Follow @jack_ganssle

How My Mom Got Hacked

Actually, she didn't. At least, I hope not. But a recent New York Times article (http://www.nytimes.com/2015/01/04/opinion/sunday/how-my-mom-got-hacked.html?ref=opinion) details how the writer's mother was hit by the CryptoWall virus, which encrypted her mother's files and demanded a $500 ransom for access to the key.

I had three reactions to this article.

First, is the threat itself. Like most of us I was aware of ransomware but didn't really think that much about it. Just another nasty virus that can corrupt the system. But this one seems to be spreading quickly (http://www.symantec.com/security_response/writeup.jsp?docid=2014-061923-2824-99).

It's insidious in that all files on all drives mapped to letters will be encrypted. That backup drive? You'll lose access to it. A networked drive? Ditto. Mapped cloud services, too, will be attacked. This is a serious problem in that we really need to use automatic backups; ones that are scheduled daily (at least). But because of these sorts of threats, that backup drive must be disconnected from the network to preserve the files if the main system gets compromised.

It would be nice to have a command-line utility that locked access to a drive with a password, so the automatic backup program can invoke a batch file to open it, do the backup, and then lock the drive down. I have not been able to find such a program.

Here in Ganssleville we use SecondCopy to roll changed files to a separate internal disk and to a USB-connected disk every night. Once a week I swap that USB drive with another, which is kept at a remote location. So we're at risk for, at most, a week's worth of data, which can be rather a lot. I may change to a daily swap, but that is really a pain.

Weekly, I do a manual backup to a Mac and to a big thumb drive. Both are air-gapped from the network at all times except during the backup. The flash drive is stored off-site.

My second reaction was one of disgust. Pre-computers one had to actually walk into a bank with a gun to commit a robbery. That barrier which required physical presence and entailed considerable risk seems to have kept a lid on this sort of behavior. Today any script kiddie or 419er can drain someone's accounts from thousands of miles away. Cloak some in the anonymity of the Internet and the veneer of civilization evaporates. Presumably this applies to a small portion of society. But how were these people brought up? What moral sense debases, in their minds, human beings to nothing more than targets of opportunities? What makes these people (I use that word loosely) so amoral? It's terribly sad the world is rife with these criminal predators.

My last thought was of the author's mother. The article leads me to suspect she is relatively young. Many aren't. My parents, in their very late 80s, recently moved to an elder-care facility. A computer room there has a handful of PCs, all with bright yellow keys emblazoned with huge letters for the faint of sight. Other residents, like my folks, have their own computers. I often give them the rules for safe surfing, but those rules, which has been explained many times, are now received as new information with each retelling. Increasing confusion makes me worry that a costly mistake is just a click away. The elderly, most of whom are not particularly computer literate, have always been targets for the evil who prey on our society.

We engineers take computer-savviness to be a given, but a preponderance of PC users know little about their machines or the threats to them. One mistaken click on what looks like a completely innocent link can lead to CryptoWare or thousands of other virii to hugely disrupt life. Probably very few outside of the cognoscenti have an in-depth defense system. Their machines are like unguarded banks whose vaults are stuffed with cash, unlocked, and a big sign outside reading "easy-to-steal cash."

What's your take?

Published January 5, 2015