#Ransomware and #hacks are on the rise. Are you a #target? Hacking is not just for servers.

#Ransomware and #hacks are on the rise. Are you a #target? Hacking is not just for servers.

We’ve all heard about big online hacks – credit cards stolen, people’s private photos exposed, and then, of course, hacks like Ashley Madison and the fallout from that.

There are other hacks that are on the rise which are considerably smaller, yet provide those folks who are behind them with a nice pile of cash.

I’m referring to ransomware.

What is ransomware? There are several types, but in the end they’re all the same. There’s a demand for a fee to resolve the problem created by the hacker.

Very recently, as in 4 days ago, a client of mine faced this exact situation. I received a panicked phone call telling me that all of a sudden all his pictures, documents, presentations, zip files and more had been renamed to .crypz. I told him to shut the computer off immediately and come to my office.

In the past I’ve dealt with many different degrees of viruses and hacking. Most notably, thwarting the Chinese government DDoS (Denial of Service) attacks on a client’s server. So, it’s not surprising that this other client thought to call me first.

After conducting a thorough analysis and bit-depth file retrieval attempt, it became clear that the RSA 4096 encrypted files were not going to be retrieved. I connected with a number of industry experts and international security firms. To-date, nobody has been able to decrypt files from what my client was suffering – version 3.0 of cryptXXX.

My client had three options.

  1. Restore files from a backup and laugh. The problem with this, is his backup was too old. Not only that, but his Dropbox files were caught in this mess as well.
  2. Wait for a company to break the encryption algorithm and then use their utility to resolve the situation. It could be weeks, if not months, before that could happen. My client used his computer for both personal and business purposes, and had a number of tight deadlines coming up. This was not an option.
  3. Pay the ransom and hope that the hackers were honest enough to provide a legitimate decryption key to relieve the situation. They wanted 1.2 Bitcoins, and gave 99 hours to make payment before it would double.

What to do? What to do??

Would they provide the key at all? I mean, what they did wasn’t exactly nice – who’s to say that they wouldn’t try to extort my client for more money?

This was the dilemma my client was facing. He opted to buy a new laptop and external drive. Then go with my expert opinion, and install a specific antivirus/malware/encryption protection package to prevent this from happening again. I bought the Bitcoins and paid the ransom on his behalf.

With a number of horseshoes beside me I waited. During this time, I installed the offline version of the protection software so that I could do another deep analysis of the system.

Nearly 90 minutes later the encryption key was provided and I was off to deal with his files. All the pictures, documents, videos, presentations, zip files and such were restored to their original state. The real issue is that this affects all drives that were connected to his computer in the first place. The good news, was that he didn’t have any network or USB drives connected at the time. His Dropbox files were restored as well.

Tried, tested and true

The old fashioned way is still the best way to protect yourself.

Have three copies of everything.  One of which is stored in a disconnected and offline manner. If a drive isn’t connected or powered on, hackers can’t get to it. However, thieves and EMP’s can (electromagnetic pulses). So be sure to store your backups appropriately.

Mitigate your risk and update your backups frequently.

It’s with this approach that I take caution with all of my personal, business and client’s files. I suggest you do the same.

What are your thoughts? How do you store your backups?

David Pisarek is a leading digital strategist, based in Toronto, Canada with a strong interest in technology, innovation, design, programming, problem solving and communications. Examples of his work can be found on his website.

HTC software update leave you unable to make a call? I have the fix!

HTC software update leave you unable to make a call? I have the fix!

(image from htcsource.com)

I have the HTC One (M7 developer edition) phone, and I love it! The elegant hardware design and the Sense UI are amazing.

A few days ago HTC released a patch under the name “HTC Service Pack” and unfortunately it appears they did not do enough testing. There are thousands of people who have been plagued with the same issue I had – just read the app reviews. When making a call, I was unable to hear the other side, and they too were unable to hear me.

After digging into the code from the update I discovered a resolution. Here’s what you need to do – at least that’s what worked for me and a couple friends of mine who have the M7.  I would presume this will fix the issue with the M8 as well.

  1. Go to settings then apps, all apps
  2. Find “Google Services Framework”
  3. Force stop the app and clear the data. Do this 3 times.
  4. Restart the phone.

Did that work for you?

Apple OSX 10.9 Mavericks test-drive

Apple OSX 10.9 Mavericks test-drive

I took the plunge and upgraded from OSX 10.7 Snow Leopard directly to OSX 10.9 Mavericks (free from Apple!! WOO HOO!!) on my laptop. Yes, I made sure I had a backup first!!

So far, I’m happy with it, and it runs pretty smoothly. My laptop is a mid-2010 MBP 13″ that I’ve upgraded to 8GB RAM and 750GB “hybrid” drive – it has a 64GB SSD.

I noticed the system was a little sluggish at first, then I rebooted, repaired permissions, and rebooted another 6 times – this helps the HDD know to move the OS and startup apps into the SSD portion.

Have you tried it? What did you think?

Testing the auto twitter connection

When Twitter pulled the API back, many apps and custom coding for a lot of people stopped working.  I’ve just figured out a way to get my blog to post to my Twitter account again.

In order to make sure that it’s working, this is my sample post.

Rogers 4G data swiches over to LTE

Rogers 4G data swiches over to LTE

I heard a rumor that Rogers Wireless will be switching all data plans to be LTE capable providing you have an LTE sim card in the phone.  There’s no need to call or go into Rogers to do anything.

Why is this great?
If you have any data credits, you won’t lose them because in effect you’re not changing anything on your plan.

Process.

  1. So I went in to a Rogers store and picked up an LTE sim card for $10.
  2. When I got home, I logged into my Rogers account and changed the sim card serial to the new one.
  3. I popped the sim card into my phone.
  4. Voila LTE speed.

Verification.

I ran the Speedtest app on my phone to compare it to other tests I’ve done in the past. I was so shocked, i ran the test 3 times! The screen capture of it below is all the proof that’s needed.

 

That’s right. About 4x faster download, and 19x faster upload!

I’m so pleased to have an LTE-capable device!

I should note that I have not had LTE service in the past 4-hours, I’ve only been receiving 4G.

David Pisarek dmpp : David Michael Pisarek Productions | Ontario Canada web design webdesign graphic design photography databases html dhtml portfolio canada loves ny canada loves new york durham college university of ontario institute of technology design programming software operating systems hardware computer sales consulting adobe photoshop macromedia flash cgi javascript lingo maxscript mysql perl homesite corel draw 3d studio max quark xpress express microsoft windows apple osx macintosh iphone linux operational excellence the crossways complex art of noise dmpp.net davidpisarek.com pisarek.com canadalovesny.com dtworx incorporated web manager web master professor ceo networking cat5 cat 5 5e webcam ftp update site development develop Thornhill Richmond Hill Oshawa Whitby GTA Greater Toronto Area Pickering Ajax North York Downsview ralph gerhardt Ralph Gerhardt pisarek.com dmpp.net davidpisarek.com design canada dmpp david toronto ontario editing loves ralph webcam york productions blog pisarek photography gerhardt gta ago rss twitter company portfolio people adobe ajax apple art audio broadcasting business canadalovesny cat cat5 ceo cgi college complex computer consulting corel corporations crossways database databases davidpisarek deployment designing developing dhtml downsview draw dtworx hrs michael bookmarks categories mac pisarek's read required durham personal cad enterprises excellence feedback news new 10rpsn annoy bit boards businesses cancel cannot cell chars clients cloud continue david's deals del digg eat entries exchange bruceadam esilverstein heartattack niche restaurant stuff facebook family wedding flag form friend work functions baseball imax ordered house humour rants ahhhhhhhhhhhh attempts blame blue crappy didn dream stats ask attacking bunch car chaotic completely crazy designmoo digs hockey madclan mins post sgsmith2001 sport sports staff strike umutm video 100gb anyways apparently bonefire clean colleges contest council emissions exhaust firehost game generate