All industries are targets, please see below for some examples:
An average user can be tricked. Sometimes even more power-users can be tricked due
to load of incoming emails.
The following examples are specifically targeted to the maritime industry.
If you are an IT, you can spot they are fake, but a person working in an office will consider
them legit and open the attachments.
Protect yourself from Ransomware :
RansomSaver – Free protection from Ransomware
I prefer to answer by sharing my personal experience. I believe it makes it more appealing
to the reader.
I own an e-ink reader,amazing device,keep hundreds of articles, long battery etc.
Last month my local library started sharing books online. I did enrol and also opened an
account with a third party that protects the ebooks from copying.
Its called Digital Rights Management. The library allows you to “own” the book for a specific
number of days. After the end of that period it expires and you cannot read it. It’s enough
time though to read the ebook.
I decided to see how long it would take me to remove the protection from the ebook. I did
know that it was possible, never done it myself.
So I downloaded a free ebook management software on my Mac, did a quick research and
found an extension for this software that claimed to remove the DRM.
All I had to do was to drag and drop the file on that software.
The book was mine to keep. So much of the DRM, I though. (it took me less than an hour).
I am still thinking whether to share that with my local library or not.
A client of ours wanted to know if they could remove the password from a document (that
was in a portable format) and change it’s content. We replied that it would be difficult to do
it and could destroy the format (to discourage them). However at the end of the day they
came back with the solution by themselves. They downloaded a free software and removed
the password. The document was an invoice, they wanted to increase the expense amount.
As of encrypted documents as of 2019 and depending on the algorithm used, they are
protected up to a point. Secret services will find a way to decrypt any document.
Personally I do not believe that digital documents are more secure than physical
ones. But we cannot do otherwise.
I just remembered a case back in the MS-DOS era, about a company where the computer
having the accounting software system was not even connected to the LAN. It was locked
inside a room and only a designated person was updating it under a strict policy. It looks like the
optimum protection on one hand but on the other imagine how little information could be
exchanged among departments.
As of my own eyes, I once developed an application for an organization that was collecting
information. They had two networks. One for the internet and one for their database system.
There was no physical connection between two networks. I guess you can understand why.
Wouldn’t it be nice to embed metadata in a biological or quantum state inside a document?
Disclaimer: We are against on stealing other people intellectual property. In the
end no one will be creating any content at all.
I hacked a University by mistake and I was not even a beginner hacker.
Like every other person I start my day with a cup of coffee while going online to read the news on
an online newspaper. That day on the top of the page there was a banner adverting a seminar hosted
by a specific University.
However next to the banner there was an error shown, including an IP address. The error also included
the name of a database. It was MySQL.
At that time (around 2005) I was developing a PHP application that was relying to a MySQL database
to store tables of information. There was a nice free application that would let you manage the database
called MySQL Workbench.
Without further thinking I opened MySQL Workbench typed the IP shown on the banner.
I was asked for a user name and a password. I typed the default user name which was root. I left the
Simple as that. I was able to browse all tables of that database. Information regarding tutors, courses,
internal documents etc. There was even one table that had unencrypted passwords of third party
I did not know what to do!
I asked myself. Am I hacker now? Is it possible for an administrator to be that stupid?
And the answer is yes of course!
I closed the database connection. I did not change any data or kept any copy of the information.
Nowadays MySQL has safeguards that would not let that happen, even if an administrator is careless.
It’s the human factor that leaves the door open to the hackers.
As for the hackers their motivation can be political, recognition among friends or just money-money-money.
You can never be 100% protected online. But you can make a hackers life hard.
Eventually they will leave you for an easier target. Be prepared in advance!
Lets do a quiz together.
You own a MAC and you search for something, your Safari browser downloads the file shown below. Do you install it ?
You own a Windows computer and you receive the email shown below.
Do you click on the link ?
You receive an email from Apple regarding a recent purchase. you click on the link. It asks for your username and password. Will you type your credentials ?
If you answered yes to all three questions, then you definetely need to buy an Antivirus (More or less they all will do a good job)
If you answered no then (like me) you don’t need an antivirus. It’s so obvious that they are all fake and want to infect you.
Check the link shown on Q3, it does not even point to Apple web site.
The examples are 100% authentic, I receive such emails every day.
They are good examples of what people should avoid.
Educate yourself and your people next to you.
That is the best antivirus (with no expire date).
Are ransomware, virus and worms used to hack ships specifically designed for that purpose?
(From a user on our Quora account)
Nowadays ships have local area networks (and servers) to share documents, emails and other special maritime software. There two ways for a virus to reach a ship. Via email, fortunately satellite providers that deliver emails do perform various scans, but there might be a loophole somewhere.
The crew however have also personal laptops that sometimes connect to the local network or share with each other files using a USB stick. A person like a surveyor visiting the ship might also carry malware on his USB stick.
It’s still difficult and expensive to remote to a ship and update antivirus or set policies. Sometimes Shipping companies buy a ship having already their computer infected. That ship can run on a tight schedule with minimum time on a port, making it impossible for an IT engineer to visit her and clean/check PCs.
Don’t forget that satellites have a specific bandwidth that can provide to a ship over a specific region (similar to the limitations of a mobile/cellular antenna) or a ship can be in a shipyard with interferences from metal structures blocking internet access.
Other times it’s difficult to communicate in English with crew as their language skills are to a basic standard.
We (as we do provide services and software to maritime companies) had to come up with different approaches to solving this problem. We install antivirus software that can be off line updated using a CD. We also prefer to setup Linux workstations that connect to a central location via RDP on a server, thus minimizing risks and making control and backup easier. Even removal of USB ports wherever possible or installing USB lock devices.
So far we had many cases of infections that could be handled one way or another.
Fortunately no specific targeted ransomware case.
Shipping companies’ offices however are specifically targeted via ransomware and fake payment emails via their suppliers. We had cases with clients being victims of cyber criminals pretending to be a vendor/suppler sending fake banking details and managing to get real money out of their accounting departments.
So far no targeted attack on a ship, but we believe it’s a matter of time.
Cyber criminals are one step ahead from us IT engineers. It’s a $billion business per year. So they will find a way to get through.
So training is the best remedy. Keep your crew educated with written instructions or video presentations on how to protect themselves.
Please see below an example of a fake email that asks you to download a file containing a malware.
We tried to download the file so to examine it. However our browser warned us that the site was not a legit one:
It was marked as not safe by Google services. This does not guarantee that the next similar email/link will be marked as not safe by Google !!! So as a general rule be cautious when downloading or opening files/links from emails.
Do not get tricked by this criminal.
This is not HSBC Bank !!!
It’s just a criminal who registered a fake email address and is trying to steal your password or infect your computer. Digital Crime is a 1 $Billion business per year. Criminals will keep trying to find a way to trick you.
How to protect yourself:
Never open bank (or similar) links from emails. Visit your bank web site instead by typing the address you already know. Double check the type of the attachments you open. Use different passwords for each web site you create an account. This is the registration of the domain name that looks related to HSBC: The domain name was created on the same date the email was sent:
We created an application called RansomSaver Guard. The application first creates 4 hidden files in each default folder, my pictures, my documents, my desktop and one more location that can be selected by the user.
Then it monitors these files at regular intervals for any attempt to change them.
If the computer gets infected with ransomware, as soon as it tries to encrypt one of the files that RansomSaver Guard has created the application will immediately shut down the computer,
preventing further spread of the ransomware infection, then makes it impossible to login or access the system until the damage is repaired.
Upon infection RansomSaver Guard sends out an email to the company’s technicians, informing them about the incident.: