Zimpapers Logo

Robert Ndlovu
LAST week I received so many warning messages from friends and relatives advising me not to click on any link that I receive mainly via my Facebook or Twitter account. I naturally ignored these messages but was polite enough to respond with a “Thank you” message. I have used Linux operating systems for the last two decades and so this kind of drama is coded for Windows users.

A Bangladesh central bank’s account at the Federal Reserve Bank of New York was compromised by a hacker who had an IP address from an Asian country, according to Kaspersky Lab. The hackers stole $81 million. But it will get trickier.  Mobile ransomware typically targets the Android platform, as it allows applications to be installed from third-party sources. The payload is typically distributed as an APK file installed by an unsuspecting user. That is why the Google Play Store insists that people install from trusted sources only. I will not dwell on this considering we have about four million Android users and lovers.

I then decided to share what I knew about WannaCry Ransomware that was creating some cyber anxieties. It is very easy to get any code online whether good or bad as long as you know where to look. In this article I try to share with readers what Ransomware is and is not. Also, how to keep yourself from it.

Recently two of Zimbabwe’s institutions of higher learning, namely HIT and Nust were hit by hackers. I wonder what they teach there. What is Ransomware? If you know what a ransom is then you halfway there. Ransom is the practice of holding a prisoner or item to extort money or property to secure their release, or it may refer to the sum of money involved. So in the IT or software sense it is a type of malicious software designed to block access to a computer system until a sum of money is paid. Ransomware attacks are typically delivered to the target host via a Trojan to deliver some “bad package” disguised as a legitimate file. A Trojan is any malicious computer programme, which is used to hack into a computer by misleading users of its true intent. This is how Ransomware is delivered. The tricks are many but the intention is to have the end user click on a link or picture then boom you have been infected.

Once infected your files are now locked. To unlock them some payment “ransom” is demanded. The amount ranges from $500 to anything depending on the reason why you have been targeted. It could be pretty random or targeted.

However, most payments are demanded in Bitcoins. A bitcoin is a crypto currency that has no central control. That explains why hackers love it. In the days gone by this mainly targeted individuals but of late trends indicate that corporations, Government enterprises, banks, embassies, hotels, insurance companies, procurements boards, telco companies and everything in between are now in the list. So, for an average computer user losing data on a PC might not be a big deal. But this could be a big deal for big organisations. If the locked up data was not backed up this could be disastrous. I am thinking aloud here. If for some crazy reason some cyber lunatic hacks into the voter registration database towards elections and that database was not backed up, hell would break loose. Well security is a proactive issue. Until it happens very few people appreciate the need for cyber vigilance.

Now the natural first line of defense would be use of an anti virus. But wait the bad guys naturally move faster than the good ones in terms of code development. Here I am referring to the coders of bad code and defensive code respectively. These are computer programmers with basically the same set of skills but with different agendas. Now another scenario can be delivering ransomware in a hidden form. This is an old trick that people use every day to conceal controlled or illegal stuff past check points.

I do not have to narrate how people smuggle booze into stadiums. A virus using encryption to hide itself from virus scanners. The hackers deliver an encrypted virus in a programme code. This approach makes it difficult to detect. In plain terms some malicious code passes through a checkpoint in a disguised form. In this case the anti-virus is the checkpoint. But as soon as the code hits the ground a decryption algorithm is initiated and then the payload is delivered to infect your Windows machine or Android phone.

To be continued in next article.
@robertndlovu
App: +263776002605