A Procrastinator’s Guide to Ransomware

by

It’s affecting our banks. It’s hurting our healthcare organizations. It’s in our pipelines! Let's break it down for those of you who keep meaning to Google the specifics, but to be honest it's all you can do to remember to look up what a "yeet" is.

RansomwareWhat Is Ransomware?

Ransom malware (ransomware) prevents users from accessing their system or files and demands ransom payment in order to regain access. In some cases, the attackers will also threaten to release or leak the data if the ransom is not paid. 

When Did This Become A Thing?

In 1989. This is an interesting story, but to be brief: floppy disks were mailed to 20,000 AIDS researchers in 90 countries under the guise of an AIDS risk survey from biologist Dr. Joseph Popp. Upon loading the disk, researchers’ computers were infected with a trojan horse virus (a type of malware that works exactly how it sounds - you think you’re downloading a fancy wooden horse, but really it’s a fancy wooden horse PLUS some malware). Poetically, the virus laid dormant until the 90th boot, when an angry red page replaced the users’ screen demanding payment of $189 (paid via snail mail) to unlock their files. Popp’s program was relatively rudimentary - it simply changed the users’ filenames and extensions. Once the encryption tables were known, the files could be restored. Popp was arrested, and while he claimed the profits from his crime were intended for AIDS research, no one believed him, and that’s still a crime. He was declared mentally unfit for trial - something about curlers in his beard and condoms on his nose. I think he sounds fun.

What Does Ransomware Look Like?

Scareware

The mildest of the bunch, scareware is named as such because it feeds on your fears. Anyone who has seen the flashing “Warning! This computer is infected!” pop-up has witnessed scareware. Usually it provides a phone number for “tech support,” where you can pay some criminals $80 to put additional malware on your computer. In this case, your data has likely been untouched, provided that you do not click anything or call anyone and give them your private data. If presented with scareware, ctrl-alt-delete yourself back to safety and run an anti-virus scan from your trusted AV.

Screen lockers

Slightly more worrisome than scareware is lock-screen ransomware. In this scenario, you might start up your computer to see a full-sized window accompanied by an FBI or US Department of Justice seal stating that criminal activity has been detected on your device and you must pay a fine. It probably doesn’t need to be said, but this is not how the FBI or the Department of Justice would contact you if they suspected you of illegal activity. While annoying, screen lockers can be bypassed without paying the attackers, provided you have a bit of technical experience.

Encrypting ransomware

Now you're in a pickle. In this type of attack, your locally stored files - and sometimes cloud backups, too - are taken hostage and encrypted. Payment, usually in the ballpark of a few hundred, but sometimes thousands (or, for larger companies, millions) of dollars is demanded in return for decryption and return. Crypto-ransomware uses the same sophisticated technology that encrypts our conversations, banking transactions, and military communication, so unscrambling isn’t possible without paying the ransom. Even worse, there’s no guarantee the criminals will hold up their end of the deal in the event you do pay. 

How do I get it?

Most of the time, it comes as an attachment or link in a carefully crafted phishing email. It can also be spread through "drive-by downloading," which can happen through no fault of your own. You may visit a legitimate site that has been compromised by malicious code. The malicious code hopes to identify software weaknesses on machines and web browsers to determine which systems are vulnerable.

How Do I Keep My Stuff Safe?

  • Most importantly, maintain offline backups. Many ransomware programs will look for connected backups, so this “offline” bit is important. This way if they take your data, you can restore from your backup. Test your backups periodically to be sure everything is working.
  • Keep your programs and operating system up to do date. Those patches are there for a reason - often that reason is security vulnerabilities.
  • Be suspicious of your emails. Even if the alias looks like it’s from someone you know, check the actual email address - is it correct?
  • Use an ad-blocker. Drive-by download attacks often use advertisements to upload infections. An ad blocker can help limit your exposure.
  • Use a reputable antivirus. Bitdefender is good (even if we hate them right now), but our favorite is Malwarebytes OneView.

Lastly, Some Good News

If you’re feeling down about all this crime, or that you didn’t get into the cybercriminal game because it’s great money and you love a hoodie, here’s some good news: In 2013, a man turned himself in to the police after being deceived by “FBI” ransomware claiming to know of illegal activity on his computer. It turned out there was in fact child pornography on the man’s computer, and the man was arrested. Silver linings! The world is an A-OK place, guys. 

If you have concerns about how to accomplish any of the above recommended actions, please reach out to your friendly specialists at Patient Computer Help, Inc. to set up a consultation.

Patient Computer Help, Inc. assists people with their Macs and PCs in the Chagrin Falls and Ohio City areas.

Apple Celebrates 4/20 with “Spring Loaded” Event

by

You may have been too high to notice, but on 4/20 Apple took to the Internet to stream its “Spring Loaded” event. Pundits had been unable to figure out a theme based on the name, and they probably felt foolish when the true meaning was revealed: the event was taking place in the spring, and it was loaded with announcements.

With Apple CEO Tim Cook stepping out of his impressively hotboxed car to bookend the presentation—and doing a cameo as a sneaky thief at 37:26 into the presentation—the company announced an M1-based 24-inch iMac, M1-based iPad Pro models, the long-rumored AirTag item tracker, and an enhanced Apple TV 4K with a redesigned Siri Remote. All these items can be ordered on Friday, April 30th, but some won’t ship until the second half of May.

More on these shortly, but briefly, Apple also unveiled the new Apple Card Family program, which allows two people to co-own an Apple Card and share it with their children, complete with spending limits. And for those still looking for a colorful iPhone 12 or iPhone 12 mini, it now comes in purple! He added a pirouette and some jazz hands with that last announcement.

M1-Based 24-inch iMac Comes in Spring Colors

Apple has continued replacing Macs at the lower end of the product line with new models featuring the company’s homegrown M1 chip. While the first Macs to get the M1—the MacBook Air, 13-inch MacBook Pro, and Mac mini—didn’t receive any design changes, Apple radically overhauled things for the new M1-based 24-inch iMac.

At 11.5 mm thick, the 24-inch iMac is thinner than the original iPhone! It comes in seven colors: green, yellow, orange, pink, purple, blue, and silver. The back of the iMac—which is often visible, such as on a receptionist’s desk—is a bold, vibrant color, whereas the front uses a muted version of the color and a light gray bezel. Just look at these bad boys!

It looks like a 24-inch iPad clipped to an aluminum stand. It’s so thin that there’s no room for a standard power jack, so it comes with an external power adapter that includes an optional Ethernet jack.

Behind the iMac’s “chin” is the guts of the computer, most notably the same M1 chip as in other M1-based Macs. Overall performance will be stellar thanks to the M1’s 8-core CPU and 8-core GPU, but you can tweak the price/performance curve slightly by choosing a 7-core GPU instead and by picking either 8 GB or 16 GB of unified memory.

The screen, which actually measures 23.5 inches diagonally, offers 4480-by-2520 resolution, making it a 4.5K Retina display, between the 4K display on the now-discontinued 21.5-inch iMac and the 5K display on the 27-inch iMac. It’s topped by a 1080p FaceTime HD camera that, with help from the M1 chip’s image signal processor—and advanced microphones and speakers—should offer excellent out-of-the-box videoconferencing quality.

Apple introduced three new color-matched versions of the Magic Keyboard as well. One adds dedicated keys for Spotlight, Dictation, Do Not Disturb, Lock, and Emoji; the second trades the Lock key for the first Touch ID sensor on a standalone keyboard; and the third includes both Touch ID and a numeric keypad. They come with color-matched models of the Magic Mouse, or you can upgrade to a color-matched Magic Trackpad instead.

Two models of the 24-inch iMac are available:

  • $1299 gets you that 7-core GPU, two Thunderbolt ports, 256 GB of storage that’s upgradable to 1 TB, optional Gigabit Ethernet, and a standard Magic Keyboard. It’s available in only blue, green, pink, and silver.
  • $1499 gets you the 8-core GPU, 256 GB of storage upgradeable to 2 TB, two Thunderbolt ports and two USB 3 ports, standard Gigabit Ethernet, and a Magic Keyboard with Touch ID. And you can pick from all seven colors.

Our take is that the new 24-inch iMac is a fabulous Mac for a family, student, or front-office worker where everyone will appreciate its striking color and design. It may not offer everything a pro wants, but the Intel-based 27-inch iMac remains available, and Apple will be releasing even more powerful Macs based on Apple silicon for professionals, likely later this year.

M1-based iPad Pro Gains Thunderbolt and Liquid Retina XDR Display

Unlike the 24-inch iMac, there are no major industrial design changes in either iPad Pro model, but Apple has made significant upgrades under the hood, most notably switching from the previous A12Z Bionic chip to the M1 chip that now powers an increasing number of Macs. The M1 chip offers roughly 50% greater performance, significantly differentiating the 11-inch iPad Pro from the highly capable fourth-generation iPad Air introduced late last year.

Apple also updated the iPad Pro’s port from USB-C to Thunderbolt/USB 4, allowing users to take advantage of higher-performance hardware, such as external storage devices and high-resolution external displays. You can even connect Apple’s Pro Display XDR at its full 6K resolution. As welcome as Thunderbolt is, iPadOS could use enhancements to enable users to take full advantage of it.

For those who need constant connectivity while out and about, the cellular models of the iPad Pro now support 5G wireless networking, including the millimeter-wave version that offers the greatest throughput. Although 5G coverage is still extremely spotty, it’s only getting better, and supporting it will help future-proof these iPad Pro models.

Both iPad Pro models also receive a new 12-megapixel Ultra Wide TrueDepth camera on the front. Along with help from the M1 chip’s machine-learning capabilities, it enables a new feature called Center Stage that recognizes you in video calls and pans and zooms to keep you in the frame as you move around! It will work with FaceTime, of course, and Apple says third-party services will also be able to support it.

Last but far from least is a new display for just the 12.9-inch iPad Pro. Based on the technology behind Apple’s $5000 Pro Display XDR, the 12.9-inch iPad Pro’s Liquid Retina Display XDR is lit by more than 10,000 miniature LEDs, combined into nearly 2600 dimming zones. (The previous model’s screen had 72 LEDs.) The result is a display that’s brighter and offers more contrast than before, making it ideal for photo or video editing. If you think screen quality is the deciding factor between the 11-inch and 12.9-inch iPad Pros, I’d encourage you to compare them in person with the same images or videos.

Pricing has changed a little for the iPad Pros. The 11-inch model continues to start at $799 with 128 GB of storage. However, the 12.9-inch model is $100 more expensive than previously, thanks to the Liquid Retina XDR display, starting at $1099 for 128 GB. Both are upgradeable to 256 GB ($100), 512 GB ($300), 1 TB ($700), or 2 TB ($1100), and note that the models with 512 GB and less come with 8 GB of unified memory, whereas the 1 TB and 2 TB models have 16 GB of memory. Adding 5G cellular now costs $200, up $50, although special deals with AT&T, T-Mobile, and Verizon may reduce or erase that cost.

Find Your Keys, Purse, or Backpack with an AirTag

The long-rumored AirTag has finally appeared, promising to help us all stop misplacing our keys, purses, cats, and vape pens. An AirTag is a small disc that you put inside or attach to something you might need help finding. Should that item go missing, you use the Find My app on your Mac, iPhone, or iPad, or in iCloud to locate the associated AirTag, just as you can use Find My to locate missing Apple devices or find family members. The Find My network leverages nearly 1 billion Apple devices to relay the location of lost items back to you, all without compromising anyone’s privacy. Plus, Apple has built in alerts if someone tries to track you with an AirTag.

AirTags are 1.26 inches in diameter and .31 inches high—roughly the size of four half-dollar coins—and run on a standard user-replaceable CR2032 battery. They communicate with nearby Apple devices via Bluetooth and Ultra Wideband, the latter of which works with an iPhone 11 or iPhone 12 to provide Precision Finding that directs you to the exact location of the AirTag. All that geocaching will finally pay off!

To make it easier to attach an AirTag to your keys or backpack, Apple offers a variety of key rings and loops, including some pricey Hermès versions. We anticipate third-party manufacturers will offer numerous alternatives.

A single AirTag costs $29, or you can buy a four-pack for $99. Apple offers free engraving, although the company limits the emoji available to prevent pictographic rudeness. What are we, children? I’m looking forward to giving an AirTag a try, so I can stop buying a new cat every time I can’t find the one I want.

Apple TV 4K Offers Enhanced Video and Redesigned Siri Remote

After four years, Apple has finally updated the hardware inside the Apple TV 4K, giving its second-generation model a faster A12 Bionic processor, HDMI 2.1, and 802.11ax Wi-Fi 6 wireless networking. The speedier processor enables playback of HDR and Dolby Vision video at 60 frames per second, and the other hardware changes could enable new capabilities in the future, like 4K video at 120 fps.

In software, Apple added a new color calibration feature that lets you use any Face ID-enabled iPhone running iOS 14.5 or later to calibrate the colors on your TV; it will also be available to the Apple TV HD and first-generation Apple TV 4K. Also new is support for Thread, a cross-platform mesh networking protocol for home automation devices, which could play a role in the future of HomeKit.

But the big news is that Apple redesigned the much-reviled Siri Remote, adding more buttons and reducing the emphasis on the touchpad surface. The new Siri Remote features a circular clickpad controller with five-way navigation, a touch-sensitive surface for swiping in the middle, and a touch-sensitive outer ring that works as a jog control for navigating within a video. It also features dedicated power and mute—at last!—buttons for your TV. Finally, there’s a new side button for invoking Siri so you don’t accidentally press it in the dark. It has a rechargeable battery that should last for months. The only thing lacking? The necessary hardware so you can use the Find My app to ferret it out from inside the couch.

Apple is bundling the new Siri Remote with the new Apple TV 4K ($179 for 32 GB or $199 for 64 GB) and the old Apple TV HD ($149), and if you already have an Apple TV HD or 4K, you can buy the new Siri Remote by itself for $59.

(Featured image by Apple)

Why Does Your Wi-Fi Suddenly Cut Out?

by

Think back to the last time you had to go without the Internet. Maybe you rolled with the punches, did some laundry, played some Scrabble with your family – good for you. The rest of us were in total chaos, churning butter by hand and spinning yarn into waistcoats (what do we use the Internet for again?). Regardless of your coping abilities, it can be a real headache to lose your connection in the middle of a movie, or during a Super Bowl party, or when you’re up against a work deadline. Many of us know that a quick power-cycling of our modem and router can often do the trick, but why does that even need to happen? Is it too much to ask for things to work perfectly all the time? A little bit of understanding can go a long way to ease frustrations, so let’s delve into what may be going on behind the scenes with your router.

Just like a desktop computer, routers have their own operating system, central processing unit, and memory, among other components. These elements help it manage data traffic to your various devices. Unfortunately, just like a desktop computer, these components can get overloaded. Similar to how your computer can freeze up when you have Word, a few instances of Excel, and 38 Chrome tabs open, pushing tons of data through your router to many devices in your household can also slow it down – sometimes to a complete stop.

Additionally, most home Internet connections use what are called dynamic IP addresses. You can think of IP addresses as street addresses, identifying a given device on a network. Internet service providers will assign a public IP address to each of their routers for only a certain period of time. Once this time expires, your Internet service provider will give the router a new one (this is the dynamic part of the term). In cases where the router is very busy, it might not properly connect to the new IP address, resulting in the router continuing to use the old one. This is sort of like attempting to receive mail that was sent to a previous address.

Yet another issue that can arise is with the private IP addresses within the home network. Private IP addresses are known only to a router and its home network. The router has a pool of these IP addresses that it doles out to the various devices on the network. This assignment process operates dynamically, as well. It uses a network protocol called DHCP (Dynamic Host Configuration Protocol). A computer might be assigned one private IP address for a period of time, removing that IP address from the available pool. Once the computer disconnects from the router, the IP address is thrown back into the pool. Should two devices ever be assigned the same private IP address, the network interface on both of them will get disabled, causing each device to lose connectivity until the conflict is resolved. Why might this happen if the router is supposed to be keeping an eye on this IP address pool? It’s possible, for instance, to unwittingly have more than one similarly configured DHCP server distributing overlapping addresses, a situation that could arise if you have multiple wireless access points or other devices with an embedded DHCP server. For this reason, it’s mandatory to allow only one DHCP server to run at a time. Too many DHCP servers spoil the broth, as they say.

Restarting your modem and router can help to reset the above listed issues and give the devices a little bit of a breather, allowing them to start again fresh with corrected IP addresses and less congestion.

If you have concerns about your Internet connection, please reach out to your friendly specialists at Patient Computer Help for Grown Ups to set up a consultation.

Patient Computer Help for Grown Ups assists people with their Macs and PCs in the Chagrin Falls and Ohio City areas.

Do You Really Have to “Properly Eject” a USB Drive?

by

It’s a situation with which you may be familiar…You’re at work and you just finished transferring a presentation from a coworker’s computer to a thumb drive. You decide to show off a little and just pull that USB right out. You know you’re supposed to eject it first, but you see yourself as a bit of a John Wayne type and you want your coworkers to know it. You strut away as the office looks on, impressed.

Technology tips

I hate to be a wet blanket, but your party trick may actually cause more harm than admiration. The warning to properly remove flash drives is there for a reason – a proper ejection prevents your data from becoming corrupted in the event that your system is busy writing something to the drive. Think of the data transfer between your computer and your external drive like moving people across a bridge. If you eject the drive mid-data transfer, it’s a bit like removing a bridge while there are still people on it.

Even if your computer shows that the data has already been transferred, it is not yet safe to remove because of something called write caching. Your computer uses write caching for removable devices as a way to improve speed. Any data you are attempting to transfer to an external drive is held in a cache in the computer’s system memory. Rather than forcing your program to focus on a data transfer at the very moment you ask it to, the computer puts the data in the cache and waits until the most opportune time to complete the task. Properly ejecting the drive commands the computer to go ahead and finish the transfer.

If you have a Windows computer, you can disable write caching (File Explorer -> right-click on your external drive -> Properties -> Policies -> select Quick Removal) with negligible performance loss, however this is not a fail-safe. There is still a small likelihood of data loss. On a Mac, you’re better off not messing with the write caching and knowing that it is automatically enabled.

How to Properly Eject a USB Drive

On a Windows device, open My Computer and find the USB device you’d like to disconnect. Right-click on it and select Eject. The computer will notify you when it is safe to pull it out.

If you’re a Mac user, locate the external device (likely either on your desktop or in the left-hand panel of Finder), left-click on it and drag it to the trash (bottom right of the screen). If done correctly, the trash icon should change to an eject icon (a triangle with a horizontal line below it). As soon as the eject icon disappears, you can remove it. Alternatively, you can hover over the device in the left-hand panel of Finder and click the little eject button that appears after the name.

Patient Computer Help for Grown Ups assists people with their Macs and PCs in the Chagrin Falls and Ohio City areas.