19 Ways Data Can Be Leaked

January 3, 2018
Tawan Punsang

Have you ever wondered how our confidential or personal information leaks from us? Or how they fall into the wrong hands? The answers differs from a simple methods to advanced ones, so firstly for someone who may not be involved in cyber security to understand overall pictures is to know what is data breach? And where do data flow? Data breach is an incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner which can cause a small company or a large organization to suffer great loss. Stolen data may involve sensitive, proprietary, or confidential information, such as credit card numbers, customer data or trade secrets. There are so many ways data can easily leak out of an organization. There are three buckets or containers where information “lives and flows”; in digital form, in hard copy (paper) and in the conversation. Information is constantly flowing between these containers, usually resting in more than one of them at any given moment without some type of map or landscape that lays them all out. Data leak is divided into 2 classes which are internal data leakage and leakage from external threats. In total, there are shown 19 ways below.  

Instant Messaging (Peer to Peer)

  • Many organizations allow employees to use instant messaging from their workplace which include products such as Skype, Google talk and peer to peer (P2P) networks. These programs could act as file sharing networks that allow users to inadvertently share confidential documents to an external users.

Email

  • Email also represents a route for a simple data leakage. Because traditional email clients, such as Microsoft Outlook, etc. are widespread within organizations. Internal users could even be tricked to email or inadvertently send confidential documents as an attachment to an unauthorized individual due to employee oversight or poor business process.

Web Mail

  • Web mail runs over HTTP/s which an organizations’ fire wall may allow it through uninspected. When the connection is initiated by internal IP user, an individual may leak their confidential data, either as an attachment or message body.

Web Logs / Wikis

  • Web logs and Wikipedia site are a collaborative website where everyone could write their thoughts, comments, opinions and edit on any particular subject. These site could be used as a way to release confidential information, simply entering the information on the blogs. However, these are perhaps a less likely medium to leak confidential information because they would most likely be able to be tracked.

Hiding in SSL

  • Another ways to leak sensitive data is through SSL connection. Users may try to obscure data by utilizing a public proxy service via an SSL connection. They enter the proxy service with a browser, type in the URL of the site and then their entire session is encrypted without any detection of firewall.

Malicious Web pages

  • Visiting either a compromised or malicious sites could present user’s computer a great risk of being infected with malware. A web page containing malicious code with an OS/browser. The malware could be in form of a Trojan, Key logger, etc. Users might download a key logger/backdoor, thus providing the attacker with full access to user’s computer.

Data theft by intruders

  • There have been numerous stories about the theft of credit card information or others electronic break-in to an organization by intruders. This particular event holds remarkable concern, because resumes contain a significant amount of information of individual, including their personal information or even details of third parties. Believable phishing attacks or social engineering could be used by a theft to obtain these sensitive data.

Malware

  • Malware can evade inbound gateway protection measures and desktop anti-virus then initiate outbound communications, sending out files which may contain sensitive data. Malware can be categorized as Virus, Worm, Trojan horse, Spyware, Key logger, etc. These allows a hacker to remotely access your computer, perform various operations such as capturing potentially sensitive information, corrupting files on target computer and so on.

SQL Injection

  • SQL injection is a code injection technique that can be used in a range of ways to cause serious problems. By using SQL injection, an attacker could bypass authentication, access, modify and delete data within a database. The initial action of the attack could be to enter a single quote within the input data in a POST element on a website. Following with trial and error by the attacker could eventually reveal table names, field names and other information. This will allow an attacker to construct SQL query within the POST element that yields sensitive data.

Phishing

  1. Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email. Typically a victim receives a message that appears to have been sent by a known person or organization. An attachment or links may install malware on user’s device or direct them to malicious website and cause them to lose sensitive information. Phishing is popular with cybercriminals, as it is far easier to trick someone into clicking a malicious link in a seemingly legitimate email than trying to break through a computer’s defenses.

Dumpster Diving

  1. Many organizations that do not take appropriate care with destruction of hard copy information have a risk of confidential data falling into dumpster diving. Instead of having the document destroyed securely, Individual may throw their confidential information into the rubbish which could be discovered by an attacker through this method.

Physical Theft

  1. Many organizations underestimate the importance of keeping their offices and their equipment physically secure. They often lack a clear policy describing what measures they should take to protect computers and backup storage devices from theft. As a result, Poor physical security at an organization’s file or poor security practice of individuals creates a possibility of physical theft. Physical theft of devices such as laptops, computer systems, back up tapes, and other media also post a risk for data leakage to organizations.

Removable Media / Storage

  1. Theft or loss of a data storage medium such as USB memory key, and external hard drives made up nearly 54 percent of all identity theft-related data leaks. Due to the size, USB keys are so easy to lose. Although some data when were copied to the key are legitimate, the risk of the key lost onto the third party still exists.

File Transfer Protocol (FTP)

  1. FTP represents another method for a user to leak their information. It is simply straightforward to install and configure a basic FTP server external to the organization. The shortcomings of FTP stem from both the design of the protocol and evolving business requirements. The individual then merely has to install a publicly available. FTP client and upload the file.

Security Classification Errors

  1. Security models are intended to provide a framework for organizations to avoid classified and / or sensitive information being sent to individuals (internally and externally) without the appropriate security clearance level. It is conceivable that an individual with Top Secret clearance may either intentionally or inadvertently send a Top Secret document to another individual with only “Classified” clearance.

Hard Copy

  1.  If an individual wishes to provide a competitor with sensitive material, and the victim organization has already implemented electronic countermeasures, it is still possible for the individual to print out the data and walk out of the office with it in their briefcase. Or, they simply place it in an envelope and mail it, postage happily paid by the victim organization.

Inadequate Folder and File Protection

  1.  If folders and files lack appropriate protection (via user/group privileges etc) then it becomes easy for a user to copy data from a network drive (for example) to their local system. The user could then copy that file to removable media, or send it out externally by methods discussed above.

Cameras

  • A determined individual may choose to take digital photos (or non-digital for that matter) of their screens. A camera is not even needed nowadays. Cellular telephones today are likely to have a camera built in, perhaps with up to 2 mega pixels or more. The photo could then be sent by email or Mobile Messaging directly from the telephone.

Inadequate Database Security

  • Poor SQL programming can leave an organization exposed to SQL injection attacks, or allow inappropriate information to be retrieved in legitimate database queries. Additionally, organizations should not implement broad database privileges as this can lead to users accessing confidential information (either intentionally or inadvertently).

Updated Flood Situation and Excessive Rainfall Over Thailand

October 30, 2017
Sutiwat Prutthiprasert

InterRisk Thai Flood Report

Summary

According to TMD, the amount of rainfall since January is about 1,700 mm which is above the average at 1,572 mm. Consequently, there have been flood situations in many parts of the country, especially in the riverside areas and provinces in the north and northeast areas. Currently, the water levels in the main dams are critical in many areas such as Pasak dam and Kwae Noi dam that the capacity is almost at their full capacity. In conclusion, the Chao Phraya dam and Pa Sak dam increase the drainage rate, causing the water level of lower Chaophraya river to increase and overflow in some areas of Nonthaburi, Pathumthani and Ayutthaya. Moreover, the inundated water in the retention areas almost reaches 95% of the maximum capacity. The situation needs to be monitored.

Government announcements

Since there has been large amount of rain above Chao Phyara dam, causing the drainage to be increased from 2,600 m3/sec to 2,700 m3/sec and would be at this rate for a week. The drained water from Chao Phraya dam would cause 20-25 higher water level in the under dam areas for a short period of time. Moreover, the Minister has ordered the RID to prepare for possibly incoming flood situations in the southern region. Thai Meteorological Department announced that the overall rain tended to reduce in the northern and northeastern region which was considered a good sign, especially at the Chao Phraya dam. Flood events: 20th Oct: Nakhon Sawan municipal urgently reinforce the flood protection dyke on the side of Chao Phraya river. 22th Oct: Chao Phraya river overflowed to the riverside villages in Pathumthani due to the coming water from Chao Phraya dam. 23th Oct: Chao Phraya dam increased water drainage to 2,700 m3/sec to help relieve flood situation in above-dam areas. 24th Oct: Heavy rain in Doi Inthanon caused flash flood in many districts of Chiang Mai. 24th Oct: 40-60cm increasing of Chao Phraya river level caused the water to overflow to Pak Kred, Nonthaburi. 24th Oct: Water overflowed to Sena District of Ayutthaya after “Jao Jed” flood gate had been damaged. 24th Oct: Chao Phraya river overflowed to Nonthaburi city near Bang Kwang prison. Situation: Nonthaburi Flood Increased the water level from Chaophraya dam has caused Nonthaburi province to become flooded. Some premises next to Chaophraya River has become flooded 30-40 cm and some street is now flooded and traffic is blocked. Currently estimated 100 houses are affected. Situation: High Tide has passed According to TMD water tide is now on the decreasing tide. The highest peak was on 8th Oct and gradually reduced. Water discharge rate of major river would be increased from now on. However, the overall water discharge from local premise would depend on the amount of water management and drainage capacity to the major water source. It is important to concern the water discharge rate out of the premise and make sure that the flood protection is fully functional. Water Level in Major Dam Increasing water from Pasak Dam On 25th October Pasak dam has announce to increase water release rate from 25 million m3 to 30 million m3 which intern will increase water level in Chaophraya River by 20-30 cm. In addition to amount of increasing Chaophraya Dam water flow. The premises near the river should be cautious about the situation. Inundated water in water retention area near maximum Water in water retention area (Ayutthaya, Suphanburi) has reached 95% or 1,300 million m3. This amount of water is under irrigation department management. However, Irrigation department plans to divert the inundated water to the sea. It would takes about 30-45 days to release the water to the normal level.

2017: High amount of Rainfall                              According to TMD the amount of rainfall in 2017 is more than average at 1,700 mm where the average country is 1572 mm. according to the reference the amount of yearly rainwater in 2011 is at 1,781mm The water is under irrigation department management which is diverted to canals and water retention areas (monkey cheek). In this regards, if the water management fails, the flood similar to 2011 could occurs due to the amount of rainfall. It is important to inspect and ensure that the flood protection and management is reliable and fully functional. The Upper Chao Phraya River Flow The amount of water from Upper Chaophraya has increased and spread to wider area but still under its capacity in most area. The critical area is in Phichit area where Yom and Nan river adjoins. In addition to Chainat area. However, the situation is same as last month. The amount of water increased largely came from Ping and Wang river. The amount of water at Chao Phraya river dam has increased from 2,600 m3/s to 2,700 m3/s. Premises near Chaophraya River should be aware of the situation. The Lower Chao Phraya River Flow The amount of water from Upper Chaophraya has contiously increased. Many area has been flooded in Singburi and Chaophraya. Water in many area is also at critical level. In case of heavy rainfall, the drainage from land to the major river could be reduced and resulted in inland flood. It is necessary to check the drainage capacity and the ability to drain water to major rivers.

References

https://www.thairath.co.th http://www.ryt9.com https://www.tmd.go.th/7-day_forecast.php http://water.rid.go.th/flood/plan_new/chaophaya/Chao_low.php?cal2=25102017 http://water.rid.go.th/flood/plan_new/planup.html http://water.rid.go.th/flood/plan_new/chaophaya/ http://www.thaiwater.net/DATA/REPORT/php/rid_lgraph3.php?dam_id=19

Updated Flood Situations and Hurricane Warning

October 16, 2017
Sutiwat Prutthiprasert

InterRisk Thai Flood Report

Summary

The water volume of main dams has been increasing due to the heavy rain in last week. Bhumibol and Sirikit dams can still receive more amount of water, while Pasak and Kwae Noi dams are almost at their full capacity. The lower Chao Phraya provinces are critical, especially in Ayutthaya, Angthong, Chainat and Pathumthani where some riverside areas are flooded which resulted from the increased water released from the upper Chao Phraya river through the Chao Phraya river dam. Rain will continue until next week all over the country which is influenced from coverage of low pressure air from China and monsoon.

Government announcements

Department of Disaster Prevention and Mitigation has coordinated with 34 riverside provinces in north, northeast and central regions to prepare for the incoming water situations. By monitoring, analyzing any risk from amount of rain water and water level. If the situation spreads out, there will be prepared rescue team with equipment and machines.

Flood events:

Flood incidents in the past week: 11th Oct: All night rain in Pa Yao caused flash flood in Mae Sai Sub-District with water level up to 50-70cm. 12th Oct: Chao Phraya river near Ang Thong Province overflowed the dike to damage the Pa Mok District. 14th Oct: Heavy rain during the night of 13th caused flood in many roads of Bangkok, including Wipawadee, Ratchadapisek, Petchburi, Ladprao and Petkasem. 14th Oct: Nine Chao Phraya riverside Districts of Ayutthaya were flooded. Moreover, there were 26 Districts in 8 Provinces (Lopburi, Kumpangpetch, Singburi, Angthong, Ayutthaya, Nakhon Sawan, Chainat and Tak) that were being affected by flood.

Situation: Ayutthaya Flood

Currently there is a flood in some area in Ayutthaya Province. In Bangnan and Sena district. However, these areas are frequently flood as report in last year report. The maximum depth is 1.5m. The amount is higher than last year 2,100 sq.m/s. According to the news the water level in the area can be cleared within 1 week. The amount of water release from Choaphraya dam is now over 2,500 sq.m/s since 10th October.

Situation: Hurricane warning

From 16th October typhoon “Khanun” has decreased its intensity and become depression. The depression is now moving toward “Hainan, China” and moving downward to Vietnam. According to the RID, it may not directly affect Thailand but may contribute to the rainfall in Thailand.

Situation: Bangkok Flood

Last 13th Oct high amount of rainfall occured in Bangkok, according to TMD the amount of rainfall is approximately 200mm within 6 hours. Resulted in inland flood due to the in ability to drain the water. The concentrate amount of rainfall is shown in the diagram below. The high amount of rainfall focus in the central Bangkok area. The flood depth is approximately 30-60 cm where the most depth is at Wiphawadi road. Flooded roads

Storage level Sirikit Dam

Storage level Bhumibol Dam

Storage level Pasak

Storage level Kwaenoi Dam

The Upper Chao Phraya River Flow

The amount of water from Upper Chaophraya has increased. The critical area is in Phichit area where Yom and Nan river adjoins. The amount of water increased largely came from Ping and Wang river. The amount of water at Chao Phraya river dam has increased and is near its capacity. Amount of water released is also increased.

The Lower Chao Phraya River Flow

References

https://www.thairath.co.th/content/1013932 http://www.ryt9.com/tag/%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%8A%E0%B8%A5%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%97%E0%B8%B2%E0%B8%99 https://www.tmd.go.th/7-day_forecast.php http://water.rid.go.th/flood/plan_new/chaophaya/Chao_low.php?cal2=15082017 http://water.rid.go.th/flood/plan_new/planup.html http://water.rid.go.th/flood/plan_new/chaophaya/

How Antivirus Works ?

October 9, 2017
Tawan Punsang

Learn More About Antivirus

An antivirus is a software that prevents, detects and removes malicious software programs like computer viruses, worms, Trojan horses, spyware, etc. that are harmful to the computer systems. If you’ve ever wondered how antivirus programs detect viruses, what they’re doing on your computer, and whether you need to perform regular system scans yourself. There are answers in this article but first, taking a look at what are the virus and malicious code might help you get a better picture on the further topics.

What are the virus and malicious code?

The malicious code refers to a broad category of programs that can cause damage or undesirable effects to computers or networks. Possible damage can include modifying, destroying or stealing sensitive data, gaining or allowing unauthorized access to a system and executing functions that a user never intended. So computer viruses are the most common form of malicious code. A virus is a program that infects a computer by attaching itself to another program and propagating itself when that program is executed. It should be noted that some malicious programs are able to exhibit the behaviors of more than one type of malicious code. For example, certain programs may be both a virus and a Trojan horse at the same time. Thus there are plenty of antiviruses are available in the market which uses different approaches to detect and remove viruses. Generally, these approaches can be distinguished into three categories 1) Signature-based detection 2) Heuristic-based detection and 3) Behavioral-based detection

Signature based detection

In the first approach, an antivirus has a library of signatures of all popular viruses as a virus definition. The definition files contain signatures for viruses and other malware that have been encountered in the wild. During the scanning process, it compares the content of all computer programs with the library of viruses. If there is such a program found that matches with a signature that is defined as a virus, an alert is made to the user about this program and the antivirus program stops the file from running, putting it into “quarantine.”

Heuristic-based detection

This type of detection is most commonly used in combination with signature-based detection. Heuristic technology is deployed in most of the antivirus programs. This helps the antivirus software to detect new or a variant or an altered version of the malware, even in the absence of the latest virus definitions. Antivirus programs use heuristics, by running susceptible programs or applications with a suspicious code on it, within a runtime virtual environment. This keeps the vulnerable code from infecting the real world environment.

Behavioral-based detection

This type of detection is used in Intrusion Detection mechanism. This concentrates more in detecting the characteristics of the malware during execution. This mechanism detects malware only while the malware performs malware actions. So different antivirus programs have different detection rates, which both virus definitions and heuristics are involved in. Some antivirus companies may have more effective heuristics and release more virus definitions than their competitors, resulting in a higher detection rate.

Reasons to run Antivirus

Antivirus software scan is a very important task to undertake for the safety of your computer. Because viruses can damage the data on your computer and can even leave openings for hackers. Depending on the situation, you may face identity theft, problems with the device, lost data or even a computer crash. Scanning your computer for viruses should be a regular task to undertake since it gives you a chance to remove and reduce a risk from malware that may hinder the activities of your system.

When and how often should you scan for viruses?

Normally, your security software already gives real-time protection against threats as they emerge, but regular system scans are vital. Antivirus programs often offer two types of scan: a ‘quick’ scan and a ‘deep’ or ‘full’ scan. Although there is no specific set amount time between scans, it is recommended to do a manual ‘quick’ scan whenever you suspect any traces of viruses in your system and/or any time that your computer suddenly slows down, starts creating problems or is simply not working as effectively as it did previously. You can also further set your software to do a full scan once a week using appropriate antivirus software that suits your preferences and goals. You can usually customize the schedule, although scanning your entire PC every day is probably too much but leaving more than a week between scans is not safe.

Sonca Storm in Thailand

August 3, 2017
Sutiwat Prutthiprasert

InterRisk Thai Flood Report 2017: Sonca Storm in Thailand

Summary

In the past week, the overall country was affected by the Sonca storm, especially in the northeast and north regions. There were floods in several provinces such as Sakolnakorn, Kalasin, Chaiyaphum, Phrae, and Phayao and the rain seems to be continued until next week. The water level of the major dams has increased but still much less than the full capacity. The water level of the Yom river is high in Phrae, Pichit and Lampang. While for the Chao Phraya river, the water level is high in Ayutthaya and Angthong.

RID News:

RID revealed that the influence of “Sonca” storm caused heavy rain in several areas especially in the northeast region. The water level in Chee and Mool river has been increasing. For the situation in Sakolnakorn, there is still flood water in several areas. RID has supported 10 water pumping machines and 26 water propulsions to push flood water back to the river. While in Kalasin, the JMC committee of Lampao dam had decided to increase the drainage rate since 30th July from 15 to 20 million m3 which might cause flood in 5 districts, the governor had ordered for preparation. Moreover, the RID also had flood prevention and relief plan in Bang Saphan Noi which is the flood affected area by dredging up Bang Saphan canal for 4.5km and planning to build water draining gate in Bang Saphan canal which will be finished in the next 2 years.

Forecast:

From 3rd-6th August, the overall country will have increasing rainfall and will be heavy in the Eastern region and west side of the South due to the southwest monsoon. There will be 2-3 meters waves in Andaman sea and the upper Thai Gulf sea.

Flood events

Flood incidents in the past week: 24th July: Continuous rainfall caused flash flood to overflow the river inundating the villages in Chiang Rai. 25th July: Continuous rainfall caused flash flood in Denchai District, Phrae Province. 26th July: Heavy rainfall in Phayao caused the water level in “Kwan Phayao” to reach its full capacity. 26th July: Several hours of raining caused flood in the Muang District of Kalasin, small cars are struggle to pass. 27th July: Flash flood destroyed roads in Khon Kaen. Landslide blocked the train tunnel in Chaiyaphum 27th July: High amount of rainfall in overall areas of Pitsanulok caused flood in many residential areas. 27th July: Broken flood wall caused the flood water to flow out into Sukhothai. 28th July: Heavy continuous rainfall caused flash flood to 8 provinces in Ranong. 28th July: Flooding in 8 Districts of Nakhon Rachasrima, 3 are severe. 28th July: The overflowed water from Huay Siton flowed into 10 residential areas, most severe in past 40 years. 29th July: Sakolnakorn in crisis. Flash flood hit the city, the runway had to be shut down. 29th July: The overflowed from Lam Kun Chu dam flowed into Bamnej Narong District caused flood. 30th July: The overflow of Chao Phraya river caused flooding in 6 Districts of Ayutthaya. 30th July: Yom river near Nakhon Sawan overflowed to the low level land. 31st July: Huay Sai Khamin reservoir in Sakolnakorn was broken by the flood water. Flood in the north and north east of Thailand by tropical storm Sonca during 21-25 July 2017

Chiang Rai

100 houses flooded 480,000sq.m. of damaged crop fields

Sri Saket

32,000,000sq.m. of damaged crop fields

Kalasin

420 houses flooded 11,200,000sq.m. of damaged crop fields

Nakhon Panom

3,200,000sq.m. of damaged crop fields

Storage Level Sirikit Dam

Storage Level Bhumibol Dam

Amount of water stored is increased in both Major dam, especially Sirikit dam where the water increased by 10% however, the amount of water stored is still much lower than 2011 and from the dam capacity.

Storage Level Pasak Dam

Storage Level Kwae Noi Dam

Amount of water in has increased since last 2 weeks especially at Kwaenoi dam where the amount of water is much more than 2011 but still much below the dam capacity. Still, the amount of water in this dam alone would not determine the possibility of flood. However, the situation shall be monitored.

The Upper Chao Phraya River Flow

The amount of water from Upper Chaophraya has increased to almost double from last 2 weeks. Increased amout of water in the river in many region in the upper Chao Phraya River especially Wang, Yom and Nan river. At Phichit the amount of water is high but not yet flooded.

The Lower Chao Phraya River Flow

Amount of water in Chaopraya River increased especially in Ayutthaya and Angthong area due to increase amount of water release from Pasak dam. Amount of water from Upper Chao Phraya River has also increased. However, Irrigation department has diverted water to canal, therefore the amount of water at Chao Phraya Dam has slightly decreased due to the management.

References

https://www.thairath.co.th/content/1013932 http://www.bangkokpost.com/news/general/1295323/sonca-storm-leaves-ruinous-signature http://www.ryt9.com/tag/%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%8A%E0%B8%A5%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%97%E0%B8%B2%E0%B8%99 http://water.rid.go.th/flood/plan_new/chaophaya/Chao_low.php?cal2=31072017 http://water.rid.go.th/flood/plan_new/planup.html http://water.rid.go.th/flood/plan_new/chaophaya/Chao_low.php?cal2=31072017

How responsive are you on emergencies?

June 28, 2017
Tanaporn Longwech

The reaction time for car accidents depends on each person’s ability and training. The ability of emergency response is related to the decision time. Furthermore, the decision should consider disadvantages like the amount of people injured and property damage. Research shows that the time of low awareness and concentration decreases the ability to respond, increasing the risk of accident. The necessary driving skills are accuracy of response, quick reaction time and good control of the steering wheel. Presently, there is technology that evaluates these driving skills. If the driver can reduce error of judgement, the chance of accident would decreased. Drivers get low accuracy scores, they should practice more. If the driver has slow response time, they should take a break in order to drive with common sense and reduce road accidents. In addition, the steering wheel skills are related to the experience of the driver. The driver should have experience before driving on the road in order to reduce road accidents. According to the Domino Theory of H.W. Heinrich, if the first domino (Social environment of background) falls over, the next domino would fall over as well. Thus, if you don’t want the fourth domino (Accident) to fall over, you should remove third domino (Unsafe acts or unsafe condition) to prevent injury and property damage. Thus, if the driver has developed these 3 skills (accuracy of response, quick reaction time and good control of the steering wheel) as mentioned, it would help to reduce the chance of accident. How responsive are you on emergencies

Ransomware Attack

May 17, 2017
Nareerat Moottatarn

WannaCry Malware Outbreak

On May 12th 2017, a malware threat called WannaCry emerged worldwide, affecting businesses and institutions including shipper FedEx, train systems in Germany, a Spanish telecommunications company, universities in Asia, Russia’s interior ministry and British hospitals. This type of malware locks files and asks for payment to unlock them, hence the word ransomware.

“The crisis isn’t over…patch your systems as they will try again” @malwaretechblog

This malware can easily infect other computers in the same network. WannaCry ransomware uses the vulnerability of “SMB (Server Message Block)” Remote Execution Vulnerability, a security flaw in Microsoft’s Window Operating System. Users without Window updates are at risk of getting this malware. During the month of April, the vulnerability was released to the public but Microsoft has released an update to fix this vulnerability since March 14th 2017. However, computers which have not updated the patch were attacked, with more than 230,000 computers in 150 countries. One example case in Thailand is the Royal Thai Police system breach, which caused a road sign error to be displayed on Witthayu Road on the 14th of May 2017. A total of $55,165, or less than 2 million Baht from 209 payments via Bitcoin were paid to the hackers according to Reuters as of 9 pm Monday Thailand time (1400 GMT). Windows XP, Windows Server 2003 until Windows 10 and Windows Server 2016 systems were affected from the malware attacks. Since the support period of Windows XP and Windows Server 2003 is no longer available, there is no update to fix this vulnerability for the two systems. Despite this, there are still computers running on the two operating systems and have Internet connection. Therefore, Microsoft has issued an emergency update to resolve this issue. Users may download the update from the Microsoft website.

To Prevent Infection:

    1. Update antivirus and other security software.
    2. Have a separate backup of your important data not connected to a network.
    3. Update your software frequently to block the vulnerabilities
    4. Close the Server Message Block (SMB).
    5. Do not open links or attachments from suspicious e-mails
    6. Turn on your smart screen (in Internet Explorer), which helps identify reported phishing and malware websites and helps you make informed decisions about downloads
    7. Have a pop-up blocker running on your web browser
Newer strains of the ransomware are possible. The Ministry of Information and Communication Technology has issued ThaiCERT and the ETDA (Electronic Transactions Development Agency (Public Organization) to create guidelines on preventative measures for the general public. It is advised to keep yourself updated (patched) as the authorities are certain that there will be further cyber-attack attempts in the near future.

References

https://www.thaicert.or.th/alerts/user/2017/al2017us001.html http://www.sciencealert.com/experts-are-warning-the- global-wannacry-ransomware-hack-isn-t-over http://www.npr.org/sections/thetwo-way/2017/05/14/528355526/repercussions-continue-from-global-ransomware-attack https://www.it24hrs.com/2017/wannacry-ransomware-malware-effect/ https://www.blognone.com/node/92410 http://www.bangkokpost.com/news/general/1250106/cyber-worm-slows-hobbles-chinese-police-schools http://fingfx.thomsonreuters.com/gfx/rngs/CYBER-ATTACK/010041552FY/index.html http://www.reuters.com/article/us-cyber-attack-idUSKCN18B0AC http://www.aljazeera.com/news/2017/05/ransomware-avoid-170513041345145.html

5 Necessary Equipment To Keep In Your Car In Case Of Accidents

May 17, 2017
Tanaporn Longwech

Various technologies exist to help people when unexpected accidents happen on the road.

There is a wide range of choice, especially with car accessories such as GPS, car cameras,

speed and distance recorder, emergency kit and break hammer rescue tool.

  • The GPS device is an important item that should be installed in your car, especially for people who get lost easily. This device would act as a navigator if you are off the beaten track. Furthermore, the driver will know the travel route before reaching the destination. The number of accidents would decrease.
  • Car cameras are the popular devices at this moment. The technology of this device is developed various functions. Some car cameras have radar detectors. The radar detector function could find the location of police’s radar detector and warn the drivers to not exceed the speed limit according to law. In case of accident occurring, the video from the device issue to prove who is the criminal.
  • The speed and distance recording device is used to record the behavior of drivers. The analysis result could lead to accidents decreasing and   oil preservation.
  • The car emergency kit is one of those things that you don’t think much about until it’s too late. Especially if your vehicle is having a problem while you are driving at the countryside without garages. Therefore, the driver should keep the emergency kit in the car for initial repairs before going to the garage.
  • The rescue tools are as important as the emergency tools. Especially, the car window breaker and seatbelt cutter are indispensable to save lives when cars fall into canal or river.
5 Necessary equipment to keep in your car

All devices as mentioned would save human life and help the driver in the case of the problems while driving.

Does Your Website Need Security?

May 4, 2017
Nareerat Moottatarn

Do I need website security? What is an SSL certificate?Do I need website security? What is an SSL certificate? Exactly how safe is your website? As ordinary web users, we rarely think about the risks of an unprotected site. This is a short guide on how to keep your website and business safe. Some basics are discussed, such as what is an SSL certificate, the different types and why we need them. An SSL certificate, or Secure Sockets Layer certificate, is a third-party verification that provides technology to encrypt data to protect information.Exchange of information can happen in many forms, e.g. blog comments, login details or landing pages. Every website will need at least one SSL certificate.

First, your website type :

Blog or information site: Anonymous visitor data is collected via Google Analytics by simple cookies. There is less requirement for security as there is no collection of personal data. Company site for marketing products: Data is collected from site visitors and used to target marketing campaigns. Clients need to agree with such data collection. The more information, the more risk there is of a data breach.Hence, more security is needed. Ad-funded website: Collecting site visitor information may be passed on to third-party advertising networks. How this information is stored and used by the ad networks varies. This includes sites that share information via social networking such as Facebook. E-commerce website: Transactions using detailed information such as address, phone number, credit card numbers and other financial information is performed. Username and passwords make it vulnerable to thieves, therefore higher security measures are needed.Any processed data needs to be encrypted. SSL certificates should be used. Discussion forum or other sites involving sensitive data: Sites recording religious topics, medical records, or criminal records deal with sensitive data and thus requires specialcategorization.

Types of SSL Certificates:

How many do you need?SSL Certificates depend on the number of ‘common names’ your website has. For example, if your site is accessible by typing in “www.example.com” and “example.com”, you will need separate SSL Certificates for each. If you have multiple servers, you may require multiple certificates. For websites, the main types areDomain Validated and Organizational Validated SSL. More advanced Extended Validation (EV) is also available. The lowest level authentication is the Domain Validated (DV) SSL Certificate, in which the Certificate Authorities will simply send an email to the listed emailaddress of the domain admin of the site. Having just one DV Certificate is not enough for good website security. Organizational Validated (OV) SSL Certificates, however, checks the identity of the company and person applying with more detail. An address is needed as well as the specific contact. This will then be displayed in the browser’s user interface. Getting an Extended Validation (EV) SSL requires more vigorous vetting. EV SSL certificates will enable visual signs,such as the green address bar in the browser. This shows that the company has provided detailed information which has been checked and audited by the Certificate Authority.

W์hy protect yourself?

Money: Being blacklisted by search engines such as Google results in site downtime. Reputation and trust: If the site does not have SSL certificates, this translates to poor organization and therefore customer experience. Search engine ranking: It can take up to six weeks to get off a search engine blacklist which makes the website unsearchable. Even though the site is not blacklisted, people will still click away if there is any indication that the site is not safe, lowering search engine rankings.

Further information:

https://www.symantec.com/connect/blogs/typ es-ssl-certificates-choose-right-one http://www.csoonline.com/article/3153707/sec urity/top-5-cybersecurity-facts-figures-and- statistics-for-2017.html https://www.scmagazine.com/whitehat- security-release-website-security-statistics- report/article/536252/ https://www.techopedia.com/definition/24747/ cybersecurity http://money.cnn.com/2015/04/14/technology/ security/cyber-attack-hacks-security/

How to avoid traffic speed detector

April 19, 2017
Nannicha Patraakrapan

How to Avoid the Traffic Speed Detector

Nowadays, the trend of cars using high speed are increasing and is the main cause of car accidents. As a consequence, relevant departments have set speed limits for each area and installed many traffic speed detectors in Thailand. Therefore, InterRisk Asia (Thailand) Co., Ltd. would like to present the information about traffic speed detectors for road users.

There are 2 types of traffic speed detectors commonly used in Thailand.

Radar-type: This type is mostly used in which the officer manually detects or installs the device in the designated location. The device emits radar waves to target the car and the waves reflect back to the receiver. The reflected wave from the target car changes in size or frequency. Then the detector will calculate the speed value of the car. Laser-type: This type is more accurate than radar-type and is used manually by human or automatic system. Moreover, the calculation is less than a second. The function of this type is to reflect the laser beam. It measures the reflection duration which uses the change of rate of distance per time to calculate the speed value of the target car.

Traffic speed detector map

In order to decrease accident, traffic speed detectors are installed at the several location. The figure on the left hand side briefly shows the location of speed detectors in Bangkok. Moreover, the road users can use coordinates to locate the spot in your GPS device. In these areas, the drivers should drive safely with caution in these areas. Then the drivers should concern about using speed. Being safe with speed limits  The speed limit is set up for safety driving and road users which are listed below. Relevant departments consider about drive with high speed. Therefore, the technologies are used together with development of road users’ potential which can reduce the car accidents.