Cyber crime is Costing Businesses Big Time – and a New DIY Approach Could Make Things Worse

cybercrime.jpg

In “Economic Impact of Cybercrime – No Slowing Down”, A report published in February 2018 by McAfee and the Center for Strategic and International Studies, it informs that cybercrime is costing businesses across the globe as much as $600 billion. 

"The digital world has transformed almost every aspect of our lives, including risk and crime, so that crime is more efficient, less risky, more profitable and has never been easier to execute," says Steve Grobman, Chief Technology Officer for computer security at McAfee.

Although data in a previous report suggested that Ransomware may be on a downward trend, this new report suggests that Ransomware is still the fastest-growing tool for digital crime.  With over 6,000 illegal marketplaces selling Ransomware online, the security risk may only become more popular as contractors can now outsource their Ransomware attacks to willing criminals.

The study also suggests that the service of cyber criminals contracting hackers or programs has become more refined as clients can choose anything from custom malware attacks to botnet rentals.  And with the popularity of cryptocurrency rising, it is a lot easier for criminals to make money.

So how can we fight this trend of DIY Ransomware?  The report suggests that creating standard practices to learn and fight against the problems would allow businesses, schools, hospitals and any of those who are affected by these brutal cyber crimes to better protect themselves

You can read the report here.

Story via CNet.com

Is the Threat of Ransomware Diminishing?

Ransomware.jpg

2017 was a pretty big year for Ransomware. Attacks like Petya and WannaCry made pretty big headlines as they attacked hospitals, banks, schools and many more different types of organizations.  However, according to a report from Malwarebytes, the rate of Ransomware infections dropped dramatically in the second half of 2017. 

After July, hackers seems to launch Ransomware attacks less frequently, meaning institutions like banks and hospitals received a pardon from potentially devastating consequences. 

So it seems, hackers abandoned Ransomware attacks in the second half of 2017 – but why?  According to Malwarebytes, it was simply because users were backing up their files.

Chris Boyd, a malware analyst at Malwarebytes theorizes that because the Ransomware attacks were heavily publicized, users were educated of the ways to avoid falling victim to a Ransomware attack.

Boyd told ZDNet, a CNET sister site, "This alone, even without additional security precautions, effectively deadens the otherwise considerable sting of the threat".

It’ll be interesting to see how the threat of Ransomware extends into 2018.  As long as everyone stays smart about protecting their data, 2018 can be a successful year in defending against the threat of Ransomware.

Story via CNET.com

Makerspaces are the Future of School Libraries

makerspace.jpg

When you envision a school library, you think stacks of books and old wooden tables. Traditional school libraries were underutilized and were losing popularity as a hub for a school’s students or teachers.

Today, you’ll hear a different story. Students are now excited to visit libraries, doing so during their lunch or even before or after school.  Teachers are excited to bring their classes to the school library to work on class projects and in general, circulation in libraries is on the rise.

So what happened? School libraries transformed into makerspaces.

In Laura Fleming’s first year as school librarian, she transformed her school’s library from a traditional library space, into a modern, fun makerspace.  She removed some old bookshelves, and created better seating arrangements.  Laura also allowed students to eat and drink in the library so that students could take advantage of the area during their lunch period. Over time, Laura made more improvements. High-top workspaces were added and an old table was transformed into a LEGO plate that allowed students time to use their creative juices to make something fun.  “Makerspaces are about creating a maker culture,” Fleming said. “It’s a mindset. It’s a toolbox at your disposal for reaching kids. That can be done in any space and on any budget.”  The school library is now a great space where students have the room and resources to complete their class projects and work on assignments creatively.

Interestingly, Fleming noticed that her more frequent guests to the new makerspace are the students who are the most uninterested in traditional curriculum techniques. Now instead of a quiet, restricted area – this new idea of a makerspace engages these students and gives them an outlet to be creative and learn.

With the rising popularity of makerspaces, schools around the country are realizing the school library can be at the heart of a broader digital transformation.

“It connects librarians to the strategic work of schools,” says Mark Ray, Director of Innovation and Library Services in the Vancouver Public School District in Washington. “It’s an opportunity for superintendents and IT leaders and librarians to be talking about the same thing and not working against each other.”

Ray is also a Future Ready Librarians lead with the Alliance for Excellent Education. The Alliance’s framework lays out 10 characteristics of Future Ready Librarians:

  • Design collaborative spaces
  • Build instructional partnerships
  • Empower students as creators
  • Curate digital resources and tools
  • Facilitate professional learning
  • Ensure equitable digital access
  • Invest strategically in digital resources
  • Cultivate community partnerships
  • Advocate for student privacy
  • Lead beyond the library

The focus of these 10 characteristics vary based on the needs of the students, as the main focus is to empower students as creators and it’s an area of education that is grabbing the attention of school librarians across the country.

(Story via Education Dive)

Digital Citizenship Classes are Rising in Popularity

DigCiv.jpg

Ask a student to Google themselves.  It’s a simple task that may not seem like a big deal.  But the truth is that it can be.  It gets kids to realize what a simple Google search can reveal about you. It can get students to understand that they have to be as responsible online as they should be in real life. 

Rachel Murat, a New York High School teacher did exactly that. Asking her students to Google themselves is an opportunity to teach her students about Digital Citizenship and how important it is to behave correctly online.

Rachel explains that Digital Citizenship is about “using the reach of technology, especially social media, to improve the lives of others”.  Murat continues… “I harp on them about not making a permanent post about a temporary emotion.”

As concerns with issues such as Cyber bullying are arguably at an all-time high, Digital Citizenship is an increasingly sought after subject in American schools.  Research shows that kids struggle with values, ethics and decision-making online.  To help kids understand the importance of being responsible online,  Digital Citizenship course-loads involve lessons in online reputation, cyber bullying, privacy and safety.

Even as early as just five years ago, curricula centered on digital citizenship were few and far between.  Now, there are many different sources to help educators institute digital citizenship into their plans.  In Murat’s case, she adopted curriculum from online learning-management system “Schoology” – but there are others available from providers such as Common Sense Media or Social Assurity too.

The demand for a curriculum centered on digital citizenship has increased dramatically. For example, Schoology launched in 2009, and in less than a decade they have grown to 20 million users in over 60,000 schools across the country.

Parents are beginning to see the benefits that Digital Citizenship classes have on their children, too. One parent of a student who completed Murat’s class said that their child “has become much more conscious of the need to keep her [online] activity respectful.”

In today’s tech and online-driven world, ignoring digital citizenship would be doing a disservice to children who should have this as a fundamental element of their K-12 experience.

Story via Ozy.com

STEAM Will Rise in 2018

Steam.jpg

STEAM is the educational initiative to include the Arts into the K-12 STEM (Science, Technology, Engineering and Mathematics) framework, and in 2018 could present a huge rise in the amount of institutions who invite the arts into their curriculum.

Ricky Ye, the CEO of DFRobot states “Whether students have an affinity for the arts or not, incorporating elements of creativity into STEM education has indeniable benefits, including making STEM more approachable and understandable”.

Schools are already more accepting of a STEAM-related curriculum, and by combining traditional art courses and concepts with the growth of areas like 3D Printing, it only gives students an opportunity to invite fun and creativity into their workload.  By including art into your curriculum, you’re inviting students to use a different set of skills to come up with imaginative solutions and creative problem solving.

In today’s ever-evolving and always changing world, using out-of-the-box creativity to problem-solve and learn can be a huge advantage for students hoping to make unique and impactful splash into the workforce.

(Story via eSchoolNews)

 

5 Ways for Schools To Safeguard Against Ransomware

Ransonware.jpg

Between 2016 and 2017, 60% of schools that were affected by Ransomware paid a ransom to retrieve their data from hackers.  Here are 5 ways you can help safeguard your school from Ransomware threats:

1.) Make a Plan and Spread Awareness

School districts should develop (and maintain) a plan to protect their data. Once a plan is in place, it is crucial to make sure that Faculty, Staff and the students all understand the plan and effectively implement it.

2.) Train Digital Citizenship

Train your Faculty, Staff and Students digital citizenship best practices. For example, teach them how to spot and report phishing threats, how to spot dangerous emails, and how to detect suspicious links or attachments.

3.) Have a Security Audit Completed

After an audit is completed to ensure any vulnerabilities are removed, ensure those who are conducting the security audit are using methods that will prevent attacks from hitting your network. 

4.) Maintain your Network

Keep your network clean by keeping up-to-date on patches and updates to software and operating systems. Create and review audit logs for any events that seem suspicious.

5.) Develop a Backup Schedule

Backup, Backup, Backup.  Use a cloud-based backup to ensure your data is safe, and develop a schedule to ensure you’re backing up your data on a regular basis.

(Story via EdTech Magazine)

Beware of Doxware – A Ransomware Threat for 2018

Doxware.jpg

2017 saw the rise of some pretty significant Ransomware attacks.  You might remember “WannaCry”, which infected over 300,000 computers by locking the files on infected devices and promising their release through bitcoin payment.  Or maybe you’ll recall “Adylkuzz”, the ransomware virus that “created” Monero coins (or bitcoin cryptocurrency) using the infected machines.  And we can’t forget about “Petya”, that was similar to WannaCry in that it encrypted files on the infected PC.

With a new year comes new security threats.  “Doxware” is a ransomware threat that security experts fear could skyrocket in 2018.  Doxware is a type of virus that works in the opposite way of how we know Ransomware to work.  Rather than locking away the files on an infected device, Doxware scares users by threatening to publish files for all the world to see.  And you guessed it! The only way to stop the spread of the files is through payment.  Although the Doxware threat isn’t new, it’s one that arguably isn’t as prominent as the ransomware we’ve come to know today. At least not yet.

"People have become desensitized to common ransomware, where it just encrypts your files," says Marcin Kleczynski, a Chief Executive of Information Security firm Malwarebytes.  The new threat of Doxware ups the ante, and will once again put people on their toes.

After the increased popularity of Ransomware in 2017, people have begun to learn their lesson and backing up one’s files has become a little more commonplace. With Doxware, the safety of knowing your files are backed up is no longer enough.

To ensure you won’t fall victim to a Doxware attack or for that matter any type of ransomware attack, just remember to follow common and basic online safety habits:

  • Don’t click on suspicious links or attachments
  • Use strong passwords
  • Keep files backed up consistently
  • Use HTTPS plug-ins to ensure you’re browsing secure websites
  • Keep your PC updated with the latest security patches and anti-virus software

2018 is young, and the threats are real. Be proactive in your efforts to keep your information safe so you don’t fall victim to a new security threat this year.

(Story via Sci-Tech Today)

“Meltdown” and “Spectre” Vulnerabilities Affect Nearly All Modern Computing Devices

Meltdown_Spectre.jpg

Details are now available on two new security vulnerabilities that affect nearly all modern computing devices.

“Meltdown” and “Spectre” are the two vulnerabilities, and they affect Intel, AMD and ARM Holdings processors.   Nearly all devices that are powered by those processors, including laptops, smartphones, desktop PCs and servers can be affected. These bugs could allow for the access and/or theft of sensitive data from any affected device. In order to retrieve this data, hackers must run software on the devices being targeted.

The main problem with Meltdown and Spectre is that if a hacker can manage to access the PC and run code, they can gain access to any of the information on the affected device.

Patches are being put in place to protect against these vulnerabilities, although a patch for Spectre will be much more difficult due to the fact that it requires a redesign of the processor.  The U.S. Computer Emergency Readiness Team has issued a statement asking users to contact their software vendors  about ways to patch these vulnerabilities.


What are the Differences between “Meltdown” and “Spectre”?

Meltdown
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.

If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure.

Source: https://meltdownattack.com/

Spectre
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre

Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.


For More information on these two vulnerabilities, and ways you can patch them, visit: https://meltdownattack.com/

(Story via EdTech Magazine)