The importance of using backups to prepare for ransomware attacks

Image credit: David Rangel

Ransomware attacks are a growing threat to individuals and organizations alike. These attacks involve hackers encrypting a victim's data and demanding a ransom payment in exchange for the decryption key. In many cases, victims are left with no choice but to pay the ransom in order to regain access to their data. However, one effective way to protect against ransomware attacks is to use backups.

Backups are copies of data that can be used to restore a system in the event of data loss. By regularly backing up data, organizations and individuals can ensure that they have a copy of their data that is safe from ransomware attacks. This means that even if an attack occurs, the victim can simply restore their system from a backup and avoid having to pay the ransom.

In addition to providing protection against ransomware attacks, backups also offer other benefits. For example, they can be used to restore data in the event of other types of data loss, such as data corruption or hardware failure. This can save organizations and individuals a significant amount of time and money that would otherwise be spent trying to recover lost data.

Furthermore, backups can be stored in multiple locations, such as on a local device, on a remote server, or on a cloud-based service. This provides an additional layer of protection against data loss. For example, if a local backup is lost due to a hardware failure, the victim can still restore their data from a remote or cloud-based backup.

In conclusion, using backups is an important way to protect against ransomware attacks. By regularly backing up data, organizations and individuals can ensure that they have a copy of their data that is safe from ransomware attacks. This can save them from the potentially costly and time-consuming process of trying to recover lost data. In addition, storing backups in multiple locations provides an additional layer of protection against data loss.

(This article was written by ChatGPT, an Artificial Intelligence chat bot! Learn more about it here!)

What is the OWASP Top Ten?

The OWASP Top 10 is a list of critical security vulnerabilities for web applications.  OWASP stands for the Open Web Application Security Project, which is a nonprofit foundation dedicated to improving the security of software.  The OWASP Top Ten list is updated every several years to reflect the changing cybersecurity landscape and to direct focus onto the most important current security issues.  The OWASP Top Ten for 2021 is as follows:

  • A01:2021-Broken Access Control allows an attacker to gain access to user accounts. The attacker in this context can function as a user or even an administrator of the system. This can be secured by ensuring that all accounts use the principle of least privilege and unused accounts are disabled immediately.

  • A02:2021-Cryptographic Failures occur when important stored or transmitted data is compromised. This vulnerability is also known as “Sensitive Data Exposure.” This can be improved by properly encrypting data at rest as well as data in transit.

  • A03:2021-Injection, or more specifically “Code Injection,” occurs when invalid data is sent by an attacker into a web application in order to make the app do something it was not designed to do. Writing secure code that is resistant to input fuzzing can help secure against this type of vulnerability.

  • A04:2021-Insecure Design is a generic term for web application vulnerabilities that are related to design flaws. Improvements in this category require the use of threat modeling, secure design patterns and principles, and reference architectures.

  • A05:2021-Security Misconfiguration describes design or configuration weaknesses that are the result of errors or shortcomings. Proper development and quality assurance testing will help secure against misconfigurations.

  • A06:2021-Vulnerable and Outdated Components relates to devices with known vulnerabilities that need to be patched. If a device or piece of software cannot be patched, it should be removed or replaced with a more secure option.

  • A07:2021-Identification and Authentication Failures leads to compromised passwords, keywords, and sessions which can translate to stolen user identity. This can be secured through proper user authentication and session management, as well as user education regarding password hygiene.

  • A08:2021-Software and Data Integrity Failures can occur when software updates or critical data is used without verifying integrity. This can be improved through hashing techniques to verify data accuracy and integrity.

  • A09:2021-Security Logging and Monitoring Failures are common when logging is not performed frequently and consistently. This type of failure can result in data exfiltration and other attacks.

  • A10:2021-Server-Side Request Forgery happens when a web application fetches a remote resource without validation, which can give an attacker access to critical data regardless of firewalls or other defensive tools. Proper validation is required to protect against this threat.

For more information about each vulnerability and how to defend against these attacks, check out the OWASP Top Ten website.  Thanks for reading - check out my YouTube channel for more!

https://owasp.org/www-project-top-ten/

What is the OSI Model?

The OSI Model describes how data travels across a network. (Photo credit: Thomas Jensen)

The OSI Model describes how data travels across a network. (Photo credit: Thomas Jensen)

The Open Systems Interconnection (OSI) Model is a framework describing how network devices transmit and use data. It consists of seven layers, as seen and briefly described here:

  • Layer 7: Application (a user interacts with the data)

  • Layer 6: Presentation (data is translated between application and the network)

  • Layer 5: Session (devices are synced up so they can communicate)

  • Layer 4: Transport (data is classified as segments via reliable TCP or as datagrams via fast UDP)

  • Layer 3: Network (logical routing is determined via the shortest and/or most reliable path using IP addresses)

  • Layer 2: Data link (physical addressing is determined using MAC addresses)

  • Layer 1: Physical (data is physically sent over binary via electrical signals)

How to Memorize the OSI Model

To memorize the order of the OSI layers, it can be helpful to use mnemonic devices such as:

  • Layers 7 to 1:

    • All people seem to need data processing.

    • APS transports network data physically.

  • Layers 1 to 7:

    • Please do not throw sausage pizza away!

    • Please do not touch Steve’s pet alligator!

More Resources

This guide just scratches the surface of defining the OSI Model. For more in depth understanding, check out these resources!

Thanks for reading!

Should You Update Your iPhone?

Keeping your iPhone updated will help keep you secure. (Photo credit: Sumudo Mohottige)

Keeping your iPhone updated will help keep you secure. (Photo credit: Sumudo Mohottige)

According to a Pew Research study from 2017, “around one-in-ten people report they never install updates to their smartphone’s apps or operating system.”

Security flaws are constantly being discovered on all kinds of devices in today’s connected world, and iPhones are no exception. Keeping devices updated is incredibly important. Here are some of the main reasons to keep your iPhone (and other devices) updated:

Patch Security Exploits

iPhones can be vulnerable to exploits. (Photo credit: Dlanor S)

iPhones can be vulnerable to exploits. (Photo credit: Dlanor S)

It is a common misconception that only Windows PCs can get viruses or other malware. While it’s true that over 78% of all attacks in 2019 were carried out against Windows systems, there are still significant risks to iOS, MacOS, Linux, and other operating systems.

One case of this was the AceDeceiver Trojan, discovered in 2016 on iOS devices in China. This malware was able to install itself on devices by exploiting a flaw in Apple’s DRM protection. Once on a device, it could install other malicious apps without any knowledge of the user.

This is just one example of malware that existed on iOS, and is a reason why users should take security updates seriously.

Limit Tracking

Apple released iOS 14.5 in April 2021, which included a feature to limit tracking by third parties. (Photo credit: Luke Chesser)

Apple released iOS 14.5 in April 2021, which included a feature to limit tracking by third parties. (Photo credit: Luke Chesser)

With the release of iOS 14.5 in April of 2021, Apple introduced a feature called App Tracking Transparency that allows users to request to opt-out of third party tracking. An example of this kind of tracking is when you search for an item in your web browser, and then suddenly start seeing advertisements for similar items in your social media. While some may find this to be a convenient way to get relevant ads, most view it as a breach of privacy.

Users can opt-out of this tracking by going to Settings > Privacy > Tracking and toggling “Allow Apps to Request to Track” off. This will stop apps from sharing advertising data with each other, and it will automatically say “no” to the apps that request to track your data in the future.

Without updating to iOS 14.5, users would not have this option!

New Features

Keep your iPhone updated to take advantage of the latest features. (Photo credit: Bagus Hernawan)

Keep your iPhone updated to take advantage of the latest features. (Photo credit: Bagus Hernawan)

Hardware is not the only way that manufacturers release new features. Many new features are released as software updates. Just a few examples of new features in iOS 14.5 include:

  • Unlock Your iPhone With Apple Watch When Wearing a Mask

  • AirTags Support

  • Apple Maps Crowdsourcing for Accidents, Hazards, and Speed Checks

  • Dual-SIM 5G Support

  • New Emoji Characters

  • Expanded Game Controller Support

Conclusion

Yes, users should keep iOS devices updated. The added security, privacy, and access to new features are compelling reasons to take these updates seriously.

Thanks for reading!

How to Safely Store Bitcoin

Keep your cryptocurrencies safe and secure! (Photo credit: André François McKenzie)

Keep your cryptocurrencies safe and secure! (Photo credit: André François McKenzie)

The rise of Bitcoin and other crypto has created more reasons for owners to understand proper security of these currencies. Users can lose money due to hardware failure, loss of keys, and theft. Here are some of the best ways to store cryptocurrencies such as Bitcoin:

Hot Wallet

A “hot wallet” is internet-connected, making it more convenient but also more vulnerable. (Photo credit: Dmitry Demidko)

A “hot wallet” is internet-connected, making it more convenient but also more vulnerable. (Photo credit: Dmitry Demidko)

A “hot wallet” is the easiest way to store cryptocurrencies. Similar to a checking account, a hot wallet is a fast way to access and transfer funds. One important consideration is that hot wallets, also know as exchange wallets, are not insured by the FDIC or any other entity. In other words, if that organization was to be hacked and your coins were stolen, there would be nothing to bail you out. While a hot wallet is useful for making exchanges, it should not be used for holding large amounts of cryptocurrencies. Instead, those larger amounts should be transferred to the next option:

Cold Wallet

A “cold wallet” is safer because it is stored offline. (Photo credit: Erin McKenna)

A “cold wallet” is safer because it is stored offline. (Photo credit: Erin McKenna)

A “cold wallet” is the safest way to store Bitcoin and other digital currencies. Also known as hardware wallets, these wallets are stored offline and are therefore less susceptible to hacking. One of the safest ways to store an offline wallet is by printing it off and making a “paper wallet.” This includes a public and private key that can be used to verify your identity and access the coins. Another way to store a wallet offline is by using a USB drive to hold the public and private keys. The risk in this situation would be the loss or damage to these physical devices/paper.

Physical Coins

Physical coins are another popular way to store Bitcoin. (Photo credit: Dmitry Demidko)

Physical coins are another popular way to store Bitcoin. (Photo credit: Dmitry Demidko)

There are premium services available that will create and ship physical coins to you, with a tamper-proof sticker that indicate the value of the coin. This is more expensive that the free methods mentioned above, but it represents a unique way to hold a digital currency.

Other Considerations

Bitcoin Considerations.jpg

Here are some other things to consider when storing digital currencies:

  • Keep your wallet backed up to protect yourself from hardware failures. Store the backup separately from the computer with a good password.

  • Keep your Bitcoin/crypto software updated to keep it secure.

  • Consider using multiple signatures for transactions to increase security from theft.

  • Read as much as you can about the topic. Search for articles and learn about the currency you are investing in and how to keep it safe!

Thanks for reading!

How to Secure a Raspberry Pi

A Raspberry Pi can be a fun and powerful tool! (Photo credit: Harrison Broadbent)

A Raspberry Pi can be a fun and powerful tool! (Photo credit: Harrison Broadbent)

A Raspberry Pi is a tiny, inexpensive computer. It is a great tool for everyday computing tasks, learning how to code, and even retro gaming. As hardware like this becomes more popular and inexpensive, it is that much more important to understand how to secure these devices from attackers. To secure your device, check out the following steps!

Change the DefaUlt Password

Change the default password on all of your devices! (Photo credit: Amazee Labs)

Change the default password on all of your devices! (Photo credit: Amazee Labs)

One of the first steps you should take to secure your Raspberry Pi is to change the default password. These settings can be changed from the “raspi-config” application, or by typing “sudo raspi-config” from the command line. An even faster way to change this password would be to just type “passwd” into the command line, which will then prompt you to type in a new password.

This is an incredibly important step you should take on any new device, including routers, computers, smart devices, and anything else with an internet connection. To leave the default password unchanged is to invite attackers into your system freely.

Set Up a New User Account

Avoid using the default username when possible (Photo credit: Aryan Dhiman)

Avoid using the default username when possible (Photo credit: Aryan Dhiman)

Everyone that knows about the Raspberry Pi knows that the default username is “pi.” That in itself is a good reason to use a different username. To add a new user named “ryan,” simply type “sudo adduser ryan” in the command line. You can then go through the process of deleting the “pi” user, but it is important to note that some applications require the “pi” user to be present. If you have determined that you are ready to delete the “pi” user, you can read more about that topic in the official documentation here; just make sure you save any data from the “pi” user directory that you might need later!

Require a Password for “SUDO”

The “sudo” command stands for “superuser do.” (Photo credit: Joan Gamell)

The “sudo” command stands for “superuser do.” (Photo credit: Joan Gamell)

The “sudo” command is what allows Raspberry Pi users to act as a “superuser,” giving them elevated privileges with the ability to modify important system files. Unfortunately, the sudo command does not require a password by default, leaving your device vulnerable to attackers!

To force “sudo” to require a password, type “sudo visudo /etc/sudoers.d/010_pi-nopasswd” and change the “pi” entry (or whichever usernames have superuser rights) to: “pi ALL=(ALL) PASSWD: ALL” and save the file. For more details, check out the documentation.

Download the Latest Updates

Keep your system updated to stay secure! (Photo credit: Vishnu Mohanan)

Keep your system updated to stay secure! (Photo credit: Vishnu Mohanan)

Keeping your Raspberry Pi updated is a fast and easy way to increase security. As vulnerabilities are discovered in software, developers release updates to protect against those weaknesses.

To update your Raspberry Pi, simply type “sudo apt update” in the command line and press enter. This updates your system’s package list. Then, type “sudo apt full-upgrade” which upgrades your software to the latest version. That’s it!

For more details, read the manual here regarding system updates. For more ways to secure your Raspberry Pi, check out the official documentation here. Thanks for reading!

What is Buffer Overflow?

A buffer overflow can allow hackers to access your system in unexpected ways. (Photo credit: Lars Kienle)

A buffer overflow can allow hackers to access your system in unexpected ways. (Photo credit: Lars Kienle)

A buffer overflow is an exploit used by a hacker to force a system to perform actions not intended by the programmers. To understand this concept, we first need to understand what a buffer is.

A buffer is a place where data is stored. A common example of this would be a login/password text box on a website. For our purposes, let’s assume that the text box is expecting a password of 12 characters or less. If a malicious hacker can input a formula that the programmer didn’t account for that could result in many more than 12 characters being entered into that text box, those extra characters would spill over into the surrounding memory, causing unintended side effects. This type of exploit can be used by the bad guys to gain access to hidden information on the system which could compromise and even change the operations of that computer/server. Without the proper controls in place, the extra information (overflow) is inserted into the computer memory, causing the computer to blindly run new instructions.

The simplest method for preventing buffer overflows is to use a programming language that does not allow for them. While C allows for buffer overflows, other languages such as Java, Python, and .NET do not require special changes.

Buffer overflows can represent a serious vulnerability to your systems. It is important to check your code for these vulnerabilities and ensure that you are mitigating risk from these types of attacks!

What is Ransomware and Crypto-Malware?

These types of malware could lock you out and cost you big money. (Photo credit: FLY:D)

These types of malware could lock you out and cost you big money. (Photo credit: FLY:D)

Ransomware is a type of malware designed to encrypt a computer, locking the user out of the computer or network completely. The attacker then demands a ransom to restore access to the system. These types of attacks have been carried out against individuals, companies, schools and even hospitals. In 2020, Cybersecurity company BlackFog estimated that “a business is attacked by a cybercriminal every 11 seconds” with a total estimated cost of $20 billion by 2021 (source).

Victims are often required to pay the bad guys in cryptocurrencies such as Bitcoin. “Once they have the Bitcoins, it’s simply a matter of ‘washing’ them via the Dark Web (a process which removes all traces of previous ownership and transactions) and the hackers can then convert the coins to cash” (Eurostaff).

Crypto-malware is similar to ransomware, with the main difference being that crypto-malware locks out the user from personal files but still leaves the operating system functional. The bad guys leave the OS running so that they can present a message to you demanding the ransom payment.

In either case, there are some steps you can take to help prevent these types of attacks:

  • Keep OS, software, and virus protection up to date on the latest version

  • Avoid opening emails or attachments from unknown senders

  • Avoid suspicious websites and links

  • Keep your data backed up routinely on an offline drive

These are just a few ways to keep you safe from ransomware and crypto-malware. It’s up to you to stay informed and stay vigilant!