Google started requiring its 85,000 employees to use a security key device to handle two-factor authentication when logging into their various accounts. Rather than just having a single password, or receiving a secondary access code via text message (or an app such as Google Authenticator), the employees had to use a traditional password as well as plug in a device that only they possessed.They also use a Universal 2nd Factor Authentication (U2F) via a device like the popular USB YubiKey.
JPay handheld computer tablets supplied to Idaho prisoners provide a means to email families and friends, video chat, watch educational videos, and download and play purchased games and music. The tablets, which are supplied by contract with CenturyLink and JPay, do not allow internet access.
Family and friends can use JPay to transfer funds to inmates to use as credits for the JPay system. JPay and CenturyLink say the prisoners exploited a software vulnerability to bump up their credit balances.
The city of Edmonton opened Canada’s first all-natural pool, without any chlorine, this month. Costing CAD 14.4 million to construct, the Borden Natural Swimming Pool uses plankton, a filtration system and aquatic plants to remove contaminants from the water. Natural pools are said to offer a ‘cleaner’ experience, which means that swimmers won’t feel the effects of chlorine (like itchy eyes), and be more energy efficient than a regular pool. In order to prevent pathogens from forming, the Borden pool will be colder than most (23 degrees Celsius versus the common 28–29). Swimmers cannot wear cotton, which can harm the aquatic plants, and must use phosphate-free sunscreen.
Info/Test menu (opens a menu where you can get detailed information about your phone, data usage statistics, and more)
*#*#4636#*#*
Analog and backlight test
*#*#0842#*#*
Display IMEI number (The IMEI, or International Mobile Equipment Identity, is a unique identification number for every phone, which can be useful in case your phone goes missing)
*#06#
LCD Display test
*#*#0*#*#*
Display camera info
*#*#34971539#*#*
Completely wipe phone and reinstall firmware
*2767*3855#
Display MAC address
*#*#232338#*#*
Display Bluetooth address
*#*#232337#*#
Field test (allows you to precisely gauge the strength of signals your phone is receiving, in case you are curious or want to install a signal boosting system)
*#*#7262626#*#*
Quick GPS Test
*#*#1472365#*#*
iPhone codes
Function
Code
Field test mode (provides info about cell signal, including more precise reception reading)
*3001#12345#
Check call forwarding number (you can designate another number to redirect calls to when your phone is busy)
*#67#
IMEI number
*#06#
Enable call waiting
*43#
Disable call waiting
#43#
Enhanced full rate (EFR) mode — This mode improves reception at the cost of battery life
*3370#
Anonymous call (Your number won’t show up on the receiver’s caller ID)
FDA head says current products don’t meet labeling standards
The US Food and Drug Administration seems expressed concern on nondairy milk-alternative products that use the term “milk” in their marketing and labeling—like popular soy and almond milk products.
Commissioner Scott Gottlieb announced Tuesday that the FDA will soon issue a new guidance on the use of the term. But he added that products aren’t abiding by FDA policies as they stand now. He referenced a so-called “standard of identity” policy that regulates how milk is defined and should be identified. he said “almond doesn’t lactate”, and the agency will soon tap the public for comments on the terminology and hopes to wring out a new policy within a year. In 2015, the agency cracked down on the labeling of an egg-less mayonnaise-like product called Just Mayo.
Two Democratic US senators Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) have asked the Federal Trade Commission to investigate privacy problems related to Internet-connected televisions.
“Many Internet-connected smart TVs are equipped with sophisticated technologies that can track the content users are watching and then use that information to tailor and deliver targeted advertisements to consumers,” Sens. Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) wrote in a letter yesterday to FTC Chairman Joseph Simons.
It would be up to Congress to pass new laws for smart TVs. But the FTC can punish companies for unfair and deceptive business practices. Action was taken against smart TV manufacturer Vizio last year.
Chinese police have broken up an illegal World Cup gambling ring hosting more than 10 billion yuan (US$1.5 billion) worth of cryptocurrency bets, in the first major sports betting crime involving digital money in the country. The gambling platform ran on the dark web, which isn’t indexed by traditional search engines. During the eight months of the gambling platform’s operation, the site attracted 330,000 registered users from numerous countries, and built an army of over 8,000 agents who earned commissions for recruiting new members through a pyramid scheme.
Solaris Disinfection has had U.S. sales for its Lytbot robot that blasts away hospital germs using ultraviolet light says its Solaris Lytbot is the ideal weapon in the war against hospital-acquired infections such as C. difficile. The Lytbot cycles through a programmed pattern and fires pulsed UV light until it completes a 360-degree sweep of the room. The robot’s beams have a devastating effect on germ cells and bacteria spores through called “cellular disruption”.
On the other hand, Dr Kevin Katz of the North York General Hospital says most hospitals rely on products like bleach or activated hydrogen peroxide for infected surfaces.”I don’t think the evidence is there to use this technology to replace environmental cleaners in healthcare environments,” says Katz, who adds a recent Ontario health technology review of UV technology did not support the purchase of products like the Lytbot at this time.
What’s more, Katz is concerned cash-strapped hospitals would be tempted to use the robotic technology instead of old-fashioned human cleaners with mops and pails.
Adam Steinhoff, chief operating officer and co-founder of Solaris Disinfection, says he has had some success selling the Lytbot to U.S. hospitals, but Canadian health-care institutions have so far been hesitant and Lytbot isn’t meant to be a replacement for daily cleaning, but a supplemental method of disinfecting a room after traditional hand cleaning is done.
255,000 Americans 85 years old or older were working over the past 12 months. The highest number on record.
They’re doing all sorts of jobs — crossing guards, farmers and ranchers, even truckers, as my colleague Heather Long revealed in a front-page story last week. Indeed, there are between 1,000 and 3,000 U.S. truckers age 85 or older, based on 2016 Census Bureau figures. Their ranks have roughly doubled since the Great Recession.
Google Keep is a free note-taking service included with your Google account that lets you save a variety of content like text, images, audio and videos for quick access.
2. Google Timer
Google will set a timer for you if you type your desired duration followed by the word “timer” on your search bar.
3. Google Sky
Explore the remote reaches of the universe from the comforts of your own browser. With Google Sky Maps, you can.
With hi-res images culled straight from NASA satellites, the Hubble Telescope and the Sloan Digital Sky Survey, Google Sky is a space map that shows you detailed images of objects like stars, constellations, galaxies, planets, or the Earth’s moon.
Spell out numbers
If you ever want to see a number completely spelled out, just type its digits on your search bar then add “=english” at the end.
. Translate symbols
If you want to translate written symbols or your freehand cursive writing, you can turn on Google Translate‘s manual “handwriting” feature by clicking that little pencil icon.
Free Fonts
Did you know that Google has its very own site for free fonts?
Google Fonts is a collection of free fonts that you can download and use for free. From exotic to edgy fonts, Google has you covered!
Use Explore to discover art and culture
To examine the world’s famous artworks in great detail, use Google Art & Culture’s Explore tool. With Explore, you can zoom in on high-definition paintings, tour famous sites and landmarks via Street View and even view 360-degree videos of famous museums.
Google Express
Google Express is Google’s online shopping service that lets you get same-day or overnight delivery for several categories like groceries, electronics, books, and a lot more.
Identify songs instantly
Are you familiar with Shazam, the service that can identify any song it hears?
Well, Google has its own equivalent service called Sound Search. With the help of Google Assistant, you can have it name any song it hears via your gadget’s mic.
Listen to animal sounds
Have you ever wondered what an anteater or a humpback whale sounds like?
Just search for “animal sounds” or the name of a specific animal and Google’s results will include a quick sound clip.
17. Gboard keyboard
To quickly launch a Google search straight from your iPhone’s keyboard, try the GBoard app.
GBoard lets you glide through your keys (ala Swype), pull GIFs, emojis and Google search all from within the keyboard.
18. Google One Today
Are you looking for a worthwhile cause? Google’s One Today app for iOS and Android makes it easy to find nonprofit charities you can support.
Google One Today has photos, articles and explanations of how your donations actually help.
Jen Z is raised by tech-savvy Generation X parents and many of her younger Generation Z peers are being raised by the tech-dependent Millennials.There was a relatively large technology gap between Millennials and their Baby Boomer parents, but Generation X has shrunk that gap with their Generation Z kids which has only accelerated the tech adoption of Generation Z.
Generation Z Mindset: Generation Z will approach work with a DIY, work hard, and pragmatic mindset.
Innovation Influencer: Parents
At age 8, Jen Z is an avid gamer which shapes her approach to collaboration. With 66 percent of Generation Z listing gaming as their main hobby, the International Olympic Committee is considering adding pro-gaming as an official sport .
Generation Z Mindset: Generation Z gravitates towards gamified processes or procedures and are native to global communication and collaboration across virtual platforms.
Innovation Influencer: Xbox
At age 9, Jen Z is given her first cell phone for the primary purpose of safety and logistics. However, she is soon exposed to the new smartphone that mom and dad own. Today, the average age for a child getting their first smartphone is 10.3 years-old. Smartphones mobilized Generation Z to text, socialize, and game on the go.
Also at this time, YouTube is growing in popularity and thanks to the easy to use Flip Video camera, Jen Z is empowered to create and share videos. Three-quarters of Generation Z watch YouTube at least weekly. YouTube becomes a go-to resource for entertainment, information, and how-tos.
Generation Z Mindset: Generation Z is a video and mobile-centric generation where their mobile devices serve as the remote control of their lives.
Innovation Influencer: Smartphone and YouTube
2008: Jen Z extends her digital communication.
At age 10, Jen Z doesn’t meet the age requirements of Facebook but that doesn’t stop her from lying about her age in order to create an account and begin communicating with friends. While Millennials helped push social media into the mainstream, Generation Z can’t remember a world where social media didn’t exist. Today, 39 percent of kids get a social media account at 11.4 years-old.
Millennials were digital pioneers, but Generation Z is the true digital natives. They have not had to adapt to technology because the only world they know is a hyper-connected one where 2 out of 7 people on the planet use Facebook.
Generation Z Mindset: Generation Z is quick to adopt new communication channels and prefers real-time, transparent, and collaborative digital communications.
Innovation Influencer: Facebook
2009: Jen Z benefits from content curation.
At age 11, Jen Z enters middle school with a smart device and the world’s information curated into blank search boxes. Jen Z and her peers have become adept researchers and very resourceful due to their early Internet access. In fact, 43% of Generation Z teens prefer a digital approach to learning and find it easiest to learn from the Internet.
Generation Z treats the Internet as their external brain and therefore approach problems in a whole new way, unlike any generation before them. They do not consider parents or teachers as the authority but rather the Internet as the authority.
Generation Z Mindset: Generation Z wants teachers and managers to not be the sole source of their learning but rather supplement their learning — coaching them through their questions, mistakes, and successes.
Innovation Influencer: Search Engines
2010: Jen Z lives an interconnected life.
At age 12, Jen Z, on a daily basis, utilizes 4-5 screens (mobile, TV, laptop, tablet, or game device). She begins collaborating with peers online inside the classroom (and via Google Docs by 2012), continuing the work on the way home via a smartphone or tablet (Apple releases the first iPad this year), and then finishes her homework on a laptop at home. Generation Z is executing work in unprecedented ways.
Jen Z is becoming increasingly aware of all of the interconnected and “smart” devices (wearables, smart toys, drones, etc.) that impact her life. It’s forecasted that 8.4 billion connected things will be in use worldwide in 2017, up 31 percent from 2016, and will reach 20.4 billion by 2020. Eventually, Generation Z will live in a world with 1 trillion interconnected devices that will forever re-shape how they live, work, and play.
Generation Z Mindset: Generation Z has developed a much higher instinctual relationship with technology and the increasingly interconnected world shifts their expectations for how work can and should be executed.
Innovation Influencer: iPad and Internet of Things
2012: Jen Z seeks deeper social connections.
At age 14, Jen Z is on Twitter and a power user of the 2010-released social media platform, Instagram. Instagram becomes an immediate hit among Generation Z. Instagram shifts Generation Z’s communication preferences towards images, short videos, and a mobile-first approach.
Jen Z is also growing weary of the superficiality she sees throughout social media. By 2014, 25% of Generation Z had quit their parents’ and older siblings’ social network. To fill the growing desire for a truer to life network, the anonymous social network, Whisper, launches and quickly nets millions of users. Jen Z also prefers Snapchat (launched in 2011) which offers a more real and honest connection for users.
Generation Z Mindset: Generation Z prioritizes honest, transparent, and authentic messaging from friends, leaders, employers, and brands.
Innovation Influencer: Instagram and Snapchat
2013: Jen Z establishes a digital brand.
At age 15, Jen Z discovers the social network and blogging platform, Tumblr, which provides her a global platform to share her ideas, passions, and opinions. Due to the rise in popularity of blogging/vlogging and Apple’s App Store (launched in 2008), Jen Z is becoming savvy at building her own digital assets (blog, website, apps, etc.)
Generation Z are creators, contributors, and collaborators. Technology has empowered them to have a voice, to streamline and systemize, and to simplify complex problems because after all, “There’s an app for that.”
Generation Z Mindset: Generation Z expects to co-create with brands, contribute on teams, and collaborate with managers; and they expect innovation from their employers, leaders, and brands.
Innovation Influencer: Tumblr and Apple’s App Store
2015: Jen Z launches her career early.
At age 17, Jen Z enters the workplace via an internship while a senior in high school. Sixty percent of companies agree that students will need to begin to focus on their careers in high school in order to compete for internships and jobs in the future. No wonder LinkedIn recently decided to lower their minimum age required to create an account to 13.
Jen Z is eager to launch her full-time career but, much like Millennials, expects a short tenure. Eighty-three percent of today’s students believe that 3 years or less is the appropriate amount of time to spend at their first job. Generation Z will use Glassdoor.comto make sure the job and employer are the appropriate fit.
Generation Z Mindset: Generation Z are self-starters, self-learners, and self-motivators seeking swift impact at work.
Innovation Influencer: LinkedIn and Glassdoor
2016: Jen Z explores entrepreneurship.
At age 18, Jen Z realizes how easy it can be to become an entrepreneur and turn an idea into reality by creating an account on Kickstarter, the global crowdfunding platform. The popularity of the show Shark Tank and the seemingly overnight success stories of Mark Zuckerberg and Evan Spiegel bring entrepreneurship front and center for Generation Z.
Sixty-one percent of high school students and forty-three percent of college students sad they would rather be an entrepreneur than an employee when they graduate.
Generation Z Mindset: Generation Z place a premium on entrepreneurship, innovation, and “side hustles.”
Innovation Influencer: Kickstarter
2017: Jen Z re-wires work.
At age 19, technology continues to impact Jen Z’s life and begins to shape her expectations of work.
Pokemon Go: Generation Z showed through the record-breaking success of Pokemon Go that they are ready for augmented reality (and soon virtual reality) experiences at work.
Snapchat, Instagram, Musical.ly, and GroupMe: Generation Z’s expectation of the frequency, medium, and delivery of communications at work has changed.
WeWork: Generation Z has widespread availability to workspace and entrepreneurial communities as WeWork expands in seven short years to 218 locations in 53 cities around the world reshaping where and when work gets done.
App Store: Generation Z experienced a shift from BYOD (bring your own device) to work to BYOA (bring your own application) as application creation becomes accessible and challenges how work is structured and executed.
YouTube: Generation Z grew up on a steady diet of YouTube tutorial videos and will expect innovative workplace learning and development via video.
Alexa, Google Home, and Siri: Generation Z is open to integrating more artificial intelligence into their work lives as more and more AI-enabled devices enter their homes and pockets.
Houseparty and Activision Blizzard (Call of Duty, Destiny, or World of Warcraft):Generation Z seeks innovative tools and games to connect with peers and colleagues.
GoPro: Generation Z is inspired to seek experiences and new adventures (inside and outside of work) since they can capture it all on HD video.
2020: JEN Z enters the WORKforce.
Generation Z will work, sell, B2B buy, communicate, and ultimately lead differently than previous generations. The leaders who understand the values, expectations and behaviors of Generation Z will be better positioned for next generation success.
Generation Z Mindset: Generation Z will leverage the diversity of thought and experience of their generation to create innovative solutions for tomorrow’s complex problems.
Innovation Influencer: TBD
Companies are likely to welcome Gen Z into their workplaces a lot sooner than expected. Gen Z is seriously considering forgoing a traditional college education to go work for a company that provides college-like training. In fact, 75% of Gen Z say there are other ways of getting a good education than going to college.
Education alternatives (such as MissionU and UnCollege) and avoiding student debt are just a few reasons Gen Z is likely to skip college and go straight to work.
With the looming flood of young talent into the workplace, companies must be ready to recruit and retain this next generation.
As many young adults strongly consider bypassing college to move straight into the workplace, companies are challenged with positioning themselves to acquire the next generation of top talent a lot sooner than expected
Companies must deliver an exceptional candidate experience. Gen Z is much less likely to do business with a company where they have had a poor experience as a job applicant than previous generations. Companies must identify any friction points (non-mobile friendly career pages, slow communications, etc.) that exist throughout the entire candidate experience and work toward creating an effortless, timely, and relevant candidate experience.
Companies should also utilize innovative technology. A new generation requires new recruiting tactics. AI, machine learning, and analytics have changed the recruiting landscape.
Pymetrics uses neuroscience games and bias-free artificial intelligence (AI) to predictively match people with jobs where they’ll perform at the highest levels. Google Hire is a recruiting app that helps distribute jobs, identify and attract candidates, build relationships, and manage the interview process. Mya and Wade & Wendy offer chatbots that automate the process from resume to interview. Innovative recruiting tools such as these will give companies a competitive advantage when recruiting Gen Z.
Lastly, companies should be actively managing their employer brand on Glassdoor.com. Seventy percent of candidates look to [company] reviews before they make career decisions and 69% are likely to apply to a job if the employer actively manages its employer brand (e.g., responds to reviews, updates their profile, shares updates on the cutler and work environment). With over 10 million of the 32 million unique monthly users on Glassdoor being Millennials and Gen Z, it’s a must that companies leverage Glassdoor. SAP for example, has an employee whose full-time job is to monitor Glassdoor, where they look at reviews, respond to reviews, and act on the trends and/or feedback.
Fromm: How can companies retain Gen Z?
Jenkins: Promote diversity and inclusion. Seventy-seven percent of Gen Z say that a company’s level of diversity affects their decision to work there. Not only will an inclusive organizational culture attract Gen Z– the most diverse workforce to date–but organizations with inclusive cultures are two times as likely to meet or exceed financial targets, three times as likely to be high-performing, six times more likely to be innovative and agile, and eight times more likely to achieve better business outcomes.
Also to retain Gen Z, create a more fluid organization. Seventy-five percent of Gen Z would be interested in a situation in which they could have multiple roles within one place of employment. Growing up with ubiquitous connectivity, evolving mobile technology, and in a growing gig economy has altered how Gen Z views employment. Gen Z will question what it is to be an employee. To be positioned as an ideal employer in the eyes of Gen Z, companies should consider becoming more fluid by using rotational programs, shadowing, and offering more learning and development opportunities.
Fromm: How can companies use learning and development to engage Gen Z employees?
Jenkins: Offering robust professional development opportunities is critical. Gen Z grew up with YouTube, the world’s largest on-demand how-to video library, at their fingertips, which means organizations must offer innovative solutions to appease their appetite for on-demand learning.
Such microlearning opportunities can satisfy Gen Z expectations and preferences, in that it provides training in small learning units and short-term learning activities delivered in a convenient and accessible manner. Content is distributed (ideally on-demand and mobile-first) in mini-bursts, typically 2-15 minutes in length.
Ransomware is a form of malicious software — malware — which encrypts documents on a PC or even across a network. Victims can often only regain access to their encrypted files and PCs by paying a ransom to the criminals behind the ransomware.
A ransomware infection often starts with someone clicking on what looks like an innocent attachment, and it can be a headache for companies of all sizes if vital files and documents (think spreadsheets and invoices) are suddenly encrypted and inaccessible. But that’s not the only way to get infected.
What is the history of ransomware?
While ransomware exploded last year, increasing by an estimated 748 percent, it’s not a new phenomenon: the first instance of what we now know as ransomware appeared in 1989.
Known as AIDS or the PC Cyborg Trojan, the virus was sent to victims — mostly in the healthcare industry — on a floppy disc. The ransomware counted the number of times the PC was booted: once it hit 90, it encrypted the machine and the files on it and demanded the user ‘renew their license’ with ‘PC Cyborg Corporation ‘ by sending $189 or $378 to a post office box in Panama.
The AIDS demand for payment — by post. Image: Sophos
How did ransomware evolve?
This early ransomware was a relatively simple construct, using basic cryptography which mostly just changed the names of files, making it relatively easy to overcome.
But it set off a new branch of computer crime, which slowly but surely grew in reach — and really took off in the internet age. Before they began using advanced cryptography to target corporate networks, hackers were targeting general internet users with basic ransomware.
One of the most successful variants was ‘police ransomware’, which tried to extort victims by claiming to be associated with law enforcement. It locked the screen with a ransom note warning the user they’d committed illegal online activity, which could get them sent to jail.
However, if the victim paid a fine, the ‘police’ would let the infringement slide and restore access to the computer by handing over the decryption key.
An example of ‘police ransomware’ threatening a UK user. Image: Sophos
.
What are the main types of ransomware?
Ransomware is always evolving, with new variants continually appearing in the wild and posing new threats to businesses. However, there are certain types of ransomware which have been much more successful than others.
Perhaps the most notorious form of ransomware is Locky, which terrorised organizations across the globe throughout 2016. It infamously made headlines by infecting a Hollywood hospital. The hospital gave into the demands of cybercriminals and paid a $17,000 ransom to have its networks restored.
Locky remained successful because those behind it regularly update the code to avoid detection. They even update it with new functionality, including the ability to make ransom demands in 30 languages, so criminals can more easily target victims around the world. Locky became so successful, it rose to become most prevalent forms of malware in its own right.
Cryptowall is another form of ransomware which has found great success for a prolonged period of time. Starting life as doppelganger of Cryptolocker, it’s gone onto become one of the most successful types of ransomware.
One of the most common forms of ransomware distributed in this way is Cerber, which infected hundreds of thousands of users in just a single month. The original creators of Cerber are selling it on the Dark Web, allowing other criminals to use the code in return for 40 percent of each ransom paid.
Cerber ransomware became so successful that it surpassed Locky — which appeared to mysteriously disappear over Christmas, although reemerged in April with new attack techniques — to become the most dominant form of ransomware on the web, accounting for 90 percent of ransomware attacks on Windows as of mid-April 2017.
The cryptography behind Cerber is so advanced that there’s currently no decryption tools available to help those infected by the latest versions.
Cerber now comes with the ability to steal to steal bitcoin wallet and password information, in addition to encrypting files.
In exchange for giving up some of the profits for using Cerber, wannabe cyber-fraudsters are provided with everything they need in order to successfully make money through the extortion of victims.
What is WannaCry ransomware?
In the biggest ransomware attack to date, WannaCry — also known as WannaCrypt and Wcry — caused chaos across the globe in an attack which started on Friday 12 May 2017. WannaCrypt ransomware demands $300 in bitcoin for unlocking encrypted files — a price which doubles after three days. Users are also threatened, via a ransom note on the screen, with having all their files permanently deleted if the ransom isn’t paid within a week.
WannaCry ransomware infected Windows XP systems across the globe. Image: Cisco Talos
More than 300,000 victims in over 150 countries fell victim to the ransomware over the course of one weekend, with businesses, governments, and individuals across the globe all affected.
Healthcare organisations across the UK had systems knocked offline by the ransomware attack, forcing patient appointments to be cancelled and hospitals telling people to avoid visiting Accident and Emergency departments unless it was entirely necessary.
Of all the countries affected by the attack, Russia was hit the hardest, according to security researchers, with the WannaCry malware crashing Russian banks, telephone operators, and even IT systems supporting transport infrastructure. China was also hit hard by the attack, with 29,000 organizations in total falling victim to this particularly vicious form of ransomware.
Other high-profile targets included the car manufacturer Renault which was forced to halt production lines in several locations as the ransomware played havoc with systems.
What all the targets had in common is that they were running unsupported versions of Microsoft Windows, including Windows XP, Windows 8, and Windows Server 2003.
The ransomware worm is so potent because it exploits a known software vulnerability called EternalBlue. The Windows flaw is one of many zero-days which apparently was known by the NSA — before being leaked by the Shadow Brokers hacking collective. Microsoft released a patch for the vulnerability earlier this year — but only for the most recent operating systems.
In response to the attack, Microsoft took the unprecedented step of issuing patches for unsupported operating systems to protect against the malware.
It was almost three months before the WannaCry attackers finally withdrew the funds from the WannaCry bitcoin wallets — they made off with a total of $140,000 thanks to fluctuations in the value of bitcoin.
But despite critical patches being made available to protect systems from WannaCry and other attacks exploiting the SMB vulnerability, a large number of organisations seemingly chose not to apply the updates.
Petya ransom note Image: Symantec
But that’s a relatively modest loss in comparison to other victims of the attack: shipping and supply vessel operator Maersk and goods delivery company FedEx have both estimated losses of $300m due to the impact of Petya.
In February 2018, the governments of the United Kingdom, the United States, Australia and others officially declared that the NotPetya ransomware had been the work of the Russian military. Russian denies any involvement.
What is Bad Rabbit ransomware?
October 2017 saw the third high profile ransomware attack of the year when organizations in Russia and Ukraine fell victim to a new variant of Petya ransomware.
Dubbed Bad Rabbit, it infected at least three Russian media organisations while also infiltrating the networks of several Ukrainian organisations including the Kiev Metro and Odessa International Airport – at the time, the airport said it had fallen victim to a ‘hacker attack’.
The initial attack vector used to distribute Bad Rabbit was drive-by downloads on hacked websites – some of which had been compromised since June. No exploits were used, rather visitors were told they had to install a phony Flash update, which dropped the malware.
Bad Rabbit ransom note Image: Kaspersky Lab
Like NotPetya before it, Bad Rabbit spread through networks using a leaked NSA hacking tool – but this time it was via the EternalRomance SMB vulnerability, rather than the EternalBlue exploit.
Analysis of Bad Rabbit shared much of its code – at least 67 percent – with Peyta and researchers at Cisco Talos concluded that this, combined with how it uses SMB exploits, means there’s “high confidence” in a link between the two forms of ransomware – and that they could even share the same author.
Bad Rabbit was named after the text which appeared at the top of the Tor website hosting the ransom note. Some security researchers joked it should’ve been named after the lines in the code referencing characters from Game of Thrones.
SpriteCoin ransomware demands payment in Monero. Image: Fortinet.
How do you prevent a ransomware attack?
With email being by far the most popular attack vector for ransomware, you should provide employees with training on how to spot an incoming malware attack. Even picking up on little indicators like poor formatting or that an email purporting to be from ‘Microsoft Security’ is sent from an obscure address which doesn’t even contain the word Microsoft within it might save your network from infection. The same security policies that protect you from malware attacks in general will go some way towards protecting your company from ransom demands too.
At the very least, employers should invest in antivirus software and keep it up-to date, so that it can warn users about potentially malicious files. Backing up important files and making sure those files can’t be compromised during an attack in another key.
How long does it take to recover from a ransomware attack?
Simply put, ransomware can cripple a whole organization — an encrypted network is more or less useless and not much can be done until systems are restored.
If your organization is sensible and has backups in place, systems can be back online in the time it takes the network to be restored to functionality, although depending on the size of the company, that could range from a few hours to days.
FedEx said that it may not be able to recover all the systems affected by the Petya cyberattack, meaning that while the company is back up and running, some machines won’t ever be able to be restored.
Outside of the immediate impact ransomware can have on a network, it can result in an ongoing financial hit.
How do I get rid of ransomware?
The ‘No More Ransom’ initiative — launched in July 2016 by Europol and the Dutch National Police in collaboration with a number of cybersecurity companies including Kaspersky Lab and McAfee — offers free decryption tools for ransomware variants to help victims retrieve their encrypted data without succumbing to the will of cyber extortionists.
Initially launching as a portal offered portal offers decryption tools four for families of ransomware — Shade, Rannoh, Rakhn, and CoinVault — the scheme is regularly adding more decryption tools for even more versions of ransomware including Crypt XXX, MarsJoke, Teslacrypt, Wildfire and Nemucod.
The portal — which also contains information and advice on avoiding falling victim to ransomware in the first place — is updated as often as possible in an effort to ensure tools are available to fight the latest forms of ransomware.
No More Ransom has grown from offering a set of four tools to carrying 52 decryption tools covering hundreds of families of ransomware. So far, these tools have decrypted tens of thousands of devices, depriving criminals of millions in ransoms.
The platform is now available in over 29 languages with more than 100 partners across the public and private sectors supporting the scheme.
The No More Ransom portal offers free ransomware decryption tools. Image: Europol
Individual security companies also regularly release decryption tools to counter the ongoing evolution of ransomware — many of these will post updates about these tools on their company blogs as soon as they’ve cracked the code.
A decryption tool was recently released which may be able to help if your PC has been hit by one of the original versions of the Petya malware — the so-called Red Petya, Green Petya, and GoldenEye — and may enable you to recover the lost files (although it can’t help with PetrWrap or those hit by the Petya/NotPetya global attack). However, these tools don’t always work so it is always wise to make additional backups.
Another way of working around a ransomware infection is to ensure your organization regularly backs up data offline.
Should I pay a ransomware ransom?
There are those who say victims should just pay the ransom, citing it to be the quickest and easiest way to retrieve their encrypted data — and many organizations do pay even if law enforcement agencies warn against it.
WARNING: if word gets out that your organization is an easy target for cybercriminals because it paid a ransom, you could find yourself in the crosshairs of other cybercriminals who are looking to take advantage of your weak security.
Buzzfeed has created a video that shows a more troubling side of this technology. The video shows former President Barack Obama saying things he never said, and it looks surprisingly believable.
In the video above, Obama is voiced by Jordan Peele, who does a passable impersonation. Having Peele do the voice gets the video more attention, but there are probably voice actors who could do an even better job. Buzzfeed started by pasting Peele’s mouth over top of Obama’s, and then replaced Obama’s jawline to match the mouth movements. Rendering took 56 hours for a minute-long video.
The tool is known as FakeApp, but the videos are usually called “Deepfakes” because that’s the handle used by the original developer on Reddit. You can download the code freely all over the internet, but it’s not easy to set up — you need to configure Nvidia’s CUDA framework to run the FakeApp TensorFlow code, so the app requires a GeForce GPU. The video you want to alter has to be split into individual frames, and you need a large number of high-resolution photos of the face you want to insert. In the case of Obama, there are plenty of photos online that can be used to generate a model.
Currently, new technology on the internet lets anyone make videos of real people appearing to say things they’ve never said. Republicans and Democrats say this deceitful technology will become the latest weapon in disinformation wars against the United States and other Western democracies. This technology uses facial mapping and artificial intelligence to produce videos that appear so genuine it’s hard to spot the phonies. Lawmakers and intelligence officials worry that the bogus videos — called deepfakes that could be used to threaten national security or interfere in elections.
When an average person can create a realistic fake video of the president saying anything they want, and the reverse is a concern, too. People may dismiss as fake genuine footage, say of a real atrocity, to score political points.
Realizing the implications of the technology, the U.S. Defense Advanced Research Projects Agency is already two years into a four-year program to develop technologies that can detect fake images and videos. Right now, it takes extensive analysis to identify phony videos. It’s unclear if new ways to authenticate images or detect fakes will keep pace with deepfake technology.
Deepfakes are so named because they utilize deep learning, a form of artificial intelligence. They are made by feeding a computer an algorithm, or set of instructions, lots of images and audio of a certain person. The computer program learns how to mimic the person’s facial expressions, mannerisms, voice and inflections. If you have enough video and audio of someone, you can combine a fake video of the person with a fake audio and get them to say anything you want.
Deepfake technology still has a few flaws. For instance, people’s blinking in fake videos may appear unnatural. But the technology is improving.
High school students from Brooklyn’s Midwood high school are taking a true crime class where teens read up on real murderers and mass shooters. Assistant Principal of English Suzane Thomas issued an edict to the school’s librarians last month that bars them from allowing students to take copies of the books home.
“I am requesting that the following list of books be placed on ‘restricted access’ to students,” Thomas said in the May 30 memo. “They have been borrowed by students in the True Crime class.
“In no way am I suggesting that these books be censored, as they are NYSTL [Text Law] approved by the DOE,’’ she wrote. “However, please do not allow students to take them home — they should be read in the library where they are supervised by a teacher or a librarian.’’
City education officials said the edict was given simply so every student could have access to the books.
“The books were available for all students to read and were kept in the library so that they could be accessible to everyone,” said Department of Education spokesman Doug Cohen. “Any other interpretation of the guidance that was shared is simply inaccurate.’’
However, It seems that some Midwood HS staffer begged to differ
The in-school-only restriction “doesn’t make sense,” said retired Midwood librarian Arlene Weber Morales, who was at the school when the crime course was created and admitted she had “mixed feelings” about offering such violent content to teens.
“The librarians order extra copies of books so students can take them home,’’ said Morales, who retired in 2015. “Don’t parents want to know what the kids are reading? I would order more copies of the books.’’
A current Midwood staffer said Thomas “clearly states that this is not book banning. But it is.
“We are waiting to see if the administration cancels this course, because most of the books used in the class are on the[banned] list,’’ the source added, noting it would be a shame if True Crime were killed because it is “a very popular class.’’
Assemblywoman Nicole Malliotakis (R-Brooklyn/Staten Island) questioned why the class was even in existence.
“Sadly, this is a city in which criminals are sometimes placed on pedestals, and entrepreneurs are vilified,” she said. “How about teaching about civic and business leaders who beat the odds so they too can strive for success?
“I see why the school doesn’t want students to take the books home,’’ she added. “Parents will flip out.”
Ongoing Information & Trends: A Weblog 
You must be logged in to post a comment.