IT Technology Services New Orleans

New Orleans Technology Services

Menu
All Posts By

Happy Blogger

Mar 09
0

Does Internet Usage Rewire the Human Brain?

By | news | No Comments

Co-authored by Lakshmi,

Going by prehistory, where, the dawn of tool usage among human ancestors coincided with a remarkable increase in brain size, it is natural to expect that new digital activity can cause rewiring in the cerebral circuitry. The brain is a neuroplastic organ that is constantly changing in response to external stimuli. Given the enormity of the stimulus caused by the Internet, it seems logical that it can cause significant cerebral adaptations. Or is the digital era too recent to be able to cause evolutionary changes in brain structure yet?

On one hand are neuroscientists such as Susan Greenfield, who believe that the digital era could be detrimental to the human brain. Greenfield argues that the prefrontal cortex would be damaged, underdeveloped or underactive in technology addicts, just as it is in gamblers, schizophrenics or the obese. Researchers from Xidian University, China have recently suggested that long-term Internet addiction does result in brain structural alterations, which could contribute to chronic dysfunction in subjects with Internet Addiction Disorder.

There are others who differ. Jeff Jarvis, author of “Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live,” believes that technology will not change our brains and how we are “wired,” but affects and changes how we cognate and navigate our world, which could in fact, be beneficial. A study by Gary Small at UCLA in 2008 showed that Internet browsing activities triggered key centers in the brain that control decision-making and complex reasoning. It is little wonder then that digital natives are better at snap decisions and juggling sensory input than digital immigrants. This could indicate that technology and gadgets do possibly rewire the brain to function better, especially during adolescence, which is considered a sensitive period for cognitive developments. Studies have also demonstrated that playing action video games can enhance visual attention and improve decision making skills for youth and the aged alike. It is the content of the video games, e.g., the amount of violence and/or inappropriate, unethical scenarios that could adversely affect the player’s psych.

Sparrow and co-workers of Columbia University recently studied the memory of college students vis à vis Internet use and found an interesting pattern. While extensive users of Internet (search engines, in particular) could not recall information itself, they could easily and accurately recall where to find that information online. Thus, the Internet has become an external or transactive memory, where information is stored collectively outside us. But this in and of itself is not a new concept. The notion of “transactive memory” proposed by Wegner has been around since 1985 (“no need to remember birthdays, just remember that the wife does”) and the Internet merely subscribes to this form of memory.

Gary Small and co-workers have also reported that Internet searching engages more neural circuitry than, say, reading text pages. Thus, among middle-aged and older adults, Internet use may favorably alter the neural circuits controlling short term memory. However, since our brains use information stored in the long-term memory to facilitate critical thinking, there may be a certain loss in this area upon extensive Internet usage.

There have also been studies on the connection between brain and technology-induced multitasking. Multitasking does not mean “performing multiple tasks at the same time,” which is not possible, but “switching between tasks at an extreme rate of more than four switches per minute.” Kaiser Family Foundation reports that 8- to 18-year-old youths carry out extensive “media multitasking” and the compulsive need to rapidly switch between multiple media has led to the belief that there may be a greater incidence of ADHD-type disorders among youth. There is also the school of thought that given the brain’s limits to the ”cognitive load” it can handle, multitasking leads to loss of efficiency. Switching attention across tasks occurs in the prefrontal cortex, the region of the brain that is one of the last regions to mature in children and one of the first to decline with aging. However, Carrier and co-workers of California State University, Carson, did not find any relationship, positive or otherwise, between brain function and media multitasking.

Kep Kee Loh and Ryota Kanai of the University of Sussex report differently. They have demonstrated that brain structure CAN be altered upon prolonged exposure to novel environments and experience. They have confirmed through MRI studies that people who extensively media-multitasked had smaller gray matter density in the anterior cingulate cortex of the brain. This could possibly result in decreased cognitive control performance and socio-emotional regulation in heavy media-multitaskers. However, the researchers also disclaim that it is not yet clear if media-multitasking causes changes in the brain or whether people with less dense gray matter are attracted to media-multitasking in the first place — a classic chicken-egg scenario.

The digital era has, since its conception, continuously elicited various types of moral panic that have engaged scientists, psychologists, sociologists, educators, policy makers and most importantly, media. The anxiety around technology and Internet has provoked intense debate on its effects on the biology of the brain. ”Neuroplasticity” has been a powerful word in arguments both for and against the effect of technology on the brain. Studies in neuroscience have supported and challenged the proposed negative effects, thus leading to neuro-alarmism and neuro-enthusiasm respectively. But the real situation lies probably somewhere in the middle. Before succumbing to media frenzy in denouncing or hailing technology/Internet as bane or boon in terms of human evolution and brain conditioning, it is important to remember that the human cognition is distributed across brain, body and the tool (digital or otherwise) and is not a standalone quality, but one that is critically influenced by the surrounding as much as by the system itself.

Feb 27
0

Crypto Locker Decryption Assistance

By | news, Security | No Comments

Ransomware is a particularly nasty piece of malware that takes infected machines hostage. CryptoLocker was successful at garnering  multi-millions in ransom payments the first two months of CryptoLocker’s distribution, according to a recent blog by FireEye regarding the takeover of CryptoLocker infrastructure – Operation Tovar.

Operation Tovar helped tear down the infrastructure used by attackers, but there are still many instances where users are still being infected with ransomware. After the success of Operation Tovar, there were few resources available to help decrypt files that were still encrypted with the attacker’s private key.

While not particularly innovative, CryptoLocker was successful because it encrypts the files of computers it infected and then demanded a ransom for a private key to decrypt those files. The harsh reality of a situation like this is, not many people back up their data. In some cases, the backups would be encrypted if mounted to an infected machine. As a result, many of the victims felt helpless at this point, and paid the ransom – typically around $300. A simple description of the way that CryptoLocker works can be found below:

  1. CryptoLocker arrives on a victim’s machine through a variety of techniques such as spear-phishing emails or watering hole attacks.
  2. CryptoLocker then connects to randomly generated domain (via DGAs) to download a specific RSA public key.
  3. At that point, an AES-256 key is created for each file on the system.
  4. CryptoLocker then encrypts all of the supported files using the generated key from step 3.
  5. The generated key is then encrypted with the downloaded RSA public key from step 2.
  6. And finally, the AES-key is written to the beginning of the encrypted files, thus requiring the private key to decrypt.
crypto1

Figure 1: Screenshot of victim machine infected with CryptoLocker

Not all CryptoLocker variants are created equal. There are several copycats and hybrid versions of Crytpolocker that exist, ranging from programs like CryptoDefense, PowerLocker, TorLocker and CryptorBit, to variants that are not necessarily named but have modified functionality, such as using Yahoo Messenger as a propagation technique.

Decryption Assistance

To help solve the problem of victims’ files still being encrypted, we leveraged our close partnership with Fox-IT. We developed a decryption assistance website and corresponding tool designed to help those afflicted with the original CryptoLocker malware. Through various partnerships and reverse engineering engagements, Fox-IT and FireEye have ascertained many of the private keys associated with CryptoLocker.  Having these private keys allows for decryption of files that are encrypted by CryptoLocker.

FireEye and Fox IT have created a webpage, https://www.decryptcryptolocker.com, where a user can upload an encrypted CryptoLocker file.  Based on this upload, the user will be provided with the option to download a private key that should decrypt their affected files. The site also provides instructions on how to apply this key to the files encrypted by CryptoLocker to decrypt those files.

To use the site, simply upload an encrypted file without any confidential information. (Please keep in mind, we will not permanently store, view, or modify your file in any fashion.) Enter your email address, to ensure the private key associated with the file is sent to the correct individual. Ensure you enter the correct number or phrase in the Captcha entry field.

crypto2

Figure 2: Screenshot of https://www.DecryptCryptoLocker.com

After clicking “Decrypt It!”, you will be presented with instructions to download the Decryptolocker.exe tool from https://www.decryptCryptoLocker.com (Figure 3). In addition, your private key will be sent to the email addresses specified.

crypto32

Figure 3: DecryptCryptoLocker decryption result page

After receiving the email (Figure 4), you will then select the key and utilize it in conjunction with Decryptolocker.exe.

crypto4

Figure 4: Email containing private key

At this point, the user opens a Windows Command Prompt, and browses to the directory of the Decryptolocker.exe tool and the locked file.  (Please note that the directory of the locked file must be specified if the file is not local to the tool’s directory.) The user must enter the command exactly as specified on the successful decryption page. The command structure should be used as the following:

Decryptolocker.exe –key “<key>” <Lockedfile.doc>

Upon successful execution of the tool, the user should be presented with a prompt indicating decryption was successful (Figure 5).

crypto5

Figure 5: Successful decryption of File1-1.doc

Conclusion

Operation Tovar made a clear impact on the distribution of and infection of machines by CryptoLocker. However, there have been no known avenues available designed to help users get their encrypted files back without making significant payments to those responsible for infecting machines in the first place. While the remediation of infected machines can be somewhat difficult, hopefully with the help of https://www.decryptCryptoLocker.com and Decryptolocker.exe, we can help you get back some of the valuable files that may still be encrypted.

As always, to help prevent a threat like this from affecting you and your data, ensure you backup your data. Ideally, this would be done in at least two locations: One would be on premises (such as an external hard drive), and the other would be off premises (such as cloud storage).

View the free, on-demand webinar DeCryptoLocker: Relief for CryptoLocker Victims for additional information.

FAQ

Are all encrypted files afflicted with CryptoLocker decryptable with this tool?

We believe we recovered everything the from the CryptoLocker database. However, we are aware that there could be a limited data chunk that could be missing which is related to either the takedown or interruptions of the CryptoLocker backend infrastructure. As a result, certain files may not be decryptable. Also, new variants of CryptoLocker may be released at any time, and the tools we discuss here or have made available may not be able to decrypt files infected with these more recent variants.

Does this tool work against CryptoLocker variants?

There are several variants of CryptoLocker, all functioning in different ways. While these variants do appear similar to CryptoLocker, this tool may not be successful in all decryption processes because of code and functionality variances.

Does any of our data get stored by FireEye or Fox-IT?

Under no circumstances does personal data get stored, processed or examined by FireEye or Fox-IT when using this tool.

Is this service free?

The Decryptolocker.exe tool is available at no cost via the website to anyone that has been compromised with CryptoLocker.

How can I use the Decryptolocker.exe tool?

The Decryptolocker.exe tool is designed to perform a few different types of functions.  Here are some examples of various prompts you can enter, depending on the result you would like to obtain.

1) If you would like to test a file if it is encrypted with CryptoLocker, you can enter:

Decryptolocker.exe –find File1.doc

2) If you would like to find all files encrypted with CryptoLocker in a directory, you can enter:

Decryptolocker.exe –find -r “C:\FolderName”

Note: Remember to include the “-r”

3) If you would like to decrypt a file encrypted with CryptoLocker, you can enter:

Decryptolocker.exe –key “<your private key provided in email>” File1.doc

4) If you would like to decrypt all files in a folder, you can enter:

Decryptolocker.exe –key “<your private key provided in email>” C:\FolderName\*

Note: Remember to include the “*” at the end

5) If you would like to decrypt all the files in a folder or drive recursively, you can enter:

Decryptolocker.exe –key  “<your private key provided in email>” -r C:\

Note: Decryptolocker.exe creates a backup of all encrypted files in the same directory before writing the decrypted file. If you do not have enough space for these files, then the prompt may not execute, and your computer may run more slowly.  Ensure you have sufficient file space before proceeding.

 

Disclaimers

There are several variants of CryptoLocker, all functioning in different ways. While these variants do appear similar to CryptoLocker, the tools discussed here may not successfully decrypt files encrypted by every variant because of differences in the programs or for other reasons. Also, while we have many unlocking keys, there is a possibility that we will be unable to decrypt your files.