“HeartBleed” Hotel – The Encryption Bug that has Websites Scrambling

HeatbleedBy now, you have heard about this “Heartbleed” thing.. Most of us are not sure if it is a big thing to deal with or not, or if it even affects them. Let’s make sure we all understand this: it does.

It does because, we, as a rule, are very, very lazy when it comes to passwords. We tend to use 1 or 2 passwords for everything, INCLUDING banking information. In other words, if you get someone’s password to say, Facebook, chances are, you have the password to their Bank of America Account. (Keep in mind, most banks have 2 and 3 layers of security, but still .. )

So lets go over some basics.

First off: What is the Heartbleed Bug?

This is a flaw in the cryptography library (also known as a “bug”,) that allows an attacker to get information that would normally be unable to be read as it passes through the internet. This becomes an issue because while it generally doesn’t affect access to financial and banking sites (that we know of,) it does affect most everything else.

Second: Why does this affect me?

It affects you because it gets access to websites and systems like Facebook, Instagram, and others, allowing your attacker a better chance at getting the passwords to those banking and financial sites. (My guess is most users tend to use the SAME password for everything, but none of us do that here. RIGHT?)

Thirdly: Is there a list of sites that are affected?

I have a PARTIAL list of sites that were compromised either in reality or in theory.
Below is a table that goes through some of the sites affected..

Social Networks

Was it affected?

Is there a patch?

Do you need to change your password?

Facebook

Unclear

Yes

Yes

IFTTT

Yes

Yes

Yes

Instagram

Yes

Yes

Yes

LinkedIn

No

No

No

Pinterest

Yes

Yes

Yes

Tumblr

Yes

Yes

Yes

Twitter

No

Yes

Unclear

Other Companies

Was it affected?

Is there a patch?

Do you need to change your password?

Apple

No

No

No

Amazon

No

No

No

Google

Yes

Yes

Yes

Microsoft

No

No

No

Yahoo

Yes

Yes

Yes

Email

Was it affected?

Is there a patch?

Do you need to change your password?

AOL

No

No

No

Gmail

Yes

Yes

Yes

Hotmail / Outlook

No

No

No

Yahoo Mail

Yes

Yes

Yes

Stores and Commerce

Was it affected?

Is there a patch?

Do you need to change your password?

Amazon

No

No

No

Amazon Web Services (for website operators)

Yes

Yes

Yes

eBay

No

No

No

GoDaddy

Yes

Yes

Yes

Nordstrom

No

No

No

PayPal

No

No

No

Target

No

No

No

Walmart

No

No

No

Banks and Brokerages

Was it affected?

Is there a patch?

Do you need to change your password?

Bank of America

No

No

No

Capital One

No

No

No

Chase

No

No

No

Citigroup

No

No

No

E*Trade

No

No

No

Fidelity

No

No

No

PNC

No

No

No

Schwab

No

No

No

Scottrade

No

No

No

TD Ameritrade

No

No

No

TD Bank

No

No

No

U.S. Bank

No

No

No

Wells Fargo

No

No

No

Government and Taxes

Was it affected?

Is there a patch?

Do you need to change your password?

1040.com

No

No

No

FileYour Taxes.com

No

No

No

H&R Block

Unclear

No

Unclear

Healthcare .gov

No

No

No

Intuit (TurboTax)

Yes

Yes

Yes

IRS

Unclear

Unclear

Unclear

TaxACT

No

No

No

USAA

Yes

Yes

Yes

Other

Was it affected?

Is there a patch?

Do you need to change your password?

Box

Yes

Yes

Yes

Dropbox

Yes

Yes

Yes

Evernote

No

No

No

LastPass

Yes

Yes

No

Minecraft

Yes

Yes

Yes

Netflix

Unclear

Unclear

Unclear

OKCupid

Yes

Yes

Yes

SoundCloud

Yes

Yes

Yes

Spark Networks (JDate, Christian Mingle)

No

No

No

Wunderlist

Yes

Yes

Yes

 (this table and a more descriptive were pulled directly from here:

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/?utm_cid=mash-com-fb-main-link )

The big ones are on the top.

 

Finally: What do I need to do?

CHANGE YOUR PASSWORDS!! ALL OF THEM. Really – change them, even if you don’t have anything on the list. Learning new passwords is MUCH easier than dealing with a compromised account.

Make sure you stay on top of this. While a virus can be fixed, a hole like this, which had been out for a while, but not discovered until recently, can wreak havoc on your life.

Tales from the
“Crypt” – olocker …

If you haven’t heard about this by now, read on. There is a new, particularly nasty piece of software out there gaining speed, called “Cryptolocker.” Before we get into details, let me first explain a couple things. Cryptolocker is a type of malware. Malware is any program that doesn’t have your best interest at heart. Examples of this are viruses, adware, and this particular piece of work.

 Cryptolocker is “ransomware.” This is because after it does damage to you (in this case encrypting files you might want), it will offer the “fix”… for a price (usually anywhere from $200 – $3000 or more). Pay, and most likely, you will get your precious data (pictures, databases, spreadsheets, and so on) back. Don’t pay, and you most likely won’t see them ever again.

Cryptolocker image

This is an example of what you would see if you get hit with Cryptolocker

Cryptolocker depends on you clicking on it, in some form or fashion, to gain access to your computer. You give it access by clicking on an “attachment” in an email sent to you that loads the program on your computer. The program then installs itself and looks for files that you most want to keep. Anything your computer doesn’t need to keep running and anything that is a true program is game. Then, using a VERY sophisticated level of encryption (2048 bit public/private key), the program scrambles those files. Music, spreadsheets, pictures, movies, and so on, are game.

 You get a notification with a countdown timer telling you that you have X number of hours to make a payment using nonstandard formats of currency to pay the required ransom. (The ransomers request payment in money-paks or Bitcoin currency. This payment won’t be cheap. In fact the numbers can range into the thousands. One Bitcoin is worth, as of this writing, about $360, and ransom tends to be in the 3-5 Bitcoin range.

The irritating thing here is that you can get rid of the virus easily enough. It is a simple trojan that delivers this program, so most every virus scanner can clean it off of your computer. The problem lies in the fact that the encryption keeping you from your files is so complex, that security experts around the world have not been able to crack it. Getting to the source is very hard because the criminals doing this do not want to be seen. The servers that communicate with your computer are hosted far away from the folks doing it, and the use of nonstandard currency makes the money trail VERY hard to follow. Add to this that copycats are beginning to pop up, making the guarantee of recovery dicey, because these folks know how to encrypt, but not how to repair. You are left with two options, pay or don’t. So what do you do? It depends on what you have done..

If you have recent backups that were stored off-line, then you can fall back on those. No need to worry. If you didn’t, well then, you have a decision to make: Pay and maybe get your files back, or don’t pay and most certainly lose everything encrypted. Considering that no security firm has figured out how to beat the encryption, chances are, if you elect not to pay, you have lost those files for good. (Keep in mind, every major security and antivirus company has urged everyone NOT to pay. I feel that it is an easy decision to advise when your files aren’t at stake.)

So .. what can one do to prevent this from happening? Three things: 1) don’t be so trusting, 2) prevent files from automatically being allowed to install on your computer, and 3) and most importantly, BACKUP, BACKUP, BACKUP!!! I can’t emphasize the third one enough. You need to backup your most important files early and often, to the point that if you change a file, you back it up.

OK… lets take these in turn.

 1) Don’t be so trusting.

Understand that the easiest  way this virus gets to you is when you click on an email out of the blue telling you that your Facebook password has been changed. It can be an email from Wells Fargo telling you that foreclosure proceedings have been started on your house… and you rent. The point I am trying to make is that you will invariably get an email about something that doesn’t seem right in your gut. DON’T OPEN IT!! Keep a couple things in mind: you will never get an attachment from an organization (especially one in a compressed format like .zip or .rar) without you requesting it. It just doesn’t happen. You can verify these emails by going directly to the website in your browser and logging in. If there is something to be aware of, you will see it there. At that point delete the message, or let the company know you have the email to help them get ahead of the situation.

 2) Prevent files from installing on your computer.

If this and many other malware programs, can’t install, they can’t get a foothold on your computer. So even if you do click they won’t install. This also means that it will probably prevent you from installing programs you want to install. Hate to say it, but that means you are going to have to learn more about how your computer works! There is a program that can do this for you, that is pretty good about making it easy to turn this off or on. It was developed by a company called Foolish IT, LLC. Their little program is free to use.  (They have a pay version that is much more robust, but you can look that up on the site), and easy to manage. You can get it by going to this site from here.

 http://www.foolishit.com/vb6-projects/cryptoprevent/ . (I know what it looks like, but it is a REAL site.)

(Shameless self-promotion, Bravotechpc can guide you through this and get you up to speed to minimize your exposure.)

3) BACKUP, BACKUP, BACKUP!

This is good for so many reasons. If you invest in a program like Dropbox (www.dropbox.com) you can get your files stored online with version control, which means that if your file gets encrypted and stored, then there is going to be a version of the file that ISN’T encrypted or otherwise compromised. You can make a daily copy of your files and there is good chance of protecting yourself from the worst. Make sure your backup cannot be accessed by your computer. (If your computer can get it, then so can malware.) Once again – this is something we at Bravotechpc can help you set up.

Dropbox

Dropbox is a free service (2 Gigabytes to start) that will allow you to save versions of your files automatically.

Computer use in the modern age requires that you protect yourself. It isn’t any different from locking your doors at night or not leaving cash out in a public place. If you take steps to prevent yourself from being a target, then you will most certainly keep your exposure to this kind of heartache at a minimum.