Trick or treat? Watch out so a ransomware won’t end up between your Halloween sweets

By Ondrej Kubovič

There are many spooky things in this world and Halloween brings them all to the spotlight. Does your biggest fear involve spiders, zombies, ghosts, horror movies or is it rather something from cyberspace? Many online users would probably opt for the latter – after their experience with ransomware.

It’s due to the methods this kind of malware uses when attacking its victims. Honestly, who wouldn’t get spooked by computer screen suddenly flashing a notice from your local police that your computer contains illegal data, subjecting you to hundreds of dollars in fine? Ok, this could be a bit too obvious…

Or take another way of making its victims squirm often used by the cybercriminals regardless if it’s Halloween, European Cyber Security Month, or Mother Theresa Day. It involves placing a giant countdown timer smack in the middle of your screen. And if you don’t comply within the given timeframe, you risk losing access to all the valuable data, which is now encrypted by the malware.

And flaming fears is exactly what the cybercriminals want. They don’t need a mask or dramatic music to scare the hell out of their victims. They simply force them to act under pressure, inviting mistakes along the way. Their one aim is to extort money − and in the worst case scenario, not even bother returning/decrypting the captured information.

Boogeymen for your mobile devices

And you want to know what is really annoying about ransomware?  The bad guys are moving over from PCs and laptops to mobile platform, making their malware creations even more sophisticated along the way. So, the bad news is, you need to be a bit more careful on your mobile. Here is why:

Android/Lockerpin.A discovered by ESET only a few weeks ago. It is a first mobile lock-screen-type ransomware detected by ESET research that sets the phone’s PIN lock. After this, the victims are forced to pay $500 for the alleged viewing and harboring of forbidden pornographic material. Spooky, isn’t it?

In 2014 there was another nasty piece of malware at work – dubbed Simplocker. Its goal? Scanning the SD card of the infected Android smartphone, looking for specific extensions, and encrypting the files until the ransom is paid for their decryption.

But as we mentioned earlier, aggressive ransomware isn’t just targeting mobile platforms.  At the beginning of 2015, CTB-Locker (detected by ESET Telemetry as Win32/Filecoder.DA) was spotted making its rounds on desktops and laptops.

It spread through fake emails purporting to contain an important fax message (Yes, fax oddly enough). The actual attachment was a downloader (detected by ESET as Win32/TrojanDownloader.Elenoocka.A) intended to download a variant of Filecoder. This all under time pressure heightened by a countdown function.

Again, the CTB-Locker’s ultimate goal was to encrypt files on the victim’s device and extort them for bitcoins – as a means of staying anonymous. It even contained instructions for obtaining this cryptocurrency, in case the user had none in their stash. To enhance its reach, the extortion message was translated to four languages – German, Dutch, Italian, and English – also adjusting the currency to the specific region.

So what’s the trick for staying safe?

Of course this article does not have the ambition to offer an exhaustive list of all the ransomware out there (or malware in general). There are others that would “deserve” to be mentioned – from recent Cryptolocker, Torrentlocker or CryptoFortress, all the way back to the first ransomware PC Cyborg – but the more pressing question is: how to shield yourself from these threats?

There are actually lists of advice put together by ESET researchers over the years, offering guidance not only for the cases of ransomware infections, but for many other types of malware. To save you time, what it basically boils down to is prevention. Keeping your systems backed-up, updated and using a reliable security solution are the very first steps, which help you to keep online boogeymen away from your doorstep and chase away your worst cyber nightmares.

Software AG confirms Q3 results: revenue up, earnings significantly improved, FY 2015 updated

·         Total revenue up 5 percent

·         Maintenance revenue up 8 percent

·         License revenue up 7 percent

·         Growth in both product lines: A&N +9 percent, DBP +7 percent

·         Digital cloud market gains relevance

·         EBIT increases 36 percent

·         Operating margin rises to 32.5 percent

·         FY 2015 outlook updated

[All figures are preliminary and rounded.]

Darmstadt/Germany, October 28, 2015 – Software AG (Frankfurt TecDAX: SOW) today confirmed and precised its pre-released key financials (IFRS, preliminary) from October 13, 2015 for the third quarter of 2015. Group revenue increased by 5 percent in the period under review. Maintenance revenue improved by 8 percent compared the same period last year. License revenue rose 7 percent. Both product business lines played a part in fueling this growth: Adabas & Natural grew 9 percent and Digital Business Platform 7 percent. Earnings before interest and taxes (EBIT) leaped 36 percent in Q3 to total €66.8 million. Software AG continued to improve its operating income in the third quarter, while also netting positive one-time effects worth approximately €7.3 million. This amount is the balance of the cancellation of share-based remunerations (€15.6 million) and expenses related to the company's forward-looking Sales strategy (-€8.3 million). Based on its performance in the first nine months of the year and its project pipeline for Q4, Software AG has updated its revenue forecast for fiscal 2015 and increased its expected operating margin.

Karl-Heinz Streibich, Software AG CEO, commented, “We are on the right track in extending our technology leadership with the Digital Business Platform. This leadership and our early market entry into the digitization area are showing their first successes. On this basis and in combination with profitable growth, we plan to further increase Software AG’s value.”

CFO Arnd Zinnhardt elaborated, „In the past quarter, we successfully continued to further improve our earnings per share and our operational earnings. With a margin of over 32 percent, we have reached a value among the best in our industry. At the same time, we increased our free cash flow by 50 percent in the first nine months. With these results, Software AG is well equipped and positioned for the future and able to react quickly to changing market conditions.”

Internet started with transfer of two letters, today it’s changing millions of lives

Exactly 46 years ago today, on October 29, 1969, the first bits of data were sent over long distance between two computers … and Internet was born. Admittedly, only first two letters of the word "login" really made it to their intended destination, it was the first step to a massive change that was about to impact billions of lives world-wide. European Cyber Security Month and International Internet Day present a great opportunity to remember how this global venture and its security has evolved.

Can you imagine how much the Internet has changed since the late 60’s? Just compare the first webpage ever with almost anything you see online today. Not mentioning that Internet companies are providing jobs for millions around the planet. Pretty impressive, right?

And it wasn’t only the content that has made such a great leap forward. Also cyber security has become more challenging and complicated, demanding more and more attention and resources.  

Imagine Internet in its beginnings. It was more of a safe, quaint town, where almost everybody knows everybody else by their first name. Even malware was less harmful back then. For example the Creeper in 1971 was only an experimental self-replicating program very much innocent, even in its intent that has peacefully spread through the Internet, displaying a simple message “I'm the Creeper, catch me if you can!”

It was more along the lines of “look at me” and it didn’t have the ambition to do much damage. The first threat that has actually made it to news headlines was Morris Worm, arriving in the late 80’s.

Distributed via the Internet, it has by some conservative estimates infected around 10 percent of all, then nearly 60-thousand computers connected to this mysterious medium, effectively crashing them. With damages estimated by US Court of Appeals at a 100,000 to 10 million USD (although there were some saying it ranged up to 98 million USD) it “earned” its author three years of probation, 400 hours of community service, and a fine of over 10,000 dollars.

Megalopolis and its villains

And then the big bang came. Between 1996 and 2008, the number of websites has jumped from 100,000 to 162 million and the Internet started to resemble a global super city, where billions of citizens live out their everyday lives amongst the new emerging dangers.

Unfortunately this legacy is alive and well today and not everyone can be too sure to tell the difference between the safe boroughs and the dangerous dark alleys and distinguish the good guys from the bad. Malware tactics have changed too, becoming truly aggressive. Currently, it is not uncommon to see malicious software extorting users for money, stealing credentials or trying to take over their devices. But that doesn’t satisfy malicious users, who are also actively orchestrating a different form of attacks.

Through direct contact with the user, and by applying social engineering techniques, they are trying to dupe the victims and obtain their sensitive information, such as credit cards details, passwords or even their online identity through phishing (via malicious emails) or fake websites, which are laden with malware.

Even more advanced is the so-called APT tactic (Advanced Persistent Threat). It is very well organized and funded, stealthy and strongly focused on compromising specific commercial or governmental targets. And its aim? To use social engineering and malware to exploit vulnerabilities in order to extract valuable data and establish long-term presence in the victim’s network.

From Reaper to a more complex security

So we have learned our lessons. Or have we? Today’s IT defenses are beefed up across the board, so even without the proper knowledge, the risks can be at least partially reduced right off the bat. Since the first simple “antivirus” designed to defeat Creeper – fittingly named Reaper – security solutions have become exponentially more complex, offering a wide range of security services.

For example, today’s security software can offer a safer online experience, by identifying malware just by the way it behaves. At the same time, it can safeguard users from spam, phishing or social engineering tricks pulled by malicious actors.

With booming Internet payments and online banking, some of the solutions are also offering safer ways to do online transactions, casting a security net around the financial details being exchanged.

Even losing a smartphone or tablet doesn’t have to mean kissing your privacy and security good-bye. Some of today’s software offers to track down a missing device to where you left it, or even wipe its data remotely in case it gets stolen.

But first and foremost, the users need to start taking better care of their safety themselves. And the International Internet Day is a good opportunity to remind us all of some of the best practices to apply day-to-day.