Ransomware Getting Much More Targeted

Ransomware has now been a major threat to businesses and other organizations for a couple of years, and 2018 is no different. For those who don’t know, ransomware is a form of malicious software (malware) that threatens the elimination of hijacked and encrypted data if a user doesn’t pay a ransom. It is known to be one of the most prolific and pervasive threats seen on the Internet today. We will take a look at how ransomware has evolved over the past several years, what the future of ransomware looks like, and what you can do to protect yourself against it.

Ransomware
Unlike most other malware threats, ransomware isn’t designed to gain access to a system to steal data. It’s also not really a con, as anyone that is inundated with ransomware is in a real threat to lose their data (or their money). Ransomware is basically one of two types of malware. Some are computer viruses that target the CPU. These are called “locker” ransomware. The other prevalent type, called “crypto” ransomware, target and encrypt access to file systems.

Whichever strand you get (and there are dozens of different strands) the basic premise is the same. After it is unpackaged to the user’s machine (or network) it encrypts access to data/processing/both and gives the system’s user instructions on how to proceed. The user then has a decision to make, pay the ransom or try to restore the data from their backup platform.

Ransomware is such a departure from normal malware in that most strands of malware tries to camouflage itself inside a user’s system or network. Ransomware makes sure you know it’s there. The past few years has seen a huge uptick in the amount of ransomware that has been deployed, both in variant, and in frequency. These attacks have hit many municipalities, businesses, and other organizations, with one purpose, to extort money.

With the litany of ransomware attacks conducted on very public forums, it has led people to start to ask, “How are these attacks carried out?” The answer may surprise you.

Delivery
You may think that such a devastating computer virus would have to be delivered by those black hat hackers who sit in a basement someplace carrying out some well-concocted scheme to defraud your company. Or maybe it’s sabotage by a disgruntled former worker who didn’t get his/her 25% raise and inexplicably still had access to the network. The truth is that, while it could be either one of those examples, it is most likely the result of an honest act of negligence by someone who has access to your network.

The majority of ransomware attacks are perpetrated by hackers that try to spoof legitimate company’s emails. Since these emails seem to be coming from a legitimate place, unwitting end-users click on links or download attachments from these emails, resulting in the malware attached being deployed on the system. The code then goes to work encrypting files or the hard drive.

User View (and What They Don’t See)
Once the ransomware has inundated the system and the file (or drive) is encrypted, the server will send a message to the victim. Typically, the user will get a notice that their files/computer has been encrypted and the only way to get the file back is to follow the instructions given in the notice. This includes payment arrangements and the dreaded countdown meter. If the user doesn’t meet the demands outlined in the notice, their data will be deleted forever, or their computer will be locked. This, of course is a terrible situation.

What the user doesn’t see, however, is that the hacker, who has control over this data or infrastructure is probably not letting this end-user off the hook. The ransomware is bad enough, to exacerbate things for this foolish user, the hacker can now do what they please with that machine. Sometimes they will include directions that will allow the hacker to steal the victim’s credentials. Even if the ransom is paid, and the files/system is returned to user as agreed upon, many of these attackers will load additional malware onto the system, allowing them to further persecute a person whose only mistake was clicking on a link they thought was a legitimate source.

How to Avoid Ransomware
Firstly, it is important to have enough security on your machine/network to ensure that any potential threat is eliminated before it can be a problem. A Unified Threat Management tool is a great solution to mitigate network problems. Not only does it have a firewall and antivirus, it comes with a spam filter that can help users from being exposed to emails rife with malware in the first place.

Secondly, training your staff on how to determine the legitimacy of any message is important. Ransomware can be deployed through email, messaging services, and social media, so educating them on how to avoid these situations is an integral step in keeping these threats off of your organization’s network.

Lastly, having a powerful and up-to-date backup of your organization’s data can be a life-saver in situations like the one outlined above. Net Activity’s BDR solution provides any organization the data protection they need through redundancy. Not only is your data backed up at regular intervals locally, it is also backed up in an offsite data center. Having up-to-date backups on hand could save your hide in several different situations.

For more information about ransomware, what you have to do to keep from experiencing it, and how to protect yourself from all manners of online threats, call us today at 216-503-5150.

If You Haven’t, Upgrading from Windows 7 Should Be a Priority

f your computer is running Windows 7 as its operating system, it’s time to start thinking about the future. Microsoft has officially unveiled the End-of-Life date for Windows 7, meaning that they will eventually stop supporting computers running the much-loved operating system. What does this mean for your business? Let’s find out.

What is End-of-Life for Operating Systems?
End-of-Life doesn’t necessarily mean that your computer’s will just stop working–rather, they will just stop receiving extended support from Microsoft. Although mainstream support for Windows 7 ended on January 15th, 2015, Microsoft will continue to provide extended support for the operating system until January 14th, 2020. Assuming you have Service Pack 1 installed, your operating system will cease to receive updates following the Windows 7 End-of-Life date. While you’re still receiving security updates, there are no new features being added to your operating system.

Basically, End-of-Life means that the operating system no longer receives any important updates, meaning that it’s a security best practice to update away from Windows 7 before it becomes a liability.

Why Does End-of-Life Exist?
There is a constant war going on between software developers and malicious entities, like hackers. They are constantly trying to undermine the efforts of security professionals to keep businesses and their technology solutions safe from threats. Software developers put out patches frequently to prevent hackers from making headway in this war, but it’s hard to support all existing versions of operating systems at all times. When Microsoft ends support for an older version of an operating system, they are essentially giving ground to hackers, but let’s face it–if you’re using older software that is no longer supported, you could stand to take advantage of more recent, user-friendly solutions with all new features in the first place.

What You Should Do
The easiest way to get around the pitfall of using older software like Windows 7 is to just install Windows 10 as soon as you can. If you can’t do so immediately, it’s best to think about preparing your organization for a move to Windows 10 in the near future. Make sure that any workstations used by your business meet the following minimum requirements.

• Processor: 1GHz processor or faster
• Memory: 1GB RAM for 32-bit; 2GB for 64-bit
• Hard disk space: Up to 20GB available
• Required video card: 800 x 600 screen resolution or higher. DirectX 9 graphics processor with WDDM driver

If your workstations don’t meet these requirements, perhaps it’s time to invest in some upgrades for them as well.

If you’re looking to keep your technology in proper working order, even in the face of End-of-Life events, Net Activity can help. Our managed services will ensure your technology stays optimized and operational for the long haul. To learn more, reach out to us at 216-503-5150.

What Does Your Technology Roadmap Look Like for 2019?

A technology roadmap is a key asset to use when planning your business for the near future. IT is volatile and demands that you always think ahead, so if you want to make sure technology doesn’t become a major pain point for your organization, it’s best to start thinking ahead. We’re here to help you get started thinking about how your business technology should change and adapt over the course of 2019.

First, we’ll give you a brief overview of what you should expect when putting together an IT roadmap. You’ll want to focus on how much growth you anticipate, as well as how technology can influence or augment this growth. Another important aspect to consider is the resources your business currently has versus how much you will need in the future to achieve your goals. Finally, think about what kind of risks are associated with how much growth you are planning for, as well as how you can minimize the chances of this affecting your organization as time passes.

Projected Growth and Technology
Over time, your business will grow, whether it’s onboarding new clients or hiring more staff to make sure operations progress smoothly. You should have a plan for how much you expect to grow over the next year, so you can make sure technology solutions can adapt to this number as needed. For example, if you suspect that you’ll onboard 10 new employees next year, you should begin to make preparations now so as to minimize the growing pains later. Bandwidth deficiencies due to unexpected growth can floor your network and access speeds, making this a particularly important aspect to consider.

Resource Planning for the Future
The same consideration should be shown for your clients. If you onboard too many clients without enough staff or resources to effectively serve them, you’re not just doing the customers a disservice–you’re harming your own business (and its reputation) in the process. By being forward-thinking about your business’ specific needs, you can prevent these kinds of issues from cropping up in the first place.

Review your existing IT systems and tactics
When you plan an IT strategy it’s important to remember that you’re not starting from scratch. Reviewing your existing IT systems and tactics will help you define problems, see what’s working and where resources can best be saved by making use of what is already available.

Risk Factors Associated with Growth
The more users and clients you onboard, the more technology your business is going to use; and the more technology your organization implements, the greater the risk of security issues. It goes without saying that the more endpoints are on your network, the more likely your business is to encounter dangerous situations. Therefore, you should have measures put in place to ensure the integrity of your data storage systems and any endpoints connected to them. This includes mobile devices, which are an aspect of data security that can quickly spiral into a major problem if left unchecked.

Ready to get started planning 2019?   Net Activity can help your business plan for the future with an IT roadmap. To learn more, reach out to us at 216-503-5150.

6 Reasons To Back Up Your Mobile Devices

Companies such as Apple, Samsung, and others have turned mobile phones into mini-computers that can serve as a substitute for your laptop, or as a storage device. If you’re using a smartphone as a communications and storage device, backing up now would be a wise move.

Malware on mobile

More than two-thirds of the world’s population use a mobile phone with internet connection, so dangers in these handy devices are to be expected. Scarier than the thought of being offline is being online and exposed to malware.

If you use your mobile devices as extensions of your work computers, backing them up is a must. Mobile phones have become as vulnerable to malware as laptops and desktops are, especially if you consider the fact that many professionals and business owners use them for emailing confidential documents and storing business-critical files.

Device disasters

Malware isn’t the only disaster that can hurt your smartphone. Because you carry it wherever you go, your device can easily be stolen, misplaced, or damaged. They may be easily replaceable, but the data they contain is not. Here are some security threats to look out for:

• Data leakage
  Something as simple as transferring files onto a public cloud storage service, or pasting confidential information in the wrong place could compromise your business. In fact, according to specialist insurance provider Beazley, “unintended disclosure” accounted for 41% of data breaches reported by healthcare organizations during the first three quarters of 2017.
• Social engineering
  Tricking people online into handing over their personal and financial data is no longer confined to desktops, as this trend is already happening on mobile devices. In a report by IBM, it was found out that users are three times more vulnerable to fall for phishing attacks on mobile devices compared to desktops. This is because phones are where people will most likely see a message first, making them a popular attack vector by cybercriminals.
• Wi-Fi interference
  When we connect our devices to public Wi-Fi networks, we are putting critical information at risk. According to Wandera, nearly a quarter of devices in 2017 connected to potentially insecure networks, and some even encountered a man-in-the-middle attack, where someone anonymously intercepts communication between two parties.
• Out-of-date devices
  A vast majority of manufacturers, most particularly on the Android front, are ineffective at providing updates for their devices. This can inconvenience end users, as this exposes them to the many threats lurking online. Some smartphones and tablets may receive a security patch from time to time, but manufacturers eventually stop doing so after a while.
• Physical device breaches
  While this may seem unlikely for some, lost or unattended devices can still become a major security risk, especially if they are not employing proper security measures such as PIN codes and encryption.

Backup options

Performing backups on iOS and Android devices is a quick and painless process. For example, companies that use Office 365 or Google’s G Suite enable company-wide backup settings from a single dashboard. Apple’s backup settings usually need to be configured on each device, but it’s a pretty simple process.

There are also robust third-party options to back up all your organization’s mobile devices. The best of these are cloud backup services that sync devices and back up contacts, photos, videos, and other critical files in one neat system. These mobile backup tools are offered on monthly or lifetime subscription schemes, which provides small businesses with enough flexibility to ensure long-term protection.

Our experts can provide practical advice on security for your business’s computers and mobile devices. Call us to ask about mobile backup and other security solutions today.

Is it Time for your Business to Upgrade Your IT? Here are the Signs…

Chances are if you are in business today, there are a lot of devices on your network that you haven’t touched in years, might not be using, or don’t even need. Unfortunately, there are times when the technology you have doesn’t really do much other than take up space. If you feel like you are spending too much on your technology, you may not be wrong. By finding the IT that helps your business do business better, and scrapping plans for implementing technology that doesn’t provide sustainable returns may be a good strategy.

When you start to ascertain whether or not a piece of technology needs to be replaced or just eliminated, the first decision you have to make is obviously how does this piece of technology affect our product/service. If you can utilize the piece of technology and it helps fulfill opportunities, promotes productivity and efficiency, or is overall just a benefit for the company, it is pretty easy to ascertain how to proceed. If the piece of technology doesn’t provide obvious benefits, then you should try and understand what the problems are and why you may need to eliminate that technology.

It isn’t always that simple. Today, we will go through technology that you might find in today’s business and describe the relevant signs that a piece of it may be failing.

Server Hard Drives
Traditional computing environments utilize hard disk drives (HDD) that generally last between three-to-five years and will show indications that a failure is imminent. They include:

• The drive is making strange noises (clicking, whirring, humming).
• Repeated crashes and software errors.
• Repeated disk errors.
• Strange computer behavior.

These can also be signs that any computer that runs an HDD. Today there are computers that have what are known as solid state drives (SSD) in them. SSDs are largely expected to last longer, five-to-seven year and don’t always have the telltale signs of failure that HDDs do. Here is where monitoring your SSD comes in. Just like the RMM service we provide at Palindrome Consulting, if you like, you can download software that will allow you to monitor the strength of your SSD.

Beyond that, there are some signs that your SSD is on its last legs. Error messages that continuously pop up, files that can’t be written or read, and there are frequent crashes during the boot phase. Upgrading your hard drive before a major failure of your IT would keep downtime to a minimum and keep costs associated with that downtime to a minimum.

Networking
Major networking problems can derail any business’ relationships. The loss of access to the Internet and the data workers need to do their jobs extends pretty quickly to the cost of the product or service, and the staff’s ability to support. If you are having a problem staying connected, or getting the bandwidth that you need, you probably have a problem with a router, switch, or some other part of your networking system.

What’s worse than having hardware that is failing? Not having that hardware in the first place. If your company needs help with their wireless network, mobile computing management system, or any other system used to connect people or move data around, reaching out to the IT professionals at Net Activity can be a great decision.

If your IT seems like it is failing there is only one way to be sure that won’t be horribly costly for your business, call our professional technicians to do a full assessment of your business’ technology today at 216-503-5150.

3 Ways to Safely Browse the Internet in the Workplace

One thing you should be doing to protect your data – and your company – is to make use of privacy-protecting browser extensions. Depending on the nature of your business, both you and your employees are likely to be online at least some, if not all, of the working day. What are some of the browser extensions that can make the experience more secure?

Prevent browser tracking

If you don’t like the idea of a third party (reputable or otherwise) being able to track your browsing habits, try installing a tool for private browsing. These programs offer protection against tracking by blocking third-party cookies as well as malware. Some extensions also boast secure Wi-Fi and bandwidth optimization and can guard against tracking and data collection from social networking sites such as Twitter, Facebook or Google+.

Block advertising

While online ads may seem harmless, the truth is they can contain scripts and widgets that send your data back to a third party. A decent ad blocking program will block banner, rollover and pop-up ads, and also prevent you from inadvertently visiting a site that may contain malware.
Many blockers contain additional features such as the ability to disable cookies and scripts used by third-parties on a site, the option to block specific items, and even options to ‘clean up’ Facebook, and hide YouTube comments. The major blockers work with Google Chrome, Safari, and Firefox and you’ll be able to find everything from user-friendly solutions to more advanced tools that are customizable down to the tiniest degree.

Consider installing a VPN

Unfortunately, browser tracking, malware, and adware are not the only internet nasties that you need to be concerned about. but the good news is that there a number of other extensions that you can download to really get a grip on your online safety. A VPN (Virtual Private Network) is something else to consider. VPNs encrypt your internet traffic, effectively shutting out anyone who may be trying to see what you’re doing.

Commonly used in countries where the internet is heavily censored by the powers that be, a VPN allows for private browsing as well as enabling users to access blocked sites – in China’s case that’s anything from blogs criticizing the government to Facebook and Instagram. There are hundreds of VPNs on the market so do a little research and find one that suits you best.

Finally, it goes without saying that having anti-virus and anti-malware software installed on your PC, tablet, and even your smartphone is crucial if you want to ensure your online safety.

Is browsing at your workplace secure? Would you like a more comprehensive security system for your business? We can tell you all about it and help your business protect itself from online threats. Get in touch with us today.

3 Ways Email Encryption Keeps Your Messages Safe

Encryption is a very important tool in today’s business environment, especially if you are trying to protect your email communications. Today, we’ll discuss the benefits of using encryption for your business’ communications solutions, but without an understanding of what encryption actually is, the conversation might be a little harder to understand.

Defining Encryption
Encryption means that your data is scrambled in a way that obscures it from just anyone viewing it. What this means for email is that only the intended recipient can decrypt it, preventing those who might try to intercept it from being able to read it. For business email, this is particularly helpful.

Security
Security is the biggest reason to use encryption, and since it’s such an effective way to obscure data from prying eyes, it’s no wonder why. Many businesses utilize private or sensitive data, making it extremely important that it’s not exposed while in transit. In contrast to the way that hackers used to go about their business–breaking into networks and stealing data–many have opted instead to simply take a peek at the data while it’s moving from point A to point B. Encryption means they can’t do this anymore… well, they can, but they won’t see anything worth stealing due to the encryption scrambling the data.

Compliance
If your industry is one that must comply with regulations regarding data privacy, you might have to use encryption, so you can dodge hefty fines for not doing so. One of the best examples is the Health Insurance Portability and Accountability Act, or HIPAA. What this states is that health information and records absolutely cannot be shared without the patient’s consent, meaning that if a hacker were to steal this information, the company responsible for storing it would be in direct violation of HIPAA. If you use encryption to make sure this doesn’t happen, you can protect your business from liability for this and your users from having their personal information stolen.

Efficiency
If you take the right measures to protect your email systems, then you’ll make the entire process easier as a whole. If you take the time to install systems that automatically encrypt your email, then that means you won’t have to manually do it.

Net Activity can help you secure your email solution. To learn more, reach out to us at 216-503-5150.

The Internet of Things Continues to Expand

The Internet of Things is now made up of over 15 billion devices. 15 billion. This number includes both consumer devices in a home environment as well as business devices that are typically used in an office setting. As such, you cannot risk ignoring this phenomenon, whether it’s from a security standpoint or one of practicality. We’ll discuss the many ways the IoT is shaping business practices in today’s modern office.

A Brief Review of the IoT
An Internet of Things device tends to have its typical functionality along with additional connection to the Internet. The only real caveat is that the device needs to not be something that would ordinarily have Internet connection as its primary function. Consider fitness devices like watches that can send data to your phone for easy viewing, as well as devices like Amazon Echo that can help you control your home with voice commands.

The convenience and “cool” factor surrounding these devices makes them popular among consumers, and as such, there is a high adoption rate for this technology. Projections place the economic value of the Internet of Things at approximately $4-$11 trillion by 2025, with some 20.4 billion devices all around the world by 2020.

Home Usage by Businesses
Since the IoT is largely associated with personal use and casual purposes, it’s largely known for being relatively insecure compared to other types of devices. However, Gartner reports that businesses are still using IoT devices, and not just to a minor degree. In fact, it’s estimated that 63% of IoT devices in 2017 were owned by consumers, while businesses contributed to 57% of the spending on IoT technology.

This trend isn’t surprising, as the kind of features that consumers want, also translate well to a business’ needs. For example, some of the devices used by consumers, like IoT powered security cameras, can also be used to monitor the office. Of course, the opposite is also true; there are devices for businesses that consumers simply can’t purchase due to the high price tag. An example of this is the smart devices used by subscription-based services like gyms. The IoT fitness equipment might be too expensive for the average user, but it’s just right for these kinds of businesses.

Barriers to the IoT
Implementing the Internet of Things in the workplace can be challenging. Before investing too much, be sure to check if there is a measurable need that the device addresses. The IoT is definitely more suited to businesses that have a lot of repetitive work, as it can be used to alleviate the monotony of these tasks. However, it’s important to make sure that an investment into the IoT will be worth it from a financial standpoint. Of course, security will continue to be a problem for IoT devices, so it’s also critical that you take this into account.

To get started thinking about the Internet of Things as an asset rather than a threat, reach out to Net Activity at 216-503-5150.

Office 365 Beefs Up Anti-Phishing Measures

There are plenty of things to love about Office 365. For a small monthly fee, it gives you the latest cloud-based version of Microsoft Office apps and robust communication tools that improve collaboration and productivity. But it’s also an extremely secure platform that can defend against the most cunning phishing attacks.

Effective anti-phishing solutions must be able to recognize the key elements of a phishing attack, which includes spoofed (or forged) emails, compromised accounts, unsafe links, and harmful attachments. In April 2018, Microsoft upgraded Office 365’s Advanced Threat Protection (ATP) features so it can better detect these elements and prevent a wide variety of phishing scams. These enhancements include:

• Anti-impersonation measures – ATP will now look for potential phishing indicators in an email, including the sender’s address, name, and links, to identify whether the user is being impersonated. You can specify high-profile targets within your organization, such as managers and C-level executives, so Office 365 can protect these users from email impersonation. Office 365 also utilizes machine learning to analyze a user’s email patterns and flag suspicious contacts that have had no prior correspondence with your company.
• Anti-spoofing technology – This feature reviews and blocks senders that disguise their true email address. You can even enable safety tips that flag certain email domains that have strange characters. For instance, if your real domain is Acme.com, a spoofed domain could be Acḿe.com.
• Email link scanning – Office 365 launched Safe Links, which scans emails for fraudulent links and redirects users to a safe page in case it does contain harmful materials. This feature also applies to email attachments, ensuring you’re protected against all types of phishing scams.

Due to these improvements, Office 365 had the lowest phish rate among other well-known email services between May 1 and September 16, 2018. The company has stopped over five billion phishing attempts and protected users against seven billion potentially malicious links. If you’re looking for a secure email platform, Office 365 is the best option for your business.

That said, it’s not a substitute for good security awareness. No matter how secure Office 365 is, employees still need to be adequately trained to recognize a phishing email when they see one. Hackers are constantly changing their tactics to evade Office 365’s detection systems, so it’s important that everyone is alert at all times.

If you need a well-fortified email service, we can implement and manage Office 365 for you. We even offer practical security advice to make sure your business, employees, and assets are safe and sound. Contact us now.

Effective Conferencing Goes a Long Way

Many organizations that don’t have the same breadth of funding and services might wind up spending more capital in attempts to compete with these larger organizations, but the way forward isn’t always clear. For small businesses that have trouble managing the many moving parts of their business, communication is key–especially in an age where so many businesses have remote employees who are not always in the office to speak to directly. We’ll discuss what the modern face of communications looks like with a particular focus on conferencing services.

Web conferencing solutions give companies like yours the opportunity to host business meetings in an online location, and all anyone needs to join is a computer (or mobile device) and an Internet connection. This gives your employees the freedom to get work done while out of the office. Additionally, there are many other benefits to using conferencing solutions. They include:

Saving on Travel Costs
In-person meetings are one of the big parts of doing business, but remote workers often can’t make this happen. Video conferencing makes this much easier, as you don’t have to worry about travel costs or being face-to-face with the others to have a conversation with someone about an important project.

Speeds Up Business
Meetings can be time-consuming. Rounding up everyone into the same room can make for a challenging and stressful situation, which is why it’s so much easier to simply use the Internet and a conferencing solution to make it happen. Since you don’t have to wait for everyone to be in physical attendance, this type of conferencing can help your business save time and money.

Flexibility
Scheduling meetings around the schedules of all other attendees can be difficult at times, as everyone has a different set of daily goals and responsibilities. Therefore, they appreciate the flexibility that a conferencing solution can offer. With the ability to share screens, collaborate in an online environment, and send out instant messages and emails, everyone can be updated about the status of the meeting easily.

Build Engagement
Conferencing gives your business the chance to engage with both current and potential clients in an easily-accessible format. Some conferencing solutions have built-in webinar options that give attendees the option to phone-in with their mobile device or with their desktop. Attendees can speak or type in the interface as well, giving you the chance to answer questions and interact with them.

A modern conferencing solution can go a long way for your business. To learn more about how you can use a conferencing solution to reduce costs, reach out to Net Activity at 216-503-5150.