Archive for the ‘Uncategorized’ Category

The Anatomy of Cryptolocker Ransomware

Friday, September 15th, 2017

The concept of holding your data for ransom is new but it’s been fledgling nevertheless. Millions of dollars have been raked in by attackers across the world. Traditional methods, which typically include breaching the security layer, penetrating the system, taking over it, and selling the data, is done away. Instead the data is encrypted using public key infrastructure. The files from mapped, removable and locally installed drives are listed and certain files are encrypted-typically documents like Office, PDF, CSV, etc. The private key to the encrypted files is held by the attacker and victim is coerced into paying a ransom in exchange for it. A ransom note is presented to the victim, when he/she tries to access any of the files.

Attacks are usually three-pronged. The first part is where the compromised site or a file has an exploit kit-either Angler or Nuclear-which redirects victims to download a malware from a shady site. Post which, the malware executes and encrypts the files. Simultaneously, ransom notes are written in each folder. Often, a randomly generated registry key is created to keep track of the encrypted files.

A user is left with four options:

  1. Pay the ransom
  2. Restore from backup
  3. Lose the files
  4. Brute force the key

Should the victim agree to pay, attacker usually demands the payment averaging between $500-700 USD using Bitcoin. The value of the ransom varies with the number of encrypted files. And if the victim fails to pay within the asked time, ransom is doubled or tripled.

How it happens

Email is still the vector for several attacks. Because it is the ease with which the attacks succeed makes email a viable vector. The common malicious documents are office documents and drive-by downloads. They are sent to the victims claiming to be an invoice or a fax. When opened, it is protected. And the user must open another document for instructions to enable it. Once the user follows the steps, the macro is executed, payload is delivered, and the infection will commence. Typically, the actual filename-.docm-is masked with the.doc extension. Domain shadowing is another way to infect the users. The actual malware is delivered from a randomly generated subdomain of a legitimate domain. It involves compromising the DNS account for a domain and registering various subdomains, then using those for attack.

This financial success has likely led to a proliferation of ransomware variants. In 2013, more destructive and lucrative ransomware variants were introduced, including Xorist, CryptorBit, and CryptoLocker. In early 2016, a destructive ransomware variant, Locky, was observed infecting computers belonging to healthcare facilities and hospitals in the United States, New Zealand, and Germany. Samas, another variant of destructive ransomware, was used to compromise the networks of healthcare facilities in 2016. Unlike Locky, Samas propagates through vulnerable Web servers.

True cost of the attack

Attackers never reveal the ransom that is being collected. So, investigations usually hit a dead-end leaving the investigating agencies rely on speculation. According to FBI, about $18 million of losses have been reported by the victims between April 2014 and June 2015. The actual ransom paid may be a negligible, but the associated cost-both monetary and reputational-could be colossal. Downtime costs, financial cost, data loss, and loss of life (compromised patient records) are the true impact an organization takes following an attack. While the initial impact may be considerable, the long-term effects of an attack may be far costlier.

Who’s doing it

Gameover Zeus botnet, peer-to-peer botnet based on the components of Zeus trojan, was responsible for most of the attacks. Russian cybercriminal Evgeniy Mikhailovich Bogachev, having online aliases: <<Slavik>>, <<lucky12345>>, <<Pollingsoon>>, <<Monstr>>, <<IOO>>, and <<Nu11>>, was reportedly associated with Gameover Zeus. On February 24, 2015, the FBI announced a reward of $3 million in exchange for information regarding the alleged mastermind.

What’s the solution

Adopting a multi-layered approach to security minimizes the chance of infection. Symantec has a strategy that protects against ransomware in three stages:

Prevent – Preventing the attacks is by far the best measure. Email and exploit kit are the most common infection vectors for ransomware. Adopting a robust defence will curtail any unwarranted events. Backing your data regularly is more important than one would like to think. Use of email-filtering services, intrusion prevention, browser protection, and exploit protection are some of the preventive actions to be taken.

Contain – In the event of an infection, the imminent action to perform is to contain the spread of infection. Advanced anti-virus software, machine learning, and emulator contain the virus from affecting your entire system.

Respond – Organizations can take steps to tactically handle the predicament. Determining primary attack to understand the intention of the attacker is essential. Focusing on ransomware alone won’t get you the complete scenario. In many cases malware writer leaves the loopholes unattended, an expert malware analyst can reverse engineer the ransomware and find a way to recover the data.

3D Printing: The Near Future & Market Opportunities Explored

Friday, September 15th, 2017

The 3D printing process was invented by Chuck Hill in 1983, named, as ‘stereolithography’ as a technique for constructing solid entities by sequentially printing thin films of ultraviolet material over one another. This technique laid the foundation of present scenario of 3D printing. The modern definition of 3D printing can be defined as an additive engineering process to generate a physical entity from a digital source or design. Today, there are various 3D technologies and material available in the market, but all follow the same standardised procedure: a solid material from a digital design by adding consecutive layers. A typical 3D printing initiated with a forming of digitalized design file of a physical entity. The next step varies with technology and material used, commencing from system printers to melt the material and place it down onto printing platform. The time is highly dependent on the printing size, and often post-processing events. The common printing techniques include fused deposition modelling, stereolithography, digital light processing, selective laser sintering, polyjet and multijet modelling, binder jetting, and metal printing (selective laser melting and electron beam melting). The materials for printing varies by printing options, ranging from rubber, plastics (polyamide, ABS, PLA, and LayWood), ceramics, biomaterials, sandstone, metals and alloys (titanium, aluminium, steel, cobalt-chrome and nickel).

The 3D printer is advantageous as they offer construction of complex designs which cannot be produced by traditional methods, customization of products with no supplementary detailing or tooling, and no additional pricing, and creating a hope for entrepreneurs or designers in cost effective production for market testing or other needs. In addition, the traditional methods for manufacturing an entity generate a huge amount of waste of raw materials, for instance, bracket manufacturing lavish nearly 90% of the raw material. On the other hand, 3D printing manufacturing process involve minimal wastage of material and can be recycled in the next cycle.

However, the concept of 3D modelling often associated with drawbacks such as high cost of large production, restricted strength and durability, and lower quality resolution. Moreover, there are more than 500 3D printing materials available in the market, most are made from plastics and metals. However, owing to rapid technological advancement, the number of materials is increasing briskly comprising wood, composites, meat, chocolates, and so on.

As exemplified by public sources, by 2027, one tenth of world’s production will be 3D printed. Consequently, the cost of printers will drop from $18,000 USD to $400 USD in upcoming 10 years. Therefore, various companies have started their 3D printed production such as dominating shoe companies as well as in aircraft constructions. Evolving technology will create a scenario where smartphones were fortified with scanner allowing to build anything at home, for instance, China has created a complete 6-story building by using 3D printing technology.

The 3D printing has diverse applications in the fields of medical, manufacturing, sociocultural, and industrial. Based on manufacturing applications, the field is divided into agile tooling, food, research, prototyping, cloud-based additives, and mass customization. Based on medical application, the field is distributed into bio-printing devices and medicines. For instance, in August 2015, 3D printed surgical bolt device, named, ‘FastForward Bone Tether Plate’ was approved by Food and Drug Administration (FDA) for the treatment of bunion. In addition, in May 2017, the researcher of Max Plank Institute for Intelligent Systems, Germany developed a micro-machine, named, microswimmers, by using 3D printer technology of Nanoscribe GmBH, for precisely delivering drugs to the site of infection and can be controlled inside the body. Various industries have adopted 3D printing technology for manufacturing their products. For instance, Airbus SAS, France declared that its product, Airbus A350 XWB contains more than 100 3D printed components. The astronautical industries have developed a 3D printer through the collaboration of NASA Marshall Space Flight Center (MSFC) and Made In Space, Inc. for printing in zero gravity.

It’s Market
The Global 3D Printing Market is projected to reach by 2022 is USD X.X, from X.X in 2015 at a CAGR of X.X% from 2016 to 2022 as per the latest updated report available at The market is segmented on basis of printer type, material type, material form, software, service, technology, process, vertical, application, and geography.

Based on printer type, the market is segmented on the basis of desktop 3D printers and industrial printers. Based on the material type, the market is segmented as plastics, metals, ceramics, and other (wax, laywood, paper, biomaterials). Based on material form, the market is segmented on the basis of filament, powder, and liquid. Based on software the market is segmented on the basis of design software, inspection software, printer software, and scanning software. Based on technology the market is segmented on the basis of stereolithography, fused deposition modelling, selective laser sintering, direct metal laser sintering, polyjet printing, inkjet printing, electron beam melting, laser metal deposition, digital light processing, and laminated object manufacturing. Based on the process the market is segmented on the basis of binder jetting, direct energy deposition, material extrusion, material jetting, powder bed fusion, vat photopolymerization, and sheet lamination. Based on vertical the market is segmented on the basis of automotive, healthcare, architecture & construction, consumer products, education, industrial, energy, printed electronics, jewellery, food & culinary, aerospace & defence, and others. Based on the application the market is segmented on the basis of prototyping, tooling, and functional parts.
By geography, the market is segmented on the basis of North America, Latin America, Europe, Asia-Pacific, and Middle-East and Africa

The factors such as high investments in Research and development (R&D), low wastage of raw material, and ease of constructing tailored products propel the growth of the market. However, the factor such as restricted availability of printer, high pricing of materials, and the dearth of skilled professionals impede the market growth.