Blog

Petya Ransomware Affecting Critical Systems Globally: Here’s What to Do

A major global cyber attack is under way. This new rapidly spreading cyber extortion campaign is capitalizing on the assumption that businesses have failed to secure their networks from increasingly aggressive hackers. For more information we have included a link below to a blog which gives some detailed information on this new threat.

https://www.wordfence.com/blog/2017/06/petya-ransomware/?utm_source=list&utm_medium=email&utm_campaign=062717-2

Copy and paste the link in your browser's address bar.

Because even the best efforts to prevent infection are occasionally thwarted, it is imperative that one have backups of data. Best business practice is to have a local backup as well as a cloud backup. If a local area network gets infected the chances are the local backup will also be affected. Having a cloud backup can save the day!

Another best business practice is to have a secondary domain controller in the cloud. Having this will save many hours and even days of downtime if your server needs to be restored.

Both the cloud backup and the backup domain controller are inexpensive precautions. PowerOne can help answer any questions on either or both options and even get you set up today.

by powerone

The Pros and Cons of Moving Your Email Services to the Cloud

Email is an essential communication tool for most businesses. While email services have traditionally been provided on-premises, an increasing number of companies are moving their email services to the cloud. Almost 60 percent of businesses worldwide now use either Microsoft Office 365 or Google G Suite, according to the Bitglass 2016 Cloud Adoption Report. Office 365 is deployed in 34.8 percent of organizations, while G Suite is used by 24.5 percent.

A key motivator for making the move, especially for small and midsize businesses, is reducing costs. However, if you are considering moving your business's email services to Office 365, G Suite, or another service provider, you should weigh all the pros and cons.

The Advantages

Between 2015 and 2016, Office 365 and G Suite usage rose 11 percent, according to the Bitglass 2016 Cloud Adoption Report. This increase is largely due to the advantages that online email services offer, including:

• A secure email environment: Storing data in the cloud is a relatively secure practice, according to experts. Plus, cloud computing has matured to the point where there are now standards (e.g., ISO/IEC 27018) that service providers can follow to prove they are properly handling data in a secure manner.
• Reduced capital expenditures and human resource costs: When companies use online email services, they do not need to purchase servers or software licenses. Plus, they do not have to pay staff to manage and maintain the email environment.
• High reliability and availability: Most cloud-based email service providers have redundant systems to ensure their email services are highly reliable and available. For instance, both Office 365 and G Suite guarantee 99.9 percent uptime.
• Built-in backups and archiving: Businesses that use online email services do not have to worry about backing up and archiving emails. The service providers automatically take care of these tasks. Plus, the backup files are stored off-site, which is an important aspect of any disaster recovery plan.
• Effortless scalability: With cloud-based email services, companies only have to pay for the email services they currently need. If their business grows, they simply need to contact their service provider to scale up their email services.

The Disadvantages

While using cloud-based email services has many advantages, it is not without some drawbacks, such as:

• Data not managed and maintained by employees: When businesses host their own email services, they get to select the employees responsible for managing and maintaining the email environment. With online email services, the provider takes on these responsibilities and businesses have no control over who is working with their data.
• No Internet, no email service: With cloud-based email services, no Internet service means employees cannot send or receive emails internally or externally. In contrast, with an on-premises email server, users can still send and receive emails internally (i.e., within the company's local area network) when the Internet goes down. External emails still cannot be sent or received, though.
• Some loss of control: When businesses use online email services, they lose control over some aspects of their email environment. For instance, they have no control over where their data is being stored and when software upgrades are applied.
• Fees add up: Over time, the subscription fees for online email services add up. On top of the basic fee, service providers often charge additional fees to perform administrative tasks, such as adding or removing mailboxes.

You Should Weigh the Pros and Cons

Whether moving your email services to the cloud makes sense for your business will depend on many factors, including the number of employees, types of emails sent and received (e.g., whether they often contain sensitive data), and your IT environment. PowerOne can help you weigh the pros and cons based on your business's needs.

by powerone

5 IT Security Mistakes That Businesses Often Make

Computing technologies are constantly changing and extremely complex. Securing IT systems in this environment is challenging, especially for small and midsize businesses. They often do not have the time or resources to keep up with technological changes, the latest security threats, and the best ways to mitigate those threats. As a result, they often slip up when it comes to IT security.

Here are five IT security mistakes that small and midsize businesses often make and how to avoid them:

1. Not Using Anti-Malware Software

With 600 million malicious programs in existence, not having anti-malware software installed on all the computers in a business is extremely risky. Anti-malware software is designed to stop malicious code from running on computers, providing an important line of defense against cyberattacks. While it won't stop zero-day malware attacks (i.e., attacks involving brand new malicious programs), it will stop previously identified malware. Hackers like to use existing malware because it saves them time. Plus, they already know it's effective on unprotected machines.

All anti-malware applications are not created equal, though. You should use one that detects different types of malware, including ransomware, spyware, and viruses. You also need to make sure that the anti-malware software is being updated regularly. Computers with missing anti-malware software updates are vulnerable to cyberattacks.

2. Having Bad Password Habits

Employees often have bad password habits, such as using weak passwords like "12345678", "qwertyuiop", and "starwars". Cybercriminals can easily hack weak passwords using brute-force password-cracking tools. Employees also commonly use the same password (or variations of it) for several accounts. Hackers know that people reuse passwords, so once they obtain a password for one account, they will try it for other accounts.

In addition to using weak passwords for employee and service accounts, businesses often use the default passwords that network devices (e.g., routers, appliances) ship with. This is a dangerous practice, as hackers are familiar with these default passwords.

Educating everyone on how to create unique, strong passwords is one way to combat the password problem. However, due to the sheer number of passwords people need to remember, they might resort to their old habits or even start writing down passwords. For this reason, you might consider using a password manager designed for businesses. Another measure you can take is using two-step verification for accounts when possible.

3. Leaving Software and Firmware Unpatched

Security vulnerabilities are often discovered in software and firmware. In response, vendors typically release updates that fix the flaws. If the patches are not installed, cybercriminals can exploit the vulnerabilities to gain access to the software and firmware. Using that access, hackers can install malware or perform other malicious acts.

To avoid this situation, it is important to install all the security patches that have been released for the software and firmware used by your business. This might seem like a tall order, but the consequences of not doing so are too serious to ignore.

Besides installing patches, you need to make sure that all your applications are still supported by their vendors. Like any product, software programs have lifecycles. When an application reaches the end of its lifecycle, the vendor will no longer issue any type of updates for it, including patches that fix newly discovered security vulnerabilities. Many cybercriminals keep track of when vendors stop supporting popular applications. Once the support has ended, they launch new cyberattacks that target those applications.

4. Neglecting to Secure Mobile Devices

Using mobile devices for work has advantages, regardless of whether those devices are company-provided or personal. Employees can access business emails, data, and applications at any time from almost anywhere. The flexibility and convenience often improve employee productivity.

However, mobile devices that are not properly secured can put businesses at risk. In 2016, the number of malware attacks against mobile devices rose sharply, and security researchersexpect the number to continue to rise in 2017. Even worse, these devices are increasingly being used as entry points into businesses' networks. Security experts predict that one in five employees will cause network breaches in 2017. Unknowingly, these employees will either upload malware from their mobile devices to their companies' networks or expose network credentials when they log in from malicious Wi-Fi hotspots.

To prevent these types of problems, you need to make sure that your business has a comprehensive plan to secure your mobile devices. What it should cover depends on whether your employees use company-provided mobile devices, their own personal devices, or both.

5. Ignoring the Human Element in IT Security

Hackers take advantage of the fact that many companies ignore the human element in IT security. By tricking employees into divulging sensitive data, clicking dangerous links, and opening malicious attachments, cybercriminals can get past security systems and perform malicious acts. Untrained employees and phishing attacks are the top two causes of data leaks in companies, according to a 2016 report on IT security risks.

Your employees, however, do not have to be a weak spot. They can provide a formidable line of defense against cybercrime if you educate them about common security threats and teach them some basic skills, such as how to spot spear phishing emails.

Unfortunately, no amount of training will help combat insider attacks, which account for 7 percent of data leaks in companies. An effective way to address insider threats is to follow the principle of least privilege — that is, limiting employees' access to the minimal level that will allow them to perform their job duties. Using access control tools is also effective.

The Next Step

Knowing about the common security mistakes made by small and midsize businesses is the first step in avoiding them. The next step is to start taking measures to prevent them. You might have some of them in place already, such as having anti-malware software installed. We can help you with the rest so that your IT systems stay secure.

by powerone

The Top 5 Reasons Why Your Business Needs a Strong Firewall

In this age of global connectivity, protecting your business's assets and data is more important than ever. Almost all businesses are connected to the Internet for a wide variety of services. These include email, search, social media, and cloud storage. While much of this traffic is outbound, the fact is that the same Internet connection also allows inbound traffic. That is where having a strong hardware- or software-based firewall comes into play. You can use it to protect your business network from unauthorized access.

Here are the top five reasons why your business needs a strong firewall:

1. A Firewall Is Your First Line of Defense against Hackers and Other Unauthorized External Users

A firewall acts as a barrier, or shield, between your internal business network and the rest of the Internet. Without a firewall, it is possible for external users to access your private business assets. While many organizations use Network Address Translation (NAT) to bridge Internet and external IP addresses, NAT will not block incoming traffic. Only a firewall can do that. Without a firewall, your organization's assets and data are at risk.

2. A Firewall Lets You Block Access to Unapproved Websites

In addition to stopping unauthorized external users from accessing your network, a firewall can stop your users from accessing specific external websites. For instance, you could set up a policy that blocks access to social media sites like Facebook from your network.

3. A Firewall Can Protect Your Business from Malicious Code

Some strong firewalls will inspect the traffic going into and out of your network. They look for and block viruses, worms, spam, and other unwanted Internet traffic. They will also log intrusion attempts as well as other violations to business policies. This enables you to examine unauthorized access attempts and other suspicious activity.

Many of these strong firewalls will also let you maintain a list of known malicious applications and known good applications. They will block the malicious applications, while enabling the good ones.

4. You Can Use a Firewall to Meter Bandwidth

A firewall can do more than just provide security. You can also use it to meter and limit the network bandwidth flowing through it. For example, you can limit the network bandwidth allowed for things like non-business videos, music, and images, thereby reserving bandwidth for higher priority business traffic.

5. You Can Use a Firewall to Provide VPN Services

Many firewalls provide site-to-site connectivity through Virtual Private Network (VPN) services. Through this VPN functionality, mobile device users and users at remote sites can securely access your internal network resources. This enhances productivity, collaboration, and data sharing.

by powerone

Cybercriminals Are Posing as Job Applicants to Spread Ransomware

If your business is hiring, you should be aware of a new phishing attack in which cybercriminals are posing as job applicants. Falling victim to this attack may leave your business infected with the GoldenEye ransomware. This phishing campaign was initiated in Germany, but security experts expect it will go global.

How the Attack Works

Hackers like to target HR staff members because they often open emails and attachments sent by strangers. In the GoldenEye attack, cybercriminals are sending phishing emails that have the word "application" in the subject line to HR departments. The emails include two attachments: a PDF file and a Microsoft Excel spreadsheet.

The PDF file, which does not contain any malicious code, is a cover letter. Its purpose is to reassure HR staff members that they are dealing with a real job applicant. To make the cover letter seem more legitimate, the hackers even include a person's photo. The cover letter tells the HR staff members to see the attached Excel file, which supposedly includes a resume, references, and an aptitude profile.

If the HR staff members open the Excel spreadsheet, a visual element indicates that the information is loading. An accompanying message tells them to "please use the editing options to display the aptitude profile". This is meant to trick the HR staff into clicking the "Enable Content" option, which will appear if Excel is left at its default setting of "Disable all macros with notification". A Word macro is a small program that lets you execute complex procedures with a single command or keyboard stroke. In this case, the macro's commands instruct the computer to download the GoldenEye ransomware from a remote server and install it.

Once installed, GoldenEye first encrypts the victim's files. Afterward, it displays a ransom note that asks for 1.3 bitcoins to decrypt the files. But the ransomware does not stop there. It restarts the computer and encrypts the hard disk's master file table (MFT), which cripples the computer. The victim then receives a second ransom note that asks for an additional 1.3 bitcoins to decrypt the MFT. GoldenEye uses different algorithms and keys to encrypt the files and MFT, so victims need to pay both ransoms if they have not backed up their files and applications.

What You Can Do to Protect Your Business

The most important way to protect your business from the GoldenEye ransomware is to regularly back up your files and applications. Having backups on hand means you won't have to pay any ransom. However, it won't prevent a GoldenEye infection. For this reason, you might consider taking the following precautions:

• Let the HR staff know about the dangers of enabling Excel macros. Assuming that the default macro setting has not been changed, the only way to unleash GoldenEye is if the HR staff (or someone else involved in the hiring process) opens the attached Excel file and allows the macro to run. Thus, warning the HR staff about the dangers of enabling macros is a good idea.
• Educate the HR staff about phishing emails. Taking the time to educate HR staff about the GoldenEye phishing email as well as how to spot other phishing emails will help reduce the likeliness of them falling victim to an attack.
• Use anti-malware software. While anti-malware software might not catch this macro-based attack (the macro contains download commands rather than the actual ransomware), it is still important to use anti-malware software. It can detect the malicious code that does make it onto a computer.

Take Action Now as Waiting Could Be Costly

If you do not regularly back up your business's files and applications, now is a good time to get a process in place. Not doing so might mean you have to pay multiple ransoms if one of your computers becomes infected with GoldenEye — and paying the ransoms does not guarantee you will get the keys needed to decrypt your files and applications. If you need help in developing and implementing a backup strategy, contact us.

by powerone

How to Use Microsoft's New Privacy Dashboard

Microsoft automatically collects data about the people using its products and services, often storing that data in the cloud. To make it easier for users to see what information is being collected and stored about them, Microsoft has launched a new, web-based privacy dashboard. If you have a Microsoft account and use any of the company's products or services, consider checking it out.

Besides letting you view the data, the privacy dashboard gives you the option of removing it from the cloud. The dashboard also lets you know how to stop your data from being collected in the future.

To access the privacy dashboard, you need to go to the Stay in control of your privacy web page and sign in with your Microsoft account information. From the dashboard, you can view the following types of data and remove them from the cloud if desired:

• Cortana data: Cortana is a personal digital assistant found in Windows 10 computers, Windows 10 Mobile and Windows Phone 8.1 smartphones, and a few other devices. To provide personalized recommendations, Cortana collects and stores information about you from various sources, including your emails, text messages, calendar entries, and contacts.
• Browsing history: Cortana gathers and stores your browsing history in Microsoft Edge to help answer your questions and provide personalized suggestions. This information is separate from the browsing data that Edge stores on your device. Clearing the browsing history through the privacy dashboard will remove your browsing history from the cloud but not from your device.
• Search history: When you use the Bing search engine while logged in to your Microsoft account, the company stores your search history in the cloud.
• Location data: Microsoft stores the last known location of your Windows 10 and Windows 8.1 devices in the cloud. It also stores location data from Bing and health-related GPS-based activities.
• Health data: If you subscribe to Microsoft Health or HealthVault, your activity and fitness data (e.g., daily steps taken, heart rate) is stored in the cloud. Plus, any medical records you put into the HealthVault are stored there.

The privacy dashboard also has links to resources that discuss how to manage the privacy settings for other Microsoft products and services, such as Office and Skype. In addition, it includes links to the pages on which you can manage your third-party advertising and Microsoft marketing preferences. Microsoft plans to add more functionality and data categories to the dashboard in the future.

by powerone

6 Reasons Why Remote Monitoring Should Be a Part of Your IT Management Strategy

If your company is like most businesses, your computer systems play an important role in your daily operations. To make sure those systems are secure and operating at peak efficiency, PowerOne's remote monitoring service will watch over them, gather information and even remediate any issues or problems.

Here are six reasons why you should use a remote monitoring service to keep an eye on your computer systems:

1. Your Business Can Avoid Downtime

When your computer systems go down, you lose time and money, so having as little unplanned downtime as possible is ideal. With remote monitoring, you can set alerts that trigger when a problem starts to develop. This early notification means issues can be resolved before they develop into a crisis that causes downtime.

2. Every Device Is Monitored and Supported

Almost any device can be monitored remotely, including servers, routers, firewalls, and laptop and desktop computers. In addition, updates and other changes can be implemented without you or your employees needing to take any action.

3. Problems Can Be Addressed Immediately

With remote monitoring, your computer systems are watched around the clock. This 24x7 service means that solving tech troubles does not have to wait until the morning.

4. Security Measures Are Monitored

Cybercriminals like to target small and midsize businesses because they are often unprepared for attacks. A remote monitoring service can keep an eye on the security measures you have in place so that you know they are working properly. Plus, if you are attacked, you will know immediately rather than finding out days or weeks later. Early detection often limits the damage and reduces the level of effort needed to restore the affected systems.

5. You Can Handle Problems from Any Location

Thanks to remote monitoring, it does not matter where you, your computer systems, or your employees are. When an issue arises, you will be contacted to find out how you want it handled, and those instructions will be carried out. This means that you do not even need to leave the comfort of your own home to take care of a problem. This aspect of remote monitoring is especially appealing to businesses with facilities in distant or rural locations.

6. Your Computer Systems' Health Is Tracked

Remote monitoring collects data about your computer systems over time. When viewing this data in monthly or quarterly reports, long-term trends can be identified before they reach levels that would trigger an alert.

by powerone

New PCs won't run Windows 7/8.1

If you are thinking about upgrading your PC hardware in the near future you need to start thinking about upgrading to Windows 10 now.  Microsoft has warned that new computers running the latest Intel and AMD chips will only run Windows 10. Now, it seems that moment of transition has finally arrived.

In advance of an expected Windows 10 Creators Update, owners of newer systems with Intel 7th-generation Kaby Lake chips and AMD Ryzen chips are reporting their systems aren't receiving Windows 7 or 8.1 updates anymore. According to Microsoft's support pages, it's been long known that newer hardware will eventually be Windows 10-only. That hardware includes Intel's 7th-generation chips, AMD Ryzen and Qualcomm's 8996 series of chips.

Systems with older hardware should still be receiving updates. Older-generation CPUs (including Intel's sixth-generation Skylake) will support Windows 7 and Windows 8.1 until Jan. 14, 2020, and Jan. 10, 2023, respectively.

For a more in depth discussion of this topic read ZDNet's in depth story:

http://www.zdnet.com/article/microsoft-begins-blocking-updates-for-older-windows-versions-on-newer-hardware/

by powerone