By Greg Gerber
Editor, RV Daily Report
Last Friday’s release of the WannaCry ransomware internet worm was a wake up call for a number of organizations. As has been widely reported, the code has spread to 150 countries, impacted more than 50,000 companies and government offices, and ruined the day for 200,000 or more individuals — in three days.
The malware, which was developed by our very own United States government as a cyber warfare tool, then stolen and released on the darkweb, works to encrypt all of the files on a person’s computer and demands that the victim pay $300 in untraceable Internet currency to get the secret code to unlock the files. It also spreads to every device connected to that computer, then targets the person’s contact list and attempts to spread the infection to other computers.
There is no guarantee that after paying the money, the criminals holding the system hostage will actually turn over the code to decrypt the files. Reclaiming control of an infected computer is a time-consuming, burdensome process that can only be done if people have been backing up their files remotely.
You can read more about the WannaCry malware in the Wall Street Journal.
The bug can only be transmitted when people click on a link in an email message or on an online advertisement. Ads from revenue sharing sources that legitimate websites host can sometimes link to a “webpage” that is immediate rerouted to an executable file that infects a computer or smartphone.
These ads can occasionally be found on mainstream news websites, but are more often targeted to porn or celebrity gossip sites and sensational news stories known as “click bait,” like banners proclaiming “You won’t believe what Marcia Brady looks like today!”
Don’t worry, RV Daily Report is a completely safe site. We have rid our site of of any revenue sharing banner ads, even Google ads. Only links we know are legitimate are deployed in our banner ads.
RV Daily Report probably gets five or more of these email “phishing” attempts every day. The messages warn that a package could not be delivered, offer a receipt for a purchase, indicate there is a problem with some sort of account, or offer to share a file on a trusted resource, like Google Docs.
Berkley University has developed a webpage that helps people identify the most common phishing examples. It would be a good idea to check it out.
People must be absolutely certain they know who is sending a link or a document and that it does not have a file extension other than common file types like .doc, .docx, .xlsx, .txt., .pdf, .jpg, .png, .gif and a handful of others. Beware of spammers who send attachments that look legitimate but include a file name that ends in .exe or .zip. They disguise the files by naming them like SalesOrder.pdf.exe. Clicking on that bad Oscar can ruin your week.
I had a situation a year or two ago when I received a notice from a legitimate RV dealership in South Carolina that a person wanted to share a Google Doc with me. I logged into my Google account and reviewed the document that talked about wealth management for millionaires. I replied asking the sender if she intended to send it to me.
I got a reply immediately saying that, yes, I should log into Google Docs and review the file. When I explained that I already had and the item had nothing to do with the RV industry, I didn’t hear anything back. I found out later that a hacker had taken over control of the dealership’s email system in real time to send messages and reply to inquiries like mine.
However, I got a text message from Google Security 10 minutes later warning me someone was attempting to access my Google account from a computer in Louisiana. When I indicated I had not authorized that access, my account was shut down and I was directed to change my password. Thank goodness, Google was on the ball!
The next day, I got a similar message from Microsoft alerting me that a computer in Nigeria was attempting to access my account. That was a wake up call for me and I opened a 1Password account so that I could have a different complicated password for every website I needed to access.
This type of nonsense cases information technology managers to break out in cold sweats at companies large and small. That’s because they can warn and warn and warn people about how to identify these types of malicious messages. But, most workers adopt a ho-hum attitude until it’s too late.
I was talking with several folks over the weekend about this rise in ransomware malware, and one IT pro told me what his company is doing. I thought it was absolutely brilliant.
To help train people to spot these malicious messages, the company actually sends similar phishing messages to employees. If an employee clicks on a bogus link, he or see is directed to a friendly website set up by the firm that basically scolds the employee and describes what he or she did wrong and how to avoid it in the future.
However, the information technology department is also notified of who clicked on the links and the employees are brought in for some more intensive computer security training. Their names go on a Wall of Shame in the break room or are included in a company newsletter. It’s a tongue-in-cheek “Phisherperson of the Week” promotion that generally results in some gentle chiding.
However, people who continue to click on malicious links after receiving warnings and training eventually face termination. Companies can no longer afford to have their entire computer networks locked down because a careless employee took the bait offered by some scammer.
Internet security is no laughing matter. Not only can people lose all their pictures, videos and files, they can lose their identities as well. One careless act can cause immediate heart ache and years of problems.
As one news story today warned, “Log in, look out!“