Why WannaCry was a dud (but you should get ready for the next one)

While WannaCry has made headlines for its prolific spread (and use of Windows Exploits), by and large it has been a total failure for the attackers themselves. This is because from a technical (or more so “business”) standpoint, WannaCry is/was not a good product.

Let’s talk about why. First of all, ransomware in general has become a money machine for organised crime syndicates. But only a fool wouldn’t realise this is because significant research and development has gone into creating their “product”. As a result, they generate literally millions of dollars for their vendors.

[mk_blockquote font_family=”none”]WannaCry has so far made about AUD$120,000 dollars.[/mk_blockquote]

WannaCry has so far made about AUD$120,000 dollars. Because of the way the WannaCry writers have crafted the malware, they are only using three Bitcoin wallets to accept payments from victims. And because of the way Bitcoins work, you can see the payments right here.

This is highly unusual. Most ransomware will create a unique Bitcoin wallet so payment can be verified. It’s very important to note that WannaCry cannot verify you have paid your ransom so under no circumstances should you pay it.

WannaCry also had a built in kill switch in the form of a URL that prevents WannaCry from starting its encryption routine if a connection is successfully made. Unfortunately the WannaCry vendors forgot to register that URL so somebody else did, rendering WannaCry useless.

As a result you can see a live map of where WannaCry would have struck at https://intel.malwaretech.com/pewpew.html

In retrospect this is all pretty funny, especially since Australia got through it all pretty unscathed. But in reality it is the alarm bell for a new form of ransomware that more sophisticated attackers will learn from and in turn develop more refined and dangerous malware delivery methods.

In a future attack, your anti-virus may mark the suspect email as spam. Failing that, it might notice and stop the encryption routine. A clever security researcher may be able to stop the encryption payload mechanism by the time your machine gets infected. Windows may patch the vulnerability before it is exploited in the wild.

But you can always restore from backup. Provided of course, that you have a backup. So it’s important (today, right now important) that you know your backup is recoverable, timely, not directly accessible (as in ransomware can’t delete/encrypt it while on its rampage) and a few other things that make sure your backup is safe and dependable.

CR&T can do this for you. Unfortunately it is chargeable, but it may be the best insurance you ever buy. Call or email and we’ll get started – we’ll also check the appropriate Windows Update has been installed to prevent the WannaCry exploit. Even though WannaCry has been effectively shut down nothing prevents someone else from using the same exploit on unpatched systems.

[mk_blockquote font_family=”none”]But you can always restore from backup. Provided of course, that you have a backup.[/mk_blockquote]

Subscribe to the latest news, malware alerts and more from CR&T

* indicates required

(Infographic) WannaCry Ransomware

Subscribe to the latest news, malware alerts and more from CR&T

* indicates required

The number one thing you should be doing with your computer today

Being an all round computering champion, people often ask me “David, what’s the most important thing I should be doing with my computer?” and my answer is “Clear your internet history.”

And then I talk about backup. We have a saying in the office:

“There are two kinds of people. Those who have lost data, and those who are about to.”

It’s amazing how lax most people are regarding backup, and it makes no sense! How silly would you feel having to re-key hours of data due to a lost file? How devastated would you be losing precious photos due to a failed hard drive? You wouldn’t be able to make the ultimate hipster Christmas present, Then and Now Recreated Photos! How destroyed would you feel losing your entire business due to encryption malware?

The good news is backup does not need to be expensive! Typically speaking the more you spend, the quicker you will get back up (zing!) and running. A basic backup program is included in Professional and Server versions of Windows. Spend some more money and you can do granular file restoration and SQL database backup with BackupAssist. More still and you have the Rolls-Royce, Veeam, which has Instant VM Recovery – you can start a virtual server directly from a backup file, giving a truly amazing RTO – Recovery Time Objective.

One more step up and you are moving away from backup and towards Availability. By using redundant hardware in a Microsoft Failover Cluster, a physical server can fail and virtual machines will migrate in real time to other servers in the cluster. So where other organisations would be reaching for the backup drive, users in a Failover Cluster (or otherwise referred to as Highly Available) environment don’t even notice a hardware failure – but backup is still very important in these configurations.

For businesses, the conversation is simply one of finances.

“How much does it cost my business when the computers are down?”

If your business will die due to missed deliverables, zero staff productivity without computers or no way to get orders in, it makes sense to spend some money to avoid that. If your business can handle being down for a couple of days then the cost of a HA system or sophisticated backup software is not justified.

[mk_image src=”https://www.crt.net.au/wp-content/uploads/2015/07/CRT-Dell-Server-Rack.jpg” image_width=”480″ image_height=”724″ crop=”true” svg=”false” lightbox=”false” frame_style=”simple” target=”_self” caption_location=”inside-image” align=”left” margin_bottom=”10″ animation=”right-to-left” title=”An actual HA System installed by CRT” desc=”We’re professionals AND we have fancy cameras.”]

We’re not much into selling on the blog but I highly recommend you get an expert to evaluate your backup plan. Not just your backup software, but the whole plan surrounding it – the number of drives you backup to, do you take them off-site each night, what is the process when a restore is needed, the entire enchilada. Your data is one of your business’ most critical assets and not easily replaced.

In fact, it is so important I’m willing to put my money Arthur’s money where my mouth his mouth is. Email me (it’s already formatted just enter your name and phone number) and we’ll organise a free, no obligation chat about your current backup situation and identify any potential pitfalls.

How an IT Professional browses the web

Being an IT Professional and general purpose nerd means I waste spend a lot of time aimlessly browsing the internet furiously finding answers on the internet. So here are a few things I use to save time.

First of all, get away from Internet Explorer. You’ll need to in order to install the extensions I’m about to introduce anyways. Chrome and Firefox are my preference, and between the two my recommendation would be to pick the interface you like best (just make sure you don’t get any Sneaky Software with it). I personally use Firefox.

Addons:

Tree Style Tab – I get interrupted pleasantly surprised by phone calls and emails constantly. To keep things orderly, I use Tree Style Tab to group tabs together to be able to move between ideas or themes quickly. It does take up screen real estate though so a high resolution helps.

Flashblock – Loads a placeholder instead of the actual flash content. That way I get to decide what is and isn’t loaded.

Ghostery – Shows what entities are tracking your activity, potentially over multiple websites. And of course it will let you block them as well.

Adblock / uBlock – Some people might gasp at the idea of blocking ads. That’s why the website is free after all! I bet those people also explode with righteous indignation when you change the tv channel in the ad break, and they smack the Photo News out of your hands when you are skimming for people you know because you aren’t giving the ads the requisite attention. I bet those people are also great fun at parties. You can whitelist websites you want to support, which is a nice thing to do.

NoScript – Prevents websites from running scripting, unless you allow them to. Translation – websites load faster, and safer.

[mk_image src=”https://www.crt.net.au/wp-content/uploads/2015/10/BrowserExtensions1.jpg” image_width=”800″ image_height=”350″ crop=”true” svg=”false” lightbox=”true” frame_style=”simple” target=”_self” caption_location=”inside-image” align=”center” margin_bottom=”10″]

So there you go, how to browse like an IT Professional (well, this IT “Professional” at least). A word of warning though! This will make some websites load completely wrong. Though by whitelisting the right website in the right extension you will get back to how the creator intended the site to look. You will also use more system resources running these extensions. I think it is a small price to pay though. Trying to save money on hardware at the cost of performance is truly a false economy, but that is a conversation for another day 😉

If you try it out, I’d love to hear how you go. Leave a comment or flick me an email at davidg@crt.net.au.

[mk_image src=”https://www.crt.net.au/wp-content/uploads/2015/10/taskmanager.jpg” image_width=”428″ image_height=”509″ crop=”true” svg=”false” lightbox=”true” frame_style=”simple” target=”_self” title=”System Admins hate him” caption_location=”inside-image” align=”left” margin_bottom=”10″]

Introducing Cel-Fi

[mk_padding_divider size=”40″]
[mk_padding_divider size=”40″]
[mk_fancy_title tag_name=”h2″ style=”false” color=”#000000″ size=”18″ font_weight=”bold” font_style=”inhert” txt_transform=”uppercase” letter_spacing=”0″ margin_top=”0″ margin_bottom=”18″ font_family=”none” align=”center” animation=”fade-in”]

Banish terrible mobile reception

[/mk_fancy_title]

If you live rurally or have drawn the proverbial shortstraw and ended up with mobile deadspots in your home you know the frustration poor reception can cause.

You miss important calls. You have to do a handstand near the right window just to make a call. You have to talk to that boy you like in the lounge room in front of your parents (ew).

Cel-Fi is a personal mobile repeater that solves these problems for you.

[mk_padding_divider size=”60″]
[mk_fancy_title tag_name=”h2″ style=”false” color=”#000000″ size=”18″ font_weight=”bold” font_style=”inhert” txt_transform=”uppercase” letter_spacing=”0″ margin_top=”0″ margin_bottom=”18″ font_family=”Arial, Helvetica, sans-serif” font_type=”safefont” align=”center” animation=”fade-in”]

So how does it work?

[/mk_fancy_title]

In order to give you the best possible result, we typically install the Cel-Fi with a YAGI antenna on your roof to capture the mobile reception. It’s worth noting that the antenna and the Cel-Fi are locked to a particular carrier (eg Telstra).

The antenna connects to the “Window Unit”, which if the signal was strong enough could be used without the antenna and sit, wait for it, at a window where there is good signal.

The Window Unit connects to a “Coverage Unit” via wireless link. It can be up to 30m away from the Window Unit, so usually it sits in the middle of the house and dispurses mobile reception loveliness around the whole home/office. If you can work out why it is called a Coverage Unit please email me.

[mk_fancy_title tag_name=”h2″ style=”false” color=”#000000″ size=”18″ font_weight=”bold” font_style=”inhert” txt_transform=”uppercase” letter_spacing=”0″ margin_top=”0″ margin_bottom=”18″ font_family=”Arial, Helvetica, sans-serif” font_type=”safefont” align=”center” animation=”fade-in”]

Benefits

[/mk_fancy_title][vc_accordions style=”fancy-style” action_style=”accordion-action” open_toggle=”0″ container_bg_color=”#09286b” responsive=”true”]

Reliable, Consistent Reception

[mk_icon_box2 icon_type=”icon” icon_size=”32″ icon=”mk-li-phone” icon_color=”#ffffff” icon_hover_color=”#ffffff” title_size=”11″ title_weight=”inherit” title_top_padding=”10″ title_bottom_padding=”10″ align=”center” title=”Actually use your phone!” title_color=”#ffffff” animation=”left-to-right”]
[/mk_icon_box2]

Faster Data Speeds

[mk_icon_box2 icon_type=”icon” icon_size=”32″ icon=”mk-moon-spinner” icon_color=”#ffffff” icon_hover_color=”#ffffff” title=”More browsing, less waiting!” title_size=”11″ title_weight=”inherit” title_top_padding=”0″ title_bottom_padding=”10″ align=”center” title_color=”#ffffff” animation=”left-to-right”]
[/mk_icon_box2]

Batteries Last Longer

[mk_icon_box2 icon_type=”icon” icon_size=”32″ icon=”mk-li-battery” title_size=”11″ title_weight=”inherit” title_top_padding=”10″ title_bottom_padding=”10″ align=”center” icon_color=”#ffffff” icon_hover_color=”#ffffff” title=”Constantly searching for signal drains batteries!” title_color=”#ffffff” animation=”left-to-right”]
[/mk_icon_box2]
[/vc_accordions]

There are lots of options to get more information. Start a Live Chat from the bottom corner right now, call on 02 6884 5922, email team@crt.net.au or comment with your Facebook account below.