UK Goverment Confirms WannaCry Speculation

Last week reports emerged of the UK government confirming their suspicions of WannaCry being a state sponsored attack involving North Korea.

Earlier this year, just after WannaCry came to prominence I wrote an article What is WannaCry.  In which I speculated due to the nature and style of attack, it did not appear to follow the traditional Ransomware style. What I mean by this is, from the outset WannaCry was targeting and effecting core infrastructure as well as the Public sector in the UK. Resulting in WannaCry becoming somewhat of a disruption, as a rule Ransomware attacker aim to make the process of decrypting the data as smooth and straight forward for the victims as possible. This is likely due to them being after one thing, money. Mozilla conducted an investigation as part of there Online Life is Real Life podcast series a from their investigation they rated Ransomaware customer services. This highlights how the process of ransomware cannot be to complicated as it will reduce and limited their overall ability to collect the ransom

But there are numerous article floating around the web that indicate WannaCry made between $20,000 – $100,000. For an attack of this level that impacted hundreds of thousand of people it was a very poor take.
But the level of chaos and “denial of service” that WannaCry caused indicated to myself that their was more to it than just the money. I am aware that the traditional sence a denial of service or DDoS is targeting web services and flooding them with packets. But in this case WannaCry effected ATM machine as well as computer within hospitals, effectively denying service to them.

Of course the North Koreans released a statement to the effect of them having no involvement and that these accusations are nothing but wild speculation. But it is important to consider that this “speculation” was floating around from the beginning of WannaCry and was stated by a number of security research teams that looked into WannaCry. As well as this, the UK government would not make these accusations without a substantial level of evidence.

The north Koreans have in te past been accused of other attacks, mainly the attack on Sony. This attack was alleged to have happened due to the upcoming release of movie The Interview.

Please let me know your views on the North Koreans involvment in WannaCry in the comments below.

 

 

Glasswire Review – The Complete Network Monitor

Glasswire might just be your complete network monitoring and security tool, for both professionals user and home users. I have found from use that it becomes an asset to your security policy, being that at work or home.

Glasswire - Free Features

Glasswire is packed full of features that are designed to not only make your life easier, but also give you piece of mind that your computer is safe from malicious software such as remote Keyloggers and Trojans. This proves evident when you consider the Webcam and Mic detection feature that will notify you if your webcam or mic is activated. And after the leaked documents from Edward Snowden, this concern is ever more prominent. The amount of people you see with tape or a cover over their laptops webcam is not to be ignored.  And rather than placing a sticker or tape over your webcam you could simply turn on the webcam and mic detection feature.

Glasswire -Webcam Detection

The webcam and Mic detection feature can also be used in conjunction with the network monitor, and if Glasswire detected the webcam was in use and you are to see suspicious network activity you would be able to deduce that there could be a Trojan or other remote element on the PC. These features combined make Glasswire a force to be reckoned with in regard to preserving your privacy and preventing your system being compromised.

GlassWire - NetworkScreen

Have you ever wanted to know what or how many devices are connected to your WiFi network, well Glasswire has the solution. Under the network tab you can choose to scan your network and from there it will build a list of all of the device connected to the network.

This will then let you label each device. The ability to label the devices is a nice touch considering in some household there could be as many as 4 iPhone’s that would all be identified by the same name.  And by labeling all of your devices each time you notice an unrecognised device on the network you will be able to carry out an investigation and remove any labeled device from the equation.

As well as this it also has a built in firewall, that can alow you to block or allow certain applciaitons from accessing the outside world. This feature could be very useful if you are to notices some suspicous activity and your first port of call could be to block its network access before investigatong further. This could potentaly save you a massive amount of trouble depending on the type of malware it is.

This slideshow requires JavaScript.

The user interface is warm and welcoming, and offer a few different skins so the user can add their own personal touch to it. And due to all of the option being very clear and easy to access it s quick and smooth to navigate without having to jump through hoops to find certain elements of the application.
GlassWire PricesGlasswire does offer a free option, and for most users, that might be all they need. It will still allow you to monitor your data usage and see a visual representation of network activity.
But considering the ‘Basic’ option starts at $49, paying for the added features will not break the bank and in most cases will cover your average user who may just want to see what is connecting to their wireless network and see what is using data on their PC (This could be beneficial if on a metered internet plan)

The next package the ‘Pro’ comes in at $99 but if you break that down at cost per computer it is only $33 a system. And bundle that with the remote monitoring ability it could be ideal if you have a home server, or multiple devices that you wish to kep an eye on.
And finally there is the Elite version, this I would imagine is targeted at business uses due to the number computers. But depending on your home set up it could be used for a home set up and with that many devices in the home a remote monitoring ability could save a huge amount of time, stress and worry.

To conclude, I personally feel that Glasswire take ‘Cyber Space’ and gives the user a real-time visual representation that would otherwise remain hidden or hard to interpret. It offers the user a nice and smooth experience while also delivering the information in a manner that you do not have to be a network engineer to understand. And I would highly recommend it to anyone who is looking to bolster their security policy at home or work.

ProtonMail – Review

I recently wrote about ProtonVPN, a VPN services from the creators of ProtonMail. And for those of you that don’t know, ProtonMail is a service that provides security and encrypted emails.
If I can remember correctly I was part of the in initial launch and was in a waiting list for a free account. And this was only due to seeing some stuff on Twitter about it and letting my curiosity get the better of me, and I’m glad it did.

So what is ProtonMail, well to put it simply it is an encrypted email client that is based in Switzerland, and by just saying that you should know that the privacy and security of its user will be fantastic. This is largely due to Switzerland having some of the best laws in place for online privacy and security. So you know from the start that they are going to make sure your privacy is protected as strongly as possible.

Creating you ProtonMail account is much the same as creating any email account these days, you chose a username and set you passwords. But unlike the likes of Gmail and setting only one password ProtonMail asks for you to set an account password and then another password for your mailbox. This is a second line off defense to prevent your account being compromised. You can also set up 2 factor authentication from the security tab in the settings later. This again adds another layer of security before you can even view your inbox. And don’t worry this isn’t just some SMS verification, you can use just about any authenticator application on the market.

The web client its self looks just like any other email client, this I feel is a great thing because it feels as natural an environment as you’d likely be use to. Before using ProtonMail I was skeptical that the user interface might have been lacking in the looks department as their main priority is the security and protection of their users. But gladly this is not the case. There are 2 options for the layout of your inbox, the first displays your emails in a column on the left and then display the selected email on the right. And then the section option is to just have the list of emails and you can open the emails you wish to view. Depending on where you are when you are using this client could depend on how you have it laid out.

Continue reading “ProtonMail – Review”