August 23, 2022 • 39 mins
In this episode Global Bob (Brian Varner) talks about ransomeware, how you can determine if you are ransomware ready and steps you can take to help reduce your chances of ransomeware.
Transcripts are Automatically Generated.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Unknown (00:00):
Globalbob Show episode number 22 Less rock. Man listen
to that rock and roll musicfeels so good to be back here in
beautiful central Florida frommy trip to Las Vegas. One thing
(00:22):
that is different than here inVegas, there's actually a lot of
things that are differentbetween here in Vegas, but one
is the humidity. And you know,we're always at 80 plus percent
on the humidity unlike in Vegas.
And those of you that know thathave traveled out west and come
back to Florida. That's one ofthe first things that slaps you
(00:45):
in the face as you're comingdown that jetway is that that
humidity. Like to thankeverybody that continues to tune
in to the show each and everyweek. The listenership continues
to go up. And that is a goodthing. But I am back. I am back
in the Richard Cook broadcastfacility and bringing you this
(01:09):
wonderful show this week. Liketo thank everybody that tunes in
and those that get other peopleto subscribe. You can always
find the Globalbob show, ofcourse on the website, www dot
Globalbob show.com. You can findus out on Facebook Globalbob
(01:33):
Show and on Twitter at Globalbobshow. And if you want to email
me What do you think that emailaddress is? That's right.
Globalbob show@gmail.com So theold field commander here we made
our way back from Las Vegas, insomething that was interesting
(01:59):
to me was is that the weatherwas really nice, no weather to
speak of like clouds in theskies and stuff. Whenever I got
to the wonderful McCarranAirport, McCarran Airport, and I
boarded my flight, going to takea little short flight down to
(02:20):
Phoenix and then catch theflight from Phoenix to Orlando.
And whenever I got on theflight, the beautiful stewardess
was asking everybody if theywanted a drink before the flight
took off, and, of course,Commander, Bob's not going to
(02:41):
pass up a free drink. And whenwe were getting ready to push
back the taxi, the pilot came onand said that he has asked the
stewardess to stay in theirseats, asked everybody on the
plane to stay in their seats,because it was going to be very
bumpy and choppy going down toPhoenix. Which I thought was
(03:05):
interesting, right? Because herein Florida, when the captain
says it's going to be a roughwalk ride, you can look outside
and see the thunderclouds. Andno, it's going to be a rough
ride here in Florida. But therethere was no clouds. But I can
tell you right now, oh fieldcommander Bob here, he was
bouncing around like a BB in aboxcar. I mean, that was it's
(03:26):
got to be the roughest flight. Ihad been on in quite some time.
So all I could think of is thatmaybe the weather that we had
out there was kind of movingthrough maybe some thermals off
the desert. But yeah, that wassomething that was kind of
interesting, you know, being apilot myself, you know, usually
you can look outside and seewhat the weather is, but on this
(03:48):
particular one, that was not thecase. So of course, we made it
down to Phoenix, okay, and geton the second flight. But I'll
tell you, I can tell you justfrom flying out to Vegas, you
know, I used to do a lot oftraveling myself. And people
kind of took the seatbelt signsas a suggestion. Sometimes I saw
(04:12):
people that were, you know, notlistening to the stewardess and
this is back before COVID Butwhen that pilot said, Everybody
stay in their seats. He followedon and told us that those
stewards and stewardessesrepresent him in the cockpit and
that it is a federal crime todisobey their orders. So
(04:38):
apparently, I don't know if thatis his talk that he gives people
that are partying in Vegas andon their way home or what but
that pilot was pretty stern,which I appreciate that, you
know, these stewards and stewardis first of all, they got to put
up with us for hours on in,sitting in our seats and
fidgeting and stuff. have, youknow, when you're on the
(05:01):
airplane, just listen to them dowhat you're supposed to do. They
don't want any trouble. But Ithought that was interesting
also. All right, solet's get on with the show. Now
I get this question from time totime. And it seems like I've
been getting it more and more.
(05:22):
Now back on Episode 17, wetalked about how antivirus
companies don't write viruses.
Now, that is a something that wecleared up in Episode 17, that
there are plenty of viruses togo around. We don't have to get
out there and write viruses. Sopeople buy antivirus. But what I
(05:44):
want to do is, is expand on thata little bit and talk about a
specific type of virus, ormalware. And that is ransomware.
And that is the title of thisepisode is ransom, were ready.
Like I've explained before, alot of times, the show that I
(06:11):
put together is based off ofprevious week's conversations.
And this show is no different. Iwas out in beautiful Vegas, and
I get a phone call from a friendof mine. And I'll leave his name
out of it because he is a friendand industry. And I don't want
to reveal who their client was.
(06:34):
But this was another oneGlobalbob, what can we do, I got
a client whose computers havebeen infected with ransomware.
Now, not just computercomputers, so plural. And as you
can imagine, that is a bad dayfor a client is to come into
(06:57):
your office. And word quicklyspreads that laptops and
desktops are displaying thetelltale sign of ransomware.
Now, if you've never fallenvictim to ransomware, you may
not know what the message isthat it displays, but there will
(07:21):
be no doubt in your mind.
Basically all ransomware displaya message that says your files
have been locked. A lot of timesthere is a countdown timer until
complete destruction. So it maysay you've been infected with
ransomware, you have 24 hours or48 hours to send whatever the
(07:44):
amount of money is that it'sdisplaying on the screen to a
Bitcoin wallet. Now theseransomware folks, they know that
not everybody has Bitcoin andBitcoin wallets and even how to
pay the ransomware actors. So alot of times on the screen, they
(08:07):
will tell you, this is what youneed to do, you need to transfer
some money to say one of theseexchanges that are reputable.
And then once you get your moneytransferred in, then you need to
transfer that money to a bitcoinaddress. And from there, they
will send you a key to unlockyour files. And there's
(08:31):
different variants of it. Butthat's generally what it is.
Something that I findinteresting is that they
actually tell you how to getmoney out of the the banking
system and then to the cryptowallet. And so they're giving
you instructions on how to dothis. And once you of course pay
(08:54):
that ransom, then you're hopingthey will send you the key, and
you can unlock your computersand go on about your business.
Now there's a bunch of issueswith this right? One is, is that
if they were able to land onyour box, what other files did
they take? What else do they do?
(09:19):
You know, just like with anyransom in the real world, not in
cyberspace? You don't know ifthey're actually going to give
you that key or give you backthat property of which they are
asking the ransom for. Now,let's take a little sidetrack
here, and I want to ask thelisteners, especially my
(09:42):
listeners that own businesses.
Now, how do you know if yourransom were ready? How do you
know you can survive one ofthese? Well, it's pretty simple.
If you want to see what yoursurvivability is. If ransomware
lands at your company, just goto work, unplug all the desktop
(10:03):
computers. And anybody that useda laptop the day before, they're
not allowed to open the lid onit. Right? So basically, this is
a lights out scenario, could yourun your business and restore
your business files withouttouching basically any computer
(10:25):
that you use the day before? Andthat's essentially what
ransomware does, it shuts downthe computing systems inside of
a company or this lands at yourhouse, your house computer. So
if you cannot go down to sayBestBuy, or staples or whatever,
(10:47):
big box store very quickly buy ageneric laptop and restore all
your business files and all yourbusiness processes, then you're
not ransomware ready? Same thingfor your house, take your
desktop at your house if youhave one. Or take your your
laptop at your house if you're aparent, you know, not
(11:13):
necessarily in the business. Butif you're a parent to just can
you restore all your personalfiles, maybe your your tax
information, family photos? Andif you cannot do that, then you
are not ransom were ready. Nowfor my business owners, if you
get one thing out of thisepisode, hopefully it is one day
(11:35):
you could be hit withransomware. So why not start
today, to ensure that you areransom were ready. And that
we've thrown around the wordmalware we've thrown around the
word virus andother terms. But let's talk
about what is ransom, where. NowI define ransomware is a type of
(11:59):
malware that blocks access toresources like files and
computers, until a demand ismet, like sending money. And
whenever I say send money, Imean send lots of money. So
according to Panda security, theaverage ransomware demand for
(12:19):
like a business or some companyis usually around $570,000.
That's right $570,000. Now,there's a couple of different
ways that people make money offof this ransomware. And we'll
(12:40):
talk about a few. There aregenerally two ways that these
folks make money off ofransomware. We've mentioned what
the average demand is forransomware. And so that is the
people that have delivered theransomware to the computer or
computer network, and they'rewanting the direct cash or
(13:03):
money. But there's another waythat these malware authors
generate funds. And this isproviding ransomware as a
service. Now, I've been in thesecurity business for a while
now. And we've seen these as aservice type models arise. But
(13:24):
with this particular one, thepeople that are developing out
this ransomware, they willadvertise on the underground
markets, like in the dark weband say that they have
ransomware as a service. And ifyou subscribe to their service,
(13:46):
they will send you everythingyou need to start distributing
the ransomware. And we'll talkabout some of those distribution
methods later. But looking intothis, it was kind of like a
business advertisement, I foundone on the dark web that
actually offered 24 hour a dayseven day a week Skype support.
(14:11):
So I guess if you're a criminaland your ransomware isn't
performing properly, then youcan reach out to them for
support. They also offer freeupdates if you continue to pay
them their monthly service. Andthese updates can include new
methods of distribution. He alsoif your ransomware gets picked
(14:37):
up by antivirus before it's ableto encrypt files, they'll be
able to give you a anothervariant of that. So to me, I was
thinking to myself, Wow, this isactually kind of crazy. I mean
you have these malware authorsthat are selling this as a
(14:57):
service to to people that arenot technical enough to write
their own ransomware, that thenthey can distribute it. And
digging into this model a littlebit more, I've found that a lot
of times the actual bitcoinwallet that you send to isn't
the bitcoin wallet of the actorthat place the ransomware on
(15:20):
your computer, you're actuallysending it to the ransomware
folks as a service, and they inturn, take their percentage or
take out, you know, whatevercompensation and then they
forward the remaining bitcoinsback to the person that is
renting the ransomware. And itwas just crazy, you know, the
(15:46):
more I looked into it, it'salmost like these guys were
trying to run this as if it is alegitimate professional
business. So what industries areunder attack the most. And that
happens to be the goods andservice sectors. They're the
largest ones that are beingattacked by this ransomware. And
you can only imagine why. Beforewhen ransomware first started
(16:10):
getting popular, it was more ofa spray and pray, you had
someone that would quicklycreate some ransomware. And they
would just email it out toeverybody. And so you had the
person that was writing theransomware. And the person
delivering the ransomware beingthe same person. And they didn't
(16:31):
necessarily care where all itlanded at. And so anytime that
it is very broad net, that iscast, I call that the spray and
pray. But now times arechanging. Because the antivirus
companies and even yourvendors that provide IP blocking
(16:53):
DNS blocking, they're very quickto jump on these ransomware
networks and enable to blockthem. And so what happens is, is
that if you do the spray andpray method, then there's a good
chance that the ransomware isgoing to get picked up by
antivirus. And so now you'reseeing that they're being a lot
(17:16):
more methodical. I say they Imean, the ones that are getting
these big ransoms, right, thesehalf million dollar ransom. So
they're not just doing the sprayand pray. That's probably the
ones that aren't technical. Andthey're written the ransomware
as a service. And so they'regoing after the goods and
services industry. Because asyou know, and goods and
(17:38):
services, it's very much realtime. And if all of the
computers are locked up, thentime is money, and therefore,
they're more apt to pay theransom. So how does ransomware
actually land on your devices?
Well, it's the same as any othertype of malware. But there's a
(18:04):
couple more popular ways withthis particular one. Now, it
could land on your device via anemail attachment. I know we say
it over and over and over again,don't click on attachments don't
that you don't know who they'refrom. But I mean, we got to keep
saying it. Because that is oneof the tried and true methods of
(18:27):
delivering a payload. You got tothink your computer's, as we
talked about before, even atyour home network, they're
behind what they call a router.
And without getting tootechnical. The router has a
piece of software called a NAT,which stands for network address
translation. And essentiallywhat that does, as we mentioned
(18:48):
in previous podcast that allowsall your computers at your house
to share one public IP. Nowsomething that is inherent by
running a NAT means that yourcomputers at your house are not
directly attached to theinternet. That means a bad guy
or girl outside of your networkcannot drill through and touch
(19:09):
the IP address of say, yourlaptop or your iPad that is on
your home network. So whathappens is just like in any
malware, you have to be able toland on that network. And the
only way really to land on thatnetwork is to get a user to
(19:30):
somehow initiate a connection.
And so email is one way that itcan be delivered. And when you
click on that attachment, or youclick on that link, your
computer's then going throughthe Nat and then to the
(19:52):
internet, and that's when themalicious attachment or your
browser window gets copied Mindand the attacker can then start
doing things. So that's the mainpoint I want you to remember
here is, is that most of thetime with ransomware, it is
actually initiated by someoneclicking on something. So, yes,
(20:16):
the email attachment is a triedand true method to land on the
network. There's also anotherway is, is that your one
computer can get affectedsomewhere, and then they get on
to your network. And oncesomeone is on your network,
let's say whenever Globalbob wastraveling, if my laptop was to
(20:39):
be infected, because I was at ainternet cafe or something like
that didn't even have internetcafes, we were back in the day
when you'd go there and renttime on a computer to check your
email. But so my computer couldalready be infected, I come
home. Now I'm on my localnetwork, and my computer may
infect other computers. And ofcourse, we got the thumb drive,
(21:02):
or the removable media thatcould have the malware on there,
which yet again, it's a userputting something into their
computer, or someone doingsomething that's initiating this
malware. And of course, this isone that's pretty popular is
these website redirects whereyou're searching something on
(21:24):
Google, you click on a link, andmaybe Windows is spelt with a z
instead of an S, you're in ahurry. And then you get prompted
to download a file or, or yourbrowser gets compromised by
going to a bad site. Now, Imentioned the internet cafe. And
(21:44):
really what I really should havesaid was, you know, malicious
access points. And I've giventhis demonstration many, many
times where I can run an accesspoint your computer gets on it,
it goes to the internet, butit's being fed through my access
point that has a cellular modemin it. And then I can inject
(22:07):
little things on to thecomputer. So some of these
malware authors, what they'll dois they'll set up these
malicious access points, andthey'll go hang out in front of
places that serve up free Wi Fi,like say, McDonald's and
Starbucks and Chipotle. And theperson that comes in, they don't
know they just jump on thechipotle Wi Fi, but it may not
(22:31):
be the real Chipotle Wi Fi, itcould be the attackers and all
that person's doing is puttingmalware on computers. So when
you go home that can expand toyour other network, or what
they're really looking forwardto is your office network. Now
the last way I want to tell youthat ransomware gets on
(22:53):
computers is is that they'llsend it via messages, right. So
you get that pop up on yourphone that says your credit card
has been deactivated, pleaseclick here to re activate your
card. I'm just giving anexample. And I know that you may
say well, I click that on myphone. But a lot of people, if
(23:16):
you have a Mac, and you'relogged in, then you get your
messages on your Mac computeralso. Or if you're in Google
Hangouts, or AOL InstantMessenger, there you go. I'm
dating myself. But however, sowhen those people are, are
sending messages to your phone,I've heard people say, I don't
(23:37):
know why they send this to myphone iPhone secure. I mean, I
click on it, and it's it's notgoing to do anything. But it's
not that what they're trying todo is get you to click on that
when you're on your computer,and not on your phone to try to
get that to be delivered. Soback to the main defense against
(23:59):
ransomware is the human. And youcan't get on to people by saying
hey, why did you click on thatlink? I mean, some of these
ransomware folks, not the onesthat are doing the spray and
pray, but the ones that areactually targeting a company,
they are very, very good. Andthe way that they could
(24:22):
distribute the ransomware is isto actually break into the web
portal for your mail. So if youhave Office 365 Or you have
Google Docs or your Gmail, whatthey'll do is they'll compromise
a mail account, because what dowe say over and over? Don't
click on any external links frompeople you don't know. But what
(24:44):
they'll do is they'll compromisethat and then start sending the
files from that account to otherpeople in that company. Case in
point, if, say, the owner ofyour company was to send you an
email instead As here's theattachment for the quarterly
report, you'd probably click onit. I mean, everything checks
(25:06):
out, okay? But what it is, isthat they compromised that
person of authorities account,and you can't go get on to the
person that clicked on it,because it's like, they followed
all the rules, we say, you know,it was from the owner, I rolled
over the email address, and itlooked like it checked out. And
(25:28):
that's just how crafty that theyare. All right, so we talked
about how to see if yourransomware ready, which probably
about, I'd say 99% of thelisteners probably are not.
Hopefully after this, you'll goback to your companies and think
about your personal devices andsee what you can do to ensure
(25:52):
that you are ransomware. Ready.
Now, I can't have the show here.
Without giving a little bit ofhistory, I find that a lot of my
listeners love hearing thehistory behind things. So here
we go. Where did ransomwareactually start? Now, whenever I
was researching this show, Ithought, in my mind, were
(26:15):
probably around the 2000s iswhen this started to happen. But
actually, the first piece ofransomware was written by your
host here, global Bob. I'm justkidding. I will tell you this
here. So my cousin, she got acomputer. And she was in high
(26:36):
school. And this was amonochrome computer, we're
talking about like the 386 days.
And just being a funny personlike myself, I took and wrote a
little batch file that when thecomputer started up, I told her
display a message it says, orderme a pizza, or you'll never log
into your computer again. Well,she wasn't at her house whenever
(26:58):
I did this, and I actuallyforgot I had done it and went
home, I didn't live too faraway. couple miles away, I get
this frantic phone call from hersaying that she knows I messed
up her computer, and she's notbuying me a pizza. She had a few
expletives in there, and that Ineeded to tell her the password
to get past the screen. So Itold her the password, and she
(27:21):
went on about her way. And somaybe that could be the first
piece of ransomware. That wasactually written but no, that's
a joke. The story is true, butit was not ransomware, all she
had to do is hit control break,and it would have got her out of
the program. But anyways, whenwas the first one written, and
(27:42):
like I said, doing the research,I was pleasantly surprised. It
was written in 1989. And it wascalled PC cyborg when it was
first written. And it waswritten by a fella named Joseph
pop, who was a PhD, and AIDSresearcher. So this guy is
(28:02):
pretty dang smart. You know,he's a PhD and researching AIDS.
And what he did was now this iscrazy. So whenever I talk about
ransomware, and that someone hasto do something or trick you
into doing something, this guyactually distributed over 20,000
floppy disks. Now, for my younglisteners out there, the floppy
(28:27):
disk was a, I think it was fiveand a quarter, five and a half
inch, actually floppy littledisk that had magnets in it, and
the data was written to it. Sohe distributed 20,000 floppy
disks, to AIDS researchers andAIDS research facilities in over
(28:48):
90 countries. Now this is a1989. Now somebody needs to
unravel with his story and dosome more research. I mean, if
those discs were $1 apiece, andI do believe they were more than
$1 apiece back then. I mean,that's $20,000 This dude had
wrapped up. But anyways, he toldthem that the disc contained a
(29:08):
program that could analyze aquestionnaire and it would put a
risk score associated with thatperson on the chances of them
contracting AIDS. Now, I haven'tseen the questionnaire but kind
of the way I would think this isis is that you know you answer
all these questions. Do you dothis? Do you do that? Bah, bah,
(29:29):
bah, bah. And then at the end,this program would analyze and
say, hey, you know, you're ahigh risk person for AIDS. So,
now, going back to what we justtalked about the email from the
boss. I mean, this is a trustfactor, right? Your boss sends
you an email, and you click onit and it contains ransomware.
(29:49):
Well, this guy, I mean, he was aPhD. He was doing AIDS research
and so people probably trustedhim.
So when they got a disk fromhim, you know, it was no big
deal they inserted, it wasn'tlike they found this discount in
a parking lot, I'm sure. Now,what happened was is that once
(30:11):
this ran, some malware woulddemand a payment of $189. And
then there was another demandfor $378 for software licenses.
I'm trying to think to myself, Ican see, you know, the, some
money for this, but why $189 Orwhy 378. So, I'm sure there's
(30:35):
something behind that. Now, whenthis went out, this was amazing,
because this was the first pieceof ransomware. And they dubbed
this the AIDS virus just becauseof the person that put it
together and the folks that itwas targeting. So back in 1989,
(30:55):
was kind of the stage being setthat early on for ransomware.
And we've talked a little bitabout, you know, that being
distributed on floppies, andthen the later becoming the
ransomware as a service. Andthen by 2015, we started getting
(31:17):
these ransom wares that we allknow about. So you can see the
delta between 1989 and 2015 iswhen like crypto wall and
scatter and fury, and all ofthose started to show up on the
scene. So there we have it, thatis a little bit about
(31:37):
ransomware, how to see if yourransomware ready, and just do
the test. I mean, just, youknow, think about that. Because,
you know, once your files arelocked, your field commander
here cannot unlock them. There'sa lot of stuff they do with the
encryption. And at one time, youknow, they would publish some
(31:59):
keys or some white hat hackerswould figure out a flaw in the
ransomware and then publishthose decrypt keys. But as you
can see, when they're chargingransomware as a service, these
folks are very good at this now.
And so the chances of yougetting back your files without
paying the ransom, is probablynext to impossible. But here are
some things that you can do totry to get yourself in a better
(32:24):
position, create backups, andnot just Well, I backed it up
last month, I backed it up lastweek, you need to create really
good backups. And if you don'ttake anything from this podcast
whatsoever, just please takeaway that you need good backups.
And you need to test thosebackups. Don't just say, Well,
(32:46):
I'm backing it up. Because whenransomware lands on your
computer, especially the onesthat are lying dormant, to get
the big ransom, then they couldhave landed on your computer
systems, maybe a month ahead oftime. So what happened is, and
I've seen this happen is thatransomware hits, someone says,
All right, we got the backups,let's back it up to yesterday.
(33:10):
And they back it up toyesterday. And then the next day
they come in they're hit againbecause that ransomware is lying
dormant. And so you're basicallybacking it up to a day that
still had ransomware. So what Irecommend on backups is backup
once a day, and you know, havethat backup. So you got a 24
(33:31):
hour backup, then backup once aweek. So you can take one day
and go back seven days to be oneweek. And then one month,
because what you'll have to dois figure out the deltas between
those backups to see where can Iback up to or the various files
I can back up to where I don'tput the ransomware back on. So
(33:57):
backups are what is the numberone defense against or number
one recovery from without payingthe ransom. Now of course you
need to have antivirus on all ofyour boxes. That is another you
know, no brainer. But here'sanother thing too is is that
(34:19):
when you have your guest Wi Fiat your offices, I've seen this
more times than not there'snothing different between the
guest Wi Fi and the corporate WiFi other than it is a
SSID that's being broadcast thatsays guest but you jump on there
(34:42):
and I'm telling you most of thetime it's the same network. So
what you should do for yourvendors and people that are
coming in and out is actuallyhave a separate network that is
completely separate and that'sjust for the guest network. So
when those folks Come in, thenthey're virus laden, laptops,
(35:05):
and devices do not startinfecting your network. And
then, you know, a lot of timespeople are doing this bring your
own device to work, somethingthat you can do is subscribe to
a service that will do what theycall DNS filtering. And matter
of fact, there's a service thatI use, they're not affiliated
with Globalbob show at all. I'mnot invested in them, but I just
(35:27):
know that I use them, it'scalled DNS filter. And what you
do with DNS filter is, is thatyou take your home Wi Fi or your
business, Wi Fi access point,and you got to fill out some
basic information from your ISP.
And your ISP gives you DNSservers to set your access point
to well, if you set them to DNSfilter, then what what they'll
(35:51):
do is, is that if it's amalicious domain that that
computer is trying to get to,they will block it. So it's
very, super simple. Go out toDNS filter.com. And within a few
minutes, you'll have an accountset up. And then the other thing
that's nice about that, I mean,there are ways around it. But
another nice feature of DNSfilter is that you can see the
(36:13):
the websites that people aregoing to that are on your
network, and you can controlwhat they can see like maybe at
your office, you want to blockporn, or you don't want them to
be able to get to various sites.
And so with DNS filter, you geta lot, but what I like about DNS
(36:33):
filter is that it's very simple.
And anybody that comes onto yournetwork, if you have that set,
then it is a basic way to offera lot of protection for
everybody without having to putantivirus software on their
computers. So I mean, I'm notsaying it takes the place of
antivirus. But it is a good way.
(36:55):
The other thing is, like Imentioned for these big big
ransoms, they're actuallycompromising user accounts.
First. I know everybody hatestwo factor authentication. But
please, especially yourexecutives, because they're
usually the ones that aretargeted, make sure you have two
factor authentication. And itdoesn't have to be the very
(37:16):
intrusive one where every 24hours, when you check your
email, you have to, you know,type in the magic numbers off
the authenticator, you just haveit for new devices. So make sure
you turn on two factorauthentication. And then of
course, you strong password. Soeverything that we've talked
about before is very, veryrelevant here. All right, well,
(37:38):
we're at the bottom of the halfhour, actually a little past the
bottom of the half hour. Sohopefully you learn something.
Hopefully, I didn't scare youtoo much, but just enough where
you'll go to your companies andlook and think about their
posture for how would yourecover your business. If
everything that you touchedelectronically, yesterday is not
(38:03):
available today. And in yourpersonal life, I hope you
evaluate where all your picturesare stored at and you take
measures to ensure that if youwere to become victim of
ransomware that you don't loseall of those pictures and tax
documents and personal files arewell I just like to thank
(38:27):
everybody for riding along herewith Globalbob as we cruise the
highways and byways ofcyberspace and do what we can to
make sure that you are wellinformed, well educated and in
this podcast, make sure that youare ready for ransomware if it
(38:47):
ever was to land on yourdevices, to thank you so much
and I will see everybody nextweek.
Globalbob Show episode number 22 Less rock. Man listen
to that rock and roll musicfeels so good to be back here in
beautiful central Florida frommy trip to Las Vegas. One thing
(00:22):
that is different than here inVegas, there's actually a lot of
things that are differentbetween here in Vegas, but one
is the humidity. And you know,we're always at 80 plus percent
on the humidity unlike in Vegas.
And those of you that know thathave traveled out west and come
back to Florida. That's one ofthe first things that slaps you
(00:45):
in the face as you're comingdown that jetway is that that
humidity. Like to thankeverybody that continues to tune
in to the show each and everyweek. The listenership continues
to go up. And that is a goodthing. But I am back. I am back
in the Richard Cook broadcastfacility and bringing you this
(01:09):
wonderful show this week. Liketo thank everybody that tunes in
and those that get other peopleto subscribe. You can always
find the Globalbob show, ofcourse on the website, www dot
Globalbob show.com. You can findus out on Facebook Globalbob
(01:33):
Show and on Twitter at Globalbobshow. And if you want to email
me What do you think that emailaddress is? That's right.
Globalbob show@gmail.com So theold field commander here we made
our way back from Las Vegas, insomething that was interesting
(01:59):
to me was is that the weatherwas really nice, no weather to
speak of like clouds in theskies and stuff. Whenever I got
to the wonderful McCarranAirport, McCarran Airport, and I
boarded my flight, going to takea little short flight down to
(02:20):
Phoenix and then catch theflight from Phoenix to Orlando.
And whenever I got on theflight, the beautiful stewardess
was asking everybody if theywanted a drink before the flight
took off, and, of course,Commander, Bob's not going to
(02:41):
pass up a free drink. And whenwe were getting ready to push
back the taxi, the pilot came onand said that he has asked the
stewardess to stay in theirseats, asked everybody on the
plane to stay in their seats,because it was going to be very
bumpy and choppy going down toPhoenix. Which I thought was
(03:05):
interesting, right? Because herein Florida, when the captain
says it's going to be a roughwalk ride, you can look outside
and see the thunderclouds. Andno, it's going to be a rough
ride here in Florida. But therethere was no clouds. But I can
tell you right now, oh fieldcommander Bob here, he was
bouncing around like a BB in aboxcar. I mean, that was it's
(03:26):
got to be the roughest flight. Ihad been on in quite some time.
So all I could think of is thatmaybe the weather that we had
out there was kind of movingthrough maybe some thermals off
the desert. But yeah, that wassomething that was kind of
interesting, you know, being apilot myself, you know, usually
you can look outside and seewhat the weather is, but on this
(03:48):
particular one, that was not thecase. So of course, we made it
down to Phoenix, okay, and geton the second flight. But I'll
tell you, I can tell you justfrom flying out to Vegas, you
know, I used to do a lot oftraveling myself. And people
kind of took the seatbelt signsas a suggestion. Sometimes I saw
(04:12):
people that were, you know, notlistening to the stewardess and
this is back before COVID Butwhen that pilot said, Everybody
stay in their seats. He followedon and told us that those
stewards and stewardessesrepresent him in the cockpit and
that it is a federal crime todisobey their orders. So
(04:38):
apparently, I don't know if thatis his talk that he gives people
that are partying in Vegas andon their way home or what but
that pilot was pretty stern,which I appreciate that, you
know, these stewards and stewardis first of all, they got to put
up with us for hours on in,sitting in our seats and
fidgeting and stuff. have, youknow, when you're on the
(05:01):
airplane, just listen to them dowhat you're supposed to do. They
don't want any trouble. But Ithought that was interesting
also. All right, solet's get on with the show. Now
I get this question from time totime. And it seems like I've
been getting it more and more.
(05:22):
Now back on Episode 17, wetalked about how antivirus
companies don't write viruses.
Now, that is a something that wecleared up in Episode 17, that
there are plenty of viruses togo around. We don't have to get
out there and write viruses. Sopeople buy antivirus. But what I
(05:44):
want to do is, is expand on thata little bit and talk about a
specific type of virus, ormalware. And that is ransomware.
And that is the title of thisepisode is ransom, were ready.
Like I've explained before, alot of times, the show that I
(06:11):
put together is based off ofprevious week's conversations.
And this show is no different. Iwas out in beautiful Vegas, and
I get a phone call from a friendof mine. And I'll leave his name
out of it because he is a friendand industry. And I don't want
to reveal who their client was.
(06:34):
But this was another oneGlobalbob, what can we do, I got
a client whose computers havebeen infected with ransomware.
Now, not just computercomputers, so plural. And as you
can imagine, that is a bad dayfor a client is to come into
(06:57):
your office. And word quicklyspreads that laptops and
desktops are displaying thetelltale sign of ransomware.
Now, if you've never fallenvictim to ransomware, you may
not know what the message isthat it displays, but there will
(07:21):
be no doubt in your mind.
Basically all ransomware displaya message that says your files
have been locked. A lot of timesthere is a countdown timer until
complete destruction. So it maysay you've been infected with
ransomware, you have 24 hours or48 hours to send whatever the
(07:44):
amount of money is that it'sdisplaying on the screen to a
Bitcoin wallet. Now theseransomware folks, they know that
not everybody has Bitcoin andBitcoin wallets and even how to
pay the ransomware actors. So alot of times on the screen, they
(08:07):
will tell you, this is what youneed to do, you need to transfer
some money to say one of theseexchanges that are reputable.
And then once you get your moneytransferred in, then you need to
transfer that money to a bitcoinaddress. And from there, they
will send you a key to unlockyour files. And there's
(08:31):
different variants of it. Butthat's generally what it is.
Something that I findinteresting is that they
actually tell you how to getmoney out of the the banking
system and then to the cryptowallet. And so they're giving
you instructions on how to dothis. And once you of course pay
(08:54):
that ransom, then you're hopingthey will send you the key, and
you can unlock your computersand go on about your business.
Now there's a bunch of issueswith this right? One is, is that
if they were able to land onyour box, what other files did
they take? What else do they do?
(09:19):
You know, just like with anyransom in the real world, not in
cyberspace? You don't know ifthey're actually going to give
you that key or give you backthat property of which they are
asking the ransom for. Now,let's take a little sidetrack
here, and I want to ask thelisteners, especially my
(09:42):
listeners that own businesses.
Now, how do you know if yourransom were ready? How do you
know you can survive one ofthese? Well, it's pretty simple.
If you want to see what yoursurvivability is. If ransomware
lands at your company, just goto work, unplug all the desktop
(10:03):
computers. And anybody that useda laptop the day before, they're
not allowed to open the lid onit. Right? So basically, this is
a lights out scenario, could yourun your business and restore
your business files withouttouching basically any computer
(10:25):
that you use the day before? Andthat's essentially what
ransomware does, it shuts downthe computing systems inside of
a company or this lands at yourhouse, your house computer. So
if you cannot go down to sayBestBuy, or staples or whatever,
(10:47):
big box store very quickly buy ageneric laptop and restore all
your business files and all yourbusiness processes, then you're
not ransomware ready? Same thingfor your house, take your
desktop at your house if youhave one. Or take your your
laptop at your house if you're aparent, you know, not
(11:13):
necessarily in the business. Butif you're a parent to just can
you restore all your personalfiles, maybe your your tax
information, family photos? Andif you cannot do that, then you
are not ransom were ready. Nowfor my business owners, if you
get one thing out of thisepisode, hopefully it is one day
(11:35):
you could be hit withransomware. So why not start
today, to ensure that you areransom were ready. And that
we've thrown around the wordmalware we've thrown around the
word virus andother terms. But let's talk
about what is ransom, where. NowI define ransomware is a type of
(11:59):
malware that blocks access toresources like files and
computers, until a demand ismet, like sending money. And
whenever I say send money, Imean send lots of money. So
according to Panda security, theaverage ransomware demand for
(12:19):
like a business or some companyis usually around $570,000.
That's right $570,000. Now,there's a couple of different
ways that people make money offof this ransomware. And we'll
(12:40):
talk about a few. There aregenerally two ways that these
folks make money off ofransomware. We've mentioned what
the average demand is forransomware. And so that is the
people that have delivered theransomware to the computer or
computer network, and they'rewanting the direct cash or
(13:03):
money. But there's another waythat these malware authors
generate funds. And this isproviding ransomware as a
service. Now, I've been in thesecurity business for a while
now. And we've seen these as aservice type models arise. But
(13:24):
with this particular one, thepeople that are developing out
this ransomware, they willadvertise on the underground
markets, like in the dark weband say that they have
ransomware as a service. And ifyou subscribe to their service,
(13:46):
they will send you everythingyou need to start distributing
the ransomware. And we'll talkabout some of those distribution
methods later. But looking intothis, it was kind of like a
business advertisement, I foundone on the dark web that
actually offered 24 hour a dayseven day a week Skype support.
(14:11):
So I guess if you're a criminaland your ransomware isn't
performing properly, then youcan reach out to them for
support. They also offer freeupdates if you continue to pay
them their monthly service. Andthese updates can include new
methods of distribution. He alsoif your ransomware gets picked
(14:37):
up by antivirus before it's ableto encrypt files, they'll be
able to give you a anothervariant of that. So to me, I was
thinking to myself, Wow, this isactually kind of crazy. I mean
you have these malware authorsthat are selling this as a
(14:57):
service to to people that arenot technical enough to write
their own ransomware, that thenthey can distribute it. And
digging into this model a littlebit more, I've found that a lot
of times the actual bitcoinwallet that you send to isn't
the bitcoin wallet of the actorthat place the ransomware on
(15:20):
your computer, you're actuallysending it to the ransomware
folks as a service, and they inturn, take their percentage or
take out, you know, whatevercompensation and then they
forward the remaining bitcoinsback to the person that is
renting the ransomware. And itwas just crazy, you know, the
(15:46):
more I looked into it, it'salmost like these guys were
trying to run this as if it is alegitimate professional
business. So what industries areunder attack the most. And that
happens to be the goods andservice sectors. They're the
largest ones that are beingattacked by this ransomware. And
you can only imagine why. Beforewhen ransomware first started
(16:10):
getting popular, it was more ofa spray and pray, you had
someone that would quicklycreate some ransomware. And they
would just email it out toeverybody. And so you had the
person that was writing theransomware. And the person
delivering the ransomware beingthe same person. And they didn't
(16:31):
necessarily care where all itlanded at. And so anytime that
it is very broad net, that iscast, I call that the spray and
pray. But now times arechanging. Because the antivirus
companies and even yourvendors that provide IP blocking
(16:53):
DNS blocking, they're very quickto jump on these ransomware
networks and enable to blockthem. And so what happens is, is
that if you do the spray andpray method, then there's a good
chance that the ransomware isgoing to get picked up by
antivirus. And so now you'reseeing that they're being a lot
(17:16):
more methodical. I say they Imean, the ones that are getting
these big ransoms, right, thesehalf million dollar ransom. So
they're not just doing the sprayand pray. That's probably the
ones that aren't technical. Andthey're written the ransomware
as a service. And so they'regoing after the goods and
services industry. Because asyou know, and goods and
(17:38):
services, it's very much realtime. And if all of the
computers are locked up, thentime is money, and therefore,
they're more apt to pay theransom. So how does ransomware
actually land on your devices?
Well, it's the same as any othertype of malware. But there's a
(18:04):
couple more popular ways withthis particular one. Now, it
could land on your device via anemail attachment. I know we say
it over and over and over again,don't click on attachments don't
that you don't know who they'refrom. But I mean, we got to keep
saying it. Because that is oneof the tried and true methods of
(18:27):
delivering a payload. You got tothink your computer's, as we
talked about before, even atyour home network, they're
behind what they call a router.
And without getting tootechnical. The router has a
piece of software called a NAT,which stands for network address
translation. And essentiallywhat that does, as we mentioned
(18:48):
in previous podcast that allowsall your computers at your house
to share one public IP. Nowsomething that is inherent by
running a NAT means that yourcomputers at your house are not
directly attached to theinternet. That means a bad guy
or girl outside of your networkcannot drill through and touch
(19:09):
the IP address of say, yourlaptop or your iPad that is on
your home network. So whathappens is just like in any
malware, you have to be able toland on that network. And the
only way really to land on thatnetwork is to get a user to
(19:30):
somehow initiate a connection.
And so email is one way that itcan be delivered. And when you
click on that attachment, or youclick on that link, your
computer's then going throughthe Nat and then to the
(19:52):
internet, and that's when themalicious attachment or your
browser window gets copied Mindand the attacker can then start
doing things. So that's the mainpoint I want you to remember
here is, is that most of thetime with ransomware, it is
actually initiated by someoneclicking on something. So, yes,
(20:16):
the email attachment is a triedand true method to land on the
network. There's also anotherway is, is that your one
computer can get affectedsomewhere, and then they get on
to your network. And oncesomeone is on your network,
let's say whenever Globalbob wastraveling, if my laptop was to
(20:39):
be infected, because I was at ainternet cafe or something like
that didn't even have internetcafes, we were back in the day
when you'd go there and renttime on a computer to check your
email. But so my computer couldalready be infected, I come
home. Now I'm on my localnetwork, and my computer may
infect other computers. And ofcourse, we got the thumb drive,
(21:02):
or the removable media thatcould have the malware on there,
which yet again, it's a userputting something into their
computer, or someone doingsomething that's initiating this
malware. And of course, this isone that's pretty popular is
these website redirects whereyou're searching something on
(21:24):
Google, you click on a link, andmaybe Windows is spelt with a z
instead of an S, you're in ahurry. And then you get prompted
to download a file or, or yourbrowser gets compromised by
going to a bad site. Now, Imentioned the internet cafe. And
(21:44):
really what I really should havesaid was, you know, malicious
access points. And I've giventhis demonstration many, many
times where I can run an accesspoint your computer gets on it,
it goes to the internet, butit's being fed through my access
point that has a cellular modemin it. And then I can inject
(22:07):
little things on to thecomputer. So some of these
malware authors, what they'll dois they'll set up these
malicious access points, andthey'll go hang out in front of
places that serve up free Wi Fi,like say, McDonald's and
Starbucks and Chipotle. And theperson that comes in, they don't
know they just jump on thechipotle Wi Fi, but it may not
(22:31):
be the real Chipotle Wi Fi, itcould be the attackers and all
that person's doing is puttingmalware on computers. So when
you go home that can expand toyour other network, or what
they're really looking forwardto is your office network. Now
the last way I want to tell youthat ransomware gets on
(22:53):
computers is is that they'llsend it via messages, right. So
you get that pop up on yourphone that says your credit card
has been deactivated, pleaseclick here to re activate your
card. I'm just giving anexample. And I know that you may
say well, I click that on myphone. But a lot of people, if
(23:16):
you have a Mac, and you'relogged in, then you get your
messages on your Mac computeralso. Or if you're in Google
Hangouts, or AOL InstantMessenger, there you go. I'm
dating myself. But however, sowhen those people are, are
sending messages to your phone,I've heard people say, I don't
(23:37):
know why they send this to myphone iPhone secure. I mean, I
click on it, and it's it's notgoing to do anything. But it's
not that what they're trying todo is get you to click on that
when you're on your computer,and not on your phone to try to
get that to be delivered. Soback to the main defense against
(23:59):
ransomware is the human. And youcan't get on to people by saying
hey, why did you click on thatlink? I mean, some of these
ransomware folks, not the onesthat are doing the spray and
pray, but the ones that areactually targeting a company,
they are very, very good. Andthe way that they could
(24:22):
distribute the ransomware is isto actually break into the web
portal for your mail. So if youhave Office 365 Or you have
Google Docs or your Gmail, whatthey'll do is they'll compromise
a mail account, because what dowe say over and over? Don't
click on any external links frompeople you don't know. But what
(24:44):
they'll do is they'll compromisethat and then start sending the
files from that account to otherpeople in that company. Case in
point, if, say, the owner ofyour company was to send you an
email instead As here's theattachment for the quarterly
report, you'd probably click onit. I mean, everything checks
(25:06):
out, okay? But what it is, isthat they compromised that
person of authorities account,and you can't go get on to the
person that clicked on it,because it's like, they followed
all the rules, we say, you know,it was from the owner, I rolled
over the email address, and itlooked like it checked out. And
(25:28):
that's just how crafty that theyare. All right, so we talked
about how to see if yourransomware ready, which probably
about, I'd say 99% of thelisteners probably are not.
Hopefully after this, you'll goback to your companies and think
about your personal devices andsee what you can do to ensure
(25:52):
that you are ransomware. Ready.
Now, I can't have the show here.
Without giving a little bit ofhistory, I find that a lot of my
listeners love hearing thehistory behind things. So here
we go. Where did ransomwareactually start? Now, whenever I
was researching this show, Ithought, in my mind, were
(26:15):
probably around the 2000s iswhen this started to happen. But
actually, the first piece ofransomware was written by your
host here, global Bob. I'm justkidding. I will tell you this
here. So my cousin, she got acomputer. And she was in high
(26:36):
school. And this was amonochrome computer, we're
talking about like the 386 days.
And just being a funny personlike myself, I took and wrote a
little batch file that when thecomputer started up, I told her
display a message it says, orderme a pizza, or you'll never log
into your computer again. Well,she wasn't at her house whenever
(26:58):
I did this, and I actuallyforgot I had done it and went
home, I didn't live too faraway. couple miles away, I get
this frantic phone call from hersaying that she knows I messed
up her computer, and she's notbuying me a pizza. She had a few
expletives in there, and that Ineeded to tell her the password
to get past the screen. So Itold her the password, and she
(27:21):
went on about her way. And somaybe that could be the first
piece of ransomware. That wasactually written but no, that's
a joke. The story is true, butit was not ransomware, all she
had to do is hit control break,and it would have got her out of
the program. But anyways, whenwas the first one written, and
(27:42):
like I said, doing the research,I was pleasantly surprised. It
was written in 1989. And it wascalled PC cyborg when it was
first written. And it waswritten by a fella named Joseph
pop, who was a PhD, and AIDSresearcher. So this guy is
(28:02):
pretty dang smart. You know,he's a PhD and researching AIDS.
And what he did was now this iscrazy. So whenever I talk about
ransomware, and that someone hasto do something or trick you
into doing something, this guyactually distributed over 20,000
floppy disks. Now, for my younglisteners out there, the floppy
(28:27):
disk was a, I think it was fiveand a quarter, five and a half
inch, actually floppy littledisk that had magnets in it, and
the data was written to it. Sohe distributed 20,000 floppy
disks, to AIDS researchers andAIDS research facilities in over
(28:48):
90 countries. Now this is a1989. Now somebody needs to
unravel with his story and dosome more research. I mean, if
those discs were $1 apiece, andI do believe they were more than
$1 apiece back then. I mean,that's $20,000 This dude had
wrapped up. But anyways, he toldthem that the disc contained a
(29:08):
program that could analyze aquestionnaire and it would put a
risk score associated with thatperson on the chances of them
contracting AIDS. Now, I haven'tseen the questionnaire but kind
of the way I would think this isis is that you know you answer
all these questions. Do you dothis? Do you do that? Bah, bah,
(29:29):
bah, bah. And then at the end,this program would analyze and
say, hey, you know, you're ahigh risk person for AIDS. So,
now, going back to what we justtalked about the email from the
boss. I mean, this is a trustfactor, right? Your boss sends
you an email, and you click onit and it contains ransomware.
(29:49):
Well, this guy, I mean, he was aPhD. He was doing AIDS research
and so people probably trustedhim.
So when they got a disk fromhim, you know, it was no big
deal they inserted, it wasn'tlike they found this discount in
a parking lot, I'm sure. Now,what happened was is that once
(30:11):
this ran, some malware woulddemand a payment of $189. And
then there was another demandfor $378 for software licenses.
I'm trying to think to myself, Ican see, you know, the, some
money for this, but why $189 Orwhy 378. So, I'm sure there's
(30:35):
something behind that. Now, whenthis went out, this was amazing,
because this was the first pieceof ransomware. And they dubbed
this the AIDS virus just becauseof the person that put it
together and the folks that itwas targeting. So back in 1989,
(30:55):
was kind of the stage being setthat early on for ransomware.
And we've talked a little bitabout, you know, that being
distributed on floppies, andthen the later becoming the
ransomware as a service. Andthen by 2015, we started getting
(31:17):
these ransom wares that we allknow about. So you can see the
delta between 1989 and 2015 iswhen like crypto wall and
scatter and fury, and all ofthose started to show up on the
scene. So there we have it, thatis a little bit about
(31:37):
ransomware, how to see if yourransomware ready, and just do
the test. I mean, just, youknow, think about that. Because,
you know, once your files arelocked, your field commander
here cannot unlock them. There'sa lot of stuff they do with the
encryption. And at one time, youknow, they would publish some
(31:59):
keys or some white hat hackerswould figure out a flaw in the
ransomware and then publishthose decrypt keys. But as you
can see, when they're chargingransomware as a service, these
folks are very good at this now.
And so the chances of yougetting back your files without
paying the ransom, is probablynext to impossible. But here are
some things that you can do totry to get yourself in a better
(32:24):
position, create backups, andnot just Well, I backed it up
last month, I backed it up lastweek, you need to create really
good backups. And if you don'ttake anything from this podcast
whatsoever, just please takeaway that you need good backups.
And you need to test thosebackups. Don't just say, Well,
(32:46):
I'm backing it up. Because whenransomware lands on your
computer, especially the onesthat are lying dormant, to get
the big ransom, then they couldhave landed on your computer
systems, maybe a month ahead oftime. So what happened is, and
I've seen this happen is thatransomware hits, someone says,
All right, we got the backups,let's back it up to yesterday.
(33:10):
And they back it up toyesterday. And then the next day
they come in they're hit againbecause that ransomware is lying
dormant. And so you're basicallybacking it up to a day that
still had ransomware. So what Irecommend on backups is backup
once a day, and you know, havethat backup. So you got a 24
(33:31):
hour backup, then backup once aweek. So you can take one day
and go back seven days to be oneweek. And then one month,
because what you'll have to dois figure out the deltas between
those backups to see where can Iback up to or the various files
I can back up to where I don'tput the ransomware back on. So
(33:57):
backups are what is the numberone defense against or number
one recovery from without payingthe ransom. Now of course you
need to have antivirus on all ofyour boxes. That is another you
know, no brainer. But here'sanother thing too is is that
(34:19):
when you have your guest Wi Fiat your offices, I've seen this
more times than not there'snothing different between the
guest Wi Fi and the corporate WiFi other than it is a
SSID that's being broadcast thatsays guest but you jump on there
(34:42):
and I'm telling you most of thetime it's the same network. So
what you should do for yourvendors and people that are
coming in and out is actuallyhave a separate network that is
completely separate and that'sjust for the guest network. So
when those folks Come in, thenthey're virus laden, laptops,
(35:05):
and devices do not startinfecting your network. And
then, you know, a lot of timespeople are doing this bring your
own device to work, somethingthat you can do is subscribe to
a service that will do what theycall DNS filtering. And matter
of fact, there's a service thatI use, they're not affiliated
with Globalbob show at all. I'mnot invested in them, but I just
(35:27):
know that I use them, it'scalled DNS filter. And what you
do with DNS filter is, is thatyou take your home Wi Fi or your
business, Wi Fi access point,and you got to fill out some
basic information from your ISP.
And your ISP gives you DNSservers to set your access point
to well, if you set them to DNSfilter, then what what they'll
(35:51):
do is, is that if it's amalicious domain that that
computer is trying to get to,they will block it. So it's
very, super simple. Go out toDNS filter.com. And within a few
minutes, you'll have an accountset up. And then the other thing
that's nice about that, I mean,there are ways around it. But
another nice feature of DNSfilter is that you can see the
(36:13):
the websites that people aregoing to that are on your
network, and you can controlwhat they can see like maybe at
your office, you want to blockporn, or you don't want them to
be able to get to various sites.
And so with DNS filter, you geta lot, but what I like about DNS
(36:33):
filter is that it's very simple.
And anybody that comes onto yournetwork, if you have that set,
then it is a basic way to offera lot of protection for
everybody without having to putantivirus software on their
computers. So I mean, I'm notsaying it takes the place of
antivirus. But it is a good way.
(36:55):
The other thing is, like Imentioned for these big big
ransoms, they're actuallycompromising user accounts.
First. I know everybody hatestwo factor authentication. But
please, especially yourexecutives, because they're
usually the ones that aretargeted, make sure you have two
factor authentication. And itdoesn't have to be the very
(37:16):
intrusive one where every 24hours, when you check your
email, you have to, you know,type in the magic numbers off
the authenticator, you just haveit for new devices. So make sure
you turn on two factorauthentication. And then of
course, you strong password. Soeverything that we've talked
about before is very, veryrelevant here. All right, well,
(37:38):
we're at the bottom of the halfhour, actually a little past the
bottom of the half hour. Sohopefully you learn something.
Hopefully, I didn't scare youtoo much, but just enough where
you'll go to your companies andlook and think about their
posture for how would yourecover your business. If
everything that you touchedelectronically, yesterday is not
(38:03):
available today. And in yourpersonal life, I hope you
evaluate where all your picturesare stored at and you take
measures to ensure that if youwere to become victim of
ransomware that you don't loseall of those pictures and tax
documents and personal files arewell I just like to thank
(38:27):
everybody for riding along herewith Globalbob as we cruise the
highways and byways ofcyberspace and do what we can to
make sure that you are wellinformed, well educated and in
this podcast, make sure that youare ready for ransomware if it
(38:47):
ever was to land on yourdevices, to thank you so much
and I will see everybody nextweek.
Popular Podcasts
NFL Daily with Gregg Rosenthal
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com