Ransomware Global Strike: The “WannaCry” Attack

 

 

In the height of the westward expansion into California, the “Wild West” became not only a place, but a term that described an entire cultural phenomenon. What made the west so wild were the apparent lawless territories that saw hostile takeovers, train and carriage robberies, kidnapping, and ransoming. Over time the west was settled and developed into new states with their own laws and regulations. The wild part of the west was no longer a threat, at least in the physical world. Today we have a new and almost lawless place, however this territory only exists online. Though there are plenty of companies and programs that work 24/7 to ensure safety online, there are still opportunities for malicious attacks to be carried out. The robberies and takeovers that plagued the westward expansion have now become digital.

A typical scam that you will see online is the email phishing that we talked about in a previous blog. These scams can be easy to avoid as long as the recipient is not engaging with the email or providing any personal information. Unfortunately that does not always protect online users from being attacked for their information. Ransomware has become a bigger threat that is hard to trace and causes an incredible amount of damage. Essentially it is software that takes all of a victim’s personal files and information and holds it for a ransom that must be paid. Recently a large ransomware attack has become global news, with at least 150 countries experiencing the same attack. The most affected victims were the small businesses, universities, and hospitals that were unable to protect themselves and had to either pay the ransom or risk losing all of their data (CNN Money). Reports from China, Germany, Japan, Russia, the US, and Spain confirmed that there had been attacks from the same ransomware and that they had taken the necessary precautions to try and stop its spreading.

Through a patch in the Microsoft Windows software, the ransomware “WannaCrypt” was able to target specific users and take over their systems. Ransomware works as a lock box for your data, keeping you from accessing any of your files or personal information unless you agree to the terms and conditions set up by the creator. Victims were told to use Bitcoin to pay for the return of their files (Microsoft). Many of the Windows users who were targeted were not using an updated, or a licensed version of this software making them even more vulnerable to patches that could not be fixed in the Microsoft updates. In the wake of this viral attack, Microsoft released a statement outlining the efforts they were making to avoid these attacks in the future. However, they also called on the public to become more aware of their own responsibility in updating their computers and backing up their information with an external drive and cloud software. Proactive actions are the key to being safe online. This idea of being proactive is also what stopped the ransomware attack from continuing to spread. A young cybersecurity student in the UK decided to look more closely at the software behind the attack and discovered a kill switch. The malware was using “a very long nonsensical domain name that the malware makes a request to – just as if it was looking up any website – and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading” (The Guardian). Once the student located the domain name, all he had to do was buy it. The domain cost $10.69 and was immediately registering thousands of connections every second; once it was purchased the malware was stopped in its tracks. Additionally once this domain was bought he was able to determine the IP addresses attached to the malware and reported them to the authorities. Though this was a great victory, in the world of Cybersecurity it is just a temporary fix. There are just as many entities creating malware as there are cybersecurity experts trying to stop them. What makes this malware attack so dangerous is that it can be replicated and reused at any time.

Backing up files, or storing information in the Cloud, and regularly updating your software are the best measures you can take to protect yourself from ransomware. As we mentioned in a previous blog on email phishing, it is imperative that you avoid any email from a company or bank that is asking for your personal information via email.

If you are interested in becoming a cybersecurity expert yourself, consider a degree from Coleman University. Perhaps it could be you that stops the next big cyber-attack in its tracks! Call (858) 499-0202 for information on our technology focused programs.

 

Faculty Spotlight: Thomas Byrne (Cybersecurity Program)

Part of what makes Coleman University so unique to San Diego is the incredible faculty that we have on our campus. Technology and its development are not pastimes for our faculty; their careers and passions are built around it. We sat down with one of our Cybersecurity instructors, Mr. Thomas Byrne, to talk about his passion for technology and teaching. Hopefully we can show you something new and exciting about your instructors!

Mr. Byrne (far right) stands with his First Robotics Team at the Central Valley Regional in March of 2016. This photo was taken after the team had secured a spot in a semi-final for the second time that month!

1.So, Mr. Byrne, what drew you to technology and network security?

I grew up with technology and thinking back here are some of my memories: I was literally amazed at my first RED Led watch in the mid 1970’s as well as PONG, which I had hooked up to my TV. I thought to myself “this is the future, these digital readouts.”  Then one day in 1982 my father, who worked at McDonnell Douglas in Long Beach as a Branch Chief Engineer, brought home a Compupro 8/16. It ran CP/M off of 8-inch floppies. One of my favorite games to play on the computer was “Colossal Cave Adventure,” which was a text based adventure game that made you visualize the world you were exploring. I spent a lot of time exploring that cave and one day I got stuck in the cave and actually phoned the author for a game hint in the help file. That was cool, knowing that I could phone the creator of the game. The hint was “Did you get the axe? Did you throw the axe at the Minotaur?” Ooops! I also read a lot when I was a kid, and I eventually came across tech magazines in the electronics store. I read an article and found out that you could punch a hole on the back of that huge floppy to make it double sided; it was so exciting to learn that I could double my storage!  I learned to program in Assembly, which meant manipulating the CPU stack, and I watched my dad write code to track expenses and even predict when airplanes were flying overhead as they landed in LAX. I also received my HAM radio license back when you had to learn Morse code and was communicating with people in Japan and Germany… so that’s how I sort of got hooked on technology, it was my fun time. As for network security, I like to be secure and wanted to learn how to maintain my systems against threats. I saw all the virus activity and did not want to lose my data, so I researched how to stay safe online and really liked understanding how the hackers think and what motivates them. I also learned how vulnerable this technology is, and I wanted to do something about it.

2.How long have you been teaching at Coleman? What inspired you to become a teacher?

I was hired as an Instructor in August of 2010. Before that I was a corporate trainer for Luxottica. I always was someone who could learn and then explain almost any topic and gain insights on it. I really like helping people understand difficult concepts in cybersecurity. This is a huge positive, as a lot of the material can be difficult until you understand it. I try to make it easy to understand, so that my students can remember the material down the road and make use of that knowledge. I try my best to cut through the noise to the essence of what’s really important to know.

3.Do you have a piece of advice or information that you want all of your students to know before they graduate?

There is a job for you, as the world certainly needs trained cybersecurity professionals. It will not be handed to you though. One piece of advice I have is to be very flexible in your careers and gravitate to the areas that interest you. Learn everything you can about security and technology; we live in amazing times and the whole world is going through a digital transformation right now. The world needs your help, so study hard and keep up with all the changes in technology and security. The Internet is a great human resource, so use it; learn how to find good sources of information and never stop learning. It’s very important to learn to interact with others in a positive way and become a good communicator. Be a positive person. Technology is hard for many so help them understand it.

4.Where do you go for the most accurate and up-to-date information on what is happening in technology?

I take advantage of my commute time and listen to podcasts. I’ve got my podcast apps, and I can tie into any podcast out there. I listen to Google, Apple, Microsoft, Security Podcasts, etc. It really comes down to about five companies that are at the head of technology development. It is all interesting to watch and hear, like a big game to see who will come out with the next trend.

5.What are some basic tactics that you would recommend to the public, who may not be fully aware of online cyber risks?

First of all, don’t believe in total privacy online. If you’re on the Internet regularly, you are not doing it privately. If you’re using the Internet you’re going to be in some database somewhere. In regard to keeping your own computers and other devices secure, try not to click on links that you don’t recognize, use two-factor authentication whenever possible, have a password manager for your personal emails and other log-ins, keep up with the news, and don’t go to websites that you can’t verify. Most importantly, don’t allow any action on your devices that you do not personally approve. So if an email comes up with a link that you do not know, reverse it, call the company directly and ask if they contacted you. You need to initiate the connection instead of assuming a provided link is good.

6.What are you involved in outside of the classroom that involves technology development?

Well, I am a mentor for First Robotics. My son wanted to start a robotics club at his high school with two friends, after seeing that other schools around the city, such as Hi Tech High had them. They started a robotics team for Mission Hills High School in San Marcos. I met with them and let them know that I wanted to help out, so I met all the parents of the other students and we worked together to start a robotics team. It’s a lot of work! You have to form the team, and it costs about $4000 to compete in these competitions, so that takes a lot of fundraising. You’re given parameters like the weight of the robots, which has to be 120 pounds, and the cost, which has to be less than $4000, and so on. So you need to get sponsors. We got started in the robotics competitions in San Diego four years ago, and our first project was a defensive robot which was required to have the ability for aerial assist. In that first competition we placed 23rd out of 60 teams, which was pretty high for a rookie team, considering that some of the other teams had been doing this for at least ten years. From there we ended up going to St. Louis to compete, because we won Rookie All Star; we were up against teams from across the nation, but there are also about 30 countries that do this every year as well. Right now there are about 6,000 teams globally that are a part of this competition. We were up against the best and that motivated us to come back even better the next time. So in the following years we have been semi-finalists in both the national and international competitions. This year we were semi-final and quarter-finalists. There are a lot of scholarships attached to this, so students can get money from Boeing and other companies who are looking for engineers to sponsor. Our team is so successful because we have so many mentors who specialize in every aspect of building and implementing.

7.What is an up and coming technology or technology trend that you are really excited about?

Well people like to say that my head is in the clouds, because I am so invested in cloud computing! This is the next paradigm shift in major technology. A cloud service run by major corporations like Google and Microsoft provides the advantage of a powerful storage facility, with massive processing power, and servers that can shift their computing power to adapt to any situation. In regards to hacking, people are going to start seeing the value of the cloud, because it offers more security at less expense, and it is consistently updated. The ability to share and store information will connect the world and give everyone access to technology.

 

We want to thank Mr. Byrne for taking the time to tell us about himself and his passion for technology. Keeping students motivated and engaged is a full-time job and there is a lot more beneath the surface here than you might think. Join us again next month for another spotlight on our incredible faculty at Coleman University! If you would like to know more about First Robotics and the team that Mr. Byrne is mentoring follow the links below.

https://www.firstinspires.org/robotics/frc

https://www.facebook.com/team5137/

 

Coleman University Students Can Get Office For FREE!

As educators, everyone at Coleman University is united behind a single goal – help prepare our students to become the best they can be. Now, there’s an exciting new benefit that aims to go a long way to achieve that goal. Our school has made an agreement with Microsoft to provide Office to every one of our students for free. This automatically updatable, subscription-based software ensures our students always have the latest version of Word, Excel, PowerPoint, OneNote, and more for as long as they’re a student here and the program continues. According to IDC, students with Office skills are better prepared for work in the professional world.

  • Install on up to 5 compatible PCs and Macs, plus 5 tablets
  • Use with OneDrive for automatic device syncing
  • Gain valuable skills on the world’s most popular document software
  • Use the same programs as the faculty to ensure full file fidelity

This offer is available to all students at Coleman University. To get your complimentary Office, visit Office.com/GetOffice365 and follow the on screen instructions.

Need help? Frequently Asked Questions For Students

HigherEDBanner