Kaspersky anti-malware discount for staff and students

Plymouth University in partnership with Kaspersky software offer half price anti-malware software for your home use!

Please remember: no operating system or computer (be it a laptop, desktop, tablet or smart phone) is immune to malware. It is recommended that you protect your data by having anti-malware software installed, active and running.

To make use of this offer you must have a valid email account with the University to complete the registration process. The following URL will allow you to start the process: http://store.digitalriver.com/store/kasperuk/en_GB/DisplayActivatePurchasePlanPage/marketID.4150900.

What exactly is malware?

malware

What does Malware mean?

Malware, short for malicious software, is a piece of code considered to be annoying or harmful that tries to infect a computer, phone or tablet. Hackers use malware for a variety of illegal purposes, most of which involve stealing the passwords that can gain access to your money or intellectual property, extracting sensitive information, or preventing users from having access to their device.

What is Malware

In terms of variety, malware is actually an umbrella term used to consolidate a range of malicious software. Malware can be installed by opening infected documents (such as .pdf files or macros embedded within Word or Excel for example).
Below are a few examples of the most common types of malware, followed by some information on what exactly they are and how they affect your device.

Viruses

malware

Source: androidbeat.com

A computer virus is a piece of code that is installed onto your computer without your knowledge or permission. Some viruses are merely annoying, but most viruses tend to be destructive and are designed to infiltrate, infect and gain control over the system. A virus can spread across computers and connected networks by making copies of itself, replicating how a biological virus passes from person to person, infecting on the go.

Spyware

spyware

Source: ltrepair.net

Spyware is a type of malware that collects a variety of information about you and your computer system. This information could be your internet browsing history, computer usage habits, or even personal information such as credit card numbers and account details, including passwords. All the gathered information is then often passed through the internet to third parties without you knowing.

 

Ransomware

Source: cybersec.net

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by encrypting the users’ files; using a key that you don’t have until a ransom is paid. In recent years, ransomware has evolved and produced a new variant to its family, collectively known as crypto-ransomware. This new strain encrypts certain file types on infected systems and allows users’ to recover their files with a decryption key that requires the payment of the ransom through online payment methods.

A recent article on ‘ransomware as a service’ was published, as growth in this area is currently rocketing. Check out the blog post here.

How to protect your devices?

Most modern anti-malware products (free or paid for) will provide a sufficient level of protection against viruses and malware in general, but they need to be installed and running to be effective.

Spyware and Ransomware often are installed without your knowledge after clicking on links (either Phishing Emails or poisoned adverts on websites) – so if you remain savvy as to what a Phishing Email looks like and check the target address of links before clicking – you are already protecting yourself.

Further information on how to protect your data is available on the Information Security site (http://blogs.plymouth.ac.uk/infosec/home/infosec-week/day-5/how-to-protect-your-data/).

Information Security Week

Monday 31st October through to Friday 4th November is the first Information Security Awareness week at Plymouth University.

The Enterprise Security team have been busy preparing materials focussing on a series of topics that can affect everyone and their use of technology. It also provides guidance on how to protect both your personal and work based information.

The team will be available for questioning in the Roland Levinsky Building between 1pm and 2pm on Monday, Tuesday and Friday and will be located in the Library between 1pm and 2pm on Wednesday and Thursday.

The dedicated site is at the following location: Information Security

Hopefully you will find something useful in the content and if you have any questions, come along and ask them in person.

Priorities for Enterprise Architecture 2016

Following on from my post earlier this year the Plymouth University Enterprise Architecture roadmap has been updated and shown below.

Although some good progress has been made over the past twelve months in networking and collaborative working including email, the focus of our priorities this year must remain around getting our house in order and migrating our services to the “cloud”.

We must build on the good work already delivered and provide enhancements across the board.  Security must remain a priority, particularly web and mail filtering, monitoring and logging, identity, authentication and authorisation are all key to continued forward momentum.  The other area in need of attention is specific work surrounding data, including where it flows, how it is transformed and efficiencies therein; ideally precursory work to lay the foundations for an Enterprise Service Bus that will underpin business operations and meet aspirations and goals of many organisational units.  This will greatly simplify our drive to deliver all of our services from cloud infrastructure, whether that be Infrastructure, Platform or Software as a Service.

The full EA priorities roadmap document can be found here in our document library.

Enterprise Architecture Priorities 2016

Enterprise Architecture Priorities 2016

Ransomware as a Service

For decades, cyber criminals have been developing malware with the main purpose of extorting money out of people and organisations. The latest development within this fast-growing scene is the arrival of ransomware as a service, or abbreviated as RaaS.

ransomware-logo

Before we get into the subject topic, let’s take a step back and look at what ransomware actually is. In a nutshell, ransomware is a virus that infects a computer system upon its code being executed. The most common method is when the user clicks on what may seem like a legitimate link, but initiates the downloading a malicious file. Once the file is executed, the malware covertly installs and performs an encryption process on the user’s files. Upon completion the user is informed that the only way to retrieve their files is to pay (the ransom) for the decryption key. The target for ransomware can range from word documents and pictures files, to the MFT (Master File Table) or even the entire hard drive. The ransom payments typically start at around $300 and the threshold depends on the individual victim, sometimes with a limited time before the price is raised or before the chance to pay is withdrawn completely.

Ransomware has been around since the early 90s, but only in recent years has it started to comes to people’s attention. In late 2013, a variant of ransomware named CryptoLocker stormed the internet, procuring much more than $27 million from infected users (Bitdefender, 2014). CryptoLocker was one of the first major ransomware vendors to adopt the use of the Bitcoin digital currency platform to collect ransom money, which added to the difficulty in tracking the cyber criminals operating the malware.

One of the highest grossing and most sophisticated ransomware variants to date has brought in a staggering $325 million in profits for the groups deploying it, named CryptoWall (Vijayan, 2015).

 

As-a-Service

as-a-service

In recent months, a new variant of ransomware has been designed for the less technically able and instead, be extremely user-friendly to the point anyone with little knowledge could obtain and deploy it to make a profit. This is known as Ransomware-as-a-Service (RaaS).  RaaS works by creating and launching a campaign that advertises positions for the campaign, known as agents where you sign up, enter a handful of details and download a customer edition of the ransomware that is linked to the agent. Now all the agent has to do is start infecting other computer systems and for the end users affected to pay the ransom to retrieve their information.

By making software that is free and easy for others to deploy, the creator of an RaaS platform can hope to land a cut of ransoms from a large number of infections spread by many agents. Those agents, with little investment of skill, time, or money, stand only to gain from their big percentage of ransoms paid.

One of the more recent RaaS variants, named Shark was seen in early August and targets an even less tech-savvy base of distributors as this strain brings FUD (Fully-Undetectable) polymorphic encryption to the malicious file, giving it a much higher execution rate compared to other variants that require the distributor to deal with the file encryption themselves. Typically, RaaS operates using the anonymous network Tor to host their files mostly because they are perceived to offer anonymity. These online networks are more private and secure, but are not readily available to the more casual internet users as they require a custom internet package and a small amount of know-how to access it. However, Shark adopted a different approach. Shark was instead hosted on a public WordPress site that was accessible to the internet at large, massively extending its audience and resulted in a much higher activity of agents for the service. Having both these additions, Shark have set a dangerous milestone for RaaS that others will be sure to follow.

All in all, it’s a win-win for both the skilled hackers and their script kiddie agents.

 

How to protect yourself

computer-security

After having discussed what ransomware is and what disastrous effects it can deliver, let’s finish off with a discussion on how to best protect yourself from such a threat. Let’s start with the actual computer system. Having some form of anti-virus security software installed is a must; this will safeguard your computer against malicious files being executed on the system. However, this is only effective if the virus signature database for the security software is kept up-to-date regularly, being is at least daily. In excess of a million of new malware variants are being developed and deployed on the internet every day (Trendmicro, 2016), having a set of old virus signatures is almost as bad has having no protection at all.

This concept also applies to all the software on your system, including the operating system, the browser and all of the plug-ins that modern browsers typically use. One of the most common infection vectors is a malicious exploit that leverage a software vulnerability. Keeping software up to date helps minimise the likelihood that your system has an exposed vulnerability on it.

A new and fast growing development to prevent the ransomware threat is a software utility known as anti-ransomware. Anti-Ransomware monitors all activity in the computer and identifies actions which are typical of ransomware activity and blocks the infection and quarantines the ransomware before it has a chance to encrypt users’ files. Malwarebytes have released an anti-ransomware software package, a completely proactive and signature-less technology that is able to detect and block even the most dangerous variants of ransomware like CryptoLocker, CryptoWall4 and CTB-Locker.

Another popular route used to deliver malicious material is via email platforms. Having a spam filter system in place with its blacklist database constantly up-to-date will eliminate a vast majority of harmful emails that would flood your inbox and greatly help towards the prevention of infection.

The next technique doesn’t so much aid towards the prevention of an infection, but is more aimed at the protection and recovery of your files in the case of infection and your files become encrypted. A bulletproof method to protect against losing your files is to perform regular back-ups on an isolated device. Doing regular back-ups on an external device such as an USB external hard drive can be both effortless and effective in the protection and recovery of your files. This is especially aimed towards sensitive files and files of high importance. If your files are backed up straight away, or even on daily basis onto an external device, unplugging that device from the computer stores the files in isolation and protects them (until plugged back in) against encryption from ransomware malware.

All the above with aid you greatly in the protection against becoming infected with the ransomware virus. However, the number one factor in the prevention and protection on this matter is general self-awareness when using the computer. This is the first and foremost important layer of security anyone can have. By this I mean avoid clicking on pop-up advertisements, don’t visit areas of the internet you know you shouldn’t, use legitimated sources and mostly, stay away from any illegal activates. Follow your gut instinct; if something doesn’t look right, seems too good to be true or doesn’t feel right, stay away. Simple.

In the uneventful case you do become infected by ransomware, head over to Kaspersky Labs as it’s a great place to start because they offer a variety of decryptor tools. However, this only applies to the lower-end ransomware which is an unlikely case. The more sophisticated variants are not reversible. If decryption using a free tool is not possible and there is no other option in the retrieval of your files, the choice to pay the ransom is yours to make.

 

References

  • (2014). On Cryptolocker and the Commercial Malware Delivery Platform behind It.Available: https://labs.bitdefender.com/2014/07/on-cryptolocker-and-the-commercial-malware-delivery-platform-behind-it/. Last accessed 05th September 2016.
  • (2016). Malware: 1 million new threats emerging daily.Available: http://blog.trendmicro.com/malware-1-million-new-threats-emerging-daily/. Last accessed 05th September 2016.
  • Vijayan, J. (2015). With $325 Million In Extorted Payments CryptoWall 3 Highlights Ransomware Threat.Available: http://www.darkreading.com/endpoint/with-$325-million-in-extorted-payments-cryptowall-3-highlights-ransomware-threat/d/d-id/1322899. Last accessed 05th September 2016.

Outcome Based Procurement

Across all industries, organisations are under an increasing amount of pressure to achieve and deliver more value within a constrained budget. This has resulted in organisations turning towards an Outcome Based Procurement model for a solution.

What is Outcome Based Procurement

Outcome Based Procurement is significantly different from other more traditional procurement models. The contracts derived from this model focus more on the ‘What’ than on the traditional ‘How’, this means that organisations can focus on defining to a service provider what they want instead of trying to provide that themselves and thinking of the how to provide it.

This procurement model works by the organisation providing outcomes that they want met. This removes the need for the organisation itself to come up with a solution, instead the organisation transfers this responsibility to a service provider.

The service provider is then free to develop a solution as they see fit, evolving the solution to any technologies that might suffice Since service providers are equipped to host services it means that an organisation doesn’t have to send huge amounts of money implementing and maintaining a service.

Ever since the early 1960s interest for Outcome Based Procurement has increased to a point where organisations like Rolls Royce have adopted this model into their own support and maintenance contracting model. This was used for the maintenance for their commercial jet engines. Rolls Royce was then able to charge customers per flying hour instead of charging customers for repairs/maintenance and parts required to keep the planes flying.

How does it affect an organisation?

This growing approach to procurement can add some serious benefits to an organisation that decides to migrate to it. The first benefit of Outcome Based Procurement is the potential to save considerable amounts of money because of the way the model works, this means that the development of the solution is shifted to the service provider.

Since the service provider wants to save money whilst earning money too, they will want to come up with the most cost effective solution they can so they can earn the most amount of money possible from the contract. This means that the provided service is the most cost effective solution which meets the set objectives without going over or under the needs of the organisation which could happen with a more traditional approach.

Furthermore, this model allows for benefits that help both the organisation and the service provider. One of the key benefits of Outcome Based Procurement is the fact it supports innovation for service providers which is finally provided to organisations. This allows for faster development of better solutions. This links in with the other benefit that service providers can be extremely flexible with how they deliver a solution, adapting to new technologies without being limited by organisational specifications. Overall this provides an organisation with a better solution to their ‘Wants’ without having to worry about the ‘Hows’.

Challenges facing Outcome Based Procurement

There are however some challenges that face Outcome Based Procurement.

A different mindset is required of those defining the outcomes so that they can be interpreted correctly by the service provider.

This mind set means that instead of going into great detail e.g. “A Customer says that they want a desk built out of a certain material using certain joints and have enough room for a computer” the outcomes would be e.g. “A Customer says that they want a desk strong enough and with enough room for a computer”. This way it’s still meeting the goal of the customer but allows the service provider to be flexible with how they provide that solution (“The Desk”).

Another challenge that faces Outcome Based Procurement is that organisations must choose appropriate service providers for specific services. Many service providers resist having to take on a big risk service if they are not equipped to handle it. This could also link to the previous challenge where the wording of your outcomes is crucially important for when the service provider goes to see if they can meet them or not. Being able to maintain that mindset is critically important to this model.

Pricing can be challenging when it comes to this model because it doesn’t work off of lump sums or fixed fees like normal models. Instead the final fee is based off the achievements that are met by the service that is provided. Even though this drives innovation because the service provider will be driven to provide the best service to earn the most amount of money, it could also cause issues if the service provider doesn’t provide the required achievements.

The biggest challenge when using Outcome Based Procurement is mainly with how employees deal with procurement within their organisation. The key point is that employees who previously ran the services have to relinquish control of services to service providers. This step is critically important as service providers cannot develop the best cost effective solution if the services are still in control by someone within the organisation already. With further training and insight into how the model works, this can be overcome.

 

Summary of Outcome Based Procurement

Organisations are under a lot of pressure to reduce the costs annually and to increase the value of their own services, whilst still producing results and maintaining a competitive attitude using innovation. This has caused a wave of organisations to adopt Outcome Based Procurement to help mitigate the issue of over expenditure and allow them to lower costs whilst keeping services and boosting their value. As more organisations become familiar with the model, the advantages of the model will grow as they get more publicised. This means that this Procurement model is set to grow and expand into many organisations and it’s important that all parties understand the challenges that face it but more so the advantages.