Day: June 28, 2017

AP Explains: What is Ransomware?

Computers around the world were locked up and users’ files held for ransom in a cyberattack Tuesday that paralyzed some hospitals, government offices and major multinational corporations.

Here’s a look at how malware and ransomware work and what people can do if they fall victim to attacks.

What is malware and ransomware?

Malware is a general term that refers to software that’s harmful to your computer, says John Villasenor, a professor at the University of California, Los Angeles. Ransomware is a type of malware that essentially takes over a computer and prevents users from accessing data on it until a ransom is paid, he says.

How does your computer become infected with ransomware?

In most cases, the software infects computers through links or attachments in malicious messages known as phishing emails.

“The age-old advice is to never click on a link in an email,” said Jerome Segura, a senior malware intelligence researcher at Malwarebytes, a company based in San Jose, California, that has released anti-ransomware software. “The idea is to try to trick the victim into running a malicious piece of code.”

The software usually is hidden within links or attachments in emails. Once the user clicks on the link or opens the document, their computer is infected and the software takes over.

But some of the major ransomware attacks recently, including last month’s WannaCry and the one spreading Tuesday, borrowed leaked National Security Agency code that permits software to spread quickly within an organization’s network.

How ransomware works

“Ransomware, like the name suggests, is when your files are held for ransom,” said Peter Reiher, a UCLA professor who specializes in computer science and cybersecurity. “It finds all of your files and encrypts them and then leaves you a message. If you want to decrypt them, you have to pay.”

The ransomware encrypts data on the computer using an encryption key that only the attacker knows. If the ransom isn’t paid, the data is often lost forever.

When the ransomware takes over a computer, the attackers are pretty explicit in their demands, Segura says. In most cases, they change the wallpaper of the computer and give specific instructions telling the user how to pay to recover their files.

Most attackers demand $300 to $500 to remove the malicious ransomware; the price can double if the amount isn’t paid within 24 hours. The demand in Tuesday’s attack was $300 per computer, according to security researchers.

Law enforcement officials have discouraged people from paying these ransoms.

How to avoid these attacks

The first step is being cautious, experts say. Users should also look for malicious email messages that often masquerade as emails from companies or people you regularly interact with online. It’s important to avoid clicking on links or opening attachments in those messages, since they could unleash malware, Villasenor says.

But Villasenor says there is “no perfect solution” to the problem.

Users should regularly back up their data and ensure that security updates are installed on your computer as soon as they are released. Up-to-date backups make it possible to restore files without paying a ransom.

WannaCry and Tuesday’s attack exploited vulnerabilities in some versions of Microsoft Windows. Microsoft has released software patches for the security holes, although not everyone has installed those updates.

Even so, the new malware appears to have a backup spreading mechanism, so that even if some computers were patched, they can still be hit if one or more machines in a network weren’t patched.

more

Trump Hails ‘Energy Revolution’ as Exports Surge

President Donald Trump on Tuesday hailed an energy revolution marked by surging U.S. exports of oil and natural gas.

Trump cited a series of steps the administration has taken to boost energy production and remove government regulations that he argues prevent the United States from achieving “energy dominance” in the global market.

“Together, we are going to start a new energy revolution — one that celebrates American production on American soil,” Trump said in a statement, adding that the U.S. is on the brink of becoming a net exporter of oil, gas and other energy resources.

The self-proclaimed “energy week” follows similar policy-themed weeks on infrastructure and jobs.

At the White House, Energy Secretary Rick Perry said the administration is confident officials can “pave the path toward U.S. energy dominance” by exporting oil, gas and coal to markets around the world, and promoting nuclear energy and even renewables such as wind and solar power.

“One of the things we want to do at [the Department of Energy] is to make nuclear energy cool again,” Perry said.

The focus on energy began at a meeting between Trump and India’s Prime Minister Narendra Modi, with U.S. natural gas exports part of the discussion. Trump is expected to talk energy Wednesday with governors and tribal leaders, and he will deliver a speech Thursday at the Energy Department.

Arctic, Atlantic drilling

Trump signed an executive order in April to expand oil drilling in the Arctic and Atlantic oceans, reversing restrictions imposed by his predecessor, Barack Obama. Trump has also pushed to revive U.S. coal production after years of decline. Coal mining rose by 19 percent in the first five months of the year as the price of natural gas edged up, according to Energy Department data.

U.S. oil and gas production have boomed in recent years, primarily because of improved drilling techniques such as fracking that have opened up production in areas previously out of reach of drillers.

A report released in January by the Energy Information Administration said the country is on track to become a net energy exporter by 2026, although the White House said Tuesday that net exports could top imports as soon as 2020.

Interior Secretary Ryan Zinke also focused on energy as he addressed the Western Governors’ Association in his hometown of Whitefish, Montana.

Zinke said increased offshore drilling could provide more than enough revenue to offset an $11.5 billion maintenance backlog in national parks.

“There’s a consequence when you put 94 percent of our offshore off limits. There’s a consequence of not harvesting trees. There’s a consequence of not using some of our public lands for creation of wealth and jobs,” he said.

Despite Trump’s withdrawal from the global Paris climate accord, Perry said the U.S. remains committed to reducing greenhouse gas emissions that contribute to global warming. He called nuclear power a key element to fight climate change.

more