Home » Blog » malware

Tag: malware

Invest Well in Your IT Security

“If it ain’t broke, don’t fix it” is a common and useful rule for many business owners. It serves to protect your business against unnecessary costs and unneeded downtime. While protecting your business against many types of danger, it poses an outright threat when it comes to IT security.

Security threats to your firm move so fast that your IT should be working twice as hard as your company just to keep up. Every day, hundreds of thousands of new malware threats are released. Falling even hours behind means any one of these attacks can threaten your business.

The single most dangerous thing IT security can do is stand still. Keeping up with the latest advice, technology, and updates the security industry offers is vital to keep your business safe. This makes up much of the unseen job of IT professionals. Hackers never stop looking for new ways into your system, which means your security can’t stop looking for ways to keep them out.

Modern Systems for Modern Business

One of the most common security threats a business opens itself to is using an outdated operating system or software package. Many firms are scared to upgrade, update, or renew their IT over fears of breaking legacy systems. Many rely heavily on old software and are afraid to make a large change themselves. Some businesses today still run machines on Windows XP, an operating system first released back in 2001.

Old operating systems stop receiving security updates and patches that protect against newly released attacks. These systems become very vulnerable, presenting a large target for knowledgeable hackers. This happens many years after newer versions have been released, giving knowing IT firms a chance to migrate safely.

Hackers are always on the lookout for businesses that run IT equipment outside of its suggested service life. A server, desktop computer, or peripheral is a golden opportunity for criminals to enter and threaten a business.

Hackers purchase their attacks on the dark web, safe in the knowledge that old systems won’t be patched. These attacks can then be used to attack unguarded firms to steal or compromise vital company data.

An unpatched old machine is like a valuable security door left propped open overnight, a golden opportunity for thieves.

Smart Budgets

Budgeting for business is a difficult task. We aim to make the most of everything we spend and reduce spending as much as we can. IT security can easily fall very far down the list of priorities.

IT can seem like an easy way to cut costs. It’s a department that the customer doesn’t always benefit from directly, and when it’s working well, it might not be on the radar at all. Despite working largely behind the scenes, successful IT is one of the critical components of every highly successful firm. Good IT can be the binding glue that holds the company together.

Even businesses far removed from the IT world typically uses payment machines, ordering systems, and inventory. Even restaurants and retail stores rely on computers to operate. Downtime for any critical system can be a complete disaster. A business can be unable to trade, and costs can mount up fast.

When vital IT components are used by the customer, a sales website, or an automated booking system for example, the problem can multiply tenfold.

Keep On Top Of The Essentials

Good IT isn’t built on high peaks and deep troughs in the yearly budget. The kind of IT that makes your business and helps it to grow is built by smart financing and careful planning. Great technicians are what makes excellent IT.

Maintaining steady updates, keeping pace with the latest security, and building your IT as you build your business keeps you in the driving seat when it matters most.

When IT is planned and issues are solved before they appear, security becomes cheaper, easier, and many times more effective. System upgrades can be planned out months, if not years in advance so you are never caught unaware.

Don’t let your IT be broken before you take steps to fix it. Move ahead of the curve and give us a call at 570-779-4018 so you don’t have to find out what your business looks like without IT.

What Hackers Target In Small Businesses

Hackers today have many ways to attack small businesses and business owners. Many attempt to use technology to send malware, viruses, or phishing attacks; or use information to con owners and employees into handing over more information than they should.

One or more of these techniques can be combined with gaining physical access to steal from vulnerable firms. Identifying precisely how criminals target businesses and what they deem most valuable can help to protect from the most devastating attacks out there.

Remaining vigilant and informed is one of the most vital things you can do as a business owner to protect your assets and reputation.

Extortion

Different types of attacks tend to rise and fall in popularity. Fifteen years ago, computer worms were the most common attack that businesses faced. Security software wasn’t as advanced or as widely used at it is today. Computer worms were, at the time, an exceptionally low-cost and efficient way to inflict the maximum amount of damage for minimum cost.

Today ransomware has seen an unfortunate boom in popularity. This technology aims to encrypt the target’s files on their personal computer. This technique denies the victim access and charges a large fee in exchange for the key to retrieve the victim’s own data.

The attack has worked so often because it requires minimal effort and can be used again and again. Many businesses have no option but to pay because the data is worth far more than the ransom demand the hackers have made.

The best defense against ransomware attacks, in addition to strong online security, is an up-to-date offsite backup — one that is tested to work reliably.

Targeting Customer Records

One of the most important things for your firm to take care of is your customer data records. Records which include names, dates of birth, and other personally identifying details. These details are extremely valuable to hackers or criminals who, either use them personally or sell them on to someone who will.

Many regions have strict laws and guidelines about how this information must be stored, accessed and protected. Failing to follow these can result in severe penalties that could devastate any company.

Targeting Financial Information

Like personal information, a small business must take extreme care when storing customer financial information. Sensitive details such as credit card or banking information are a key target for hackers looking to steal money fast.

The impact on your business reputation following a breach of financial data will be severe and devastating. Even a simple mistake can require years of advertising and great PR to repair. Many firms have failed to recover after losing the trust of their customers.

Social Engineering

Most firms today run good IT security packages to protect against online attacks and other forms of malware. Attackers often know to take their methods offline to achieve the best results.

Whether posing as a supplier, customer, or interested party; attackers can seek to gain information that you may be less than willing to hand over to a stranger. Small businesses can often be used to gather information on vendors and suppliers they do business with in order to attack them too.

Be particularly cautious of the information you provide when discussing business with individuals you haven’t spoken to before.

Keeping Small Business Safe

Each of these targets and attacks are just some of the most popular and hard-hitting attacks out there now. The list is forever changing, and the methods we use to protect against them always needs to change too.

Some can be defended against with great security, backups, and software. Others, such as social engineering, need you and your staff to stay up-to-date and remain vigilant about the major attacks affecting small business today.

If you need help tightening your businesses security, give us a call at 570-779-4018.

Https now

It’s Official: Your Business NEEDS to Use HTTPS

You may have noticed many business websites now have a green padlock in the address bar next to the letters ‘https’. Until recently, you’d only see that on shopping or banking sites, but it’s now become the expected norm for all business websites – even if you don’t ask people to log in or enter credit cards. Simply put, the ‘s’ in https stands for secure and means any data sent/received by the visitor is encrypted.

Clearly, it’s an essential feature for e-commerce sites, but why have all the info-only websites started using https too?

The New Google Rule

As of July 2018, Google will mark your page as insecure unless you’re using https. It’s a movement they started a few years ago to make the internet a more secure place by default. Since Google pretty much rule the internet search and increasing security is always a good idea, businesses have been gradually switching over. Without https protection, someone with access to your internet connection, whether from digital eavesdropping or hacking, could intercept the information. They could also place malware onto otherwise legitimate sites and infect innocent visitors. That’s why eighty-one of the top 100 sites online have already switched to https and a strong majority of the web is following suit.

The Browser Bar Says It All

In the same way a green padlock in the browser bar indicates a trustworthy site, you can expect non-https sites to be marked with a “not secure” warning. Previously, users had to click an information symbol to actively investigate non-secure sites. The shift to plain sight markers will be most noticeable on Chrome, however it’s expected that other browser developers will follow suit. Visitors may then be alarmed by landing on your site and seeing that the connection isn’t secure.

The fact that you may not be asking them to log in, enter personal details or payment is irrelevant. You may not be asking them to enter anything at all, but perceptions matter. Eventually that warning will be changed to an alarming red as Google declares war on unsecure sites. As the common understanding is that a warning = bad, you may get more visitors bouncing away within seconds or even contacting you to report that your site has a problem.

Boosts for Secure Sites

Google is taking its commitment to safe web browsing further by favoring https. That means the search algorithm is taking your site security into account, preferring to display results that it knows will protect users from hackers. Since https status gets the nod, you may find yourself climbing in the ranking while other businesses scramble to catch up. It really is a win-win situation.

What to Do Next

In an ideal world, your site would have a secret switch on the back-end you could flick over and suddenly be https, but it’s a little more complicated than that. In fact, you may have already noticed some sites experiencing trouble with the migration. When the setup goes wrong, users don’t see your website with a little warning in the corner, they’re blocked by a full page error and offered a return to ‘safety’ (away from your site).

The easiest way to make the move to https is to contact your IT technician or web developer, as they’ll be able to make sure you’re keeping Google happy and rolling in the green.

We can migrate your site to https – call us today at 570-779-4018

Unified Threat managment

Why Your Business Needs Unified Threat Management

Sounds scary doesn’t it? Almost like a swat team dressed in black is going to swing in and start yelling orders. While just as effective at disabling the bad guys, Unified Threat Management (UTM) is a special kind of IT solution focused on proactive protection. Consider it more like a team of virtual bodyguards that stand at the door between your business and the internet, keeping trouble out while your legitimate traffic can come and go normally.

With the increasing number of connected devices in your business network and the different ways your employees now connect, it’s more important than ever to set up dedicated security systems that give integrated protection. UTM is a series of solutions that work together, simultaneously layering your protection across the board. We’ll cover the four main inclusions here, and exactly what they can do for your business.

Robust Firewall

Put simply, a firewall keeps an eye on all the data coming in and out, looking for anything abnormal. While every home PC comes with a software firewall built in, those ones pale in comparison to what a UTM firewall can do. Remember the team of virtual bodyguards? Imagine the home firewall asking nicely if the data should be doing that, while the UTM slams the data to the ground and demands credentials. It exists to make sure the data entering your network is safe, that it’s not part of a cyber-attack, and that in the rare event your network becomes infected, your servers aren’t being used to attack another business.

Anti-virus Where it Matters

With so much new malware being released daily, it’s easy to fall behind in updates and discover you’ve been infected. Your employees are likely doing their best, but manually scanning each file can be exhausting and time-consuming. Your UTM anti-virus is built into the firewall, ensuring known or suspicious malware is stopped at the door. It doesn’t even make it through to your employees, so the risk is removed. Clearly that’s the best outcome possible and will allow your employees to work at maximum efficiency, while you can run your business with confidence.

Spam Blocking

Most cyber-attacks come via email these days, with either an attachment or a link. Once clicked, the malware is released into the network to wreak havoc. Obviously, your employees are smart enough not to open random attachments/links, so hackers use phishing emails. These are emails that look legitimate and may refer to vendors you use, financial services you have accounts with, or even seem to be from other employees. Your UTM isn’t falling for any of those disguises, it strips down each email and checks it against high-tech legitimacy markers. If it sees anything suspicious, the email is marked as spam and either held for review or bounced away.

Your employees never see the attack, so they can’t accidentally fall for it. While the UTM is monitoring for phishing/fake emails, it’s also culling out the general spam that clogs up inboxes. Employees will no longer have to spend precious minutes each day wading through the junk, and the likelihood of missing an important customer email has greatly dropped.

Content Filtering

In a perfect world, your employees would only access work-related sites and do work-related things online. Content filtering can help you limit the risk they’re bringing into your business via these websites. Your UTM can be set to restrict sites that infect computers, such as adult content, gambling or illegal downloads. It can also be used to restrict access to productivity vampires like Facebook or Pinterest, either during work hours or completely. It’s up to your policies how much you’d like to filter and whether to add any flexibility. Some businesses allow social media during lunch breaks or have special reward hours each week. Simple tweaks like this can increase productivity overnight and give you the security you’re looking for.

You can see how a layered security solution like UTM provides a space for your business to thrive, where systems are secure, employees are able to maintain efficiency, and cyber problems stay outside the doors. The way the layers work together is more effective than a patchwork of separate systems, and a UTM is much easier to configure and maintain.

We can find the right UTM solution for your business. Call us today at 570-779-4018!

mac malware

Apple devices and Macs get malware!!

I don’t like picking on Macs… Oh, wait. That is a lie. I do like picking on Macs because I am tired of hearing “Apple’s don’t get viruses or malware.” This absolutely not true!

There hasn’t been a serious ransomware outbreak on Mac but that doesn’t mean isn’t coming. There are a few ransomware programs in the wild and there has been increased activity in the mac security sector just like there has been in the PC world. Other malware and scam software are out there and on the rise.  “Our tracking of Mac malware has seen a more than 220 percent increase in malware so far in 2017 over 2016,” said Malwarebytes. The main reason that Mac desktops and laptops seem to not be affected is that they only are about 7% of computer users. They are a much small target so there are less malicious programs out there. That doesn’t mean they don’t exist. They will still steal your data if they can. WIth RaaS (Ransomware as a Service) and cross-platform malware, it is becoming easier for the bad guys to target whatever they want. They don’t even have to be proficient at programming anymore. And with an attitude like “we don’t get malware,” you might be easy pickings.

Beyond that, you are also just as likely to lose your online data as a PC user! Just because you are browsing the internet from your Mac doesn’t mean things like the Yahoo and Equifax data breaches will not affect you. You still need to be vigilant in the cloud and protect your personal information.

Protect you and your Mac

  • Backup your data – Onsite, Offsite and Cloud
  • Keep your software and OS up to date
  • Don’t use unapproved software
  • Use an extra anti-malware solution
  • Be wary of unknown websites and unsolicited email
  • Use strong password and 2fa (Two-factor authentication) wherever you can
  • Use a standard account over an admin account for everyday use
  • If you have a laptop, consider full disk encryption

We offer backup, monitoring, and antimalware solutions if you use Apple products in your business. Let us know how we can help!

6 Brilliant Ways Managed Services Can Work For You

Wouldn’t it be great to know you could access the internet from every room in the house – including the outdoor entertaining areas? How about printing wirelessly from wherever you happen to be? Many homes are embracing the flexibility of having multiple devices and users, but with each new addition come increased headaches when trying to make it all work together. They know what experience they want, but actually assembling a complex network can be like trying to juggle a live, angry octopus!

Most people don’t realize just how complex their tech setup has become. Ask around and you’ll discover homes commonly have 4 mobile devices, 2 tablets, a desktop or laptop, a printer…plus a smart TV, media streamer, and a games console …ALL of which need access to the same secure internet connection, backup systems, and protection from digital threats. Yikes!

While businesses immediately default to calling in the tech experts to make sure their system works exactly the way they need it to, residential users haven’t had that option – until now. Our managed IT services can assess your unique needs and create the perfect solution for you –everything working the way you want and within budget.

Using managed residential services has the added benefit of providing one, predictable bill for every part of your technology services, including:

Advice and setup: Our experts love to talk tech and can help you make product decisions, plan and create your ideal network environment – building in all the parental controls and security your unique situation needs. They’ll even help educate your family on best practices, cyber safety, and common threats.

Remote support: Save time and energy if something goes wrong, our experts can securely log in to remotely diagnose and repair many issues – just let us know and we’ll take care of it.

Backup: You’ll never have to worry about losing all your personal files, photos, video and music if your device is broken or stolen. Our experts will make sure everything that’s important to you is backed up regularly.

Maintenance: While your devices are pretty durable, they still need regular maintenance and cleaning. This extends the life of your device greatly and has the added benefit of making it run like new again.

Security: Every device under your managed IT plan will be automatically monitored for security issues and updated regularly. Our tech experts will ensure your network is secure, protecting you and your family on autopilot.

Cloud: We’ll make sure you have access to all your files, no matter which device you’re on, giving you true digital flexibility and (a safeguard against forgetting homework!).

With new connected devices finding their way into homes each year, it’s more important than ever to ensure your network can grow easily, with security at all levels. Remember, it only takes one unprotected device to let the malware in, even something as innocent as a remote-activated lightbulb! Our managed IT services will free you from worrying about security and maintenance, while at the same time giving you the performance and flexibility your family needs.

Find out how Managed IT Services can help you by calling us today!

Ransomware

How Much Could A Ransomware Attack Cost You?

Have you ever thought about how much your data is worth? Information is possibly the most valuable part of your business – there’s your client database, accounting software and inventory management, and of course, any intellectual property you may own. When the ransomware, WannaCry, tore through the world recently, many businesses were suddenly forced to re-assess the value of their data: was it worth saving, and what would be the deeper cost of the attack?

Most ransomware attacks cost $150-$600 to get your files released, but that’s only IF the cyber-criminals honor the payment and actually give you the decryption key. Meanwhile, new client calls are still coming in and you may find yourself unable to operate with your systems down. Paying the ransom or restoring from an unaffected backup seems like a quick fix, but it doesn’t end there. There’s still the downtime involved to restore all your data – possibly days – and that’s a lot of lost productivity. Plus, if word gets out that your data has been compromised, you may find confidence in your business plummets and your existing clients head elsewhere. That $150 ransom may end up costing well over $150,000!

Prevent Ransomware Attacks on your Business

Keep your systems up to date: WannaCry took advantage of a flaw in older versions of Windows, one that was since patched by Microsoft. But to be protected, businesses had to be up to date with their patches AND be running a supported version of Windows. Delaying patches and updates puts your business at risk – we can help you update automatically.

Lock down employee computers: Very few staff will require full administrator access to your business network. The higher their level of permissions, the more damage a person can do – either accidentally with a whoopsie click, or by inadvertently installing malware. By locking down your employee computers, you have a better chance of containing a malware attack to non-vital systems. Our experts can design an access management plan that gives you best of both worlds: flexibility PLUS security.

Educate your workplace: Most employees believe they’re being cyber-safe but the reality is quite different. Many malicious links and embedded malware have become hard to spot in an instant – which is all it takes to click and regret. We can work with your staff to establish procedures around checking links for authenticity before clicking, awareness around verifying the source of attachments, and the importance of anti-virus scanning. We’ll help get the message through!

Have a solid backup plan: When ransomware hits, a connected backup = infected backup. Unfortunately, synced options such as Dropbox immediately clone the infected files, rendering them useless. The only safe backups will be the ones both physically and electronically disconnected, with systems designed to protect against attacks like this. Our experts can set you up with a backup system that makes recovery a breeze.

Be proactive: The best way to avoid the financial cost of a ransomware attack is to prevent it from happening in the first place. Remember, many businesses were able to watch WannaCry from the sidelines, completely unaffected and seizing opportunities while their competitors were down.

Our managed services can help protect your business against the next cyber-attack.

Call us today!

Windows Updates

Why Your Windows Updates Are More Important Than Ever

Stories about hackers and virus attacks seem to be making the news almost every day, and many of these news stories include tips on how you can avoid becoming a victim. One common theme among these tips is making sure your Windows operating system up to date.

Every day hackers are trying to figure out new ways to break into Microsoft Windows and once they do find a weakness, they try and find a way to spread it. This could be through a malicious email attachment or even something that spreads without your involvement.

Updates Explained

Whenever Microsoft discovers a potential flaw, they push out a small piece of software to all Windows computers running a supported version. If set correctly, your computer will check if there’s any updates or patches and install them automatically. In new versions, this usually happens when you’re shutting down or starting up, and doesn’t impact your experience at all. Unfortunately, some users will manually disable or delay their updates, creating a risky situation.

The update may include security patches, drivers or a simple tweak to address bugs or issues with Windows. Sometimes, they even include new features or applications to improve the stability of your operating system. They’re a good thing!

Not All Versions Get Updates

Some older operating systems are no longer supported, which means unless there are extenuating circumstances, Microsoft won’t issue any new updates. Not a single one – generally, if cyber criminals discover a flaw after support ends, they’re free to exploit it. For example, Windows XP support ended in 2014, and Windows Vista just ended in April this year. The moment an operating system is retired it becomes a playground for cyber-criminals.

It’s not just Microsoft walking away from these old versions either. Third party software like the Google Chrome browser will still work, but they’ve also stopped supporting old versions with crucial updates and patches. It might seem like everything is working fine because your anti-virus isn’t pinging in alarm, but it just becomes a case of risk, upon risk, upon risk.

What to do with older Windows

As much as you’re comfortable with your older version of Windows, each time you boot up you’re exposing your system, important files and entire network. It only takes one weak entry point in the chain to allow malware into all connected devices. That could mean your photo storage, media center or even smart appliances. It’s not worth it – if you’re running Windows XP or Vista (or older), you need to update to a more modern operating system ASAP. Give us a call to upgrade your computer.

We can also monitor your system remotely and apply your Windows updates with our Managed Services packages, ensuring you are always up to date and protected. Give us a call Today!

WannaCry Ransomware Explained: Is Your Business At Risk?

You’d be hard-pressed to miss last week’s biggest headline, the WannaCry cyber-attack sent shockwaves around the globe. Businesses of all sizes and even police departments found themselves crippled without warning.

Among the most prominent victims were many NHS hospitals in the UK, affecting up to 70,000 individual devices such as essential MRI scanners and blood-storage refrigerators. But by the time it hit the news, it was too late – either your system was protected, or it was infected. Here’s how it all went so wrong.

What is WannaCry?

The WannaCry cyber-attack was a type of malware (the collective name for computer viruses & bad juju) called ‘ransomware’. Just like the name suggests, it’s actually a demand for money. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until you pay. In this case, the price was set at $300, payable with internet currency Bitcoin, and you had 3 days to pay before it doubled. If you didn’t pay, the ransomware threatened to delete your files permanently. It’s yet unknown how much money the WannaCry hackers have earned with their latest attack, but you can be sure plenty of people have paid the ransom. Even the FBI recommends paying the ransom, especially if the ransomed files are of a sensitive nature or weren’t backed up.

How It Spread So Fast

It seems WannaCry may be a ‘computer worm’ that self-replicates and spreads, rather than a phishing attack that needs to be activated with a click. So far, no common trigger has been identified, as is normally the case with phishing links. WannaCry moved rapidly from system to system, spreading out through the entire network, including all connected backups and storage devices. At the same time, it spread out to infect other networks, who then spread it further, and so on. Given the nature of the internet, it was everywhere within hours.

Why Some Businesses Were Safe

WannaCry could ONLY infect systems that have fallen 2 months behind in their Windows updates. This is because it was created to take advantage of a specific vulnerability in Windows, one which Microsoft patched months ago. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – no longer supported). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected – the virus literally had no way in

It just goes to show the importance of staying up to date. We haven’t seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick update could protect your business from weeks of downtime and lost revenue, making attacks like this a non-issue.

With our managed services, we can make sure you stay up to date – and protected. Give us a call today at 570-779-4018.

AntiSpam Filtering

4 Important Reasons to Use Anti-Spam Filtering in your Business

Remember when spam was obvious, and unless you desperately needed a special blue pill, it was easy to identify and ignore? Those were the days! The impact on your business would have been minimal, as spam was more an annoyance than anything else. Unfortunately, spam has matured into an aggressive threat, marked by sophisticated attacks and rapidly evolving techniques. It’s not just random electronic junk mail anymore and it’s putting a costly strain on your business resources.

How Spam Impacts Your Business

Spam now contains malware, with hackers sending cleverly disguised emails to your business. Once clicked by an employee, it infects your computer system (virus) or steals your private data (phishing). The malware can then spread across the entire computer network and beyond, including to your clients and vendors. The very fact that your employees must pause and examine every single link and attachment adds hours of lost productivity. Occasionally, spam is so convincing that only an expert would be able to visually identify it. Employees are also more likely to miss an important email, either not seeing it arrive at the same time as a spam attack or becoming overwhelmed with the sheer number of emails.

How Anti-Spam Can Save Your Business

  1. Block threats: The spam filter’s purpose is to block the spam from ever reaching your employees’ screens. The threat is automatically identified and either held securely or immediately deleted. This is the best way to avoid activating spam malware, as it’s so easy to click through links in an email that seems authentic and important. The effects of that one spam click may be instantaneous or may lie hidden for months. Removing the email before it becomes a risk is a much better option.
  2. Filter legitimate emails: Real mail needs to be able to stand out and avoid the trash. Anti-spam filtering has sophisticated recognition abilities which block spam only and allow real mail to land safely in mailboxes.
  3. Meet data regulations: Many businesses are subject to strict privacy and data storage regulations, some more so than others. To continue operation, they have to meet conditions including always using spam filtering to reduce the risk of data breach.
  4. Protect your business reputation: You can see how uncomfortable CEOs are when they hold press conferences to admit a breach. They must acknowledge that they failed to protect client data, or that users may be infected with a virus. Not only do they then face financial loss, their business reputation takes a nosedive. Anti-spam filtering can ensure these types of scenarios don’t happen to you.

Filtering has come a long way in recent years, with complex algorithms identifying and catching spam before it becomes a risk to your business. Real emails can now pass safely through without the classic catch cry of ‘check the spam folder’, and businesses can work with greater productivity and safety than ever before. You need email, but you definitely don’t need spam or the chaos it brings to your business.

We can block spam and keep your legitimate emails flowing. Call us at 570-779-4018 today!