Challenges of Ransomware

You arrive at work, boot up your laptop and desktop. Instead of your usual screen, however, there is a hostile message. “This operating system has been locked for security reasons” or “You have browsed illicit material and must pay a fine.” Usually the group who has locked your computer demands money or they will destroy all of your business and/or personal data. Ransomware encrypts all or most of the files on an infected device or network, using mostly Advanced Encryption Standard.This is every business owner’s nightmare. This is the crux of ransomware.

 

How Common is Ransomware?

After first emerging in Russia and Eastern Europe in 2009, ransomware has spread to Western Europe, the US and many other countries, causing high infection rates and a great deal of frustration for consumers. In one monthly study by Symantec, 68,000 computers were infected: the equivalent of 5,700 every day! Of the computers infected about 2.9 percent of compromised users paid out. This may not seem like a large amount but it adds up quickly and fairly easily for the criminals. Techniques have become more and more sophisticated with code built into ransomware programs to tailor messages to the right language and local law enforcement logo, for example.

 

Tips for Dealing with the Challenges of Ransomware

Even if a company does pay the ransom, the cybercriminals often do not restore functionality to the system thus meaning the business has lost the money and the data in one-fell-swoop. The only reliable way to restore functionality is to remove the malware.

  • Have security software installed and, most importantly, up to date with a current subscription. Remember with the thousands of new malware variants running every day, having a set of old virus definitions is almost as bad as having no protection.
  • Make sure all the software on your system is up to date. This includes the operating system, the browser and all of the plug-ins that a modern browser typically uses. One of the most common infection vectors is a malicious exploit that leverages a software vulnerability. Keeping software up to date helps minimize the likelihood that your system has an exposed vulnerability on it.
  • Make sure you are leveraging the full set of protection features delivered in your security product.
  • Do not pay the ransom! Paying the ransom may seem like a realistic response, but it is only encouraging and funding these attackers. Even if the ransom were paid, what guarantees do you have that you will actually regain access to your files?

Computer Needs – Be Proactive Rather than Reactive

We have all worked for, or dealt with companies that seem to be in a constant state of “putting out fires.” The adrenaline rush can be fun for a while but in the end it means that the focus of a business is not on the future but rather preventing a calamity from happening right at the moment.

 

What does it mean to be “proactive?”  The image we associate with “proactivity” is one of grace under stress and the ability to foresee issues and problems far into the future. Reactive, on the other hand, implies that you don’t have the initiative. You let the events set the agenda for you or your company. In short, reactive means you are at the will of the tides tossing and turning you in whatever direction it chooses. Being reactive makes it hard to stay afloat. Proactive means you anticipate the waves even when the wind is howling and the seas are rough.

 

What does this all mean for your small or medium sized business? Think of being proactive in terms of your IT department. Do you know all the security risks that could “turn the tide” so to speak in a moments notice? Do you have the most up-to-date software and password protections to guard against cyber storms? Have you completed regular backups of your data? Do you have the more advanced technology? Is your IT department ready to take on issues 24/7/365? M&H Consulting wants your company to be more proactive to safeguard you against these threats.Talk to our IT experts about what problems may lie ahead and plan accordingly. When it comes to your company’s computer needs it is always best to be proactive rather than reactive. Call M&H now.

Most Common Malware

According to CNN Money, there are almost 1 million new malware threats being released daily. If that news isn’t bad enough, they also report that malware is becoming increasingly more creative and hard to detect, even for top enterprise companies. Malware is an abbreviated term meaning “malicious software.” Malware is software that is specifically designed to gain access or damage a computer without the knowledge of the owner. It is also designed to be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. There are a variety of malware such as: adware, bots, bugs, spyware, Trojan horses, viruses, and worms.

 

    • Adware (short for advertising-supported software) is a type of malware that automatically delivers advertisements. Common examples of adware include pop-up ads on websites and advertisements that are displayed by software. In addition, it is not uncommon for adware to come bundled with spyware (see below) that is capable of tracking user activity and stealing information.
    • Bots are software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. For example, bots can create an army of infected computers (known as ‘zombies’) that are remotely controlled by the originator. These bots can send spam emails with viruses attached, spread all types of malware, or they can use your computer as part of a denial of service attack against other systems.
    • A bug is a flaw that produces an undesired outcome. Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data.
    • Spyware is generally software that performs actions on your computer with or without approval and many times without you even knowing. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more.
    • Trojans are destructive programs that look legit but attack systems as soon as they are opened and executed. Attacks can include pop up windows, or worse, they can allow unauthorized system access for hackers through back doors.
    • A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs.
    • Computer worms are among the most common types of malware. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers.

 

 

 

How to Move or Expand your Network

Moving and expanding your network can be a tedious and costly process, especially if your network isn’t wireless. Here are a few tips we’ve gathered to on how to move and/or expand your network.

Physical Network:

First you want to disassemble your network and make sure your equipment is prepared for transportation, if moving.

Then, you want to organize and plan out the location of the network in the new office space. While doing this you want to ensure that the network gets placed in the center of the office with proper ventilation and cooling and that it is in a secure area with a backup system.

Next, you should consider what IT professional you should hire to do the wiring correctly in order to have a successfully running network.

Before you go on and move, you should also alert your Internet service about any change you will be making. This also goes for when attempting to expand your network. Getting successful Internet service is critical for any job, so make sure you communicate changes properly.

Lastly, when moving your network, you want to ensure that you have all updated system documentations. Collect them all before your company moves out of the office.

When taking these steps in consideration, you can see how much of a hassle and how costly it can really be when moving a physical network. Hundreds of dollars can be wasted on the moving process itself let alone in all the details of hiring professionals for wiring, paying to expand or change your Internet service, and more. It can also be difficult to keep track of all the documentation while moving; many things can get lost or misplaced. This is when wireless network should be considered.

Wireless Network:

With wireless network, moving and expanding can be easier and much more cost efficient. It cuts down rewiring and hardware moving costs instantly. Another great aspect of having wireless network is that you don’t have to spend as much downtime as you would otherwise. Setting up new employees can be done easily, with no professional wiring.

Having wireless network and access to cloud service is non-user and non-location specific. So you can make your move whenever, wherever. Plus, increasing storage capacity can be as easy as a simple phone call to your network server.

Contact M&H if you are looking for help or advice on moving your physical network, or if you want to know more information on making the switch.

What are the Benefits to Outsourcing an IT Department?

The IT Department within a business is the department charged with establishing, monitoring and maintaining information technology systems and services. Like many small and medium sized businesses, employees may not completely understand what this, sometimes elusive, group of intelligent people even do at their office. This is usually due to the fact that what they do is all behind-the-scenes work that is only thought about when something goes terribly wrong. Businesses have become savvy however and have begun to realize that the IT department can be outsourced and still maintain the integrity of the office technology systems. Here are just a few of the benefits to outsourcing your IT Department.

 

  • Control and Reduce Costs – Let’s face it. Small and medium sized businesses have to watch every penny to continue to sustain a successful business. When you outsource your organization’s IT functions, business owners are able to control costs by paying a set monthly fee. They are also able to take advantage of their economies of scale, lower cost structures, and learned efficiencies and expertise.
  • The Ability to Focus on your Field – Your business may not have anything to do with technology. It may be law, accounting, retain or so on. By outsourcing your IT needs, businesses can focus on the job at hand and the field that they specialize in. By allowing a professional IT resource to take control, your company can free up resources to concentrate on the areas that make you successful and grow.
  • Around the Clock Monitoring – If your small/medium business has a few members of a limited IT department, they are probably not on duty 24/7. By outsourcing to a professional IT group your company can gain monitoring at every hour of the day or night, as well as on-call features, which can let you rest easy to know you are covered.
  • The Best of the Best – IT companies that specialize in only IT needs tend to have the best, most advanced technology and the most experienced professionals as a part of their vast resources. This would not be the case in most companies who have a limited budget for their IT needs.

Antivirus vs. Antimalware

There is a lot of confusion about what exactly are antivirus and antimalware, and what which one works best. Well in order to find out what their purposes are, we must clear out what viruses and malware actually are.

A virus is a code within a program that can copy itself over and can cause damage to a computer by corrupting the system and, even, destroying data.

Malware, on the other hand, is a general word for any malicious infection. This includes Trojans, Spyware, worms, adware, ransomware, and (you guessed it) viruses.

Now that this is cleared out, you are probably wondering why antivirus exists when antimalware can take care of it. Well, let’s get into the differences between these two security software.

Antivirus software was created during the uprising of computers and the Internet. Therefore, this security software was created to tackle older forms of infections, like Trojans, viruses and worms. They are programmed to protect computer users from any traditional malware that are predictable and, still, dangerous.  

Opposite to antivirus, antimalware was created more recently as newer threats began to rise. These malware tend to be much less predictable since new ones are constantly being created and released at high speeds. Antimalware seeks out for more dangerous threats than those that antivirus programs are used to handling.

With that said, if you are wondering which one should be used, the answer is both. You want to protect your computer from all malware, whether it is predicted or unpredicted.

If you need more advice on which antivirus and/or antimalware programs are best, contact M&H for help!

Why your PC is Infected, Again

You’ve probably just got through getting rid of a malware issue when, all of a sudden, a new infection has tampered with your computer again. There are many reasons why this happens but one of the main issues could be that you don’t have an efficient security system. There are many different types of malware that can infect your computer in different ways.

Viruses are codes that copy themselves over causing damages to the running system it has hooked onto.

Worms are also codes that copy themselves over but run in the background of your computer rather than hooking onto the system.

Trojans are software that usually gets downloaded because they appear to be one thing but end up turning into something malicious.

Drive-by Downloads is malware that recognizes the weaknesses in your browser and causes your system to become infected.

Adware is usually hooked onto software and uses an advertising delivery system. These are easy to get rid of by simply uninstalling the downloaded software it came with.

Spyware is software that monitors your computer by either tracking the web pages you visit or everything you do with your mouse and keyboard in order to collect any information available.

Ransomware locks down your computer so that you can’t get regular access to certain programs unless a payment is made to unlock it.

Scareware is software that scares you into believing that your computer has been infected and that they have the solution to get rid of the infection if they are paid to do so.

As you can see, digital infestation is getting more and more sneaky and much more difficult to detect and prevent on your own. The best solution for this madness is to run valuable security systems in your computer. For more information on this and other ways to prevent malware from infecting your system, contact M&H by phone or email!

Computer Back up Methods & Options

Anyone who has ever lost files after a computer crash knows it is important to back up your data. But how should you back it up? What are the differences in cost and features between different methods of backup? What should you use for your business or home computer? What data should you back up?

On-site/Local me backup

The traditional method for backing up data is to use a program or script on your computer/server to back up your data onto some local storage media. This method can be more expensive, depending on the software & hardware that are used, and it sometimes requires more maintenance than online backups. The benefits of a local backup are that it can allow fur greater depth and flexibility for retaining backups and archives, and it also allows you to keep all of your data in-house.

Examples of backup software used fur local backups are: Symantec Backup Exec, NTBackup (the built-in Windows backup program). and backup scripts. Simply copying and pasting files is another option, but most users find this too cumbersome to do repeatedly. Examples of local backup media include secondary internal hard drives in a PC. CD’s and DVD’s, external USB hard drives, flash drives, or backup tapes.

Off-site/Online File Backup

Online backup programs are becoming more and more popular. These are subscription-based services. and
they work by running a program on your computer that copies your data to a secure server hosted elsewhere
on the Internet Online backups are generally easy to use. and are most are highly reliable. The fact that the
data is stored off-site means that even if a disaster destroys your machine(s). you should still be able to
recover your data. There is a wide range of online backups available. with a wide range of fi:atures and
prices. Most online backup companies offer different plans based on the total storage yo u need.
Examples of online backup products are: Mozy. Crashplan. Carbonite. !Backup. and Venyu.
What to back up’?
The most common approach is to use a simple file backup. Many backup programs will actually select most
of your important files by default (Desktop. My Documents. etc.); however. it is important to actually check
and make sure everything is selected.
A more “complete” approach is to use an imaging solution. An imaging program will actually take a
” snapsho~· not only of your files but of the complete system state. The advantage of this would come in the
event of a hard drive failure. If a replacement hard drive were installed in the same machine, the image
backup could be used to restore the system back to its previous state (instead of having to fully reinstall
Windows. reinstall all programs. and reconfigure all settings). Imaging programs are generally more expensive

Choosing the Right Software

Making the right decision on what software you need for your business can be stressful at times, especially with the many software programs there are today. Here are a few tips to take into consideration the next time you go software hunting.

Recognize Needs vs. Wants

Avoid purchasing something your company doesn’t really need. You must analyze what needs your business currently has that needs to be taken care of. You also have to make not of the software programs you currently have and see what their strengths and weaknesses are.

Do Research

Once you have figured out what needs have to be taken care of, start doing research on potential software. There are many to choose from so, doing research on those that target the needs your business has makes it much easier to narrow down to what you want. Make sure to also research their security options, history and review. Keeping your data secure is top security.

Research the Vendor

Once you’ve done research on what the software can do, you want to do the same with the vendors. Find out how long they have been in business, how big their company is, what their visions and views are, and what their credentials are overall. This information is important in order to make sure they’re a good match for your business and will be around for a while.

Ask Questions

You want to ask vendors questions before you commit to software. Ask about provisions that will increase hidden fees throughout the contract, or of any that will help get you out of the contract. Most importantly, you want to ask them information on how to get your data back after if you were to leave the contract. A payment for your data is usually requested but it should not break the bank.

Do a Trial Run

Get a trial for software before making the final decision. This will help you make sure that the software really does contain everything your business needs. It may even help you figure out what functions your business does not need or use.

For more help on purchasing the right software, contact M&H for more information.

What is Infosec?

If you are not familiar with Infosec (short for information security) it is a policy or strategy consisting of tools like mantraps, encryption skill managements and malware detection in order to protect files and data from unauthorized access and destruction. The infosec process can involve either physical or digital security or both.

Mantraps are physical forms of infosec and it pretty much works the same way it sounds like. An example of a mantrap is the door lock system. This system is where one door cannot be unlocked or opened until the previous or door is closed or locked. This works by separating non-secure areas from secure areas and preventing unauthorized access from anyone else.

Encryption Key Management is a digital form of infosec. Encrypting data is the form of converting electronic data into a different form. The encryption key is what is needed in order to decode the data. The infosec strategy of encryption key management is essentially protecting, storing and organizing the keys so that those who are authorized to have access to the data can.

Malware Detection is a tool that can be used for infosec strategies. This is any program that can detect any programs or files that can be harmful to your computer or files. Malware is a general term for viruses, worms, Trojan horses, spyware, and all other digital infections.

If you’re looking for advice or simply need help figuring out what infosec strategy is best for your company’s security, contact the M&H Help Desk for further information.