McAfee 2017 Threat Predictions: Are they right?

At the beginning of the year McAfee release a document laying out there predictions for cyber security. And with it being almost half way through the year I feel it would be appropriate to write a review on how there predictions are coming on and if they are coming true.

The initial part of the document I am going to cover is the prediction that “Ransomware subsides in the second half of 2017” For those that don’t know ransomware is a type of malware essentially take control of the users data until the demands or ransom are met. and it is becoming a much greater issues, there have even been cases of not just PC’s but also mobile devices being effected by ransomware. And although the measures to stop these types of attacks are improving the methods for delivering these attacks is also becoming an issue. This could be in the form of using multiple vulnerability to achieve the final goal.  These current point of Internets to the Ransomware attacks are:

  • Adobe Flash
  • Microsoft Internet Explorer and Edge browser
  • Java, PDS and Microsoft office
  • Windows Kernel
  • Infrastructure software
  • Virtualization software
  • Security Products

But McAfee’s prediction of ransomware reducing by the second half of the year could look to be incorrect, this is because of a recent attack that has effected the NHS (British National Health Services) There where a number of services effected including a number of Hospitals, Pharmacy’s and GP Surgery’s. The attack was encrypting data and then demanding £230 to decrypt the files. This could have had a massive effect on the health and live of real people. Usually when you see a large scale cyber attack it is on large organization and companies that do not literally have peoples lives in there hands. This attack could have lead people dying.

The attack is called WannaCry worm and how was it so effective. Well it is rumored to have used some exploits that where found when a large number of NSA documents where leaked earlier this year. These leaks where called Vault 7 that detailed a number of exploits that the NSA had been finding and collecting .

How the WanaCry worm works, is when it finds a vulnerability machine on a network  it will infect that machine and sit and wait until it can find more vulnerable machines on the network and then it will keep the processes going until as many machines as it can infect are infected. From there there could be a trigger for the attack to start or it could open up the infected machines to more complicated attacks, this could be in the form of allowing malicious files to be download to the machine or it could simply be that the worm will in fact deploy the ransomware attack.

There have been reports all over the world in the past few days about large scale attack of this nature, so is this the end or is it only going to get worse?

Password Managers: Yay or Nay

Recently I started using Intel’s True Key application across a number of my devices. This includes my iPhone, iPad, Laptop and Desktop PC. I have used some password managers in the past but never really felt the requirement untill maybe the last 6 month, this is due to me not only having a lot of account, but because the passwords are different between them. This would regularly lead to me having to either reset the password using my email or lead to a text to my phone that would then let me log in.

I elected to use Intel’s True Key based on a few things, the first was that I was aware of the fact that Intel owned Mcafee security. This gave me the impression that unlike some of the other password managers out there this is backed by an actual security company. Which you would like to think has influenced the security and design of this product. And the second reason this application was the one I choses was that it able me to use it on all of my devices meaning I could always have a list of passwords with me.

I have seen some password managers that store the information on the devices it’s self meaning if you don’t have that devices or it was to break you could be without your list of passwords. The True Key application has a nice feel to it, it has not been made overly complicated and works well. One of the nice features is the password generator feature, meaning that you can generate a 30 character password using letters, numbers and symbols. This works well with the fact that on the PC True Key will prompt to log into your accounts meaning you don’t have to type out a 30 character password. This means your online accounts can be very secure and the only password you will have to remember is your True Key master password.

It also removes the potential for unauthorized access to any of the accounts you use online as it is common for people to have a note-book with all of their acount details in. This could lead to numerous problem in the form of fraud or having accses to your own accounts removed. When all you really need to do is use True Key, on the iPhone it will use the fingerprint to log into the application meaning you wont even have to type the master password!

Overall as password managers go that I have use True Key feels like the best on out there in my opinion. Not only is it a product from Intel meaning you know it is going to be decent in regards to functionality and quality. But it is not overly complicated to use and offers a ranger of features across a number of devices that I havent seen from any other password managers.