Ho Ho Ho – Have a virus-free Christmas and a malware free New Year. It’s only a few days and holiday season will be with us. At this time of year, we often see an increase in malware activity and clients concerned about shopping online. This article is intended to help our clients and prospective clients stay virus free. Christmas has always been a virus author’s paradise, and a computer user’s nemesis.
The short-history of Christmas malware.
- “Christmas Tree” (AKA Christma Exec) was spread in December 1987 and was an email-aware worm.
- In 1990 the same worm resurfaced and forced IBM to shut down its network of 350,000 terminals.
- Christmas 1999 saw the Melissa virus spread via email. It infected computers and Microsoft word documents, as well as attempting to reformat the C: drive.
- At the same time, a game was being widely spread by email. “Elf Bowling” where Santa tried to knock down a pack of elves with a bowling ball. This game, of course, was infected with a virus.
- At Christmas 2000 the Navidad virus spread via email masquerading as an electronic Christmas card.
- Christmas 2001 saw a similar methodology to spread the Maldal virus.
- The Zafi virus spread in 2004. Spreading fear rather than cheer.
- Christmas 2007 saw the Dorf or Storm worm posing as a sexy striptease by Mrs. Claus.
- Christmas 2009 saw the Koobface worm, which targeted users of Social networks like FaceBook.
- To skip a few years for the sake of brevity and the risk of boring our readers, we can see that these threats have not gone away. In fact, with Ransomware being the cyber criminal’s weapon of choice these days has seen significant growth creating more headaches than before.
- 2017 saw the merry Christmas ransomware distribution. After detonation on a user’s system, the Ransom note would be presented with a picture of Santa standing next to a bomb saying that all your computer data is encrypted and unless you pay within a defined time that all your files would be deleted. This was way more serious than a relatively harmless card we saw some 30 years prior.
Hints for Staying Safe and Virus free.
- Don’t let your guard down just because it’s the festive season – Hackers, Crackers and Virus attackers prey on those that do.
- When you start back at work, most people just want to open their email and deal with the deluge. Because malware is often spread by email, it’s a better idea to ensure your Antivirus and Operating System patches have updated first.
- Similarly, If you wake up to a new computer under the Christmas tree, don’t forget to put it through a security update and to install anti-virus software before you get busy online. (Even if the update takes several hours, it’ll spoil your fun a lot less than being owned by a hacker before lunchtime.)
- Social media users love to spread hoaxes, especially during the festive season. Before you press that share button think. If in doubt go to the Hoax-Slayer website (hoax-slayer.com) and check it out first. Nobody gives away free Range Rovers just for a like and your private email address and phone number. Many think a hoax competition does no harm other than wasting everybody’s time. Maybe you should think about it carefully as now some low-life cybercriminal has your personal contact details with which to direct further attacks.
Microsoft Office 365 provides so many benefits for an organisation in terms of increased productivity, mobility and access to your data and communications no matter where you are allowing a quicker response to problems. All this, plus greater collaboration between staff members due to the power of the cloud.
For many organisations the fear of the unknown stops them from reaping the benefits of Microsoft Office 365 but once you have experienced its power there is no going back. Computer Troubleshooters as an Office 365 expert helps organisations minimise the risk and disruption of a migration to Microsoft Office 365.
How does Computer Troubleshooters mitigate the risks of transitioning to Microsoft 365?
The key services provided by Computer Troubleshooters include an initial IT assessment. This is supported by the development of a plan that outlines how an organisation can benefit through the application of Microsoft Office 365 in terms of daily communications and workflows. This includes a plan for migration and the ongoing maintenance and management of Microsoft Office 365.
One of the key benefits is less headaches around licence version control, renewals of licences and ensuring all licences are legitimate, let alone concerning yourself with infrastructure (email servers, back up security) to run your email system.
This combined with a subscription monthly fee means it is a lot easier to plan and budget for the IT expenditure related to software, infrastructure and maintenance of your IT System.
How does support work for Microsoft Office 365?
For a small monthly fee, you can engage your Computer Troubleshooter technician to manage your Microsoft Office 365 environment. This means you have peace of mind and a first level of response with a person you have trust in and a person who understands your business.
Your Computer Troubleshooter technician will constantly ensure that you are managing your users, maintaining and resetting passwords. At the same time, they will be checking that your system is running at optimal performance and therefore they are preventing issues that may be brewing.
Microsoft offer standard technical support and if an event is classified as critical, this is defined as an event that prevent you from accessing or using services, you can expect a response within one hour. Microsoft Office 365 support is focused around the operation of their centralised hosted applications theta they control within their data centers.
Why engage a professional technician to support your Office 365 implementation?
The simple reality is that for every minute your business is affected by an IT event that creates downtime then your businesses productivity is impacted and as a result impacts your revenue, and profitability.
The other factors to consider are cost control as you now have affixed monthly cost that is directly aligned to the number of staff you are employing. You only pay for what you need supported.
As Microsoft 365 is a cloud product, so consequently there is rarely fees for call outs as the product is supported remotely by the technician.
Access to an expert who specialises in Microsoft Office 365. This means you can rest easy knowing that your local expert is able to utilise their years of experience to your businesses benefit. Microsoft Office 365 is a critical platform of your business and by outsourcing to the specialist means no headache employing people, training them and managing their performance. All these activities are draining and divert your attention away from your core business activities.
How does Microsoft Office 365 allow my business to grow?
Given today’s changing technology environment, changing expectations of the younger generation, and the need for greater flexibility as to where employees work, Microsoft Office 365 allows a small business to meet these challenges head on.
How? With the power of the cloud, flexible communication technologies, and the applications available MS Word, MS Excel, Powerpoint, Outlook and Skype for Business, allows each small business to develop efficient collaboration between staff and increased communication capability between staff no matter what location, device being used or time of day.
It means every business can look professional and compete against each other no matter what size they are.
A Dimensional research survey of 300 SMB professionals indicated that the key requirement, for small business is “anytime, anywhere access to data and applications makes employees more effective” (1) using Office 365 enables this ensuring that a business is maximizing the opportunity for staff to be more productive, through effective sharing of documents no matter where your team is.
The new generation of workers are using mobile technology at levels we have never seen before. They are mobile in nature and expect to be able to work from any device. Email delivered to the phone, the ability to access documents and work on those immediately is all possible on the phone with Microsoft Office 365.
What is your first step to make certain you are utilising Microsoft Office 365 effectively or the first step to see how you can benefit from Microsoft Office 365 is to call your nearest Computer troubleshooter on 1300 28 28 78 or visit www.computertroublehsooters.com.au
1) Bridging the Information Worker Productivity Gap: New Challenges and Opportunities for IT, IDC, September 2012
The latest Security Flaw: Wifi KRACK
Sounds scary and technical, another vulnerability, another frightening acronym KRACK, makes one think what is the risk and how does one overcome this concern?
It’s been everywhere in the news, social media and blogs for the past week and this article will aim to try and simplify the technical side and answer some of the questions one has.
What does KRACK stand for?
Discovered and named by Marty Vanhoef a Belgian researcher, KRACK stands for Key Reinstallation Attack. This in effect is a security flaw which allows a hacker (attacker) to break the internet communications between a router and a device. For the weakness to be exploited though the hacker needs to be in close physical proximity of the access point of the communications.
What does this mean for an individual or a business?
It means there is a potential for a cyber security incident where the attacker can capture or interrupt the flow of information from your communications or they can use the weakness to potentially inject and manipulate data. For example, this may mean an attacker injecting ransomware or other malware into websites.
What is at risk?
Like all vulnerabilities, the risk is the loss of sensitive information such as credit card numbers, passwords, emails, photos, and documents.
What is the most likely scenario for a KRACK attack?
This is difficult to say as there are potentially so many situations, however, one potential target is those organizations that provide wifi access without a lot of IT resources. An example of this would be your local coffee shop.
Is changing passwords the best way to protect myself?
Changing passwords regularly is a basic security measure that is recommended, however, this will not prevent or mitigate an attack. In fact, the key element to protect yourself includes ensuring all devices are up to date with the latest updates. This includes ensuring the firmware on your router is updated.
A simple tip is to ensure you have automatic updates turned on which will help ensure you have the latest versions and protection installed.
Until you are sure that your device has been updated limit your usage of public networks especially with phones utilizing the Android operating system.
Only transact with websites that have an SSL certificate meaning that the sites URL will start with https instead of HTTP. This in effect means the site is using encryption which therefore makes it difficult to see what data is being transferred.
Keep yourself informed and be sensible with your usage of public wifi if in doubt do not connect and turn the wifi option off on your device. If still uncertain contact our nearest Computer Troubleshooter on 1300 28 28 78 and ask for a KRACK risk assessment.
Cyber security threats are continually evolving. Viruses, worms, trojan horses, spyware, phishing, adware and scareware have all been around for a long time. Lately, one particular form of malware known as ransomware has been creating havoc with businesses and organizations worldwide.
Ransomware when detonated works by locking up your files using encryption. You are then asked to pay a ransom to get the code that allows you to unlock your files. Lately, some cyber criminals don’t even add value to this “service” they offer. They just take your ransom and don’t give you the code.
Many customers we see during our daily work (and rescues) don’t even have the most basic cyber security measures in place. This article is intended for the non-technical amongst us to assist and educate about the need to protect computer users against these ever-evolving cyber threats.
In every case we have seen so far, the ransomware package has been physically detonated by a human using the endpoint. Ransomware mostly arrives in email as either an attachment or as a link to a malicious or compromised website. It can also be spread from software downloads, websites and advertising delivered over online ad networks.
What can you do?
Educating yourself and your employees are the #1 defense against cyber criminals.
- Three years ago, in the olden days, we used to say don’t open an email or attachment from someone you don’t know. These days that rule still applies, however, we have seen cases of ransomware being “redistributed” to everybody in the victim’s email address book, so it’s not just people you don’t know that you can’t trust.
- Think about that attachment or link you are about to open. Common sense applies. Were you really expecting an invoice from your mother? Were you really expecting that traffic ticket from the police? (Think – how did the Police ever get your email address?)
- If in doubt about an email then phone the person up and ask if they just sent you that attachment. Better to be safe than sorry.
The most basic cyber security needed on your computers and network.
- Every endpoint in your network (Cell-phones, Laptops, Desktops, Servers etc.) must have up to date and functional business grade Anti-Virus software.
- Apply Operating System patches. Manufacturers like Apple, Microsoft and others regularly release patches and updates to fix vulnerabilities that have been discovered (mostly by cyber criminals) in their operating systems.
- Apply application patches. Products like Office, Adobe, Chrome to name but a few, all have vulnerabilities and exploits. As these exploits get discovered patches are released by the manufacturers to remedy the situation.
- Always use the latest version of the operating system available. Whilst Microsoft’s Windows 7 is still around and a good operating system, Windows 10 is inherently much more secure.
- Restrict administrative privileges. Only log in as the administrator to perform administrative functions. Your regular login (and your employees) should only have standard user rights. Why? This makes it harder for malware to be installed, as installation usually requires administrative privileges.
- Backup your data daily. This needs to be business grade and not to a shared drive on the network. Why? Most ransomware will spread to every “share” it can find – too bad if that is your backup. With regards to ransomware the phrase “Backup or Pay up” springs to mind.
Beyond basic – The next level of cyber security measures.
Once the basics are covered off, we can then talk topics like firewalls, VPS, cloud virus and spam pre-filtering of emails, changing settings in software, 2-factor authentication, and an application that detects and stops unauthorized encryption etc. These will give a much more comprehensive solution beyond basic, however “comprehensive” is probably beyond the scope of this document titled “Basic Cyber Security” and would make it rather long and too technical.
How can Computer Troubleshooters help?
- Businesses without their own IT resource will often need assistance in implementing these basic cyber security measures. As an IT department for the small and medium-sized businesses, Computer Troubleshooters can be your IT resource.
- We are able to deploy a management system to your computer(s) and network that keeps a track of your Anti-Virus, Patching, and Backups etc. This system reports to our service desk when things are going away.
- We are able to assist with your staff training, with a presentation and booklets etc.
Technical Stuff/Further Reading
Australian Government – Australian Cyber Security Centre – Essential 8 Explained PDF Download
The facts according to the Boston Computing Network’s Data Loss Statistics, are that 60% of companies that lose their data, will shut down within 6 months of the disaster. This is something that every business wants to avoid.
The following article provides a high-level understanding of how, as a business owner the question for you is one of Business Continuity of which Backup is a key component.
What is Business Continuity?
Business continuity involves a mindset of being proactive and putting plans, processes and systems in place, so that when the unexpected occurs you can return to normal operations with minimal delay thereby reducing the level of disruption and cost to your business.
The aim is to ensure that all essential functions can be up and running or be returned to operational status quickly during various unexpected events such as a natural disaster (Flood, Fire), cyberattacks, theft, or major IT system failure.
What is involved?
The key aspect is to develop a plan that then is well communicated and understood by your staff so they know what to do when the disaster occurs. Like all plans, if it is not communicated and shared then it’s not worth the paper that it is written on.
The process of writing the plan involves identifying the key risks, identifying the ways you can prevent those risks occurring for instance:
- risk is data loss
- prevention is designing and implementing a multilevel backup solution.
Then the last element of the plan is documenting the steps in responding and recovery if an incident occurs that does bring down your systems.
Businesses today are more reliant than ever on IT, one of the biggest threats these days being a cybersecurity breach. A fair portion of the plan will need to focus on recovery from an IT disaster.
The plan will need to be reviewed regularly as a business grows and circumstances change and the recovery processes should be thoroughly tested to ensure it will work.
What are your backup options?
There are many options available to businesses these days for backup. With today’s modern technologies and cloud storage services, a hybrid combination of traditional on-site backup plus off-site backup to the cloud, has become the popular choice amongst businesses wanting to ensure high levels of continuity.
The key questions in making a choice is determining the level of risk and the importance of the system and the data that is being backed up. Answering these questions will impact on the choice that you make. You can see I have not mentioned cost or price. One might ask Why? Well because you need to remember this is about having a solution that will minimise the cost of failure which will far outweigh the cost of the solution you choose.
If you are not certain about this statement ask somebody who has experienced the loss of data due to a failed system backup.
What are the traditional onsite backup options?
Onsite with machines all backing up either to tape or disc and then being stored onsite. Usually scheduled to occur daily, every couple of days, or weekly. The greatest weakness is that if something happens to the premises the backups can become corrupted and lost and an external service provider such as Kroll Ontrack may need to be used to try and recover the data.
To overcome the above weakness some business’s will transport the discs/ tapes to an offsite location where they are stored.
What is happening today?
The cost of online storage has reduced with the introduction of data centre services and the continued adoption of cloud storage services. Today most businesses will have a recovery strategy based around using cloud storage, with onsite backup devices that then replicate to a data centre.
The drivers behind this are many but one can put it down to speed of recovery, ability to quickly monitor and ensure backup has occurred, hence no unpleasant surprises if a data loss breach or cyberattack occurs.
The first step is to make sure you have a plan and an understanding of your options. This is where you should have a chat with your local computer troubleshooter to understand how they can help you to minimise the disruption to your business from a data loss/breach. Visit www.computertroubleshooters.com.au to locate your nearest provider.
Every day, every month there is a new threat to being able to conduct business effectively and efficiently. How do you protect a business from the threat of disruption whether it is a scam, virus, ransomware or simple network or internet failure?
The Australian Competition and Consumer Commission’s (ACCC) eighth annual report on scam activity highlights the significant cost and growth in the disruption to business. The cost of hacking scams had a fourfold increase between 2015 and 2016. Reported at a cost to business of 2.9 million in 2016. This highlights the significant risk of todays digital world to business.
Scams continue to become more sophisticated using modern technology to make fake emails, invoices, and websites appearing legitimate to even the most astute business person. These scams have devastating effects on businesses by eroding the investment they have made in their reputation, increasing operational costs and in certain cases crippling the business from operating.
This article looks at how a business can avoid becoming a victim of a scam by ensuring they have the right support and systems in place to minimise the risk of disruption.
Why does size matter?
Larger organisations have the resources, time and budgets to invest in ensuring they are not subject to an attack. As the headlines indicate even with this effort they are not always successful in defending themselves. The reality is that as smaller organisations are hampered by the amount of money and resources they can spend on IT, means that these organisations are an easier target for the cyber criminals. The cyber-criminal finds it easier to get in and often it takes longer to detect meaning more havoc created.
Smaller organisations are often a means to access and breach larger organisations. Why? Because the smaller organisation is often the weakest link (security wise) in a supply chain relationship thereby providing an entry point to the larger business partner.
What are the key elements to protect Business Continuity?
One must ask if the IT environment something that can just be left alone or does it need to be looked after? The answer is obvious it needs to be managed and looked after, it needs somebody who is accountable and responsible for ensuring that the risk is minimised.
For smaller organisations this leads to either employing a resource or developing a relationship with an IT Service provider who is accountable. It makes sense to develop a relationship where the provider is on the front foot and is monitoring all key elements and maintaining an organisations systems in advance of something going wrong. This is commonsense as it is about protecting against a major disruption to a business.
The key components that need to be looked at are:
- Data back-up/ Business continuity
- Security of endpoints
- Network configurations, performance and access
- Email access and security
- Software up to date
- Patch management (ensuring your users are up to date on all updates to the operating system or the Anti-Virus software is the latest.)
- Website performance and content filtering
- Password management
The key element for a business owner is to understand how this approach shifts the nature of the relationship with your IT provider from being reactive to proactive. It means the IT provider is preventing breakdowns instead of reacting to a break down. This means a monthly fee for the maintenance rather than a call out figure. It means the provider is monitoring and using tools to remotely manage and perform maintenance activities.
What does this cost?
The key thing to remember this is an investment in ensuring a business is not disrupted. Some providers will charge per device; others will charge a monthly figure based on complexity of what they are managing; others will charge based on per user.
As a business owner understand what is included and what is not and what service agreement does the provider use. For instance, at Computer Troubleshooters we provide a 100% guarantee. To locate your local Computer Troubleshooter at www.computertroubleshooters.com.au
Change is hard to accept for anybody and in the case of IT management it is hard for people to see the monthly outlay as an investment in their future. But this is exactly what it is. It is a strategic investment that allows a business to minimize the risk of disruption and ensure it can continue to grow and develop.
Sources of information for this article:
Watchguard: The Cyber Crime Guide for small and midsize business
ACCC: targeting scams reporting of the ACCC scams activity 2016
Datto: WannaCry the ransomware Crisis explained
Stay Smart Online Small business guide Protect your business in 5 minutes