams, we have got partnership teams, we have got a community team, and then a bunch of engineers.  We don't really have an organization.

    JUDY WOODRUFF:  Systrom showed us around Instagram's new offices in Menlo Park, California, designed to accommodate an ever-expanding staff.

    You moved here six months ago; is that right?

    KEVIN SYSTROM:  Yes, six months ago, we moved from the original campus.  And we designed this entire experience inside here to be cleaner, and a little bit more Instagrammy.  So we have got the hip wood walls, and the polished concrete floors.  It's very start-uppy, but it's in an Instagram way.

    JUDY WOODRUFF:  A start-up no longer, Instagram was acquired by Facebook in 2012 for a cool billion dollars.  Then, the company had 13 employees.  Now it has more than 600 to keep up with a rapidly growing user base, 700 million monthly active users and counting, 80 percent of them outside the United States.

    How do you explain the phenomenal, rapid growth of this?

    KEVIN SYSTROM:  On Instagram, very early on, you would post an image, and anyone anywhere in the world could see that image, and understand what you were trying to say without speaking your language.

    So, we like to say that Instagram was one of the first truly international networks in the world.  And I think that's what's allowed it to scale to the hundreds of millions of people that use it every day today.

    Monday, May 1, 2017

    TRUMP AGENDA - Robber Barons of the Internet

    "FCC chair Ajit Pai explains why he wants to scrap net neutrality" PBS NewsHour 4/27/2017

    First, as a retired Computer and IT Technician I understand the internet.  I support 'NET Neutrality' because the internet delivery businesses WILL eventually give in to greed, to wanting bigger profits, at internet users expense.

    Also, the Trump Administration LIES!


    SUMMARY:  Ajit Pai, President Trump's new FCC chairman, has plans to do away with net neutrality rules that have been in place for the last three years.  Pai argues the rules are too burdensome and that they stifle innovation and competition.  William Brangham discusses the changes in oversight with Pai.

    JUDY WOODRUFF (NewsHour):  A political fight is brewing about access to the Internet.  The new head of the FCC, the Federal Communications Commission, wants to clear away regulations about who controls and polices the flow of content on the Internet.

    William Brangham has that.

    WILLIAM BRANGHAM (NewsHour):  We're talking here about what's known as net neutrality, not the easiest concept to grasp, so bear with me.

    Almost all of us in America get our Internet access via one main provider.  These are the telecom and cable giants like Verizon, Comcast, Charter, Time Warner.  They provide the infrastructure that delivers the bounty of the Web to our homes and phones; sites and apps like Google, Netflix, Facebook, Instagram, you name it.

    The telecoms build the highway.  The others guys are like the cars traveling that highway.

    The idea of net neutrality is that the telecoms have to treat that highway as an open road.  They can't pick and choose which Web sites or services get to you faster or slower.  The fear is that, if they do have that power, they will be tempted to favor their content, their sites, their own videos over a competitor's.

    But the telecoms argue that's not fair, they should be able to control that flow, and be able to charge more for faster access.

    In 2014, the Federal Communications Commission under President Obama wanted to lock in these net neutrality rules, but it faced intense pushback by the industry.

    The fight even spilled into pop culture, with this from HBO's John Oliver:

    JOHN OLIVER, Host, “Last Week Tonight With John Oliver”:  If we let cable companies offer two speeds of service, they won't be Usain Bolt and Usain Bolt on a motorbike.  They will be Usain Bolt, and Usain bolted to an anchor.


    WILLIAM BRANGHAM:  But those net neutrality rules did pass and have been in place for the last three years.

    But Ajit Pai, President Trump's new FCC chairman, now wants to get rid of those rules, arguing they're too burdensome.  And this week, he began the process of rolling them back.

    And FCC Commissioner Ajit Pai joins me now.

    Welcome to the NewsHour.

    AJIT PAI, Chairman, Federal Communications Commission:  Thank you for having me.

    WILLIAM BRANGHAM:  So, you, I understand, are not a fan of these net neutrality rules from a few years ago.  What is your principal concern?

    AJIT PAI:  Well, I favor a free and open Internet, as I think most consumers do.

    My concern is with the particular regulations that the FCC adopted two years ago.  They are what is called Title II regulations developed in the 1930s to regulate the Ma Bell telephone monopoly.

    And my concern is that, by imposing those heavy-handed economic regulations on Internet service providers big and small, we could end up disincentivizing companies from wanting to build out Internet access to a lot of parts of the country, in low-income, urban and rural areas, for example.

    And that, I think, is something that nobody would benefit from.

    WILLIAM BRANGHAM:  Is there evidence, though, that these rules have disincentivized those companies?  There are — businesses are doing very, very well.  They're spending billions on the spectrum.

    AJIT PAI:  There is significant evidence that investment in infrastructure has gone down since the adoption of these rules.

    For example, there is a study by a highly respected economist that says that among the top 12 Internet service providers in terms of size, investment is down by 5.6 percent, or several billion dollars, over the last two years.

    And amongst smaller providers as well, just literally this week, 22 Internet service providers with 1,000 customers or less told us that these Title II regulations have kept them from getting the financing that they need to build out their networks.  And, as they put it, these net neutrality regulations hang like a black cloud over our businesses.

    And so what we're trying to do going forward is figure out a way that we can preserve that free and open Internet that consumers want and need and preserve that incentive to invest in the network that will ultimately benefit even more consumers going forward.

    Saturday, March 11, 2017

    GAMING - No Man's Sky

    "No Man's Sky is an action-adventure survival video game developed and published by the indie studio Hello Games for PlayStation 4 and Microsoft Windows.  The game was released worldwide in August 2016.

    The gameplay of No Man's Sky is built on four pillars: exploration, survival, combat, and trading.  Players are free to perform within the entirety of a procedurally generated deterministic open universe, which includes over 18 quintillion (1.8×1019) planets, many with their own sets of flora and fauna." - Wikipedia

    The above is an understatement.  It is also an open universe and open world.  It also plays somewhat real time, like how long it takes you to fly to a planet even with your 'Pulse Engine' aka Hyperdrive (as-in Star Trek).  Also, as you approach a planet you encounter asteroids that have to be avoided or destroyed with ship weapons.  Then there's the enemy starships.

    They just released Pathfinder Update v1.20:  "The Path Finder update introduces planetary vehicles, Base Sharing, PS4 Pro support, ship/weapon specialization, permadeath mode, and much more.  It shows the path for the future."

    Base Sharing:  "Bases can now be shared online, allowing other players to discover and explore your outpost."

    The play goes like this:
    • You start with your starship crashed on a planet
    • You have to repair your starship so you can take off, which means....
    • You have to salvage parts, gather minerals and ores, etc, needed to do ship repairs and upgrades to your environmental suit and 'weapon'
    All the while avoiding getting killed by the 'natives.'

    I am really having fun playing it.

    Monday, October 31, 2016

    CYBER WARS - Protecting Consumer Data

    "FCC chief outlines new plans to protect consumer data online" PBS NewsHour 10/27/2016


    SUMMARY:  There are new rules for broadband providers when it comes to collecting and sharing consumer data.  On Thursday, the Federal Communications Commission voted for the first time to create protections on the transmission of personal information for broadband providers.  Hari Sreenivasan speaks with Tom Wheeler, chairman of the FCC.

    HARI SREENIVASAN (NewsHour):  New rules for broadband providers when it comes to collecting and sharing customer data.

    The Federal Communications Commission voted for the first time today to create protections on the transmission of personal information from broadband providers.

    Tom Wheeler is the chairman of the FCC.  And he joins me now.

    What is a provider going to have to do under these new rules?

    TOM WHEELER, Chairman, Federal Communications Commission:  Well, the key thing is that it is the consumers' information.  It's not the network's information.

    And the consumer now has the choice to say how they want that information to be used and if they want it to be used.  So, there are really three key things.  One, there has to be transparency, that the consumers have to be told, here's what we're doing with your information.  Two, they have to have choice.  So, do you want to opt in or opt out of this kind of service?

    And, three, that data, when it's stored someplace, has to be stored securely and consumers have to know if there is some kind of data breach.

    HARI SREENIVASAN:  So, you have also expanded the definition of what is sensitive data.  And some businesses have pushed back, saying, the browsing history, the app usage, Internet companies like Facebook and Google, they already have all that, and you're placing undue burdens on companies like Verizon, AT&T, et cetera.

    TOM WHEELER:  But what we're talking about is not the fact that you may go to a dozen sites that each will get a little bit of information.

    We're talking about the network that takes you to every site and knows everything you're doing.  And that's the big difference.  You hire the network to deliver you to those sites.  You don't hire the network to take your information without your permission and turn around and resell it.

    Monday, October 3, 2016

    Tuesday, September 13, 2016

    COMPUTERS - Before Apple or IBM

    Osborne 1

    My very first computer:
    • Tandy (Radio Shack) TRS-80 Model 1 (aka 'Trash 80')
    • 64k memory
    • 80x25 Mono Monitor (no graphics)
    • 2 x 8" 180kb Single-Sided Floppy Drives
    • 1200 baud Modem
    • Cassette Player for loading OS and software, and transferring to floppy
    • TRSDOS, NewDos/80

    Monday, August 22, 2016

    CYBER WAR - NSA Code Breach

    "Analyzing the NSA code breach in the context of recent cybersecurity events" PBS NewsHour 8/17/2016


    SUMMARY:  On Saturday, programming code for National Security Agency hacking tools was shared online.  The content appears to be legitimate, but it is not clear if it was intentionally hacked or accidentally leaked.  Hari Sreenivasan speaks with The Washington Post's Ellen Nakashima and Paul Vixie of Farsight Security about where this development fits in the context of other recent cybersecurity breaches.

    HARI SREENIVASAN (NewsHour):  The National Security Agency's primary mission is to spy on the electronic communications of countries and people overseas.

    Over the weekend, though, sophisticated code the NSA developed to penetrate computer security systems was posted online.  This serious breach comes amid the ongoing revelations of the hacking of the Democratic National Committee and other organizations, allegedly by groups linked to Russian intelligence.

    For more on this, we turn to The Washington Post national security correspondent Ellen Nakashima, and Paul Vixie.  He designed and built some of the software that is the backbone of the Internet today.  He is now chairman and CEO of Farsight Security, a computer security firm.

    Ellen Nakashima, what happened this weekend?  What got released?

    ELLEN NAKASHIMA, The Washington Post:  Over the weekend, apparently on Saturday, mysteriously, a cache of NSA hacking tools was released online through file-sharing sites such as BitTorrent and Dropbox.

    It really wasn't noticed until about Monday, when the computer security community started commenting on it and questions arose as to whether or not the NSA had been hacked.

    HARI SREENIVASAN:  So, Paul Vixie, if these lock picks, these digital tools to try break into different systems out are out in the open now, these are the tools that the American government was using, what is the consequence, if it is in the public sphere?

    PAUL VIXIE, Farsight Security:  Well, I think, every day, everybody is trying to hack everybody.  So, this is not huge news.

    What's big news about it is that these tools were built by the U.S. government.  Some of the lock picks, as you call them, are now obsolete.  They are relying on vulnerabilities that have since been closed, because the files are about 3 years old.

    But at least one of them is active against a very current piece of equipment from CiscoAnd it is going to lead to a lot of break-ins while the patches are prepared and shipped and then applied.

    Friday, July 29, 2016

    PC GAMES - Hacker Evolution series

    Ever wanted to see what it's like (or be) a Hacker?  Then you should get Hacker Evolution, a single-player simulation game from Exosyphen Studios.  Available on Steam.

    From their site, About the Game:

    Stock exchanges.  Central banks.  Satellite uplinks.  Transoceanic fiber optics links.  All mysteriously succumbing to an unexpected “evolution” of the web.  When the world’s critical services start to collapse, you know this is more then a simple event.  Who or what is behind it?  Only an experienced and dedicated hacker, with know-how gained as an international cyber-intelligence agent, can root out the cause and bring it down. 
    The creators of Digital Hazard and BS Hacker bring you to new levels of hacking simulation, with unparalleled graphics and a pulse-pounding sound track.  Hack into computers, look for exploits and information, and steal money to buy hardware upgrades as you attempt to assemble the pieces of an international puzzle.  Your virtual operating system environment is packed with the features to immerse you in the role of world-class hacker.

    Hacker Evolution is a totally unique experience, challenging the evolved gamer's intelligence, attention and focus to create a captivating mind game.  Solve puzzles, examine code and bits of information, and evade the system’s trace to reach your objectives.

    Here's a screenshot of the screen:

    There are 3 releases of the series available now (in order):
    1. Hacker Evolution (original)
    2. Hacker Evolution Untold
    3. Hacker Evolution Duality
    And an upcoming release, Hacker Evolution IMMERSION (on Steam's Early Access)

    There is a nice "Hacker Evolution Tips and PrimerHacker Evolution Tips and Primer" in Steam Discussions.

    Also "Hacker Evolution - Complete Walkthrough

    Monday, May 2, 2016

    BACKDOORS - From Cisco

    "Cisco Finds Backdoor Installed on 12 Million PCs" by Eduard Kovacs, Computer Help Forums 4/28/2016

    UPDATED:  Cisco’s Talos security intelligence and research group has come across a piece of software that installed backdoors on 12 million computers around the world.

    The software, which exhibits adware and spyware capabilities, was developed by a French online advertising company called Tuto4PC.  The firm, previously known as Eorezo Group and apparently linked to another company called Wizzlabs, has been targeted by French authorities over its questionable practices regarding the installation of unwanted software and harvesting of users’ personal details.

    Cisco started analyzing Tuto4PC’s OneSoftPerDay application after its systems detected an increase in “Generic Trojans” (i.e. threats not associate with any known family).  An investigation uncovered roughly 7,000 unique samples with names containing the string “Wizz,” including “Wizzupdater.exe,” “Wizzremote.exe” and “WizzInstaller.exe.” The string also showed up in some of the domains the samples had been communicating with.

    Researchers determined that the application, installed with administrator rights, was capable not only of downloading and installing other software, such as a known scareware called System Healer, but also of harvesting personal information.  Furthermore, experts found that the software is designed to detect the presence of sandboxes, antiviruses, security tools, forensic software and remote access doors.

    These “features” have led Cisco Talos to classify the Tuto4PC software as a “full backdoor capable of a multitude of undesirable functions on the victim machine.”

    According to Tuto4PC’s website, the company offers hundreds of tutorials that users can access for free by installing a piece of software that displays ads.  However, based on Cisco’s research, it appears the company is doing more than just displaying ads.

    Tuto4PC said its network consisted of nearly 12 million PCs in 2014, which could explain why Cisco’s systems detected the backdoor on 12 million devices.  An analysis of a sample set revealed infections in the United States, Australia, Japan, Spain, the UK, France and New Zealand.

    “Based on the overall research, we feel that there is an obvious case for this software to be classified as a backdoor.  At minimum it is a potentially unwanted program (PUP).  There is a very good argument that it meets and exceeds the definition of a backdoor,” Cisco Talos researchers said in a blog post.

    “The creation of a legitimate business, multiple subsidiaries, domains, software and being a publicly listed company do not stop this adware juggernaut from slowing down their attempts to push their backdoors out to the public,” they added.

    In response to Cisco’s blog post, Tuto4PC Group CEO Franck Rosset clarified that its antivirus bypass technology is not used for malicious purposes — he says it’s designed to make it easier for users to install its applications, which have been blocked by antiviruses.  The company has provided the following statement to SecurityWeek:

    • “The Talos blogpost is inaccurate in describing Tuto4PC as a shady malware distribution enterprise.  We are currently working with our lawyers in order to evaluate the action we can take against Talos’ inexact (negative) presentation of our business.
    • We are a listed company on the French stock exchange.  Since 2004, our business model is to create widgets, tutorials etc, for free download on download websites.  The download of our programs is for free subject to agreement for accepting advertising from an adware attached in the download.
    • Contrary to Talos’ wrongful allegations, our business has been approved by French regulators and we have never been indicted or sued for any malware distribution!!!!
    • We have a technology subsidiary (Cloud 4PC) with some developments in cybersecurity.  Due to some undue blocking by antiviruses that recently blocked Tuto4PC adware (some of them have also an adware business model), we are using a bypass technology so that people can easily download our programs (and adware).  Although the bypass software is extremely efficient, it has no other purpose or use that helping the Tuto4PC adware download.
    • There is no malware activity and Talos cannot prove or show any malware use of the program — with more than 10 million installed, if there was to be any malware activity, obviously there should be some user complaints.
    • As you can see, we are a French company — very easy to reach, we are not hiding in some rogue country — we do not understand why Talos has not contacted us prior to their post.
    • In any case, our subsidiary Cloud 4PC is going to launch soon “AV Booster,” an antivirus booster that will help stop any real malware that use bypass techniques like the ones we developed."

    FBI NEWS - Ransomware

    "Incidents of Ransomware on the Rise" FBI News 4/29/2016

    Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted recently by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.

    The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation.

    And, of course, home computers are just as susceptible to ransomware, and the loss of access to personal and often irreplaceable items—including family photos, videos, and other data—can be devastating for individuals as well.

    Ransomware has been around for a few years, but during 2015, law enforcement saw an increase in these types of cyber attacks, particularly against organizations because the payoffs are higher.  And if the first three months of this year are any indication, the number of ransomware incidents—and the ensuing damage they cause—will grow even more in 2016 if individuals and organizations don’t prepare for these attacks in advance.

    In a ransomware attack, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code.  Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

    One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to.  Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key.  These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.

    Ransomware attacks are not only proliferating, they’re becoming more sophisticated.  Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals.

    And in newly identified instances of ransomware, some cyber criminals aren’t using e-mails at all.  According to FBI Cyber Division Assistant Director James Trainor, “These criminals have evolved over time and now bypass the need for an individual to click on a link.  They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.”

    The FBI doesn’t support paying a ransom in response to a ransomware attack.  Said Trainor, “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom.  Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity.  And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”

    So what does the FBI recommend?  As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas:

    • Prevention efforts—both in both in terms of awareness training for employees and robust technical prevention controls; and
    • The creation of a solid business continuity plan in the event of a ransomware attack.  (See "Tips for Dealing with the Ransomware Threat" below)

    “There’s no one method or tool that will completely protect you or your organization from a ransomware attack,” said Trainor.  “But contingency and remediation planning is crucial to business recovery and continuity—and these plans should be tested regularly.” In the meantime, according to Trainor, the FBI will continue working with its local, federal, international, and private sector partners to combat ransomware and other cyber threats.

    If you think you or your organization have been the victim of ransomware, contact your local FBI field office and report the incident to the Bureau’s Internet Crime Complaint Center.

    Tips for Dealing with the Ransomware Threat

    While the below tips are primarily aimed at organizations and their employees, some are also applicable to individual users.

    Prevention Efforts

    - Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.

    - Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).

    - Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.

    - Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.

    - Configure access controls, including file, directory, and network share permissions appropriately.  If users only need read specific information, they don’t need write-access to those files or directories.

    - Disable macro scripts from office files transmitted over e-mail.

    - Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).

    Business Continuity Efforts

    - Back up data regularly and verify the integrity of those backups regularly.

    - Secure your backups.  Make sure they aren’t connected to the computers and networks they are backing up.

    More info