What is Cyberterrorism?

If we want to define Cyberterrorism in one sentence, it is when someone sit behind his/her PC and use internet to conduct terrorism incidents. In other terrorism, they need to gain access certain location and place some bomb or hijack airplane, take some hostage and they should be physically there. But in case of Cyberterrorism, no physical present required. It is not simple that everyone could do it and public information as today, didn’t explain the real case of cyberterrorism , but as internet become global and by adaption of new technologies which are dependence to cyberspace, we will face cyberterrorism in future, if we don’t take right action today. Let discuss about some possible example of cyberterrorism, to show the risk of it. There are nuclear reactors which relays on connection to a device running operating system, they might not be connected to internet, but Stuxnet proof that they could get infected. Attacker could just infect a PC of a company which is collaborator to nuclear facility and if their PC get infected, then one infected USB drive could get there and stop operation there. But in worse case, a virus might blow up the nuclear reactor and kill people. Many of people are relay on GPS to navigate between cities and the GPS usually relays on internet to detect areas with terrific in real-time, so could recommend user a way with less traffic. What if someone hack this system and fake traffic data , so force the driver to go to the direction that they want and there , they perform terrorist attack. What if they hack into terrain system and modify the system so cause accident between trains. Same for aviation system, so they force airplane to crash by providing them the wrong direction. In the more advance case, they might create some virus to change breaking system in your car and let say when you are in high speed, the break doesn’t work. Or maybe they hack a drone (drone-jacking) and while you are driving in highway, jump directly into your car and cause crash. Cyber-terrorism could use cyberspace and internet to perform their crime easier from far location and sometimes, they just create a malicious code and send it over the net and just wait to see what happens. In such situation, we need to understand the risk of cyberterrorism and fight against it. Some people might say, when let stop all internet and all about IoT, so we are safe. Well, this is not a wise solution, because terrorists just use other means. For example, let say if we didn’t invent airplane or at least we didn’t put it to public access 9/11 would never occurred. But certainly 9/11 would have happened in other form or using other tools and we couldn’t blame all in airplane. In addition, airplane did a lot of great thing for us. Also consider electricity, some people are dying because of electricity. But, if electricity and cyberspace wasn’t there, I was unable to share the risk of cyberterrorism and ask you to prepare to defend against it.

How could we defend against cyberterrorism? Well, we need to understand and analysis it and create resources to defend against it (this is something that all governments must do today), we shouldn’t wait for another terrorist attack, so we could wake up and say , hey lets defend it, we should prepare before such attack occur. In other side, we need to create our tools (software, hardware, network, etc.) in a way that it is ready to defend and mitigate such attack. To get ready to combat against cyberterrorism, we need knowledge of criminology and IT and we need special taskforces to prepare and train people so make sure our devices are protected against known and unknown cyberterrorism attack. I request researchers, government, IT professionals and other stakeholders, get ready with all forces before it is too late. Looking forward to safer internet.

Why Shouldn’t We Trust Linux on Security?

There are people who think Unix-like operating systems like Linux is safer and more secure compare to Linux. They claim because Linux is open source we could see the source code of it and because it is community driven, then everyone would see and find error and bugs especially security bugs and fix them. Here you will see all these arguments are wrong and Linux is just like scarecrow, where normal people see it like scary and secure from far but security experts will get near and touch it and then it fell down and they will see there is actually nothing there. Firstly, being open source pose more risks, because we don’t have any control about who has access to the source code. Opposite to close-source operating system where people has full control over who has access and why they want to access the source code , in addition, media and external security experts more interested in finding security issues in closed-source operating systems , because they could find story and tarnish reputation of the company, while in open source like Linux, even if hackers take over everything they just write a simple story and no one taking blame and they just say it is community and open to everyone. Support in Linux is also nightmare, the only company who actually doing some support about Linux security is RedHat and in most of the time you should go over forums for hours and hours to figure out which script would solve your issue. It is dangerous especially when your systems are under attacks and immediately you need to close ports, enhance firewall security level, perform some malware scan and while in Windows you could do it with few clicks and very fast, in Linux, you need spend hours to figure out what script you have to write and while you are looking for solution hacker did what they supposed to do. In addition, company like Microsoft, they have full time engineers and team to develop code and fix issues, they are getting paid and they went through security screening and they full time job is to protect Windows and consumers. While in Linux, they never get paid and they just get some money through donation, so they don’t have any duty to fix problems and if they do, they do it for favor and there are many times, when we came across security vulnerabilities and they just say, fix it yourself and share with us. In addition, several attack scenarios which has been fixed in Windows, already exist in Linux. Because it is free, they don’t care much about getting their codes sign and you will face with an OS with several unsigned and unverified codes which bad guys could just replace then whenever they want. There are many cases where an attacker fool users to get a script to fix some issues and inside it hides some malicious activities which result on hacking the server. We could secure Linux, if we pay a lot and develop several applications or enhance already existing security products for Linux, but still it won’t become as secure as Windows. Therefore, if you are wise administrator, instead of putting scarecrow to scare some hackers away, think about a platform which is fundamentally strong like Windows and invest on enhance security on it. You just need to do threat modeling and look into scenario of attacks and then you will know why we need Windows instead of Linux, so do not trust Linux.

How to Bypass AI-Based Security Systems

It is not very difficult to bypass security systems which are based on Machine Learning and AI. Here attack-based scenario of how it could be done will be explained. Due to security reason and since the objective of this blog is only to show you risk and not teach hacking, we won’t explain everything in details but we just show you blueprint of attack to understand the risk. Firstly, let see how AI and Machine Learning based system are working. Basically, you need to send them very big amount of data and classify which one is safe and which one is harmful. Then keep doing this so the system get smarter (what they say) and it could figure out how classify the future and possible unknown data based on previous decisions and it is automated. This is simple to say but in background it required huge amount of data and required complex mathematical equation and large database to store and large processors to analyze them. Let say, we have a large sample of network package send to our Instruction Prevention System (IPS) and in this sample we classify these behaviors are harmful so it will block them and others which are safe and should be pass, then we send other samples and based on previous decisions, it will classify them. So the system will say I see this file in the past, so from its behavior, it seems to be harmful so block it and others consider safe and pass it. In this way, some safe packages incorrectly being blocked and we call them false positive and some harmful package will pass through it and we call them false negative. All experts in AI and Machine Learning just say these are false positive and they might either try define exception or get some bigger data or improve their algorithm to improve classification but still they are agreed, they are unable to stop false (positive or negative) and to improve their algorithm , they need to spend a lot of resources. But just imagine one and only one of package which is malicious manage to bypass the IPS and then this package could damage a system in a way to open backdoor for other malwares and take complete control of the system. Same issue will happen for Anti-Malware products which they incorrectly allow a harmful program to run and take a complete control of the system. Improving algorithm to stop such issue is so hard and time consuming and required heavy resources. But bypassing such systems is very easy, you just need to send some files (e.g. malware or malicious package) and based on block or not block figure out the algorithm and then design you malware or malicious package in a way so it classify it as a safe. You may also turn the security protection (IPS or Anti-Malware) into your friend, for example just send some safe package so it won’t be blocked by IPS and try change it a bit and send it so the system will learn about the package and then while you are sending this, add your malicious command inside it slowly, you may also send it encrypted so IPS won’t notice anything, just send some encrypt file along with safe package so IPS identify it as safe and bypass it and then once you did for a while and IPS detect it as safe , then send your malicious one. You may do the same for Anti-Malware software, send some safe file and once user get it just send some files and update it and when Anti-Virus trust it, then send malicious update in a way which Anti-Malware learned to classify as safe. Similar scenario is applicable in all other security products, you don’t need to be a great mathematician or have much knowledge or resource to bypass Machine Learning or Artificial Intelligence based security system but to build such system or change your existing algorithm you need to do a lot. This is why we keep calling security experts around the world to move from AI and ML to new ways which we could easily deal with cybercriminals. We don’t need AI or ML, we just need to see how to build weapon using our technology and analysis cyber-attacks and build strong counter-measure.


Windows Mobile is the Most Secure Mobile Operating System in the World

If you are having a Smart Phone, your phone is running on specific operating system. If you are using iPhone, the operating system is iOS and if you are using other phones, you might be using Android. There is another type of operating system which unfortunately not many people are using it which is Windows Mobile. You may see different Phone Manufacturers who are producing Windows Mobile especially Lumia Phone series which manufactured by Microsoft Mobile and in past it was Nokia. Technically speaking there are advantage and disadvantage of using phone running Windows Mobile, for example you have feature known as Continuum which if your Mobile Hardware support it, you could just take your phone instead of your laptop and connect it to a mouse, keyboard and monitor and use it in place of your laptop or tablet. But here security in Windows Mobile will be discussed.

In term of security, we could say Windows Mobile could consider as the most secure operating system for Mobile Device in the planet. You have good encryption technique in place, you couldn’t just root it and install and copy whatever you want. All application should be signed and usually download from Windows Store. So you couldn’t just take a phone and insert it into your PC to install malware. In addition, security in Windows Store is so high, unlike Apple’s iTunes and Android’s Google Play, which several malwares and unapproved apps have been published. In Windows Store, there wasn’t much case of malware (almost 0) and it is because of its through verification and checking of applications there. In addition, in Microsoft, there is Windows team which is responsible of developing Windows 10 and Windows 10 Mobile and they are one strong team who deal with global cyber-threats and they have better control over handling vulnerabilities.

In general Windows Mobile is secure because of its design and also process to verify applications and deploy updates. In addition, it provides a great tools like Visual Studio to develop apps for Windows Mobile and if you are software developer, you may easily adapt security mythologies like Security Development Lifecycle and make sure your code would be secure out of the box and it will be verified by experts. So if you are care about security for your phone, consider using a device running Microsoft Mobile. If you are developer, you could consider developing App for Microsoft Mobile and good news is you may develop universal App which work on Windows 10 and Windows 10 Mobile and your App would be secure out of the box. In other world, if you App is not secure, it won’t get into Store and this is how trust being built between consumer and developer by making sure they could get apps with peace of mind from Windows Store.


Privacy in Windows 10

Some people complain about privacy in Windows 10 and some even claim Microsoft steal data and abuse them. What is really interesting, those who claiming just talk based on assumptions and their feeling rather than tangible evidence or proof and they never read the Microsoft Privacy Statement even once. Microsoft has a dedicated site contains detail description of privacy statements which is Microsoft Privacy Statement. It contains information related to all Microsoft products. However, if are looking for privacy statement specifically for Windows 10, take a look at Windows 10 Privacy.

This how it works, you have control over your privacy, you could set whether share information with Microsoft or not. Sharing information is not a bad thing, for example, when your location is being share, it is automatic service which could suggest services around your location. So when you travel to another country, it won’t display restaurant in your home country. But you could disable this if you want. You may also choose to use Microsoft Account for login or use Local Account. So if you are using Microsoft Account, you have ability to share your setting across devices. In this case, you are sharing settings but you are getting services for that. However, you have option to set Windows to share nothing or share some of your data and everything which is being share will be store and process automatically.

However, in sensitive cases like military, government agency, they might consider share nothing but get receive some services. For example, instead of using Microsoft Account to share setting, they could login to their local Domain Account and do the same thing but their data being store and process locally in their data center. Instead of using OneDrive to share their data in Microsoft data center, they may share their data locally in their own data center and manage by OneDrive for Business.

Therefore, in area of privacy in Windows 10, you have transparency to see what information are being share, why they are being shared and benefit of sharing data. You also have control, so you may choose not to use specific service and don’t share your data. Or you may go for private cloud scenario where a trusted administrator would have power over control and manage your data.



Upgrade to Windows 10 is Act for Enhancing International Cyber-Security

Free upgrade to Windows 10 and Windows 7 or Windows 8.1 is still on the way and it will be ended soon. Many people really loved the offer and enjoy upgrade and using Windows 10, while some people didn’t have a very positive experience or they upgrade to Windows 10 and revert back to Windows 7 or Windows 8.1. It is important to review why upgrading to Windows 10 is important. It is not only issue with better operating system but it is matter of security. Experience with fighting against cybercriminals, malwares, hackers and others in all over the world is the general idea behind the Windows 10 security. You are talking about operating system designers who have been fighting against cybercrime for many years in all sectors from home user to industry, government and so on. The experience show taught them how to build the next version of Windows stronger and it was the trend for each version of Windows to become stronger than previous version. Currently, Windows 10 is the strongest Windows against cyber threats. In general, I could say Windows 10 is the most secure Operating System in the planet. In addition, the new model of Windows which is Windows as a Service, enhance this security model meaning, you are receiving new builds and new security improvements will integrate into each build.

Therefore, upgrading to Windows 10 is wise decision in many areas including security. You need to have powerful weapon to fight against powerful enemies and modern hackers and Windows 10 will give you such weapons. When you upgrade to Windows 10, you have all you need to defend against hackers and of course depending on your security requirements you could enhance these features or add new protection or install new programs which enhance your security too. When we look into upgrading to Windows 10 across a country, it means users in the country would have a better protection against cyber-threats so we will see less zombies, malware infection, successful hackers there. This means better national security, because the citizen in the country are protected by default and when citizens are protected, then hackers would have difficult time to setup station there. When we look into Windows 10 upgrade in international point of view, it has high impact on international cyber security. It is very difficult to control every single user in the world to make sure they are protected against cyber threats and their PC is not target for Zombies, botnets, hackers and other cybercrime activities. However, when the have the latest protection in their system through Windows 10, they are protected against most threats out of the box. For this reason, I am asking everyone to encourage your friend to upgrade to Windows 10 and if you haven’t upgrade yet, please do so. It might seem like just another upgrade or another Windows but in reality it is positive act for better international cyber security.


How to Deal with Ransomwares?

Ransomwares are malicious software which taking your system or files as hostage and ask you to pay so it releases those files. There is a timer associate with most ransomwares and you should pay within the period of time otherwise more file will be encrypted or you have to pay more. You should take a note that paying them won’t guarantee you will get back your files. The best way to deal with these malicious programs is to have preventive measurements. Firstly, you should regularly backup your data in external storage. To learn more about getting backup, you may take a look at backup in Windows 10 , Windows 8 Windows 7 or Windows Vista. You may also backup your data to cloud-based storage like OneDrive. In this case, if you ever lost your data, you could use backup to retrieve them. Secondly, make sure your Anti-Malware software is working and it is update. What I mean by working is make sure it is not expired and real-time protection is on. If you have Windows 10 or Windows 8, then you have Windows Defender which is full Anti-Malware protection there and for Windows Vista or Windows 7, you may use Microsoft Security Essentials which is free. Anti-Malware software are able to detect and remove ransomwares. If you received any suspicious emails or you receive email with suspicious attachment, then mark it as junk or spam and NEVER open it. If you visit a website which is suspicious, in Internet Explorer or Microsoft Edge, click on Safety or Send feedback in Internet options or Settings and Report unsafe website and report it and close the browser immediately.

However, if for whatever reason, you have been infected with ransomware, then you should NEVER pay the ransom. You should note they are depend on network and resources of your PC. No matter how strong they are when you shutdown your PC and disconnect from internet, they are unable to do anything. So when you spot such ransomware or you suspicious about your file are being encrypted, then shutdown your PC and unplug cable.

Now, ransom is unable to do anything until you turn on your PC and boot Windows. In this case, you may use Windows Defender Offline, take a look at Scanner in your pocket. Take note you should create this scanner in another PC which is NOT infected with ransomware. Then boot with this scanner in your infected PC and perform a full system scan and take a note of malwares which are being detected. Once it detected and manage to remove then, try boot into your PC and do NOT connect to internet and check your files and make sure they are safe and check what security measurement you should take for example you might need to install Anti-Malware software and then connect to internet and you are good to go.