People are busy, working fast, tired, and overly trusting. Cyber crooks are targeting people's preoccupation and fears around the coronavirus. IT can do its best, but one bad click can breach a system. Learn about current COVID-19 related IT threats in our latest ebook.
Ransomware is a well-named type of cyberattack. Cybercriminals taking this approach kidnap your data. After accessing your network, they encrypt files and demand payment for the passcode. Here are the top seven things you need to know about this business threat.
#1 It Can Happen to You
Cybercriminals rely on your false confidence. Don’t think “it won’t happen to me.” Attacks on government, education, healthcare, or financial institutions get publicity. Yet organizations of all types and sizes are targeted.
#2 Ransomware Spreads Fast
Ransomware is malware, malicious software that can reach throughout a network. So, if Jane from accounting opens a ransomware file, every single computer on your business network could be infected. The virus can spread between businesses, too. Consider the debilitating WannaCry ransomware attack of 2017. Within four days of its first detection in Europe, the strain had spread to 116 countries.
#3 Ransomware Targets People
A common method to send out phishing emails in the hope of having people enter their access credentials. Targeted business communication emails work, too. The attacker gets to know your business first. Then they send an email impersonating a colleague, supplier, or customer asking you to take action or update contact details by clicking on the link or downloading a file.
#4 Ransomware is Costly
Once the ransomware is installed on your system, it locks down your files. To regain access to the files, you need the password or decryption key the attacker supplies when you pay up; that’s if they keep their end of the bargain once you pay the ransom. These are crooks you’re dealing with after all!
In Coveware’s analysis of Q3 2019, the average ransom payment increased by 13% to $41,198 as compared to $36,295 in Q2 of 2019. And that’s just the cost of the ransom. Indirect costs include the cost of downtime, lost revenue, and long-term brand damage. There’s also the expense of removing the ransomware, forensic analysis, and rebuilding systems.
The average ransomware attack in Q3 2019 resulted in 12.1 days of downtime. – Coveware
#5 Ransom Requires Cryptocurrency
Ransom payment is usually made by bitcoin or another cryptocurrency. Your business needs to buy cryptocurrency with actual cash, then transmit the ransom. They choose cryptocurrency because it’s very difficult to trace. It doesn’t help you that bitcoin is not something you can charge back like a credit card.
#6 A Recovery Plan Helps
Planning in advance can help you respond more reasonably. Document plans to disconnect infected computers from the network as soon as possible. Also, power down any machines that could be vulnerable to avoid spreading contagion.
You should also discuss in advance whether or not your business will pay a ransom. Weighing the costs and benefits without a deadline on the decision can help you react more strategically.
#7 You Can Take Action
You don’t have to sit around worrying and waiting for a ransomware attack. There are many things you can do to help prevent this type of attack:
- Filter traffic, preventing it from coming into your network in the first place.
- Scan inbound emails for known threats, and block certain attachment types.
- Use antivirus and anti-spam solutions and regularly upgrade and patch vulnerable software.
- Educate all users about social engineering.
- Allow remote access to your network only from secure virtual private networks.
- Back up your data to more than one location so that you can restore any impacted files from a known source.
Ransomware is a lucrative, relatively easy mode of attack for cybercriminals. They could target your business. Contact us today for help implementing the best protection practices to keep your data safe. Call us at 432-279-0671
Security and privacy are at the very top of our priorities when considering business IT needs. Major data leaks are in mainstream news on a near-daily basis and hundreds of thousands, if not millions, of customers, are impacted every time they happen. Our number one goal is to make sure our businesses are kept out of danger.
Major institutions, such as multi-national banks and credit card companies, are expected to handle your data well. Unfortunately, less secured businesses require access to our data too.
Even just booking into a hotel often requires you to leave your name, address, date of birth, passport number, and credit card details. These few pieces of information are more than enough to steal your identity, start a line of credit, and access many of your vital services. You can often only hope your chosen hotel handles your information as well as your bank does.
Securing Your Business with Smarter Thinking
There is no way to change how your favorite hotel service operates, but you can affect your own business to improve its security for your customers.
You don’t need the manpower or funding of a major banking chain to handle data securely. With simple tweaks and powerful changes, you can minimize the chances of your business suffering a data breach big enough close your doors for good.
By stepping up IT security to meet modern threats, you can help to limit your liability, put customer’s minds at ease and give your firm a competitive advantage. Should hackers attack, the work you do today will limit the damage and help you to weather the storm.
Limit Your Data Collection
The single most important thing to consider when securing your business is how much data do you really need to hold anyway? Carefully consider the value of every piece of personal information you collect in any given transaction. Do you have a use for everything you ask for?
Emails, addresses, and contact numbers are useful for receipts and marketing, but additional data many firms collect is often useless and wasteful. Each piece of unnecessary data you hold represents additional value to hackers and thieves. While you may be unable to use your own stored data, hackers will find great value in gathering more personal information. This increases your liability without adding any extra value.
Consider Your Access Requirements
Think carefully about who has access to the information within your business and precisely why they need to access it. Often security problems begin when employees have blanket privileges to access everything within the firm.
Access restrictions should be specific to the company structure. Low-level employees should be limited to only what is strictly required for their role. Managers, for example, are likely to need systems that their junior staff cannot access.
Physical access restrictions are critical too. Unattended computers and mobile devices should require a password or identity verification to log on.
Treating Data with Care
The way you treat your data in day-to-day business reflects the impact hackers or IT disaster will have on your business when it is lost. Do you know where your backups are, and when they were last tested? Firms often first know they are in trouble when they realize all their data is stored on a business laptop or device that could be easily lost or stolen. Some firms maintain backups on USB drives or shuttle a portable hard drive between home and work.
These solutions should have no place in a professional business environment. Proper data care means regular, tested backups that are secure against fire, theft, or online hacks. Data on laptops and cell phones should be encrypted that way if lost or stolen the thieves can’t get at the data. Protecting your customers and your business is all about the smart application of IT knowledge in a cost-effective and efficient way.
N-Line Technologies has been helping businesses in Midland, Odessa, and the Permian Basin since 2001.
We can help you to lock down your business to protect the most valuable assets your business owns, data.
Click HERE or Call us at 432-279-0671
You may not think so. But you could be if you're using Microsoft products reaching the end of support next year.
Microsoft won't provide security updates for popular business tools after January 2020.
This affects you if you're using Windows 7 as your laptop or desktop operating system.
Or you're relying on 2010 Microsoft Office for Word, Excel or PowerPoint.
Maybe your business server is running Windows Server 2008R2 or Small Business Server 2011.
Perhaps Exchange 2010 controls your email and calendars.
If so, this news is a big deal.
It's like pest control. Microsoft was helping your IT team keep cybercriminals at bay. In 2020, they're going to stop trying to identify and fix any vulnerabilities.
You might want to take your chances and stick with the Microsoft products you already have. If you do, you'll run the risk of a costly data breach, malware infection, or other cyber threats.
Instead, think of this as an opportunity to do business even better. Upgrading your Windows products means working with faster tools offering improved functionality.
Like the cloud-based Office 365 which lets users access email, calendar sharing, and files in real time from any device, wherever they are.
Don't wait to secure your PCs from cyber creepy crawlies. Our latest ebook explains what's happening and what your business can do to stay safe in 2020.
Fill out the form below and get your
FREE eBOOK right now!
Let’s face it getting hit with a ransomware attack just plain sucks, your files get encrypted by cybercriminals and are held hostage. You are then left having to decide: should we pay to get them back? Sadly, this is a scene that’s played out across the world with 70% of businesses saying ‘yes’ in 2016 alone. Here’s what you should consider if you’re ever in this situation.
Do you trust them?
We have all seen the TV shows where the rich guy’s son or daughter is kidnapped and when they pay the ransom the kidnappers take the money and kill the kid. This situation is no different. The cold fact is that they’re criminals holding your data hostage, how confident are you that they’ll send the decryption key after you pay up? Most attackers demand you send the payment via untraceable Bitcoin, so you can do nothing if they take the money and run. You’re also equally trapped if they decide they asked too little and come back with increasingly higher demands. If they do send the decryption key, be aware they still have access to your systems and can hit you again at any time until your network is disinfected by experts. Businesses don’t exactly want the embarrassment of a breach publicized either, so many don’t admit to paying the ransom, whether it went to plan or otherwise.
Can you manage the impact?
In the best-case scenario, you can wipe the affected drives and restore from a clean backup without paying the ransom. You might even decide the encrypted files aren’t that important and simply let them go, or even wipe a whole laptop or workstation. On the other hand, if your data management comes under any special regulations, like health or legal, you may find the attack has a much wider, more intense impact. The attacker will usually give you a countdown to motivate a payment, with a threat of deletion when it hits zero. If the data isn’t that valuable, or you have confirmed backups, this urgency has no effect. There are also new types of ransomware like “KillDisk” which can permanently wipe your entire hard drive or even your entire network.
How much do they want?
Cybercriminals rarely send out global attacks with set amounts, instead, they prefer to customize the ransom based on how much they think you can pay. Large corporations and hospitals are hit with very high demands, while small business demands are more modest. They may be criminals, but they’re smart people who know your financial limits. They’ll also consider how much similar businesses have paid and how quickly, then expect you to follow suit.
Are your backups good?
Many businesses are discovering too late that their backup systems aren’t good enough to withstand this kind of attack. Often the backups themselves become infected too, they weren’t up-to-date or they backed up the wrong data. OUCH. It’s worth doing some quick checks on your backup processes because even if you must shut down the system for a day so you can recover, you’re still light years ahead of those without them.
What’s your policy?
More and more often, businesses are adding ransomware to their disaster recovery plans and having predefined actions mapped out. Seemingly simple inclusions like who has final say over the payment decision can stop this chaos in its tracks. Employees and management alike can then approach the situation calmly, ready to make the best decisions for the business.
Stay safe in the first place
Ransomware is just plain evil and it is showing no signs of slowing down. There is just too much easy money for the crooks. As more businesses keep them funded the cybercriminals are steadily launching new attacks and making it their full-time job. Most attacks come via phishing emails – those emails that trick employees into clicking a link – and they can be extremely convincing. While training helps people spot them, it’s no guarantee. We recommend using business-class spam filters, such as our excellent “N-Line Spam Control” Product, to catch these types of emails before they land in your employee inboxes. You want that ransomware attack be something that happens to other businesses, not yours.
N-Line Technologies can help you secure your data systems now!
Call us at 432-279-0671
We proudly service Midland and Odessa Texas and the Permian Basin area.
Contact us today!
We all love our Google, quickly finding everything we need on the Internet. It’s replaced dictionaries, encyclopedias, instruction manuals, newspapers and in many cases, even doctors. However, sometimes your search results aren’t the real thing and can be downright malicious. Here’s how to search safely:
Pay attention to the URL in Google
Below every result title, there’s a URL in green. No matter what the title says, this URL is where your click will take you. Unfortunately, cyber-criminals will often list their site with a familiar and trusted title but link you to their scam/malware pages.
For example, the title could be your bank name (eg, Example Bank), which seems legitimate, but the URL could be www.baabpjhg.com which is obviously not your bank. Sometimes they’ll attempt to trick you by putting the real site into the link too, eg www.baabpjhg.com/examplebank.com which makes it even more likely to catch you when skimming through results quickly. When you visit the page, it might look exactly like your bank’s site and ask for your login details, which are then harvested for the attack. While jibberish in the link is pretty easy to spot, sometimes they’ll take advantage of a small typo that you can easily miss. For example, www.exampebank.com (missing the letter L).
Notice Google search results vs paid ads
Google does a pretty good job at making sure the most relevant and legitimate sites are at the top of the list. However, paid ads will usually appear above them. Most of the time, these paid ads are also legitimate (and you can quickly check the URL to verify), but occasionally cybercriminals are able to promote their malicious site to the top and catch thousands of victims before being removed.
Believe Google’s malicious site alerts
Sometimes Google knows when something is wrong with a site. It could be a legitimate site that was recently hacked, a security setting that’s malfunctioned, or the site was reported to them as compromised. When this happens, Google stops you clicking through with a message saying “this website may be harmful” or “this site may harm your computer”. Stop immediately, and trust that Google has detected something you don’t want in your house.
Turn on safe search
You can filter out explicit results by turning on Google Safe Search. While not strictly a cyber-security issue, it can still provide a safer Google experience. Safe Search is normally suggested as a way to protect browsing children, but it also helps adults who aren’t interested in having their search results cluttered with inappropriate links, many of which lead to high-risk sites. Switch Safe Search on/off by clicking Settings > Safe Search.
Need some help securing your system? Give us a call at 432-279-0671
On June 27, 2017, the “Petya” ransomware strain began spreading widely impacting a large number of organizations, particularly in Europe.
Petya ransomware encrypts the master boot records of infected Windows computers, making affected machines unusable. Open-source reports indicate that the ransomware exploits vulnerabilities in Server Message Block (SMB). It has two layers of encryption: one that individually encrypts target files on the computer and another one that encrypts NTFS structures. This approach prevents victims’ computers from being booted up in a live OS environment and retrieving stored information or samples. Additionally, after the encryption process is complete, the ransomware has a specialized routine that forcefully crashes the computer to trigger a reboot that renders the computer unusable until a $300 ransom is paid.
N-Line Managed Antivirus protects you against this virus attack. For those of you not subscribed to our Antivirus product, you should update your Antivirus immediately and run Windows Update to make sure your system is fully patched and thus protected against the SMB fault that this virus exploits.
If you need assistance please contact us or call 432-279-0671
WannaCry Ransomware Explained: Is Your Business At Risk?
You’d be hard-pressed to miss May’s biggest headline, the WannaCry cyber-attack sent shockwaves around the globe. Businesses of all sizes and even police departments found themselves crippled without warning.
Among the most prominent victims were many NHS hospitals in the UK, affecting up to 70,000 individual devices such as essential MRI scanners and blood-storage refrigerators. But by the time it hit the news, it was too late – either your system was protected, or it was infected. Here’s how it all went so wrong.
What is WannaCry?
The WannaCry cyber-attack was a type of malware (the collective name for computer viruses & bad juju) called ‘ransomware’. Just like the name suggests, it’s actually a demand for money. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until you pay. In this case, the price was set at $300, payable with internet currency Bitcoin, and you had 3 days to pay before it doubled. If you didn’t pay, the ransomware threatened to delete your files permanently. It’s yet unknown how much money the WannaCry hackers have earned with their latest attack, but you can be sure plenty of people have paid the ransom. Even the FBI recommends paying the ransom, especially if the ransomed files are of a sensitive nature or weren’t backed up.
How It Spread So Fast
It seems WannaCry may be a ‘computer worm’ that self-replicates and spreads, rather than a phishing attack that needs to be activated with a click. So far, no common trigger has been identified, as is normally the case with phishing links. WannaCry moved rapidly from system to system, spreading out through the entire network, including all connected backups and storage devices. At the same time, it spread out to infect other networks, who then spread it further, and so on. Given the nature of the internet, it was everywhere within hours.
Why Some Businesses Were Safe
WannaCry could ONLY infect systems that have fallen 2 months behind in their Windows updates. This is because it was created to take advantage of a specific vulnerability in Windows, one which Microsoft patched months ago. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – no longer supported). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected – the virus literally had no way in
It just goes to show the importance of staying up to date. We haven’t seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick update could protect your business from weeks of downtime and lost revenue, making attacks like this a non-issue.
With our managed services, we can make sure you stay up to date – and protected. Give us a call today at 432-279-0671.