NSA GitHub – Are they really being transparent

Earlier this week it came to light that the NSA (National Security Agency) had created a GitHub account, and realises some programs on the platform.  This bring up a number of questions, firstly are they really trying to be that transparent or is it a novel way to try and win back the trust of the public.
Thankfully the source code for all of the application is available so it is possible to see what is going on within them, as a major concern of mine would be the potential back doors or snooping application like this could do to e user if they where not able to actually see what was going on…

But this does still beg the question as to why they have realised it, now it is not uncommon for application and other such items to trickle down the pipe line to the more “consumer” market eventually but after the vault 7 leaks a few month ago it is possible to see that they have so many more application with much more malicious uses than the few that eye have realised for the public. So there is the potential they they have realsed stuff that is out dated to them or that they don’t feel will be to compromising to all if their activitys.

What is WannaCry

Recently you might have read that a computer virus by the name of WannaCry has been extorting money from people and organizations all over the world. But what is WannaCry and should you be worried?

WannaCry  (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is a computer worm that has been effecting Windows computers over the past week. It is rumored to have been enabled and aided by some of the recent Vault 7 vulnerabilitys including EternalBlue that the NSA (National Security Agency) had been collecting and storing over the past few years. This has lead to one of the most widespread and effective ransomware’s that has been seen to date. Not just targeting your average user but also going after large corporations and organization such as the NHS (National Health Services)

wannacry_05_1024x774-0
The WannaCry GUI that users have been met with

But what does it all mean, this ransomware could have sat dormant for month (It very likely has) just trying to spread the infection to as many vulnerable machines as possible. Until it is then activated by either the creator or by s spesific time and date. Once the infection is triggered the malicious package then encrypts the users PC and demands the user to pay the “Ransom” in this case the amount was $300 or £231.59. This is a rather large amount of money and on the scale of the attack would have made it a very profitable venture if all of the effected users pay the money to gain access back to there device.

In the case of WannaCry effecting the NHS it could have potentially cost human lives as well, because it was effecting hospitals and GP surgery’s. Without having access to the patient information the medical practitioner might have been unable to proceed with a user treatment or potential be unable to access the patients personal information.  But WannaCry made a few fatal error is the design and execution of the virus. Firstly the ransom payment was required in bitcoins (Bit coins are a digital currency with no central regulation making it hard to track) but because there what only 4 addresses to pay the bit coins too and because they where hard-coded into application it means that the possibility of tracking them is a whole lot easier. And then there is the built in “Kill Switch” that was again hard coded into the application. This meant that to deactivate the ransomware, a website address needed reached. Meaning that researchers were able to find the target URL and register it meaning they then had the ability to deactivate the program.

For such an effective and wide spread virus it looks as if corners where cut, for example if the URL that was required for the “Kill Switch” had been coded to be random it would have made the pressure of finding the target URL much greater as there would not have been a clear target. And the next blunder was in the form of having only used 4 Bitcoin payment addresses, because of this it will make the authority’s job of tracking the Bitcoins slightly easier as they will just have to monitor bitcoins public transaction ledger know as the blockchain. It has also been found by Cisco researchers that the “Check payment” button did not actually do anything other than display one of 4 possible out come, meaning that the decryption of the devices was most likely done manually. But there is also speculation that the creator may just have send out a random handful of decryption keys to make it appear as if the payment has gained the user access to there machine again. If that is the cases then this virus should not really be called ransomware at all, as there is a strong possibility that even after the ransom has been paid the user will not just be given access back to their files, making this more Theftware.

hacking

But there has been further speculation from other security researches that this attack might have been made to look as if it was ransomware. This could mean that the creators had alternate motives. This could have been for a number of things, but when you consider the sort of things that where effected and completely parallelized (Hospital equipment, Trains and ATM’s) could it be possible that the ransomware side of this attack was merely a cover up? And when you consider that researchers at Kaspersky Lab have been finding evidence linking WannaCry to North Korea. This was in the form of similar code that had been used in a previous attack this year. A number of other big names in cyber security have also backed up these claims as they too have noticed drastic similarity within the code that has been used in both attacks. And when you look at the raising tensions between the USA and North Korea and acknowledge the fact that “cyber space” is the new battle field this could have just been a test run for bigger things to come, but of course this is all merely speculation.

But what do you do if your computer if effected by Ransomware and are there any procotions that you can take to make it less damaging.

Precautions to take


  • Always keep regular backups of any documentation and files that you need or do not wish to lose. You could back them up to an external devices such as a USB stick or an external HDD. The other option would be to back up your files and documents to one of the many cloud services such as GoogleDrive or Microsoft’s OneDrive.

 

  • Make sure you download and install regular updates on your operating system, this should hopeful help to prevent the vulnerability being present on your computer.

 

  • If you machine does get infected by ransomware the first thing you should do is disconnect your devices from the internet, this could possibility prevent the virus from encrypting all of your data.

 

 

 

 

Paid vs Free: Anti-Virus Software

Recently I have encountered a few viruses on my PC in the form of constant pop ups to malicious websites every time I try to access any web page. This lead to to me running a number of deep Scans using my Paid and trusted Bitdefender. And I thought after ruining a couple of scans everything would be grand. But as it turns out the scans found no issues with my PC.

But it was apparent there was an infection, and with the recent WannaCry attack being so prominent I felt further action had to be taken to avoid any more issues causing further harm to my Computer and potentially my personal file. So the next step was to turn Bitdefender on to Paranoia mode, this essentially locks down your PC requesting permission before websites and application can connect to the web. But again the pop ups to malicious websites continued. This was rather annoying as in my opinion Bitdefender was on of the better paid Anti-Virus software on the market with a nice UI (User Interface). But it just was not finding these malicious files causing trouble on my computer.

Bitdefender UI

So after a while I decided it would be a good idea to have a second set of eyes look over it so to speak and that’s when I decide to download Malwarebytes because I had used it in the past, in its free and portable form. The download is simple and it installed right along side Bitdefender, so I decided to do my first scan, and it turned out there were a whole lot of potentially unwanted files that Bitdefender had seemingly ignored.

Now if Bitdefender was only a free package I could have understood somewhat that it was not finding everything but after 3 full system scans (bearing in mind i have about 6TB for it to scan so it took a while) But considering this application cost per year I was bitterly disappointed. And for Bitdefender to scan my system in about 5 minuets and to find a number of unwanted applications and file it was a bit of a blow to moral.

But I was genuinely impress with Malwarebytes, not only is the free application very effective and quick. But it also removed or placed into quarantine the files that where reeking havoc on my PC. It has also  lead me to think about dropping Bitdefender as my Anti-Virus software of choices and pay for the premium Malwarebytes.malwarebytes

One thing that might deter you from taking Malwarebytes as your go to Anti-Virus however could be the cost, for 1 machine for a year it will set you back about £29.99 and for a second machine the cost is £44.99. For me this is a large sum of money when it will only cover 1 machine for £29.99.

In comparison Bitdefender is only £34.99 for 5 machines for a year, it also throws in some other features that I found to be quite a nice little addition. Such as the devices tracking ability, this is accessed by a very sleek and well built web application letting you log in and not only track all of your devices but also add new devices or remove them from the account. It also offers features such as file shredding meaning that once a file is “Shredded” there should be next to no trace of it left on your machine, Bitdefender will also allow you to encrypt parts of your hard drive to securely and easily store files. And the built in password manager is just a bit of a bonus as well.

So all in all I was genuinely impress with how effectively and smoothly Malwarebytes was able to remove the harmful files that Bitdefender was missing. But will I be moving from Bitdefender? There is a strong possibility but money is one of the things keeping me drawn to it, as I currently have my Bitdefender deployed over 3 different devices, this would mean spending £74.98 to protect all of my devices and that not a little bit of money to just throw around. If anything I will get Malwarebytes for my main machine and have it run along side Bitdefender to try and maximize the protection my system has.

 

McAfee 2017 Threat Predictions: Are they right?

At the beginning of the year McAfee release a document laying out there predictions for cyber security. And with it being almost half way through the year I feel it would be appropriate to write a review on how there predictions are coming on and if they are coming true.

The initial part of the document I am going to cover is the prediction that “Ransomware subsides in the second half of 2017” For those that don’t know ransomware is a type of malware essentially take control of the users data until the demands or ransom are met. and it is becoming a much greater issues, there have even been cases of not just PC’s but also mobile devices being effected by ransomware. And although the measures to stop these types of attacks are improving the methods for delivering these attacks is also becoming an issue. This could be in the form of using multiple vulnerability to achieve the final goal.  These current point of Internets to the Ransomware attacks are:

  • Adobe Flash
  • Microsoft Internet Explorer and Edge browser
  • Java, PDS and Microsoft office
  • Windows Kernel
  • Infrastructure software
  • Virtualization software
  • Security Products

But McAfee’s prediction of ransomware reducing by the second half of the year could look to be incorrect, this is because of a recent attack that has effected the NHS (British National Health Services) There where a number of services effected including a number of Hospitals, Pharmacy’s and GP Surgery’s. The attack was encrypting data and then demanding £230 to decrypt the files. This could have had a massive effect on the health and live of real people. Usually when you see a large scale cyber attack it is on large organization and companies that do not literally have peoples lives in there hands. This attack could have lead people dying.

The attack is called WannaCry worm and how was it so effective. Well it is rumored to have used some exploits that where found when a large number of NSA documents where leaked earlier this year. These leaks where called Vault 7 that detailed a number of exploits that the NSA had been finding and collecting .

How the WanaCry worm works, is when it finds a vulnerability machine on a network  it will infect that machine and sit and wait until it can find more vulnerable machines on the network and then it will keep the processes going until as many machines as it can infect are infected. From there there could be a trigger for the attack to start or it could open up the infected machines to more complicated attacks, this could be in the form of allowing malicious files to be download to the machine or it could simply be that the worm will in fact deploy the ransomware attack.

There have been reports all over the world in the past few days about large scale attack of this nature, so is this the end or is it only going to get worse?

Gaming Laptops

I’m currently looking at getting a new laptop, although the main use of the laptop will not be gaming I like the hardware that is offered in these types of laptops. And with so many options it is really hard to choose the one that will be right for you.

First of all there is the size of the laptop, my current one is 15 inch and is an acquitted size. But I’m getting drawn to a 17.3 inch one due to the vast amount of screen space, making task much as data analysis a littler bit more comfortable, and of course to play the odd game on a slightly larger screen is a plus. The issue with a lot of powerful 17.3 inch gaming laptops is that they are not the lightest and thinnest. Meaning that the overall portability is to going to be limited. And considering i will be carrying this laptop around with me everyday i would rather something that isn’t going to weigh me down a huge amount.

So I started to do some research and initially checked the go to brands for gaming laptops, this includes Alienware, Asus, MSI and Acer.

The issues in my opinion with the Alienware laptops is how thick they are, i have seen the 13 inch models they use to do and it was about the width of two 13 inch netbooks. This is a slight deal breaker and I am yet to see them release a slightly thinner one like a lot of other companies do. Asus and MSI are both great examples of this as they bother offer there own flagship gaming laptops with incredible hardware and performance, but again size and weight. So after a number of searches 3 laptops just kept coming up

 

AsusStrixHPOmenMSIStealth

After looking at the hardware that I was after these 3 laptops came out on top, and the MSI and Asus ones went straight to the top of my list. Although the Asus one has a larger build it would still be a manageable size to use every day, but the MSI one just looks incredible. Granted it is the most expensive of the 3 but in my opinion it is the nicest looking with a sleek brushed metal finish and looking less like a gaming laptop than the other 2 i feel it suites my requirement the best.

It still amazes me somewhat the Pascal GPU’s can be put into laptops and have more or less the same specification as the desktop equivalent. And it might only have a 1060 in it but this card will stick pack a punch playing most games. I did look at ones with a 1070 but i just could not justify the extra money for a GPU that i really would not utilize that much. I have also read a large number of reviews on this deviceand it appears to be all positive. Something you would expect when a company like MSI brings out a gaming laptop.

 

So this is just a little food for thought if anyone is looking at getting a gaming laptop that looks sleek and professional while not weighing over 2.5kg, and stick packs a mighty punch!

 

If anyone has this laptop leave your opinion in the comments below.

 

Current Project: Unity Game

So I have recently been tasked with creating a game in unity, and for someone who is not overly comfortable programming it seemed like a scary task. But after a little bit of playing around and tweaking, i found it was relatively straight forward (I do have some experiences with programming) And withing 2 days I have been able to create almost a demo of a game, I’m unsure if I will pursue this much further than the required demo. But i was amazed at how accessible Unity was, and with the amount of free assets it was simple to get models for just about anything I required. I would definitely recommend trying unity for anyone that just wants to play around with games creation as it was very enjoyable. At times it was almost like playing a game!