Wednesday, October 28, 2015

FBI opens the Pandora box about if the ransomware victims should pay

Today is the star topic in all the cyber security forums over the world: Do we should pay or not to the ransomware blackmailers? FBI says so but the rest of the experts insist in don’t do it. Who do we listen to? Today we’ll also talk about the sale by the main world carriers of their customers data, a very lucrative business; we’ll talk as well about a change in the USA copyright laws and of an experiment: leaving 200 flash drives “lost” in public sites to see where they end.

Last week, in the Cyber Security Summit in Boston, the special agent Joseph Bonavolonta confirmed that, for some stong ransomware encyption attacks, FBI recommends paying the money requested by the criminals in exchange of the decryption password. This has created indignation in most of cyber security experts, whose standard speech had always been not to pay because isn’t sure they send the password, and if they send it, it may content another virus, also feeding this criminal business.

24 thousand millions for your data

We continue with an exclusive research by “Ad Age” which ensures that the big mobile phone operators are selling different packs of their customers data to marketing companies. In these packs there's information extracted from the metadata they store and this allows to conclude navigation habits, the hours of calls and messages or geolocalization. They mix it up with our demographic data and these worth millions. In 2020, approximately, it will become a 79 thousand millions of dollars business for the telecoms.

The jailbreak is legal now

The reverse engineers communities have a reason for happiness today: the Congress Library of USA has revised the list of technologies the hackers can play with, without breaking the Digital Millennium Copyright Act: mobile phones, tablets, TVs and smart watches and wifi routers will be opened and analyzed by some researchers who already did it, but in an… alegal way. Now it will be also legal root or jailbreak the smartphones.

41% don’t know what is 2F

We finish with an experiment which allows to realize us about the low level of awareness existing in IT security: 200 flash drives were left in different public sites and 1 out of 5 people who found them plugged in their computers. This wouldn’t surprise us, if we see the results of a recent survey made to USA office workers: 41% don’t know what a double factor authentication is and 27% change their passwords at work once a year at most.

The most convenient for companies is formation, asked by the way by their own employees but not by some managers. But we use this watchtower to remind it.


Post a Comment