Ransomware, better responsibilities for computer safety are required

In many years we did hear that users have to take their responsibilities and protect their PC, some recommendations are:

  1. Update the OS, SW,..
  2. Install antivirus, antimalware, …
  3. Avoid using same password in different places
  4. Choose password in a clever manner
  5. User are lazy, change password regularly
    (well, recently the recommendation is do not change password too often)
  6. Do not open files until you are sure about it is not suspicious
  7. Do not click on links you are not sure about
  8. Do not use public WiFi
  9. List of the recommendations goes on and on …

Ransomware has been a real pain since couple of years which caused a lot of damage and pain for the end users, companies, organizations. The following schematics shows possible scenarios that a pc and file system gets infected by Ransomware

  1. User gets an email with malicious and hidden link, when user opens the email and clicks on the link, a program downloaded to the PC and infects the PC with a virus.

RansomWare1

2-     User receives an email with a file (usually a zip or another executable, or photo file and when the user opens the file, either the malicious code infects the PC with a virus directly or fetches codes from another site and finally infects the PC.

RansomWare2

in my opinion some more attention must be paid from “the other side”. The OS-provider, anti- virus/malware, ISP:s, SW companies etc. Why?

Here are some obvious reasons that the involved “providers” should take more responsibilities

  1. ISP
    Everything goes through your ISP, Internet service provider. Serious ISP:s do have a lot of tools to detect suspicious network traffic. They monitor the network and automatically receive alarms about data packets with sender or receivers (the IP address) which are blacklisted or with suspicious reputations. This means that ISP:s have possibility to inform about possible virus
  2. The network (internal network for companies, organizations, etc) Most companies are using data communication equipment’s with lots of good utilities it is up to the decision makers to require good network security even on installed basis. Monitoring suspicious external activities is among the first steps to protect the investments, information, customers.
  3. Emails goes to your email server (provided by ISP, WEB hotels or other email provider like Microsoft Outlook, Google Gmail, Yahoo, Etc..). Usually emails scans to detect and discard malicious codes, unwanted email etc. They are also preventing receiving emails from the “black listed” IP addresses and even users. In another word the Email providers does have a huge possibility to prevent and inform about the possible malicious code/virus
  4. User has a big responsibility to prevent his/her PC getting infected and they hear almost every day that they are the weakest link so we do not need to go more in depth.
  5. The PC
    1. Operating system in my opinion it should be a built in prevention against malicious code like Ransomware.  What Ransomware usually does is to locate and systematically encrypt files like document, calculations, drawing, presentations etc. The encryption codes needs high use of the CPU power and must perform a lot of file access, in other word it is not hard to detect and provide a build in prevention in the operating system. This means that OS-providers must take a better responsibilities for their product.
    2. File Servers In some cases the malicious code also encrypted files on common file servers, this also means the company should always work on and detect “worst case” scenarios and handle common network disk area more carefully. Fast Backup and restore system could be complementary but preventive actions are crucial.
    3. Anti-virus and malware SW

If user has installed the anti- virus/malware then the SW should detect and prevent encryption of your hard drive/network files. If it doesn’t then you may need a better SW, change your SW.

Comments are most welcome!

 

 

Advertisements

IPv6 traffic in the Internet during 2013-Q3, top10 Countries, ISP:s, Universities

Myth 1:
“..We have heard about IPv6 in decades, it will never take off-…..”

 

Yes, that is right. IPv6 has been around for many years at least since very late 90:s and during the past everyone was waiting for others to implement FIRST. But, Graph 1,2 showing clear messages about the top ten IPv6 countries and the amount of IPv6 growth during the last quarter in 2013. The graph shows about 5% of IPv6 usage is in big countries (high data traffic) while smaller countries hits 6-9% intervals. It should be noted that the level of IPv6 usage in Germany during the last quarter increased by 43% and a growth of 25% for the US. This is a new trend which will dominate the future use of IPv6.

 

1 IPv6 top ten countries traffic 2013-Q4
1 IPv6 top ten countries traffic 2013-Q4
2 IPv6 top ten countries traffic Growth 2013-Q4
2 IPv6 top ten countries traffic Growth 2013-Q4

 

Myth 2:

“…..IPv6 is too complex, too expensive, lack of expertise, lack of HW and SW are the main reason that operators (Internet Service providers), Content providers will never use IPv6……”

 

The amount of the IPv6 traffic (graph 3, 4) for big companies like Google (54%), Verizon Wireless (41%), Comcast (10%), AT&T (9%). The trend is almost clear, 56% IPv6 growth for Time Warner Cable and 49% for Comcast, 37% for Dutsche Telekom. Big ISP:s and content providers around the world started using IPv6 and setting the strategy for their future networking technology.

 

3 IPv6 top ten ISP traffic 2013-Q4
3 IPv6 top ten ISP traffic 2013-Q4
4 IPv6 top ten ISP traffic growth 2013-Q4
4 IPv6 top ten ISP traffic growth 2013-Q4

 

Myth 3:

“……There are few IPv6 courses at universities and newly graduated are not even able to use IPv6 while studying at college/universities……”

Graph 5, 6 showing the top ten universities around the world (US, Canada, Czech Republic, Austria) with highest amount of IPv6 usage. Iowa State University, US had 50% IPv6 traffic growth during 2013-Q4. Like other new Technologies even universities need pushes for IPv6. The trend is clear and there will be lots of new Courses.

 

5 IPv6 top ten Universities traffic 2013-Q4
5 IPv6 top ten Universities traffic 2013-Q4
6 IPv6 top ten Universitie traffic growth 2013-Q4
6 IPv6 top ten Universities traffic growth 2013-Q4

 

 

If you didn’t do this before and IMHO, it is time to make the final decision for initiating the IPv6 activities. Setting up the project plan including detailed time plan, budget, resources, labs, training, HW, SW, Etc.