WannaCry Ransomware Attack crippled a lot of data. Guess who’s not crying? VPN users

Photo Credit: www.behance.net

Last Friday, WannaCry “ransomware” cyber attack struck globally in what has become one of the fastest –spreading extortion campaigns on record. The virus infected more than 300,000 machines in 150 countries since Friday and the victim numbers continue to grow. In this very moment, someone could be clicking a link or activating macros in a malicious document. A few seconds later, the entire hard disk content, personal files and sensitive information, everything including cloud storage accounts synced with PCs could be locked for good. Or for a good tidy ransom. A pop up in bad graphic could then appear on screen asking for “cold hard cash” in return for a decryption key.

Photo Credit: egbudiwe.tumblr.com

If this is what you’re experiencing, well then tough luck. You’re device has been infected with WannaCry. Guess who’s not crying? All those people who are using a VPN. That thing you could never quite grasp the importance of. But wait! How is this even possible, how frequent these things can happen and could they happen to me? you ask.

Ok, let’s give some context and background to the story for clarity.

The first ransomware attack struck in 1989, almost 3 decades ago. It’s hard to fathom now, but the virus spread via floppy disks and involved sending $189 to a post office box in Panama. AIDS Trojan was the WannaCry ransomware from back in the day.

But ransomware attacks are believed to have broader implications in much more than just making money, as they have been used as tool in cyber battles of political substratum, the attacks on Sony Pictures Entertainment — in retaliation for the comedy film “The Interview” is a telling example. The hacker attack was aimed at Sony Pictures for the satirical comedy directed by Seth Rogen, that involved a plot to assassinate North Korean leader Kim Jong-un. Who knew a Seth Rogen film could get this “inflammable”, right?

Photo Credit: thehackernews.com

Well if we think that the attack is believed to being launched by Lazarus Group, allegedly a North Korean run hacking operation is starting to make sense.

Technical clues found in the code of WannaCry ransomware by researchers could link to the same North Korean group. However, no conclusive proof have been found for a clear conclusion in any of the aforementioned attacks.

Photo Credit: lobalriskinsights.com

If in the case of Sony Pictures cyber attack, the goal was to prevent the release of The Interview, a film that mocked a North Korean leader, in contrast WannaCry was wildly random infecting everything it could.

WannaCry didn’t seem to have a pecuniary goal, with more than 200,000 machines infected and around $70,000 paid in ransoms, it’s a terrible return.

Analysts are now turning to another hypothesis, maybe the ransom was a distraction for a political goal that has yet to clearly surface.

And here’s were things get really confusing and could take a really steep turn for the left so brace yourself for what I will reveal in the following of what the political implication could be

Photo Credit: www.ft.com

Brad Smith, President of Microsoft Corp, confirmed in a blog post on Sunday that WannaCry attack made use of a hacking tool developed by the NSA (US National Security Agency) that had leaked online in April. This pours fuel on the long running debate over espionage and cyber warfare conduct and software flaws best kept secrets.

Elevating the subject far beyond the immediate need to improve a computer defenses, the WannaCry attack has turned into a political debate in Europe and the United States with discussion of the role national governments play.

Since China was among the worst hit, it seemed unlikely to some that Lazarus was behind all this, as antagonizing North Korea strongest ally would not hold as a good strategy. Having been speculated as having an implication, Russia denied all accusations, but Putin did not waste the chance to draw attention on the NSA in the light of Smith’s revealing on the topic.

If this story is not in the realm of a true Matrix scenario unfolding, then I don’t know what is. But just as Neo is looking for a way to Zion, you too could be wondering for the same path.

Photo Credit: www.redbubble.com

These days data that is a day old can usually be recovered, but potentially losing real time data for even 24 hours can produce massive damage for a company, for example, just like a lack of oxygen to the brain.

Unless you have a back up, which companies usually have, but most people don’t, you can be faced with a cyber attack that could damage tones of done work, memories stored on picture or film or well put together playlists that took years to build.

Here are the most common infection methods used by cybercriminals.

· Spam email campaigns that contain malicious links or attachments

· Security exploits in vulnerable software;

· Internet traffic redirects to malicious websites;

· Legitimate websites that have malicious code injected in their web pages;

· Drive-by downloads;

· SMS messages (when targeting mobile devices);

· Botnets;

· Self-propagation (spreading from one infected computer to another)

SOLUTION:

Photo Credit: imgur.com

In all cases prevention is the best thing you can do. Considering how intricate these attacks are in the large scheme of things is better to take the matter into your own hands and not wait for government to regulate. Besides, do you really trust the government with your personal data? Just a question.

Remember we talked about VPNs at the beginning. Did you know that having a VPN in place can protect your computer from remote attackers? All attacks will stop into the VPN vendor.

Having a robust VPN to encrypt your personal data is nowadays, the only way to Zion.

Across the world, businesses use VPNs to connect to remote data centers, or for employees to connect remotely to the physical network of their workplace, while individuals can use VPNs to get access to network resources when they’re not physically on the same LAN (local area network), or as a method for securing and encrypting their information from the potential liabilities that lie ahead once exposed to unsecured networks such as public WiFis or hotspots.

Photo Credit: fliwave.com

REASONS YOU SHOULD START USING A VPN APP. NOW:

· PROTECTS YOUR DATA FROM REMOTE ATTACKERS

your internal data, sites, git repositories, banking credentials and all information will be coated in multiple layers of encryption;

· REMOTE ACCESS

as IT is being challenged to enable safe access to employees remotely by providing mobile VPN, secure email, encrypted containers and virtual desktop infrastructure (VDI), living outside the data security paradigm is simply not smart anymore, whether we’re talking about corporate or personal data;

· IP CAMOUFLAGE

A simple VPN download gets you a new location identity so that you can use geographically dispersed resources;

· BYPASSING FILTERS AND GEORESTRICTIONS

Bypassing Internet censorship in countries where censorship is applied;

· SHARING FILES

You can share files and sensitive information inside a secured group away from prying eyes;

MyIP.io is a self-managed VPN network platform, delivering fast, secure and reliable VPN service , designed with the professional focus in mind. Our platform caters to a wide demographic through three channeled directions:Personal,Dedicated and Business, so it makes for a wonderful choice for corporate or personal use at the same time.

Engineered as a global platform,MyIP.io is a VPN service provider committed to developing applications and services that preserve an open and secure Internet experience while respecting user privacy.

MyIP.io is the result of the craftsmanship of our engineers, with many years of experience supporting large-scale, custom deployments for businesses , telecommunications companies, multi-service operators and enterprises.” Dave Wilson, CEO My IP.io

Congress sold you out, what now?  Simple guide to online data privacy

statue of Cain by Henry Vidal, fragment, Tuileries Garden, Paris, France.

Privacy is a fundamental human right, declared so by the United Nations but don’t rest assured Congress is about to shake that up.

An inglorious attempt to block online privacy regulations to go into effect was made last week by the US Senate and this week’s House decision. Rules proposed by the Federal Communications Commission or FCC to ask for permission before selling your browsing data, even though passed in October of last year, under the Obama administration, had not yet gone into effect.

Data collection and data selling is nothing new under the sun for your ISP, so continuing business as usual, selling your data to the highest bidder without bothering to ask you first, is a real privilege. One very particular privilege that sounds more like stepping on one of our most fundamental rights: the right to privacy.

#WHATSTHEDRAMA

Photo Credits: simplyclassywatches.tumblr.com

If you’re anything like me, the whole ordeal sounds a bit exhausting and futile since you don’t have “state secrets to hide”. But having nothing to hide doesn’t make a good case for allowing the abuse here, does it? nor does it set the premise to influence change for the better in a digital world becoming less and less private.

Your exact physical location from minute to minute, the constant monitoring, all the websites you visit, your banking details or social security number, clicks, searches, app downloads and video streams, shopping hobbits, porn preferences and even the content of chats and emails fall under the above litigious case. Sure, you’re going to appear as an ID, a long sequence of numbers, but isn’t that just the coldest of comforts? More, isn’t the social profiling that’s the most dangerous, not to mention annoying? And to add to the conundrum, how is it not having to give consent over sharing this information ever going to lead to a greater good? Can we still talk about thinks like the right to privacy then, when our boundaries have shifted so much we can no longer see where we took the left turn?

Rollback of FCC regulations could mean creating a loophole, to put more “in the gray” a matter that’s already debatable, so the next logical thing is to expect those who will take advantage of these loopholes. Even if we step aside from the bias of politics, regardless if this is a matter of democratic or republican enforcement, where do we, as individuals, draw the line?

The upcoming rule of FCC was going to make it slightly more difficult for your ISP to collect and sell your data to third parties like advertisers, by requiring a customer opt-in. This new privacy rule was set to take effect in December of this year, had it not been for the recent House and Senate vote to remove it.

Already passing the Senate, the companion legislation raises legitimate privacy concerns and President Donald Trump is expected to sign the bill.

But how was this even possible and who’s benefitting off of it, you wonder? Passed in 1996 to allow Congress to overrule regulations created by government agencies, The Congressional Review Act (CRA) had been used prior to 2017. Once. With the new administration however, that took over in January, CRA has proven to be very lucrative, being successfully used 3 times to overturn things like environmental regulations and this time online privacy regulations.
Benefitting at the end of the scheme the rollback creates, stand four big companies as speculated: AT&T, Sprint, Verizon and Comcast, all proven to have previously used “in the grey” practices of online personal data collection.

THE DIFFERENCE BETWEEN OPT IN AND OPT OUT

Photo Credits: leckte.tumblr.com

there will be voices that will say, there’s no big difference between the opt in policy proposed by democrats versus the opt out advocated by republicans. Don’t believe them, there’s immense difference between the two.

Requesting people to opt in for the collecting and selling of their data to advertisers is reasonably expected to bring infinitely less people volunteering for such a cause, than collecting of data by default. Having to go through exhausting opt out processes will surely make a lot of people put up with the abuse, simply because let’s face it, we have better things to do with our time than constantly monitor our ISPs privacy policies. I would rather get myself a VPN then set a google alert for my ISP’s name and privacy.

WHAT CAN YOU DO ABOUT IT?

Photo Credits: mashable.com

No longer an exotic tool, VPNs are now entering the mainstream and given the context it’s easy to understand why.

Simply put, when you’re using a VPN, all your data travels through a tunnel encrypted from end to end. In other words, your ISP will not be able to make sense of your data, since you’ll have all your online data happen elsewhere, not going through your ISP servers and encrypted all the while.

But it’s not just your ISP that keeps track of your browsing data, it’s your cell phone provider too, most apps, operating systems, and other services do the same.

Smartphones with preinstalled tracking software, secretly bundled with tracking files are sold everyday, while some companies try to leverage the very problem they created by charging extra for privacy.

Having a VPN in place is the smart approach to getting around all this. Think at a VPN as the middleman between you and the internet, where your ISP can only see a bunch of encrypted traffic. And since your VPN knows as much as your ISP would, it’s very important to choose a reliable one with a zero log policy and a strong encryption.

REASONS YOU SHOULD NOT GET A FREE VPN

The phrase “There is no such thing as a free lunch” made popular by Milton Friedman back ’75, remains of great economic relevance today in describing things like “opportunity costs”. However enticing, free VPNs seldom defeat the purpose of what a Virtual private network should be.

· IT AIN’T A FREE LUNCH

VPN service implies having servers in various countries. The maintenance or renting costs can amount a few figures, depending on volume.

· SELLING USERS BANDWIDTH

“When the product is free. You are the product”-

Photo Credits: violettinder.com

using their users as servers by converting them into a botnet, some VPN providers have been revealed, while others admit in their lawyer-eese terms of service, they can sell your bandwidth to other companies.

In other words, by searching a bargain you can be faced with two main issues:

1. Slower computer and internet connection: as you’re sharing your bandwidth and processor with others;

2. Higher Security Risks: assuming responsibility for what other users do online, that can be tracked down back to your IP.

A good VPN will have its own servers and encryption protocols designed for it, reducing possible security failures to a minimum. Free VPN services are often an open door to malware and can be easily used by scammers.

In the FREE vs. PAID matter, its is important to understand that most legit businesses will offer 7 days of free trial, but a free connection on a indefinite period of time is sure to get its profit elsewhere; in ways that can harm your security and defeat the whole purpose of having a VPN in the first place.

We suggest you do yourself a favor and invest a good 5 bucks for a reliable VPN like the dedicated VPN you can get from My IP.io or from another reliable provider.

As a general rule, mundane but incredibly important, reading the company’s Terms of Service and the Privacy Policy, before buying a vpn service is a thing you should really consider. Ideally, these documents are in plain English and not lawyer-eese

OTHER THINGS TO CONSIDER

  • HTTPS : -makes it harder for your ISP to see what you’re doing on any web site, as they can only see that you’re on YouTube, for example, but not what video you’re viewing.
  • Disabling cookies or installing an ad blocker: — prevents tracking by conventional ad networks;
  • Opting out your ISP
    use a different ISP. Not all ISPs want to sell their user’s data. In fact, a list of some of the smaller players — including Sonic, Cruzio Internet and Etheric Networks — wrote a letter opposing the repeal of the FCC’s privacy rules. The only problem is that they’re not as wide-spread as the big players and you might not have the luxury to chose a smaller company.

Having a robust VPN to encrypt your personal data is nowadays, the only way to Zion.

And as we’re not looking to exhaust the “hide everything I do” reasoning; we mainly believe that a VPN is not paramount to activity that borders on illegal, but the very symbol of our right to the privacy acumen.