by Machelle | Jun 4, 2018 | Business, Cybersecurity, General, Information Technology
Ransomware is a kind of malware that blocks computer users from their systems. It does this either by locking some folders or locking the system’s screen until a ransom pays.
The history of this malicious software dates back to 1980. In 1980, the first ransomware identified to be PC Cyborg also known as AIDS began. This malware could encode files in the C: Directory after forcing the computer system to reboot up to 90 times. Its victims were forced to pay $189 ransom via mail. This ransomware was easy to decrypt by people who understand computer systems and therefore posed only a little threat
Pop-ups Everywhere
Image by DynaGrace Enterprises
Real ransomware graced the scene in 2004 known as Gpcode. Gpcode also used an RSA encryption that encrypts files until paying a certain amount. The year 2007 had WinLock trending as ransomware. It displayed pornographic images, limiting users’ access to their screen and demanded payment via SMS. The next generation of ransomware are called the law enforcement ransomware, or Reveton was born in 2012. This malware was designed to show the logo or symbols of crime-fighting agencies like Interpol, FBI or local PDs. It accuses its victims of indulgence in different crimes ranging from child pornography to computer hacking.
Other vices include a download of classified files demanding ransom up to $300. As the years go by, ransomware is becoming more dangerous and ruthless, especially with the advent of CryptoLocker. CryptoLocker uses encryptions of military standards to WannaCry and Petya of May and June 2017 respectively. This ransomware with their complex encodings stifles business as well as limit cyber freedom all around the globe.
Types of Ransomware
Different types of ransomware exist based on the extent of their severity. The major ones are as follows.
Screen lockers
Screen lockers lock you out of your computer entirely by taking hold of your computer screen. Shutting down the system does you no good as it is starting. An FBI logo or that of the Justice Department appears claiming that illegal activity has been carried out on this system and they need to pay a fine. Victims often forget that these law enforcement agencies don’t collect penalties for unlawful activity forcefully via the computer. Agencies follow appropriate and legitimate routes.
Encrypting ransomware
These types of ransomware collect your files, encode them and then asks for a ransom before its release can take place. This ransomware is the most dangerous of all ransomware as your encrypted files may not be inaccessible until paying the money. Sometimes after paying the ransom, the data are still not returned by the cybercriminals, and this is the most painful part.
Scareware
Scareware involves tech support or rogue security scams. They tend to send a different kind of pop-up messages claiming malware has infected your system. They go further to explain that the only way to eradicate it is to pay a certain amount. This trend continues and sometimes becomes an online disturbance especially if you ignore these messages. Interestingly, most times these are mere scare tactics as the name implies, as your files may be safe.
Protecting yourself from ransomware
Though there are different types of ransomware, the mode of entry into their victims’ cyberspace is not much different. Also, the best way of protecting your cyberspace from ransomware is by understanding how this malware can infect your computer system.
Recently, one of the most popular ways computer systems become infected by malware is via malicious advertising also called mail advertising. Mail advertising uses the platform of online adverts to disburse ransomware with minimal user interactions. They appear as pop-ups even on legitimate sites which are often not clicked and redirects users to criminal servers. This malware is linked to these servers to gather the victim’s system’ details and take advantage of them. All these happen without the knowledge of the victims.
Malicious spam
Malicious spam is another way systems get infected; they are unsolicited mail used to distribute malware. These emails contain attachments, word documents or even links to unsafe websites creating an access point for the ransomware.
If the mode of entrance of ransomware into the system is well understood and blocked, the following are steps to taken to ensure you are safe from ransomware;
- Invest in cybersecurity. Get cyber software that can protect your computer from powerful ransomware attacks. Plus they should have features that shield vulnerable programs in your system
- Always create secure backups for your systems files and data daily. The use of external storage devices that can be detached immediately after data backup is a good start. However most recommended is the use of cloud storage that utilizes powerful encryptions. As well as multiple factor authentication for security purposes.
- Your system needs updating. Though it is not still easy to be up to date in a fast-changing tech world, recommending activating automatic updating.
Finally, be informed. Be abreast of the latest facts as regards cybersecurity. Avoid suspicious links and website. Be purposeful, exercise some discipline, discreetness and avoid wandering as you browse the internet.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resource: https://en.wikipedia.org/wiki/AIDS_(Trojan_horse); https://en.wikipedia.org/wiki/PGPCoder; https://www.us-cert.gov/ncas/alerts/TA13-309A; https://en.wikipedia.org/wiki/WannaCry_ransomware_attack; https://www.symantec.com/blogs/threat-intelligence/petya-ransomware-wiper
Image Resource: DynaGrace Enterprises; http://www.dodlive.mil/2013/10/05/national-cyber-security-awareness-month/; https://pxhere.com/en/photo/540556
by Machelle | May 28, 2018 | Business, General, Information Technology
In recent time, any business that is serious about growth finds a way to establish an online presence. A presence has led to an increase in the demand for websites and also the proliferation of web hosting service providers. However, there is a need to apply caution while selecting a web hosting service provider. Also to note the necessary parameters to look out for before hosting a website. These tips help save you a lot of hassle and stress.
Below are some of the problems associated with hosting a site
1. Slow response from Web Hosting Service providers
Like any other venture on earth, web hosting has its challenges. However, it becomes a source of worry when you face issues while hosting your sites. Sometimes it is taking ages to get a response from a provider. As well, it is even trying to find a contact platform on their websites. Therefore it becomes necessary before subscribing to any web hosting service, to check the quality of the support they provide. Some provide around-the-clock support service. Others give out manuals and others direct you to their FAQ platforms. Deciding on the platform that best suits your company helps the web hosting process.
2. The inability of the Web Hosting Company to provide adequate security
Security is another severe issue of web hosting. Many web hosting companies cannot prevent your websites from being hacked, giving a false sense of security. This facade leaves the business very vulnerable to cyber-attacks. A cyber-attack punctures the confidence of the clients in a brand and negates the of the actual reason for hosting websites.
It becomes necessary for Web Hosting Company to assure the customers as well as develop the capacity to guarantee safety. Assurance is also a factor to consider when selecting a web hosting provider.
3. Expensive Web Hosting Plans
Be aware when signing up for a web hosting plan, be careful to scrutinize the details to avoid being cut into a trap. Being cautious is because some companies offer real service for your money while others provide free web service. Then without your knowledge charge you more as your site succeeds. Also, be smart enough to check if the plan you are with has the right bandwidth that you require. Check if it’s flexible to permit an upgrade to a better program in the future.
4. Server limitations
Some clients are ignorant of the capacity of the servers of web hosting companies. Ignorance leads to consistent bounces especially when your site starts to generate massive traffic. The primary cause of this is the reluctance of most web hosting service providers to reveal their real limits to their customers to minimize costs. However, it is essential to have a good grasp on the capacity of the server. Such as the bandwidth and disk place to ensure you are not stretching this limits to your detriment.
5. Slow web servers
A manifestation of a slow server is delaying while a webpage is loading. Although the number of scripts, size of graphics files and connections in the database might play a role in the delay. When this occurs frequently, it could also be as a result of poor internet network. However, it is advised to check other websites supported by different servers.
A slow loading web page frustrates a visitor and reduces the chances of generating traffic; numbers will decrease. Also, this will lower the ranking of the website, placing it very low on the search result list. The solution to a slow server is to use web hosting companies whose data centers are closer to your web users.
Finally, to ensure you avoid these problems and have an excellent web hosting experience you have to choose a web hosting companies carefully. You can contact friends and colleagues who have organized their sites and get their experiences. Consulting reviews and reading about web hosting trends will be of help in finding the suitable web hosting company that will make the entire experience worthwhile.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resource: http://www.itarticle.net/moving-beyond-the-marketing-hype-what-does-unlimited-web-hosting-really-mean/; https://technet.microsoft.com/en-us/library/cc181325.aspx
Image Resource: https://pxhere.com/en/photo/989227; https://pxhere.com/en/photo/1003060; Featured Image by DynaGrace Enterprises
by Machelle | Apr 16, 2018 | Cybersecurity, General
With cybercriminal activities perpetually on the rise, cybercrime is one of the most significant challenges that humanity has faced. Also, with the trend of hacking, experts predict that this will continue for even more than two decades. Cybercrime has become profitable and even more comfortable with the sales of stolen data in the black market.
Since the use of unknown online currencies as a means of payment, these digital currencies are a challenge to track online. Cryptocurrencies like Tor and Bitcoin are giving room for cybercriminals to thrive. Cybercriminal organizations are growing more tentacles. By increasing their scale of operation, the frequency of their attacks is expanding.
Cost of Damage
The price of damage as a result of cybercriminal activities goes beyond the loss of cash. It also involves the robbery of intellectual property, loss of personal, organizational data to theft. Therefore losing productivity which obstructs the normal flow of business operations. Other hidden cost includes time spent on restoration or deletion of hacked data and malware. A security systems breach causes reputational harm and loss of customers’ confidence suffered.
Increasing cybercriminal activities makes it impossible to estimate the actual cost of the damage caused by cybercrime. Although cyber-crimes are often reported in the media, these are just a piece of the whole picture. In most cases, this kind of crime is frequently not reported to the authorities.
Recently, McAfee, as well as the Center for Strategic and International Studies released a report. It estimates that the global cost of damage as a result of cybercrimes is up to $600 billion. This figure constitutes about 0.8% of the worldwide GDP. The extent of this global economic report causes a sense of worry. Findings obtained from similar reports in 2014, shows more than 20% increase in cybercrime estimated damage cost. Increased theft of intellectual property and vital secret information, accounts for about 25% of the cost of global cybercrimes.
Who is affected?
The reports further reveal that all regions of the world are affected by this global trend. Even though there may be variation in figures that represent the cost of the damage. These variations are dependent on the regional economic prosperity and cyber technology maturity. These factors are evident by the fact that the wealthiest countries suffer the most significant losses. Europe and Asia alone lost about 160 to 180 billion dollars followed by North America who endured about 140 to 175 billion dollars loss. South America and Sub-Saharan Africa are the least hit losing 15 to 30 billion dollars and 1 to 3 billion dollars respectively.
Predictions from cyber authorities reveal that by the year 2021, the estimated cost of cybercrime damage may be $6 trillion annually against the $3 trillion recorded in 2015. Financial cyber analysts explain that this will be one of the highest magnitudes of wealth amassed from illegal activities. More significant than the amount of money accrued from the sales of all kinds of illicit drugs.
The more complacent we become it appears, the media is overrun with reports of ransomware and another form of cyber-attack. The reality is that this is a significant threat to all sorts of digital innovation and global investments. The risk that cybercrime poses is not covered by any form of insurance, hence it is not a risk we can continue. Instead, it is time to collectively make efforts to protect our enterprises from the escalating wave of cybercrimes.
If you are curious how to pay for travel with Bitcoin please refer to our friends at Million Mile Secrets and their article Can You Use Bitcoin to Pay for Travel?”.
Linda Rawson is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Resource: https://en.wikipedia.org/wiki/Cybercrime; https://www.coindesk.com/information/what-is-bitcoin/; https://newswire.net/newsroom/pr/00100652-cyber-crime-damage-costs-to-exceed-6-trillion-by-2021.html; https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/; https://dynagrace.com/capabilities/cybersecurity/
Image Resource: Featured Image https://pixabay.com/en/cyber-crime-internet-crime-cyber-1012751/; https://pxhere.com/en/photo/488123
by Linda Rawson | Aug 14, 2017 | Cybersecurity, Federal Government Contracting
What does NIST SP 800-171 mean?
NIST SP 800-171
As a small business in the Department of Defense (DoD) Government Contracting realm we do have cybersecurity experience. We have done the DoD Information Assurance Certification and Accreditation Process (DIACAP) which has now been transitioned to the Risk Management Framework (RMF). RMF is a six-step process developed by the National Institute of Standards and Technology (NIST) to apply risk management to Information Systems.
RMF Certification. Very time consuming and costly. My employees have been great to work through all the necessary paperwork with patience and expertise to get this certification for the Information Systems they are responsible for.
Last week, I met with Adam Austin, Reggie Hall, and Alli Bey of Haight Bey, Engineering and Security Solutions who started to put a small fear into my soul. They informed me that a little over a year ago a revision to the DoD Federal Acquisition Regulation Supplement (DFARS) contained some new cybersecurity requirements for DoD contractors who process unclassified information. The final document is the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-171, Protecting Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations.
If you are a government contractor, failure to meet these requirements will result in the loss of your contracts because the confidentiality of CUI in non-federal systems is now being mandated.
The requirements in DFARS clause 252.204-7008 are:
(b) The security requirements required by contract clause 252.204-7012, shall be implemented for all covered defense information on all covered contractor information systems that support the performance of this contract.
(c) For covered contractor information systems that are not part of an information technology service or system operated on behalf of the Government (see 252.204-7012(b)(2)) –
(1) By submission of this offer, the Offeror represents that it will implement the security requirements specified by National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (see http://dx.doi.org/10.6028/NIST.SP.800-171)that are in effect at the time the solicitation is issued or as authorized by the contracting officer, not later than December 31, 2017.
(2)
(i) If the Offeror proposes to vary from any of the security requirements specified by NIST SP 800-171 that are in effect at the time the solicitation is issued or as authorized by the Contracting Officer, the Offeror shall submit to the Contracting Officer, for consideration by the DoD Chief Information Officer (CIO), a written explanation of
(A) Why a particular security requirement is not applicable; or
(B) How an alternative but equally effective, security measure is used to compensate for the inability to satisfy a particular requirement and achieve equivalent protection.
(ii) An authorized representative of the DoD CIO will adjudicate offeror requests to vary from NIST SP 800-171 requirements in writing prior to contract award. Any accepted variance from NIST SP 800-171 shall be incorporated into the resulting contract.
What does this clause mean to me?
Wait…December 31, 2017? Adjudicate?
What do I have to do?
The clause summarizes that DoD government contractors like me need to properly secure their OWN IT systems that process any deliverable due to the government. Examples are the following:
- Research and Engineering Data including Engineering Drawings, Associated Lists, Specifications, Standards, Process Sheets, Manuals, Technical Reports, Technical Orders, Catalog-Item Identifications
- Data Sets
- Studies, Analyses and Related Information
- Computer Software Executable Code and Source Code
- Monthly or Quarterly Reports
If you’re a DoD government contractor developing and submitting Contract Data Requirements List (CDRLs), you’ll need to ensure, on your own dime, that your Information Systems meet some stringent cybersecurity requirements by the end of 2017 just like the BIG government Information Systems.
In addition to securing your IT systems, you’ll need to ensure you have a process in place to continuously monitor your organization for cyber-incidents and be able to report any such incidents to the DoD quickly.
The NIST SP 800-171 contains 14 sections of requirements broken down into 110 required controls. Each requirement is mapped to NIST SP 800-53 and ISO/IEC 27001 controls. You may be familiar with these controls if you have been involved in securing government IT systems. The following are those 14 sections and their appropriate “who” and “why.”
NIST SP 800 171 Requirements
The 131 risk mitigating actions, called controls, are comprised of 670 individual assessments that a contractor will need to perform to verify the measures have been taken.
What can I do to mitigate this risk?
- Understand Controlled Unclassified Information (CUI).
- Conduct NIST 800-171 CUI Self-Assessment provided by the Common Solutions Group (https://library.educause.edu/resources/2016/9/nist-sp-800-171-compliance-template) to analyze the gaps between my organization and the NIST SP 800-171 requirements.
- Create my Plan of Actions & Milestones (POA&M) to implement corrections.
- Build cybersecurity into my bottom line and internal processes. I need to build and execute a process to ensure continuous monitoring and assessment of the controls to mitigate risk beginning with the most critical mitigation.
- The plan has to have tasks that validate and verify the plan is being executed.
- Tasks must be performed to ensure continuous risk assessment and progress on the POA&M.
- Develop and implement a process to identify and report cyber-incidents to the DoD
- Get my CUI Self-Attestation and CUI Deliverables including the following:
- Written Information Security Program (WISP)
- Configuration Management Plan (CMP)
- Information Security Continuous Monitoring (ISCM)
- Information System Contingency Plan (ISCP)
- Incident Response Plan (IRP)
- Security Awareness Program (SAP)
- Security Assessment Report (SAR)
- System Security Plan (SSP)
Just another thing for a small business that requires planning, people, and resources. The good news is I have to write the POA&M, and that may be enough for the contracting officer to declare me in compliance.
Daunting. Doable.
If you are a DoD contractor that hasn’t yet implemented NIST SP 800-171, your organization may want to start looking at it. It could mean the difference between winning or NOT winning a contract. More and more contracting officers will be requiring companies to be in compliance. I would suggest you get ahead of the power curve.
If you are not sure if your organization is affected by this requirement reach out to the experts at Haight Bey, Engineering, and Security Solutions.
As DynaGrace Enterprises goes through the journey to this mandated tightening up of our own cybersecurity practices watch for subsequent articles about our journey.
Linda Rawson, CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com)
A Women-Owned, 8(a) Minority, Small Business
Author: The Minority and Women-Owned Small Business Guide to Government Contracts
Between POWER and GRACE lies EXCELLENCE
Facebook | Instagram | Twitter | LinkedIn – Personal | LinkedIn – Company
Goldman Sachs 10,000 Small Business
by Linda Rawson | May 23, 2017 | Cybersecurity, General
Cybersecurity wormhole
A vulnerability is a weakness which allows a cyber attacker to compromise a computer system’s information assurance.
As you can imagine, a vulnerability left alone can take a production system down to its knees causing a company millions upon millions of dollars. The sooner we, as a company know, about vulnerabilities that can affect our company the better. It allows software manufacturers to develop and deploy patches quicker.
Legislation last week was announced last week by a joint House and Senate Democrats and Republicans that seems to be the first response to the “ransomware” outbreak that occurred globally. It is believed that attack was initiated by a National Security Agency (NSA) hacking tool. The bill, referred to as the “PATCH Act” makes permanent the current Vulnerabilities Equities Process that discloses when the government tells us about software vulnerabilities.
Senators Brian Schatz (D-HI), Ron Johnson (R-WI) and Cory Gardner (R-CO) as well as Representatives Ted Lieu (D-CA) and Blake Farenthold (R-TX), introduced the Protecting Our Ability to Counter Hacking (“PATCH”) Act.
Currently, not all vulnerabilities are shared with the Vulnerabilities Equities Process, and certain vulnerabilities are guarded.
The following statement can be attributed to Andi Wilson, Policy Analyst at New America’s Open Technology Institute:
“One of the most critical components of a strong vulnerabilities review process is that it apply to absolutely all vulnerabilities in the government’s possession, not just the ones that the intelligence community chooses to put into the process. The PATCH Act presents an opportunity to make vulnerabilities review consistent and transparent, assuring government stakeholders, companies, and the American people that a clear set of rules is being used to decide whether vulnerabilities should be disclosed. Given the very real cybersecurity concerns of nondisclosure, it is imperative that steps be taken to improve the process for vulnerabilities review, and legislation like the PATCH Act is crucial in establishing confidence and trust in that process. OTI strongly supports the PATCH Act sponsors’ efforts to address the cybersecurity risk posed by government-stockpiled vulnerabilities, and thanks Senators Schatz and Johnson for their leadership on this issue.”
Cyber-attacks continue to be a significant threat to companies. It is nice to know the House and Senate are becoming aware.
