Category Archives: IT

The thermal camera bottom line is accurate detection, clarity and quality of image.

Benjamin Franklin has thermal cameras. General Douglas McArthur pioneered their use. In Jay Weatherill’s hands, thermal cameras can fight a killer from a safe distance.

But, unlike their traditional surveillance siblings, thermal sensors and cameras create video images from infrared – heat waves. Day or night, in any environment, every person, object and structure emits infrared waves. And, while traditional cameras often flex their CCD chip muscles with after-incident forensics, the strength of thermals, especially at night, is more often seen at facility perimeters and often aims at real-time detection and physical response.

Thermals follow through on a time-tested strategy of detect, delay and respond, institutionalized at facilities such as nuclear power plants and elsewhere.

First applied in the early 1950s by U.S. and Republic of Korea troops against the Soviet-backed Democratic People’s Republic of Korea, military and law enforcement were user pioneers of the technology. Originally big, bulky, short range and very expensive while needing similarly expensive accessories, thermal cameras have evolved into today’s small contained packages boasting longer ranges at more affordable prices.

Covers More Ground
And speaking of long range, a single smart thermal camera can detect intruders with great accuracy over an area the size of a football field, combining detection and visual verification deployed either as a standalone solution or integrated.

So it is not surprising that applications have spread from military to critical infrastructure, petrochemical, power distribution, port/border, commercial and life safety, among others.

When it comes to certain critical infrastructure, for example, a large petrochemical plant, without thermals the assignment would be daunting, with some campuses having a perimeter of 10 miles or more. In another instance, areas of waterfront or wetlands may not allow use of more typical physical barriers and enhancements – fences and lighting, to name two.

Comparable to virtual fences created by traditional cameras, thanks to levels of analytics, in the thermal world, there are thermal fences that don’t require physical barriers, lighting infrastructure or extended power trenches. Also seen: integration with ground radar and more seamlessness of routine fence sensors and alarms.

Thermals protect sensitive unban facilities, too. For instance, thermal video analytics cameras from SightLogix cover the World Trade Center outdoor perimeter in New York City. The cameras are an integral part of an integrated security system designed by engineers from Ducibella, Venter & Santore and integrated by Diebold.

Fire, Life Safety Uses
Australian Prime Minister Jay Weatherill proudly acknowledges long-range thermal cameras in tracking down hot spots and flying sparks during that country’s effort to tamp out recent, destructive bush fires. Another unique application, the cameras, carefully positioned in airport corridors, determined whether a passenger had a high temperature while attempting to fly out of a country impacted by the Ebola epidemic. Often behavior monitoring doubled down to identify passengers that looked ill. Today, thermals are even more common at airports as part of traditional surveillance systems although thermals are not designed to read a person’s specific body temperature but can be finely calibrated to discern slight differences.

And Ben Franklin?
Mobility and flexibility are among the advantages of thermals for Benjamin Franklin, the largest container ship to ever make port in North America just late last year. It’s longer than the Empire State building is high and has cameras that look out to sea, setting up an ever-moving, all-seeing perimeter to help captain and crew alert to objects moving toward the megaship. Thermals also are common on ships plying waters from Sumatra to Somalia as they try to get a perimeter alert advantage over pirates, who are after cargo, payroll cash and even kidnapping ransom money.

Just months ago, there was another commercial-centric breakthrough as highlighted by a collaboration between thermal camera maker Flir Systems, of Goleta, California, and unmanned aerial vehicle – drone – maker DJI Innovations of Los Angeles. They plan to develop a stabilized camera featuring Flir’s thermal imaging technology for some DJI’s aerial platforms.

The addition of thermal imaging to drones, only in commercial infancy, provides the ability to see in complete darkness, measure temperature remotely and see through obscurants such as smoke, dust and light fog. Integration with a live video downlink system and apps will also give drone operators in enterprise and government security departments with real-time control and recording during flight.

Concerning the commercial niche of camera-equipped and security-facing drones, state and local regulations are just now falling into place. The Federal Aviation Administration (FAA) contends it is in charge of manned and unmanned aircraft, including hobbyist gear. In late 2015, the agency issued new recreational drone rules, requiring users to register in a national database, among other rules.

Drone with Camera Regulations Vary
Such a stance, however, has set up potential clashes since local and state lawmakers, worried about safety and privacy, have been passing similar and differing rules. More than 20 states approved drone laws in 2015, as have cities including Chicago, Los Angeles and Miami.

For enterprises seeing value in adding camera-enabled drones to their collection of security solutions, getting from here to there – faster, more accurate detection, more use of the unmanned aerial vehicles for patrolling and surveillance – is obviously adding technology and complexity to seeing from above in the dark or near dark. Today, current advances have led to smaller cameras that are more affordable, says Jay McNamara, senior project manager for G4S Secure Integration, with accurate detection, clarity and quality of image. He observes that analytics creates smart thermal solutions, image processing within the camera can virtually eliminate false alarms, all often happening at the edge. When it comes to effectiveness, he says to “look for technology that provides digital detail enhancements,” adding some key features are “scene optimization and active contrast enhancement,” among others.

There are numerous features and benefits, especially linked to smart thermal cameras.

When it comes to temperature gauging, thermal temperature alarm cameras easily cross over to operations and business uses, too. Such cameras can send an alarm when the temperature reaches above or below a pre-configured threshold. With thermal imaging, problem areas can be identified before the issue becomes visible to the eye or machinery stops working. They also provide data for thermal pattern analysis or are useful for detection in perimeter protection or by law enforcement to identify thermal spots in vehicles.

More with Smart Thermal Cameras
Specific to smart thermal solutions and analytics, depending on the camera maker, some thermals also have speed measurement. One example is models from ATN American Technologies Network, which fashions a camera to act like a speed radar with functions that allow you to receive alerts/set alarms whenever objects within it go over a certain speed. There are thermal cameras to help track objects and people within it. Tracked is the path of objects such as cars as well as people within it, and, in addition, track anything dropped by people within it, known as dropped objects detection. Loitering detection follows when an object has extended its welcome within a given area, as well as determines how long objects have been within an area.

Other thermal camera features in some units:

Electronic stabilization to correct for pole sway;
Geo-registration to ignore small animals, blowing trash and outdoor movement while detecting people all the time;
Geospatial detection zones based on target size, speed and direction;
With its low power needs, available are solar and wireless options; and
Targets can be projected onto a sitemap for real-time situational awareness.
Additionally, thermals are easier to install nowadays, with less fuss in the set-up and maintenance.

When it comes to real-time alarming, according to McNamara, thermal cameras can detect accurately in complete darkness as well as bright sun and harsh environmental conditions. The cameras can be unaffected by headlights, reflections or other stray lights that cause nuisance alerts for visible detection cameras.

No doubt, there are myriad thermal, night vision and infrared cameras as well as some traditional cameras with supplementary illumination from lights or lasers as part of the category. Choices depend, among many, on light availability, security goals, budget and – in the case of whatever it is called – product marketing.

Lens Size Counts
While some end users may assume that distance can be a challenge, in reality, thermal cameras can provide accurate detection based on what lens size is used; but at greater distances, the ability to provide assessment of a human-sized target at a higher detail becomes challenging at greater distances, says McNamara. Of course, day/night cameras are still used and popular, he says.

When it comes to wide dynamic range (WDR) cameras as compared to thermals when facing lighting challenges, there is sometimes confusion. WDR is not just for daytime but also can be used at night for some applications such as nighttime license plate recognition. Thermals are not just for night but can be used in daylight. For instance, in glare, thermal will detect someone entering a glared-over area.

There are color night vision cameras that use advanced low light sensors to provide high quality color video in lighting conditions from full daylight to starlight, all without extra lighting infrastructure needed with regular security cameras. Such a tech approach detects intruders with thermal and identifies them with color night vision.

The fourth iteration of the world's worst ransomware Cryptowall has surfaced with gnarlier encryption tactics and better evasion tricks that have fooled current antivirus platforms.

Ransomware has ripped through scores of businesses and end-user machines in sporadic and targeted attacks that have cost victims millions of dollars in ransom payments made to criminals who have illegally encrypted valuable files.

The worst offenders remain at large including a single group who may be behind Cryptowall 3.0 and have made some US$325 million this year according to the Cyber Threat Alliance, dwarfing FBI June figures which noted it extorted some US$18 million from US victims alone in about a year.

Andra Zaharia of Denmark-based Heimdal Security says Cryptowall 4.0 is employing "vastly improved" communications and better code, so it can exloit more vulnerabilities.

"Cryptowall 4.0 still includes advanced malware dropper mechanisms to avoid antivirus detection, but this new version possesses vastly improved communication capabilities," Zaharia says.

"It includes a modified protocol that enables it to avoid being detected, even by second generation enterprise firewall solutions.

"This lowers detection rates significantly compared to the already successful Cryptowall 3.0 attacks."

For example, the nasty-ware now alters filenames as well as file contents, so it's harder for victims to work out what's been encrypted.

Ransom payments in the latest version are badged as a price tag for security software.

Net scum are still communicating with Cryptowall 4.0 over Tor and using hacked web pages to deliver payloads that include botnet componentry to assist further malware delivery.

Actors have tried various tactics to get ransomware on machines and thwart back up efforts.

One of the most unique was a variant that silently encrypted and decrypted databases on the fly in a bid to avoid detection. That meant months of backups would contain encrypted data that could not be decrypted unless a ransom was paid for the respective key.

Another revealed last week threatened user data would be published online if a ransom was not paid. There is no indication the Chimera ransomware lived up to that capability according to analysis.

It follows the death of the Coinvault and Bitcryptor ransomware which Kaspersky confirmed after the arrest of the alleged authors and release of all 14,000 decryption keys.

It is clear that a ransomware crime wave will surge across America and Canada. Here is what we expect will happen in 2016 and what you need to look out for:
  1. Ransomware attacks doubled in 2015 and will double again in 2016. The U.K. is to some extent a bell-weather for the U.S. as they function as a beta test site for Eastern European cyber mafias who can test malicious code in their own time zone. Well, over half (54%) of all malware targeting UK users in 2015 contained some form of ransomware. Buckle up.
  2. The use of Cryptowall 4.0 will explode, and Cryptowall V5.0 will add an actual working "feature" that the TeslaCrypt strain only threatened with: extortion by potentially publishing private personal or sensitive business files on the Internet.
  3. Cryptowall will be the first strain of ransomware to hit a billion dollars in total damages.
  4. Ransomware is the new APT: "Annoying Persistent Threat", as it will be increasingly used in double-payload attacks combined with other scams.
  5. Ransomware-as-a-service hosted on the TOR network and using Bitcoin for ransom payment enables a new generation of cybercrime newbies to make their mark.
  6. Cyber mafias will focus on professional services firms and local government using Cryptowall as their tool and extort tens of thousands of dollars from organizations that don't want their business disrupted or their intellectual property compromised.
  7. A new sleeper ransomware variant will start to stealthily encrypt data, pull your critical files onto a C&C Server, and wait until a backup been made. At that point they will yank the encryption key and demand a much larger amount of ransom than the current 500 bucks.
  8. Bonus Wild-Ass Guess: Ransomware gets bundled with worm-like malware to "brick" all the Windows endpoints and servers of a targeted organization. Cybercriminals will use this technique on a large scale, demanding millions in Bitcoins from their victims and may even offer "innovative" payment plans with protection terms.

Messages telling you to install and update security software for your computer seem to be everywhere. So you might be tempted by an offer of a “free security scan,” especially when faced with a pop-up, an email, or an ad that claims “malicious software” has already been found on your machine. Unfortunately, it’s likely that the scary message is a come-on for a rip-off.

The free scan claims to find a host of problems, and within seconds, you’re getting urgent pop-ups to buy security software. After you agree to spend $40 or more on the software, the program tells you that your problems are fixed. The reality: there was nothing to fix. And what’s worse, the program now installed on your computer could be harmful.

Scammers have found ways to create realistic but phony “security alerts.” Though the “alerts” look like they’re being generated by your computer, they actually are created by a con artist and sent through your Internet browser.

These programs are called “scareware” because they exploit a person’s fear of online viruses and security threats. The scam has many variations, but there are some telltale signs. For example:

you may get ads that promise to “delete viruses or spyware,” “protect privacy,” “improve computer function,” “remove harmful files,” or “clean your registry;”
you may get “alerts” about “malicious software” or “illegal pornography on your computer;”
you may be invited to download free software for a security scan or to improve your system;
you could get pop-ups that claim your security software is out-of-date and your computer is in immediate danger;
you may suddenly encounter an unfamiliar website that claims to have performed a security scan and prompts you to download new software.
Scareware purveyors also go to great lengths to make their product and service look legitimate. For example, if you buy the software, you may get an email receipt with a customer service phone number. If you call, you’re likely to be connected to someone, but that alone does not mean the company is legitimate. Regardless, remember that these are well-organized and profitable schemes designed to rip people off.

How Do the Scammers Do It?
Scareware schemes can be quite sophisticated. The scam artists buy ad space on trusted, popular websites. Even though the ads look legitimate and harmless to the website’s operator, they actually redirect unsuspecting visitors to a fraudulent website that performs a bogus security scan. The site then causes a barrage of urgent pop-up messages that pressure users into downloading worthless software.

What to Do
If you’re faced with any of the warning signs of a scareware scam or suspect a problem, shut down your browser. Don’t click “No” or “Cancel,” or even the “x” at the top right corner of the screen. Some scareware is designed so that any of those buttons can activate the program. If you use Windows, press Ctrl + Alt + Delete to open your Task Manager, and click “End Task.” If you use a Mac, press Command + Option + Q + Esc to “Force Quit.”

If you get an offer, check out the program by entering the name in a search engine. The results can help you determine if the program is on the up-and-up.

Good Security Practices
Check that your security software is active and current: at a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. You can buy stand-alone programs for each element — or a security suite that includes these programs — from a variety of sources, including commercial vendors and your Internet Service Provider. The security software that was installed on your computer when you bought it generally works for just a short time — unless you pay a subscription fee to keep it in effect. Visit http://security.getnetwise.org/tools/search for a list of security tools from legitimate security vendors selected by GetNetWise, a project of the Internet Education Foundation.

Make it a practice not to click on any links within pop-ups.

Report possible fraud online at ftc.gov/complaint or by phone at 1-877-FTC-HELP. Details about the purchase — including what website you were visiting when you were redirected — are helpful to investigators.

Visit www.OnGuardOnline.gov to learn more about protecting your computer from bugs, viruses and scammers.

This article was previously available as "Free Security Scan" Could Cost Time and Money.

Report Scams
If you believe you’ve responded to a scam, file a complaint with: