Extortion At Work

Hacker_at_work_2 A new twist from hackers at work is locking your documents and threatening to delete them all unless you pay up a ransom. That is what happened to more than a thousand employees at several security related companies and government organizations. Ransom at work gives the details on some of the companies hit by this attack. The technique was to lure employees to a fake job opening and then infect the pc with a trojan (NTOS.exe) that looks for personal data and uploads it to a website repository, then encrypts everything on your pc. Here's the ransom note they leave on your pc:

Hello, your files are encrypted with RSA-4096 algorithm (http://en.wikipedia.org/wiki/RSA).

You will need at least few years to decrypt these files without our software. All your private information for last 3 months were collected and sent to us.

To decrypt your files you need to buy our software. The price is $300.

To buy our software please contact us at: xxxxxxx@xxxxx.com and provide us your personal code -xxxxxxxxx. After successful purchase we will send your decrypting tool, and your private information will be deleted from our system.

If you will not contact us until 07/15/2007 your private information will be shared and you will lost all your data.

Glamorous team

The advice from security experts:

if you've fallen victim to Gpcode or any other type of ransomware, you should never pay up under any circumstances. Always contact your antivirus provider and make sure you back up your data on a regular basis.

July 17, 2007 in Security | | Comments (0) | TrackBack (0)

Technorati Tags: , ,

Border Patrol May Confiscate Work Laptops

Business travelers have a new issue to worry about. U.S. border patrols have the right to search and seize your laptops and are doing it more frequently now. The searches are no longer just for explosives or other contraband. Now the searches include the content of the PC, including pictures and emails. Once confiscated, a laptop may or may not be returned.

Appeals are under way in some cases, but the law is clear. “They don’t need probable cause to perform these searches under the current law. They can do it without suspicion or without really revealing their motivations,” said Tim Kane, a Washington lawyer who is researching the matter for corporate clients.

Laptops may be scrutinized and subject to a “forensic analysis” under the so-called border search exemption, which allows searches of people entering the United States and their possessions “without probable cause, reasonable suspicion or a warrant,” a federal court ruled in July.

Aside from the inconvenience of losing your laptop during travel, this issue brings up several other issues.

  1. Employees may arrive at their destination without the needed tools and data to perform their job.
  2. Company or customer confidential data may be subject to an unknown number of eyes as it travels through the government confiscation process.

Tips to lessen the impact of a laptop confiscation.

  1. Backup data to alternate devices, such as thumb drives.
  2. Email and/or overnight mail data and/or equipment to the destination ahead of the employee.
  3. Encrypt sensitive data on laptops - this should already be done anyways to avoid litigation and other problems from loss or theft of equipment.
  4. Make sure travel laptops are cleaned of all personal/questionable data prior to travel or return travel, especially photos and browser caches and histories. If companies have separate laptops designated specifically for travel, this will avoid the inevitable conflicts arising from the requirement to remove all personal data and images that the employee may not want to part with.

October 24, 2006 in Business Travel, Security, Technology, Workplace Issues | | Comments (0) | TrackBack (0)

Online Check Scams

Beware of the latest online check scams disguised as job offers. This scam resulted from the person submitting her resume to an online job board. The scammer offered her a job depositing checks (that turned out to be worthless) and wiring most of the money. She would keep a percentage as her payment.

Online check scams have similar traits:

  • The scammer asks you to cash checks, keep a percentage, and wire the rest back. The checks are phony but you wired real money, so when the check you deposited bounces, you have to pay the bank back the amount you wired.
  • The scammer pays you much more than the asking price of what you are selling, asking you to wire the difference back. As above, the checks are fraudulent, so you lose your product and the difference you wired back.

October 05, 2006 in Finance, Jobs, Security | | Comments (0) | TrackBack (0)

Phony Security Credentials

Be careful who you hire and check those references.

A man posing as a Department of Homeland Security special agent applied for a job as a bodyguard for the company that handles security for Brad Pitt and Angelina Jolie. He worked for almost a year before getting caught and now faces federal prison time.

September 20, 2006 in Jobs, Security | | Comments (0) | TrackBack (0)

Screaming Cellphone

Screaming_cellphone Protect your emloyees' mobile phones, and protect the confidential data on those cellphones.

Synchronica makes a cellphone security system that will erase and lock down your cellphone when you report it missing. They will also trigger your stolen phone to emit a high pitched scream. According to the site, 10,000 mobile phones are stolen every month. From the site:

"According to industry sources, it takes on average only 30 seconds for someone to notice that their phone is missing, compared to an hour for a wallet or purse", said Carsten Brinkschulte, CEO of Synchronica. "Using our service, crime victims can be reassured that their information is immediately removed from the stolen phone, along with the satisfaction of annoying the thief with a screaming handset."

September 20, 2006 in Office Gadgets, Security | | Comments (0) | TrackBack (0)

Caller ID Spoofing

Watch out when you screen your calls using caller ID.

SpoofCard.com sells calling cards that allow you to change your caller Id (that shows on the caller Id of the person you call) to whatever you want. As a bonus, they provide a tool that will disguise your voice.

This has been used for phishing scams (calling with the caller Id of a bank to trick folks out of their account information), for accessing other folks voice mail (like Paris Hilton and Lindsay Lohan), as well as the advertised purpose of making truly anonymous calls (complaining to your neighbor about his noisy annoyance).

September 07, 2006 in Security | | Comments (0) | TrackBack (0)

Police Dogs At Work

Police_dog_training Video of French police dogs in training. Amazing and frightening how quickly these dogs can attack and subdue an armed gunman, jumping over vehicles along the way.

September 06, 2006 in Animals, bizarre, Security | | Comments (0) | TrackBack (0)

Homeland Security Whistleblower

Lockheed_martin_security A former Lockheed Martin project manager for a US Coast Guard patrol boat contract has resorted to whistleblowing through a YouTube video. After raising his concerns to his managers, senior management, legal and the CEO of Lockheed Martin. He talked to the Navy and to his congressmen. Finally, after no results, he put up a video of the dangerous security flaws in all of the Coast Guard patrol boats up on YouTube - and got results.

The security concerns he raised:

  1. A camera surveillance system for the boats has two huge blind spots allowing anyone to sneak onboard and enter the bridge undetected.
  2. The navigation equipment is required to survive environmental conditions that it fails well before reaching. The threshold is -40 degrees and the navigation equipment stops working at -5 degrees. These boats are stationed all over the world, so this is significant in many ports.
  3. The secure communications system for these boats is not secure and can be listened in easily.

The video is here: Lockheed Martin - US Coast Guard Security Issues and the news story is here.

September 05, 2006 in Security | | Comments (0) | TrackBack (0)

Russian Police All Female

All_female_police Russia is creating the first all-female police force in an attempt to curb corruption. Commanders believe women are less corrupt than men.

The male-dominated traffic police routinely forgive traffic violations in exchange for bribes.

There is research which proves that women are not inclined to bribe-taking, according to a regional police chief.

August 31, 2006 in bizarre, Jobs, Security | | Comments (0) | TrackBack (0)

Bumping Locks Open Instantly

Lock_bumping1 Bumping is a quick way of opening any door lock that uses the tumbler system (just about all of them except electronic card locks) - without the key. The video here shows an eleven year old opening a standard Kwikset brand door lock in about 3 seconds (WMV file). This video here is a news cast of a locksmith bumping open his own store in about 10 seconds.

Lock_bumping2 The technique requires no skill, no training, and no tools other than a bump key and something to tap it with. The bump key can be made easily from any key that fits the type of lock by filing away parts of it. The way the technique works is you bump the pins quickly causing the tumblers to jump up, leaving a gap between the pins and tumblers (as in second picture). Twisting the key while the gap is present opens the lock. The technique opens the lock (without the correct key) as quickly as using the correct key would.

What is at jeopardy: your door locks, USPS and UPS post office boxes and padlocks. No damage is caused to the locks and no telltale evidence is left behind. Insurance companies can deny claims on the grounds that the door or lock was not locked.

Abloy locks use a different mechanism than the standard tumbler system above and are immune to bumping. There are four pdf writeups detailing abloy locks (links on the right of the page).

The Kryptonite bicycle lock disaster (a plastic pen opens it in less than a minute) spurred the company to fix their locks quickly. Hopefully this information will spur door lock makers to fix theirs too.

August 25, 2006 in Security, Technology, Workplace Issues | | Comments (1) | TrackBack (0)

Next »