by CDO Technolgy | May 6, 2015 | CDO Technology News, Maintenance, Managed IT Services
Perhaps one of the most frustrating malware infections found today is file encryption ransomware. The two notable ones are CryptoLocker and CryptoWall. These are classified as malware; they are not technically viruses. Ransomware often infect a computer by being downloaded in a seemingly harmless file. They then encrypt one’s personal data and demand payment in exchange for a decryption key that is stored on a remote server. There is deadline by which payment must be received before the key is deleted; after which, access to the encrypted data is impossible.
Initially it is important to have a basic understanding how one is infected and how ransomware works. Both CryptoLocker and CryptoWall need to be downloaded, and are most commonly received as email attachments; although, they can also be downloaded from websites. These websites are often advertising or media sharing sites. To be infected the file need only be downloaded; it does not need to be opened. The infected files in email attachments often appear as zipped files, but these too need only be downloaded. Once downloaded, the malware uses an asymmetrical algorithm design to generate encryption keys. This means there two keys. One is called the public key which is used to encrypt files, and the other is called the private key which is used to decrypt files. The private key is stored on a remote server controlled by the attacker. It is notable that CryptoLocker and CryptoWall do not lock users out of their computers, as is the case with many other kinds of ransomware. They only encrypt data files.
The Crypto ransomwares usually have a list of file types that it searches for to encrypt. These are primarily different formats of image and text files. Depending on the malware sometimes music is encrypted, and a new version of CryptoWall targets game files. Both CryptoLocker and CryptoWall are aggressive and can infect baked up files on external hard drives and network devices when they are connected to the infected computer and turned on. Some ransomware also sends itself to other people via email from the originally infected computer. When access to an encrypted file is attempted by the owner, a message will be given informing the customer that they need to pay a specific amount of money within a certain period of time to get the private key and gives instructions on how to make payment. Typically 72 hours is the period of time given, but in some cases it will give the owner a few weeks and the cost will rise every week. Both CryptoLocker and CryptoWall usually display a countdown timer with the message. The amount of money asked for is usually around $300 to $500. In certain cases, people have been charged up to around $1000. Some versions of ransomware, especially in the case of CryptoWall, ask for payment in bitcoin. Bitcoin is an unregulated digital currency that can be mined (process of creating new bitcoins) and can be used in certain transactions and exchanged for other currency. Sometimes payment is required through cash card or prepaid credit card because such cards are untraceable. When the specified period of time passes and if payment has not been made, the private key is deleted from the remote server and the owner can never access their files again.
Although very similar, there are some small differences between CryptoLocker and CryptoWall. It is important to note that CryptoLocker is older than its counterpart and is currently rarer. An international, joint law enforcement operation shut down the majority of servers that were being utilized to distribute CryptoLocker when they took out the Gameover Zeus botnet. Additionally, CryptoLocker has been reverse engineered and many private keys have been recovered giving those infected some hope. There are also still several copycat versions of CryptoLocker in circulation; although few neither are as sophisticated nor do these have any design improvements over the original malware.
CryptoWall became more prominent after the demise of CryptoLocker. CryptoWall infects computers in much same way as CryptoLocker; although, it utilizes weaknesses in websites and employs exploit kits to infect users. It can also be contracted in downloads and emails. As before mentioned, CryptoWall demands only bitcoin as payment and typically charges a higher base amount than CryptoLocker. CryptoWall usually provides a website through which infected people can pay. This website is designed to make tracing difficult. CryptoWall is not yet as widespread as CryptoLocker. The primary concern with CryptoWall is that there is no way to recover the files it encrypts without paying the criminals behind it. CryptoWall can always be removed, but documents and images will remain encrypted.
There are some simple but important ways to reduce the risk of infection. The first order of business is to maintain a good anti-virus on one’s computer. Additional tools that target malware are also helpful to keep the system clean. Backing up all of one’s user data, especially text and picture files, is essential. External hard drives and similar devices should be turned off or disconnected from the computer when not in use. This is important because, after the computer is infected, ransomware can easily infect any connected data storage device(s). Caution should be used when surfing the internet and when checking email. Any program or file that is downloaded from the internet should come from the original source, and third party download sites should be avoided. If an email is received that is not recognizable, do not download any attachments from it. All these guidelines are helpful for general protection, as well as ransomware.
CryptoWall is definitely more feared because it is the only ransom malware from which your files cannot be saved if you chose not to pay for the private key. However, the majority of other ransomwares can all be removed without data loss. CryptoLocker is much less of a threat since its downfall; although, it can still cause significant harm as can its copy cat counterparts. Caution and regular backup of files are the two most important pillars to avoid the frustration that encryption ransomware presents.
by CDO Technolgy | Apr 2, 2015 | CDO Technology News, Hard Drive
CHOOSING BETWEEN HARD DRIVES AND SSDs
Today’s workstations come with more options than ever before. Once you’ve determined the specifications that you need for your business, there is one more decision you must make: should you get an SSD drive or a SATA/HDD drive? In this post, we’ll explain and explore both so you can make an informed decision.
SATA/HDD
Technically, SATA (Serial Advanced Technology Attachment) isn’t a drive but the interface between the HDD (Hard Drive Disk) and the computer’s motherboard. Most people use the two terms interchangeably, however, as they work together.
The HDD has been around for close to 60 years and has been the standard for personal computing and workstations. This type of drive has a spinning platter where data is stored through magnetism. The faster it spins, the faster the drive performs.
The biggest advantage to a SATA drive is that you can store enormous amounts of data very inexpensively. As technology advances, the amount of storage available continues to grow. One usually sees drives that hold a terabyte or more. The maximum amount of SATA storage for a workstation is currently about 8 terabytes. An advantage is that it cost about 80% percent less per gigabyte than the cost of a SSD drive.
SSD
Rather than using magnetism to write data to a physical disk, the SSD (Solid State Drive) stores data in microchips so there are no moving parts involved. Instead, it uses what is known as flash memory and a controller (the brain of the SSD). While the very first SSD drive was produced in 1976, it wasn’t small enough to achieve common use until this century so effectively the SSD has been in use for only about 15 years.
The biggest advantage with an SSD drive is the added speed and performance. Boot up time for a workstation will be much faster over a SATA drive. Programs will open virtually instantly and data is written at much greater speeds than conventional SATA drives. A disadvantage for the SSD is that it cost, on average, about 5 – 6 times as much per gigabyte as compared to a SATA drive.
At this point in time, form factor is not an issue but as technology advances, the SSD could have a distinct advantage. Currently, both types of drives are contained in standard size housings from 1.8” to 3.5” but that is only so manufacturers don’t have to make multiple cases and connectors – both types of drive could go in the same case. However, HDD can’t get much, if any, smaller than they are now but there is no such limitation on the SSD. If we are to truly see powerful computers in smaller sizes than now, it will be by using SSD technology.
Pros and Cons Comparison Beyond Price and Capacity
SSD drives use half or even a third of the power that a SATA drive does: 2-3 watts versus 6-7 watts. With multiple workstations in an office, that can make a definite difference in the electric bill. In a laptop, the battery charge will last 2-3 times longer with an SSD drive over a SATA.
When a workstation must perform as fast as possible, users will see a noticeable difference between the two drives. Boot time for an SSD drive is as little as 10 seconds while a SATA boot time could take at least 30 seconds and more. File open speeds are up to one-third faster with even the lowest end SSD drive.
Performance speed is also greatly enhanced with an SSD drive. Almost all SSD drives will write files at over 200 MB per second and some advanced drives can perform at over 500 MB per second. The range for a SATA drive can be as little as 50 MB per second and maxes out about 120 MB per second. When running some software, the SSD drive can make a huge difference in speed and output, particularly when using applications such as video editing software or graphic files.
Current generation SSD controllers have evolving technologies like compression, de-duplication and high-level encryption protocols. They protect the security of stored data, and provide up to 100x more data protection than leading enterprise hard disk drives. Since many SSDs are encrypted by default, it can act as an obstacle to data recovery if the need arises. This results in a much more difficult and expensive data recovery process for SSD drives than for SATA drives.
Noise level and vibrations are very different between the two drives. SATA drives will always make more noise and vibrate more because of the spinning platter. They will make clicks and whirring noises because of the moving parts and these noises tend to grow over time. If multiple workstations are present, the noise level can be rather annoying. Since there are no moving parts in an SSD drive, there is no vibration or noise, making for a much quieter workspace.
With a traditional SATA drive, users must put time into regular maintenance for defragmenting the drive. As a computer is used, files get modified or deleted. Since the data is physically recorded on the disk, the free space is constantly changing. As the drives fills up, files become scattered and free space also becomes scattered around the disk. This fragmentation causes the system to slow down and can cause memory issues. This is not an issue with SSD drives.
SSD drives are more durable than SATA, mainly due to not having any moving parts. A SSD drive is also unaffected by magnetism so that gives your data a bit of added security.
Shopping for SSDs
When it comes to purchasing an SSD, there are a variety of factors to consider. Just as anything else, there is quite a range in price and features, but here are the main things to look at.
- Speed – Both high maximum speed and high real-world speed should be compared. The manufacturer will tell state the maximum speed that the SSD will achieve while reading or writing data. Just keep in mind that real-world speeds will almost always be lower. You can find average real-world speeds by reading reviews on reputable websites that do testing on the products they review.
- SATA – The best SSDs today will have SATA III support which is the latest and best version of the SATA interface. SSDs are backwards-compatible but they will not perform at the optimum level without being compatible with SATA III.
- Error Correcting Code – ECC (error-correcting code) enables a higher level of reliability from your SSD, as well as keeping costs down by using the MLC flash memory. ECC allows your SSD to find and fix many common types of data corruption.
- Company Track Record – Do your due diligence in investigating the manufacturer of any SSD you’re considering, as well as on the specific drive. With a relatively new technology, it is almost always safer to go with a company that has been working with SSD long-term. Check review sites, particularly those that offer user ratings, to make sure that you get an SSD with a high rating.
Best of Both Worlds
For companies that need both high performance and high storage, there are three workarounds to the storage limitations of an SSD: dual drives, external SATA drive, or cloud storage. For extreme storage, or even just as backup, a combination of two options is certainly feasible.
Dual-drive workstations have a smaller SSD drive that holds the operating system and programs along with a SATA drive that stores the resulting files. Naturally, two drives necessitate a larger form than a single drive, but in a stationary workstation this shouldn’t matter too much.
External drives can be purchased very inexpensively these days and are easily used for increased storage capacity. One thing that is nice about external drives is that they can be detached and stored during off-work hours for added security. To use this option is easy – simply work on the computer as normal but when it’s time to save the work, save it to the external drive rather than the internal one.
Cloud storage is just about infinite so can also be an excellent option. Of course, cloud storage of any size will come with a price but for many, it’s well worth it and is quite inexpensive.
Many companies find that using both an external drive and cloud storage gives them an additional layer of protection for their files. This way, they have two back-ups for all files, with one being on-site and one off.
Conclusion
At the end of the day, the decision must be made according to a company’s unique needs and budget. Storage size limitations are really a moot point these days, thanks to cloud storage. For those companies where speed in booting up and overall performance is critical, then it is worth spending more. Remember to backup your data so that if whichever drive you choose fails, your critical data will be safe and sound.
by CDO Technolgy | Aug 30, 2014 | Business Servers, CDO Technology News, Managed IT Services
What are Servers?
Servers have been around as long as networks. The generic use of a server is to ‘serve’ something to other computers. This communication is done with a variety of different server types with their own specific uses. They act as facilitators, storage, and so on. Not all server types are exclusive; many types can be simultaneously in use on the same server machine. Some servers can even be client computers (those on which people access the data being served) at the same time.
Some common types of servers are most recognizable. These are: FTP, proxy, game, and web servers. These machines are usually somewhat similar to the personal computers found in most homes and businesses, although they usually have specific software and hardware to provide a smoother transition of the data. Servers usually have more storage space, faster processors, and more RAM (random access memory) in order to make them more efficient. Rather than a standard operating system used by the general public (such as Windows 7), servers usually have a server platform. An example of this for a PC would be Microsoft Server.
FTP servers are used to provide access to files, either publicly or after using a login, depending on whether the files are free or for a fee. This functionality is usually included on web servers, as well, to allow easy access to web site owners to upload and download their own files.
Proxy servers are an extra step between the end user (also known as the client computer) and another server (usually a web server) that handles filtering, sharing connections, and helps to improve performance. These are sometimes used by employers to limit employees’ access to certain web sites from the workplace.
Game servers are those used by online games to provide the interface and processing for them. These are most notable when the game is an MMO (massive multiplayer online) game, in which many people around the world are connecting at the same time, to play the same game. There is often interaction between the players, which necessitates a server that is powerful enough to keep up without causing lag (pauses in the gameplay, during which the game continues, but the player misses the action because the server ‘catches them up’ by skipping).
Web servers are by far the most common ones. These are the servers that house the web pages (such as the one you are currently reading). These communicate with the client’s browser and send the information – text, images, videos, etc. – that is requested. Pretty much anything that is accessed through a browser (such as Internet Explorer, Firefox, Chrome, etc.) is processed by a web server.
Others include application servers, which handle linking databases with web servers; list servers, which handle mailing lists for newsletters and other bulk email processes; chat and IRC (internet relay chat) servers, which allow real-time communication between people wherever they are; mail servers which handle basic email; and news servers which carry newsgroups such as the USENET service, although these are not as popular among the general public as they once were.