Blog

May 25th, 2017

By now, you must have heard of the WannaCry ransomware. It ranks as one of the most effective pieces of malware in the internet’s history, and it has everyone worried about what’s coming next. To guard yourself, the best place to start is with a better understanding of what made WannaCry different.

Ransomware review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years.

Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments.

How to protect yourself for what comes next

Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading.

Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack.

Every single day it should be your goal to complete the following:

  • Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents.
  • Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.”
  • Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business.
Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, call us today.
Published with permission from TechAdvisory.org. Source.

Topic Security
May 24th, 2017

If you’ve downloaded the macOS version of HandBreak, a popular video transcoding program that converts multimedia files into different formats, checking your computer’s safety right now would be wise. Users who downloaded the program between May 2 and May 6 have a 50 percent chance of being infected with an Apple Trojan, based on an announcement on HandBrake’s website. Here’s everything you need to know.

How to know if your device was infected

HandBrake can be downloaded from its official website and via mirror sites, or sites that provide the same content as the primary site. Infected downloads came from the mirror site, download.handbrake.fr, where the installer file (HandBrake-1.0.7.dmg) was swapped with a Trojan file, OSX.PROTON. This malicious file managed to trick Apple's security approval system into deeming it as safe and legitimate.

One way to find out whether you’ve downloaded the Trojan is to look for an “activity_agent” process in the macOS by accessing the Activity Monitor application. Another way is by checking whether the installer file’s checksums match HandBreak’s public codes. You can do this by comparing your downloaded file’s codes with the ones found on HandBreak’s checksums page. If they don’t match, that means you’ve downloaded an infected installer file. This all might sound like a lot of tech gobbledygook, but these checks are essential to knowing whether or not your system has been infected.

The damage

The OSX.PROTON is considered one of the nastiest Trojans today because it can spy on computers from a remote location. It can monitor your activities, upload malicious files on your computer, steal your password and confidential information by detecting keystrokes or taking screenshots, and take over your entire system by hacking your admin settings.

Downloading an innocuous video transcoding application is not typically considered dangerous. However, downloading apps from unofficial sources definitely poses considerable risks. In such a scenario, a backed up data can save your malware-infected computer.

Precautionary measures

Fortunately, Apple has taken steps to block further infections by releasing an update. If your system has been infected, however, it’s not too late. Follow HandBreak’s suggested steps in removing infected files to mitigate any damage. You should also take additional security measures such as changing passwords from a different device. Better yet, get professional help from IT security experts.

Every time you download an app from an unauthorized source, know that there are risks. If you’re a Mac user, download apps only from the Apple Store; and for Android users, only from the Google Play Store. And to gauge the safety of the apps you want to download, it always helps to read their reviews beforehand.

The HandBreak macOS malware is just one of many that are attacking vulnerable systems. With the help of our network security experts, you can thwart cyber attackers’ attempts to steal your sensitive data, hold your files for ransom, or spy on your online activities. Call us now so we can recommend suitable protections.

Published with permission from TechAdvisory.org. Source.

Topic apple
May 23rd, 2017

This month, ransomware has taken center stage yet again. WannaCry has already infected thousands of users around the world. In true ransomware fashion, WannaCry holds user data hostage until the victim decides to pay the ransom. What’s more alarming, however, is that the global success of this malware will likely spawn even more potent variants. To protect your business from ransomware attacks, consider these tips.

Update your software The first (and probably best) defense against WannaCry ransomware is to update your operating system. New research from Kaspersky shows that machines running Windows XP, 7 and outdated Windows 10 versions were affected by the ransomware. To check whether your systems are up to date, open your Windows search bar, look for Windows Update, click Check for Updates, and install any major updates.

Also, don’t forget to download the latest security patches for your business applications and security software.

Run security programs Many antivirus programs now have mechanisms for detecting and blocking WannaCry malware; so when you’ve fully updated your security software, run a full system scan.

Keep in mind that antivirus isn’t a foolproof security solution. Instead, run it alongside other security applications like intrusion prevention systems and firewalls.

Use data backup and recovery tools If WannaCry does infect your computers, only a solid data backup and recovery solution can save your business. Before ransomware strikes, periodically back up your files in both an external hard drive and a cloud-based backup service.

External hard drives will serve as your local backup solution for quick recovery times. However, we recommend keeping the external drive disconnected when it’s not being used and plugging it in only when you need to back up files at the end of the day. This is because when ransomware infects a computer, it will usually look to encrypt local backup drives as well.

Cloud-based backups, on the other hand, allow you to store files in remote data centers and access them from any internet-enabled device. When selecting a cloud services provider, make sure they provide the appropriate cloud protections to your files. For example, your backup vendor should provide reporting tools to keep track of any anomalies in your files. Document versioning features are also important. This allows you to recover older versions of a document in case the current version is encrypted.

After your local and cloud backups are set up, perform regular tests to ensure your disaster recovery plan works.

Stay informed Finally, it’s important to stay on guard at all times. WannaCry is just one of many ransomware strains affecting businesses today, and in order to stay safe you need to be constantly up to date on the latest cybersecurity- and business continuity-related news.

For more ransomware prevention tips and services, call us today. We’ll make sure hackers don’t hold your business hostage.

Published with permission from TechAdvisory.org. Source.

Topic Business
May 19th, 2017

By their very definition, servers are tasked with managing significantly higher burdens than the average desktop workstation. If your business has a server onsite, there are so many things you need to consider to get the most out of your investment. Read on for a few of them:

Mount your servers properly

Small businesses are usually forced to prioritize the here and now over long-term planning. Not for lack of caring, it’s just a fact of working on tight budgets and with small teams. This is especially evident when it comes to server planning. When your business first sets up shop, it’s tempting to plug in a server right next to your workstations -- but doing so puts your hardware in harm’s way.

Mounting servers in a rack protects them from the accidents commonly associated with highly trafficked areas: spills, crumbs and tripping hazards. Server racks keep your most essential hardware safe by organizing everything in a space that is more accessible for cleaning and management but less exposed to the day-to-day wear and tear of your office.

Server planning is all about leaving room for the future. When choosing your rack mount, make sure to leave room for the hardware you will need to expand in the future. Unless office space is a serious concern, it’s better to have a half-empty server rack than to be forced to tear the whole thing down and redesign it the moment you need to expand.

Keep servers separate from the main area

Depending on what type of servers you are running, they can create quite a bit of noise. This coupled with the fact that they are comprised of valuable hardware means that you should do everything in your power to keep your servers physically separate from your working space. If you don’t have room for a server room, consider investing a little extra in a secure rack mount with built-in sound reduction.

Never skimp on cooling

Even when your business first opens its doors, server cooling is a crucial consideration. These computers are designed to work at peak capacity and need optimal conditions to do so efficiently. Even if your equipment seems to be performing just fine, too much heat can drastically reduce its lifespan.

Make sure that your cooling solution operates outside the confines of your building’s infrastructure. If the central air gets shut off at night, or if your office experiences power outages, you need a cooling solution that switches over to backup power with your servers.

Keep wiring neatly arranged

For anyone without hands-on experience with server hardware, the number of wires going into and out of your setup is shocking. Getting the whole mess organized isn’t just about cleanliness, it also affects the performance of your current setup and the viability of installing future upgrades. Any time you are installing, removing, or rearranging your server cables, check that everything is neatly labeled and safely grouped together.

Managing any type of hardware comes with dozens of important considerations, and that goes doubly so for servers. The best way to guarantee your IT investments are getting the care they require is by partnering with a managed IT services provider. To learn more about our services, give us a call today.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
May 17th, 2017

If you’re a business owner interested in utilizing virtualization technology, you have a lot of options for how to go about that. However, there is one virtualization vendor you’re probably already comfortable with: Microsoft. Read on for more information on the new and exciting features packaged with the Windows operating system.

A brief history of Windows Server

The Windows Server operating system has been around for decades. As an advanced option for onsite servers, this operating system grants access to high-level access management settings, DNS customizations, and network configuration management. In fact, it’s such a complicated solution that Microsoft offers certification courses for each version of the operating system.

The most recent iteration of this operating system is Windows Server 2016 (WS16). Released on October 12th, 2016, Microsoft’s latest server software included countless improvements to its networking and user management features. Where it really shines however, is in the ways it handles virtualized computing.

Virtualization in Windows Server 2016

As with just about anything in the virtualization world, containers dominate the WS16 conversation. Containers use software to aggregate the bare minimum requirements that one application needs to run -- hardware, software and operating system -- and deliver that package across a network to computers that lack one or more of those requirements. For example, if you want to run a Mac application that requires a huge amount of processing power on a bare-bones Windows workstation, you can create a container with the necessary components on your server and let the workstation access it remotely.

WS16 users have access to two types of container deployments: Hyper-V and Windows Server containers. To the average business owner, the differences between these two options is minute, but what is important is Microsoft’s commitment to compatibility. If virtualization is important to you, choosing WS16 is a great way to ensure that you’ll be ready for whatever develops among the disparate providers.

Another great virtualization feature in WS16 is software-defined storage (SDS). It’s a complicated solution, but it essentially allows you to create hard drive partitions outside of the confines of hardware limitations. You can create a single drive by pooling storage space from three different servers, or you can create several separate drives for virtualized workstations to access.

Obviously, managing a server is no easy task -- regardless of whether or not you implement a virtualized infrastructure. That complexity comes with some compatibility issues; if your business relies on old software, it may not have been updated to run with WS16. For everything from creating a transition plan to managing your virtualized framework, give us a call today.

Published with permission from TechAdvisory.org. Source.

May 12th, 2017

Security is, by far, the biggest issue concerning most businesses today. Although safeguards like firewalls and antivirus software are necessary, they’re no longer sufficient in dealing with increasingly sophisticated cyberattacks. Today, companies require multiple layers of security to steer clear of cyberattacks and compliance woes. To help companies with this process, Microsoft has released threat intelligence, advanced threat protection, and data governance features.

Threat Intelligence Threat Intelligence for Office 365 gathers data from Microsoft security databases, Office clients, email, and other recorded security incidents to detect various cyberattacks. This feature gives users in-depth knowledge about prevalent malware strains and real-time breach information to analyze the severity of certain attacks.

What’s more, Threat Intelligence comes with customizable threat alert notifications and easy-to-use remediation options for dealing with suspicious content.

Advanced Threat Protection (ATP) upgrades In addition to Threat Intelligence, Office 365’s ATP service now has a revamped reporting dashboard that displays security insights across a company. This includes a security summary of what types of malware and spam were sent to your organization, and which ones were blocked. According to Microsoft, these reports will help you assess the effectiveness of your current security infrastructure.

ATP also has a new capability called “Safe Links” which defends against potentially malicious links in emails and embedded in Excel, Word, and PowerPoint files. If suspicious links are discovered, the user will be redirected to a warning page to avoid an infection.

Advanced Data Governance The newly released Advanced Data Governance feature is also a much needed enhancement for highly-regulated companies. It classifies files based on user interaction, age, and type, and recommends general data retention and deletion policy recommendations. If, for example, your business has retained credit card data for longer than necessary, Advanced Data Governance will alert you of the possible data governance risks.

Data loss prevention enhancements Last but not least, the Office 365 Security & Compliance Center is also receiving data loss prevention upgrades. With it, you can easily access and customize app permissions and control device and content security policies. So if someone in your company attempts to leak sensitive customer information, Office 365 will notify your administrators immediately.

Although all these features are available only for Office 365 Enterprise E5 subscribers, security- and compliance-conscious companies definitely need these upgrades. Get the right Office 365 subscription by contacting us today.

Published with permission from TechAdvisory.org. Source.

Topic office
May 11th, 2017

If you’ve ever had a problem with how Microsoft Windows updates are rolled out, we have some good news. In a recent announcement, the team behind the world’s most popular operating system promised to make updates more consistent and user friendly. Read on to find out what that means for your business.

Windows 10 updates in 2017

In the summer of 2016, Microsoft announced that Windows would receive two large-scale feature updates in 2017. The first of these was released in April and is referred to as the Creators Update. Although many of the new features are far too advanced for the average user, the Creators Update included huge boosts to data security, user administration, and mobile device management integrations.

The next big update is due in September, and is rumored to come with several consumer-level features such as the People integration that was originally slated for the Creators Update. People would allow you to pin contact icons to your start bar to consolidate shared cloud storage, messaging platforms and calendars for individuals in one convenient location.

The future of Windows OS updates

From 2017 onward, Microsoft has committed to sticking to this “predictable twice-per-year” schedule. Along with more reliable releases, the Windows team is also committing to a more reliable support lifecycle. As long as you are running a version of Windows 10 that has been released sometime within the last 18 months, you can be sure that Microsoft engineers are keeping it current and secure.

This is great news for businesses that struggle to keep their servers and workstations updated. Out-of-date operating systems are one of the biggest risks to data security for small businesses, and promising this level of reliability makes it much easier for IT teams to plan ahead.

As trivial as it may seem, keeping all your software and hardware updated is a huge benefit of outsourced IT management. From productivity improvements to security patches, most businesses are missing out on vital features in a number of their services and platforms. To ensure that every solution you’ve invested in is working at its peak, call us today.

Published with permission from TechAdvisory.org. Source.

Topic Windows
May 10th, 2017

With as much as we write about sophisticated malware and security breaches, sometimes the most effective attacks are the ones that prey on human error. In the most recent case, all it took was an email with a perfect imitation of one of Google’s security screens. If you use Gmail, you need to know how to avoid this.

Broadly defined, “phishing” is any form of fraud in which an attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

These messages prey on users who click links, images and buttons without thoroughly investigating where they lead to. Sometimes the scam is as simple as an image with a government emblem on it that links to a website containing malware. Just hovering your mouse over the image would be enough to see through it. But some phishing schemes are far more difficult to recognize.

The Google Defender scam

Recently, an email spread to millions of Gmail accounts that almost perfectly imitated a message from Google. The text read:

“Our security system detected several unexpected sign-in attempts on your account. To improve your account safety use our new official application “Google Defender”.

Below that was a button to “Install Google Defender”. What made this scheme so hard to detect is that the button actually links to a totally legitimate site...within Google’s own framework. When third-party app developers create Gmail integrations, Google directs users to an in-house security page that essentially says, “By clicking this you are giving Google Defender access to your entire inbox. Are you sure you want to do this?”

Even to wary users, the original message looks like it came from Google. And the link took them to a legitimate Google security page -- anyone could have fallen for it. The Gmail team immediately began assuring users that they were aware of the scam and working on eradicating it and any potential copycats.

There’s no happy ending to this story. Although vendors and cybersecurity experts were able to respond to the crisis on the same day it was released, millions of accounts were still affected. The best way to prepare your business is with thorough employee training and disaster recovery plans that are prepared to respond to a breach. To find out how we can protect your business, call today.

Published with permission from TechAdvisory.org. Source.

Topic Security
May 9th, 2017

MacOS has a reputation for being one of the most secure operating systems. But in 2016, its susceptibility to malware grew by an astounding 744% according to one security report. Recently, a new strain of malware was found to infiltrate Macs by bypassing all of its security features. Despite having one of the highest price points in the market, Macs’ reputation for being the safest computers remains untarnished, but will the new malware change that?

How the new malware attacks Macs

The new strain of malware targeted at Macs is called OSX/Dok, which was first discovered in April 2017. OSX/Dok infiltrates Macs through phishing attacks, whereby users receive a suspicious email with a zip file attachment. Like all phishing attacks, it contains a message that tricks the recipient into opening the attachment purportedly about tax returns.

Mayhem ensues once the malware is in the system, gains administrator privileges, takes over encrypted communications, changes network settings, and performs other system tweaks that put the users at its mercy.

What the malware does

The malware targets mostly European networks, but it’s expected to spread into other regions. Even more alarming is its ability to bypass Gatekeeper, a security feature in the MacOS designed to fend off malware. This is because its developers were able to obtain a valid Apple developer certificate, which makes the attachment appear totally legitimate. Although Apple has addressed the issue by revoking the developer’s certificate of the earliest versions of the malware, the attackers remain persistent and now use a new developer ID.

How to avoid the mayhem

The Mac-targeted OSX/Dok malware is easy to avoid if you keep your wits about you when receiving zip files from unknown senders -- these files should be treated as high-risk and be reported to your IT team, quarantined, or junked. Whether you’re using a Mac or a Windows computer, clicking on suspicious ads can download and install apps from third-party sources that put your system at risk.

Mac users are not completely safe, and complacency with security could only result in compromised and irreparable systems, ruined reputation, and lost profits for businesses. For this particular malware, a simple act of vigilance may be all it takes to avoid having your Apple computer bitten by bugs. If you want to double the layer of protection for your business’s Mac computers, call us for robust security solutions.

Published with permission from TechAdvisory.org. Source.

Topic apple
May 5th, 2017

eCommerce websites take longer to create than regular websites. That’s because finding the right plugins and fine-tuning other components such as the blog page takes a lot of time. Only when you’re certain that everything’s in place should you go live with your website. Until then, take the time to double-check everything; the last thing you want is a messy website riddled with errors. Ensure customers have a positive first impression with these key indicators:

A variety of clean photos Always take photos under professional lighting to really get the best images of your products. When customers are browsing, it’s normal for them to want to see as much detail as possible, so try to include as many photos, from as many angles your prospects might want.

Clear descriptions The last thing you want to do is to confuse your customers. That’s why it’s important to include all of your products’ technical information and dimensions before creating simple and straightforward product descriptions.

Establish policies Returns and refunds are an inevitable part of online shopping. In fact, a large percentage of online shoppers make purchase decisions based solely on how streamlined the returns policy is. Make sure to establish clear policies for returning and refunding items that are easy to find for customers.

About page Customers unfamiliar with your brand need a story they can relate to on your website. In your About Us page, include information on who you are and what you do that sets you apart from the competition. Whatever you write, make it accessible from any page on your site.

Navigation Fix broken links, make navigation straightforward, and remove outdated pages. You can’t sell 404 pages to customers, and if your site doesn’t make it easy to find what they’re looking for, game over.

Design Not everyone is a web design expert, luckily you can always hire one. If your budget is tight, there are DIY site builders specifically geared toward small businesses. Or with a relatively low monthly expenditure, you can hire a managed website provider.

With more revenue originating online, small- and medium-sized-business owners can’t afford to overlook the importance of creating a fully functional eCommerce website. Prior to going live, it’s essential to go through your entire site and resolve any mistakes before consumers see them. For further information on completing eCommerce websites, feel free to call us today!

Published with permission from TechAdvisory.org. Source.

Topic Business