The Week In Ransomware

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

The fun and games goes on.  What gets to me is that the people doing this stuff have no empathy for the typical user who just wants to use the computer and ‘net without hassles.

Read More

Getting A Cybersecurity Education From The Cloud

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

With the constant new threats and the expanding consequences of those threats there is a growing need for people to handle cybersecurity situations.

The IEEE has a paper on setting up a program that is cloud based.

 Cybersecurity needs for the government, businesses and other parts of society are constantly growing, making cybersecurity training and education a vital need. There is a distinct lack of skilled and trained workers in this specialty area. “Teaching Cybersecurity Using the Cloud”, a technical paper from the IEEE Xplore® Digital Library, explores a solution to this problem that utilizes a cloud computing system to conduct a course for students on cybersecurity.

Teaching students about cybersecurity involves more than reading from a textbook and learning about theories. Students must also have practical and hands-on experiences dealing with cybersecurity threats. The article authors used cloud computing through Amazon Web Services to teach a senior course on cybersecurity across two campuses in a virtual classroom with live audio and video. They studied how cloud-based laboratory exercises could teach students the skills they would need to pursue a career in cybersecurity.

The goal of the course was to expose students to modern network security issues, protocols and technologies, as well as analyzing security solutions and countermeasures. The students were able to learn and perform lab activities all within the cloud. This cloud model of learning can enable students to gain invaluable cybersecurity skills, without having to be at a specific location. In turn, this way of teaching can help to educate more students, without the need for a traditional classroom and lab setup, leading to a growing workforce of cybersecurity experts.

http://transmitter.ieee.org/growing-cybersecurity-workforce-using-cloud-education/

The ongoing evolution of malware means that cybersecurity training has to be an evolutionary and constantly adapting process as well. The techniques learned today are going to be obsolete as the vectors and damage that malware creates changes.  yesterday it was system blockers, until people realized that the data was still there and all you had to was reinstall the operating system. A lengthy process, but not fatal. Now we have ransomware, which encrypts the data.  The problem with that is if the data is encrypted with the intent to recover after the ransom is paid the public key has to be available and it only takes one file to get the other key and decrypt everything. Along with that, ransomware is probably doing good business for the backup people.  So there will come another threat that will need to be addressed.

So cybersecurity education needs to be updated and adaptive. Hopefully the educator understand and keep up with the requirements that will always be changing because the people creating the malware are always looking for a new way to get paid.

http://ieeexplore.ieee.org/document/7089256/

 

The week in ransomware.

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-31st-2017-sanctions-android-and-creepy-skulls/

Tor And The FBI

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

I’m going to point out that the big mistake was made by the people who assumed that use of TOR would allow them to remain anonymous.  What they need to understand is that TOR is a utility that is funded by the State Dept. of the US government and created by the US Navy.  Which might give you pause if yo think that you can avoid the interest of US law enforcement forever.  While in this case it was child porn, I imagine that all illegal interactions on TOR are becoming roundtuits for the various US and international law enforcement agencies as the use of TOR for things like ransomware, dark markets and things like playpen, have gotten out of hand in recent years.

The FBI has withdrawn from this case to avoid revealing the methods used to hack TOR, for the moment, though you have to wonder what that gets the defendant, who for a long time is going have to realize that he will be under investigation and all it’s going to take is one little slipup.  This isn’t like a ransomware ring where the perpetrators will just disappear and who expect to get servers seized and shutdown as a part of the business.  Pedophiles tend to return to their bad habits and the Cops can afford to wait on this one.

https://arstechnica.com/tech-policy/2017/03/doj-drops-case-against-child-porn-suspect-rather-than-disclose-fbi-hack/

https://threatpost.com/doj-dismisses-playpen-case-to-keep-tor-hack-private/124102/

People shouldn’t believe that TOR protects them from illegal activities. The fact is that TOR actually has rules it has to live by and can liable for illegal activities if it’s found that TOR aided in those activities.  That’s both due to the funding legislation for TOR and the common carrier laws under which TOR operates.  So expecting illegal activity to continue to be secured by using the TOR network is probably a fools choice as the sudden destruction of dark markets and other illegal activities that used TOR has proven.

The week in ransomware:
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-10th-2017-spora-cerber-and-technical-writeups/