Ransomware Data Threats Increases in 2015

In the earlier article, “The Quiet Threat to Industry and America” we learned just how severe Intellectual Property (IP) loss is worldwide and within the US. We know how devastating it is to our economy as well as how quickly it can undermine businesses and industry. No one can replace your hard earned sweat equity, research, proprietary and intellectual property. A corporation can be wiped out with effective hacks and data theft. Smart businesses and industry are changing from a reactionary model to proactive measures to ensure their future.

A new problem is growing all over the world – it is called Ransomware. The implications are quite startling. Basically, your computers and servers are infected with a sophisticated malware that encrypts the entire contents of your hard drives – all your data is locked. You or your business is denied use of your data until a ransom is paid – typically in Bitcoin internet currency. Ransom demands range from hundreds to tens of thousands. The ransom is bad enough but the real damages occur from disruption or paralysis of business.

The statistics for ransomware varies; however, it is all bad news showing dramatic increases in 2015 in hundreds of percent. AVAST security software, as an example, detected that over six weeks that their users encountered ransomware infected sites 18 million times. Rather than provide a multitude of statistics and references just search the term “Ransomware Statistics” and see for yourself.

These crimes fall under the jurisdiction of the FBI. They warned about ransomware early last year. If you are hacked, cyberattacked or experienced computer or hard drive theft the FBI is there to investigate. The ransomware class includes Cryptolocker, Cryptowall, Teslacrypt, CTB-Locker, Torrentlocker and Reveton with new similar versions being reported every day.

Ransomware can even reprogram the firmware in your hard drives (SSDs and HDDs). Once the drive is reprogrammed, the firmware can reload associated malware each time infected systems boot and the malware persists even if the drives are reformatted or the operating system is reinstalled. Once infected, security software can't detect the associated malware which is stored in a hidden area of the drive. This version makes ransomware almost impossible to detect and cure. 

Changing Times

In the past federal agencies including the FBI have long urged people not to pay ransom to the criminals, as there is no guarantee that they will even receive an unlock key. The situation has now changed with the higher strength of ransomware. Just how strong are these tools? The FBI attended the 2015 Cyber Security Summit in Boston last October. Assistant Special Agent Joseph Bonavolonta, who oversees the FBI's Boston office, advised the companies infected with ransomware to better pay up the ransom!
 
"The ransomware is that good," said Bonavolonta. "To be honest, we often advise people just to pay the ransom."

Many IT and corporate professionals took offense or were startled by the remarks. However, examine the bigger picture. Paying is no guarantee but criminals have been showing some honesty in unlocking data after the ransom is paid. They know if they don’t give you the unlock key that word gets around and corporations will stop paying and their ploy will no longer make them money.

The FBI issued a notice in June, which identified CryptoWall as the most common form of ransomware affecting individuals and businesses in the US. The Bureau said it had received 992 complaints related to CryptoWall between April 2014 and June 2015 with losses totaling $18 million.

Even police departments are not immune – Massachusetts' Swansea Police Department was hit several years ago and paid the ransom to become functional. In Maine, the Lincoln County sheriff's office also paid the ransom. Once more, the encrypted files were critical, but since backups or other means of recovery were not available - payment was the only option. The same situation happened at the Tewksbury Police Department in Massachusetts.

Bonavolonta also cautioned that the Bureau may not be able to pry encrypted data from the clutches of the ransomware authors, who use ultra-secure encryption algorithms to lock up ransomed data.

“The easiest thing may be to just pay the ransom”, Bonavolonta, who said that efforts by the Bureau and others to defeat the encryption used by the malware did not bear fruit. “The amount of money made by these criminals is enormous and that’s because the overwhelming majority of institutions just pay the ransom.”

The success of the ransomware ends up benefiting victims: because so many people pay, the malware authors are less inclined to wring excess profit out of any single victim, keeping ransoms low. And most ransomware scammers are good to their word, Bonavolonta said. “You do get your access back.”

The FBI still wants to hear about ransomware infections, even from firms that pay the criminals off. “Do we want you to call the FBI? Yes,” said Bonavolonta. The FBI has been collecting information on ransomware scams and wants to be able to keep abreast of how the scams are evolving.

What can you do to prevent ransomware from affecting you or your corporation?

There are many ways to prevent ransomware and data loss but it takes a proactive attitude and measures to prevent these infections. On the hardware side invest in good modern computers that feature “hotswap” data hard drives. Hotswapping allows the user to start and shut down a hard drive without turning off the computer. This allows the user to keep data isolated and invisible to the internet, hackers and viruses or malware.

Vault Computer is one company that builds in this feature. Vault Computers can be equipped with cloned drives that can replace an infected drives in just minutes; without high IT expense or downtime that loses work productivity. Offline data storage within the same computer can restore backed up data in minutes utilizing fast transfer speeds. The ability to hotswap and keep data isolated from problems or unwelcome exposure is the same method US Government security agencies use. Bad guys cannot infect or steal what they cannot see.

Vault Computer also uses hardware encryption to protect your data from theft and access by unauthorized personnel. The first and most obvious difference with an Vault Encrypted Computer is that there is no “foot in the door” with the new hardware encryption. The computer will not boot up without the proper key inserted. This means no user hack tools are possible - there is no back door. You can now control who uses the computer and who sees the data on it.

Moreover, if the computer is stolen or the encrypted hard drive is removed it will not reveal any data. No forensic techniques can be applied and your data is secure from unwanted investigation. The data is invisible, irretrievable, unbreakable and secure from unauthorized access – period.

Prevention and Smart Computer Use is Key to Avoid Ransomware

Other measures an individual or corporations may take to prevent ransomware or computer infections are worthwhile. Here are some examples:

•    Always use Antivirus software and a firewall. Keep the antivirus updated.
•    Install a Malware remover. Malwarebytes is popular.
•    Use a popup blocker.
•    Maintain frequent Backups. Keep Backups offline and invisible to the Internet.
•    Be careful with emails and attachments. Call and verify attachments that are strange or unexpected.
•    Corporate education programs – awareness training. Statistics indicate education training is very worthwhile.
•    Enable automatic OS updates, or download OS updates regularly, to keep
operating systems patched against known vulnerabilities.
•    Install patches from other software manufacturers as soon as they are
distributed.
•    Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).
•    Have strong passwords, and don’t use the same passwords for everything.
•    Encrypt important data and hard drives.

Don’t wait until you lose data because it may be simply too late. Data theft and data ransom are on the rise. Don’t let these cripple your business. Good practices with proactive thinking and defenses are the key to protecting your valuable data and Intellectual Property.

The Quiet Threat to Industry and America

America’s New National Security Issue

A serious epidemic of data loss is encroaching upon industry and business in the United States.

How serious is it?

The FBI states: “Business models have been compromised and critical innovation pipelines have been hijacked. Our economy and national security are under relentless attack. Economic security is America’s “new” national security issue.”  https://summit.fbi.gov/about.html

The FBI held a special invitation only summit across the US at FBI offices and invited experts and companies offering solutions. In early July I was invited to attend the FBI National Intellectual Property Protection Summit on 15 September. I attended the summit with FBI agents at a secure aerospace contractor facility.

This article serves as part of my responsibility to help educate industry and the business community as outlined by the summit. Before the summit began I obtained a Criminal Justice Information System (CJIS) certificate to be able to view and work with sensitive classified data. Attendees were warned not to record the event and that some identifying information was considered restricted. The FBI Director, James Comey, greeted us and the summit ran for 3 hours with experts from across the US discussing IP loss and what business and industry can do to stop it. Speaker Bios can be found here.

Why did the FBI get involved and hold the summit? Business in the USA as a whole is not very healthy. According to the FBI we have been in cyber war since 2005 with attacking countries increasing transgressions on an exponential basis. Due to the increasing rate of data theft, the US cannot sustain a healthy economy for very long without our economic security being undermined. How much Intellectual Property is being lost?

According to the FBI, https://summit.fbi.gov , in 2014:

•    $600 Billion is the impact of intellectual property breaches on the global economy.
•    $300 Billion of intellectual property breaches occur in the US alone!
•    $6 Trillion is the calculated worth of intellectual property in the United States.
•    40 Million is the number of American jobs vulnerable to intellectual property theft.

$300 Billion was lost within the US in 2014 according to the summit dialog and 2015 is outpacing last year. The numbers are realistically on the low side for several reasons. Data loss is underreported by companies both public and private because:

1.    The news hits the bottom line quickly.
2.    Losing data undermines confidence.
3.    It is embarrassing.
4.    It is a new problem - Industry is unprepared and is reactive instead of proactive.

Let’s bring this home a little. Most of our readers are in the engineering, petrochemical business and related services. Attendees viewed a map of the US indicating major losses in millions of dollars to industry represented by a red dot for each loss. The entire eastern seaboard from the Mid-Atlantic States upward to Cape Cod was solid red.  Naturally, I looked at my home in Florida and saw significant losses. Then I shifted my attention to my second home state of Texas having lived there three times. My eyes centered on Beaumont, Texas with 5 huge losses in 2014 totaling over $1.2 billion. The names of the corporations are restricted but everyone would recognize them. Houston, Texas was solid red like the northeastern US. I didn’t have time to total those even larger losses there for last year.

Recently the DoD defense contractor Leidos was awarded a $4.3 billion contract for data cyber security. This award size is unprecedented for data security and serves as an indicator of magnitude of data loss in the US. That contract is announced here.

How are losses calculated? Of those companies that report data loss the FBI sends in a team on a confidential basis to ascertain all aspects of the breach. They also work with accounting personnel to make estimates and projections to what the data theft costs the company.

Who is stealing data? You have a good idea if you watch the news regularly because you can’t miss the almost daily data loss reports. The primary offenders are China, Russia Military, Russia Industrial Espionage (organized crime), and North Korea. However, attacks are coming from a myriad of countries in Eastern Europe, the Middle East and Africa – so it seems everyone is getting into cybercrime, because it is a shortcut to profit.

Why are these countries and other criminals stealing IP data? This is a big question and I won’t pretend to know the entire answer. However, the motives of many attacks are clear; to hurt us economically and as a possible prelude to future aggression. This is one reason why the US government is requiring more data handling security from contractors performing their work. In the future, if you intend to do government work you will have to prove the working data is secured.

Setting this issue aside let’s look at another obvious reason for data theft. Thieves want to learn what you and your company knows. They want to bypass what it costs your corporation in time and money to obtain your intellectual property and operating knowledge. Stealing data, IP and the secrets of operating a business simply helps criminals start a business without the same costs.

FBI summary: “The tactics employed by bad actors are continually evolving, but their basic approach remains somewhat static: steal valuable intellectual property (IP), skip the costly R&D stage, systematically degrade their competitor’s business model, and then diminish their market share and the value of their research with predatory and/or destructive practices. The global marketplace features several nations relying on economic espionage as an integral part of their country’s business model.” - https://summit.fbi.gov/about.html

China, for example, is notorious at stealing company information. With the knowledge of how to start and run a business a cheaper labor source can undercut the heretofore competitive prices and thus steal market share.

Examine the far reaching economic damage of IP theft. Take an example of war; when a country bombs a factory to put it out of business to disrupt production. Eventually the factory is rebuilt, some workers are replaced and production resumes. When intellectual property and operating knowledge is stolen to set up a competing business at lower costs the “factory” or US business is displaced in the market and is shut down. The factory does not reopen, workers lose their jobs, they do not have money to spend and the tax base is reduced. Thus begins an economic decay in trickledown effect through our economy.

Simply examine the repeating history of what happens to countries with a weak or collapsing economy. If a country loses economic viability it is done. This is equally true of corporations on a smaller scale within US industry. Now you understand the awful and insidious scenario that the FBI wants to prevent by educating Government, Industry and Business to stop data loss.

What can you do? First, be proactive instead of reactive. Second, recognize it is a real and growing problem. Educate yourself how Data and IP Loss happens and how to prevent it. Third, implement a security plan and educate others in your organization. Take your responsibility by being a patriotic American and spread the word to other companies.

Information Technology (IT) personnel need to be involved in educating your company’s employees on the methods of data breach and ‘social engineering” used to fool them. Unfortunately, we are in a different world with different values. The fastest growing type of data theft is insider theft and unauthorized computer access. Your company may have spent millions in facility security and access but it is useless against inside theft.

Recognize the barriers to taking action. The idea that it “happens to other corporations” is based on the importance and profitability of your corporation in the marketplace, luck and time. You will have to spend some money. View your cyber and computer security technology as improvements in its proper framework; by comparing your investment to the cost of losing your intellectual property and operating data. Protect your future viability.

For more information you can visit www.thevaultpc.com on computer security. A downloadable Secure Data IP Plan for Government, Industry and Business is available on the ‘Secure Data Storage’ page here, and one for Healthcare and Insurance is on the ‘US Government, CJIS and HIPAA’ page here.

Losing Intellectual Property is bad but losing data that is subsequently used against you is far reaching and permanent. Once your company is hit - it is too late. Your company is part of America’s economic security and sustainable future. Do something about it.

For questions or additional information visit the ‘Contact Us’ page on the link here.

ENGlobal Reports Second Quarter 2016 Results

HOUSTON, TX--(Marketwired - Aug 4, 2016) - ENGlobal, a leading provider of engineering and automation services, today announced results for the second quarter which ended June 25, 2016.

Revenue decreased $7.3 million to $13.8 million from $21.1 million, or a 34.7% decrease, for the three months ended June 25, 2016, as compared to the three months ended June 27, 2015. ENGlobal reported a net loss of $1.6 million for the second quarter of 2016, a decrease of $2.5 million compared to net income of $1.0 million reported for the prior year period. The net loss per diluted share was $0.06 for the second quarter just ended, compared to net income per diluted share of $0.03 for the second quarter of 2015.

Revenue decreased $26.5 million to $28.7 million from $44.2 million, or a 60.0% decrease, for the six months ended June 25, 2016, as compared to the six months ended June 27, 2015. ENGlobal reported a net loss of $2.4 million for the second quarter of 2016, a decrease of $4.0 million compared to net income of $1.6 million reported for the prior year period. The net loss per diluted share was $0.08 for the six months ended June 27, 2015 compared to net income per diluted share of $0.06 for the six months ended June 27, 2015.

In April 2015, the Company's Board of Directors authorized the repurchase of up to $2.0 million of the Company's common stock from time to time, based on prevailing market conditions. Through June 25, 2016, ENGlobal had repurchased approximately 499,344 shares of common stock for $0.5 million under this program. As of June 25, 2016, the remaining amount authorized for repurchase under this program was $1.5 million.

Management's Assessment
Mark Hess, ENGlobal's Chief Financial Officer stated: "We have been challenged by the significant decline in oil and gas prices and the resulting drop in our clients' activities. However, during the second and third quarters, the Company has taken significant specific steps to improve revenue generating opportunities, improve gross profit margins, and reduce administrative expenses. Benefits from these recently initiated measures should be realized in the quarters to come as we expect to move towards profitability."

Mr. Hess continued: "Although projects have been taking longer to be awarded, our backlog has increased from last year end and our pipeline is robust. Importantly, ENGlobal continues to generate positive cash flow. The Company's cash position increased from $7.8 million at the end of last year to $14.7 million as of June 25, 2016. We expect that our working capital will be adequate for ongoing operations."

William A. Coskey, P.E., Chairman and CEO of ENGlobal added: "Given our debt free balance sheet and diverse mix of business, ENGlobal remains well positioned to successfully navigate through the current industry environment. As stated before, ENGlobal has been using the current downturn to invest in our business through the addition of highly experienced project and business development professionals. As a direct result of these actions, the differentiated offerings under development have the potential to positively transform our business over time. We remain committed to realizing ENGlobal's full potential, and increasing shareholder value over the long term."

The following is a summary of the income statement for the three months and six months ended June 25, 2016 and June 27, 2015 can be found here:

The Company's Quarterly Report on Form 10-Q for the quarterly period ended June 25, 2016 is expected to be filed with the Securities and Exchange Commission reflecting these results by the end of the day today.