20 Feb

Understanding Cyber-Security

As technology consultants, we’re stuck between a rock and a hard place. We want to provide our clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology. Explaining even the most foundational aspects of our cyber-security would most likely put you to sleep before convincing you of our expertise. But if you really want to know, here are a few summaries of how we focus on proactive strategies rather than reactive ones.

 

Understand the threats you’re facing

 

Before any small- or medium-sized business can work toward preventing cyber-attacks, everyone involved needs to know exactly what they’re fighting against. Whether you’re working with in-house IT staff or an outsourced provider, you should review what types of attack vectors are most common in your industry. Ideally, your team would do this a few times a year.

 

Reevaluate what it is you’re protecting

 

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

 

Create a baseline of protection

 

By reviewing current trends in the cyber-security field, alongside an audit of your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measure versus your reactive measures.

Before you can start improving your cyber-security approach, you need to know where the baseline is. Create a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint strengths and weaknesses in your current framework.

 

Finalize a plan

 

All these pieces will complete the puzzle of what your new strategies need to be. With an experienced technology consultant onboard for the entire process, you can easily parse the results of your simulation into a multi-pronged approach to becoming more proactive:

Security awareness seminars that coach everyone — from receptionists to CEOs — about password management and mobile device usage.
“Front-line” defenses like intrusion prevention systems and hardware firewalls that scrutinize everything trying to sneak its way in through the front door or your network.
Routine checkups for software updates, licenses, and patches to minimize the chance of leaving a backdoor to your network open.
Web-filtering services that blacklist dangerous and inappropriate sites for anyone on your network.
Antivirus software that specializes in the threats most common to your industry.

 

As soon as you focus on preventing downtime events instead of reacting to them, your technology will begin to increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cyber-security. Give us a call at 1-866-BIT-WISE or email us at sales@eitnetworks.net.

Share this
23 Sep

Cybersecurity Terms YOU Should Know

Everyone, from doctors to lawyers, needs to continue learning to stay ahead of the times. Business owners might have it worst of all, oftentimes needing to stay on top of several industries to keep their company running. Keep reading for a refresher on all the latest trends and buzzwords used in the cybersecurity sector.

 

Malware

 

For a long time, the phrase ‘computer virus’ was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as a type of malware.

 

Ransomware

 

Don’t let all the other words ending in ‘ware’ confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is ‘ransomware,’ which encrypts valuable data until a ransom is paid for its return.

 

Intrusion Protection System

 

There are several ways to safeguard your network from malware, but intrusion protection systems (IPSs) are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can deploy an exploit or take advantage of a known vulnerability.

 

Social Engineering

 

Not all types of malware rely solely on fancy computer programming. While the exact statistics are quite difficult to pin down, experts agree that the majority of attacks require some form of what is called ‘social engineering’ to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.

 

Phishing

 

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy, and often well-known, business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value — always verify the source of any service requesting your sensitive data.

 

Antivirus

 

Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well known malware variants.

 

Zero-day attacks

 

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyber attackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

 

Patch

 

When software developers discover a security vulnerability in their programming, they usually release a small file to update and ‘patch’ this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest advances in malware.

 

Redundant data

 

When anti-virus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s office ensures that if there is a malware infection, you’re equipped with backups.

 

We aren’t just creating a glossary of cyber security terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out for yourself. Call 1-866-BIT-WISE or email sales@eitnetworks.net.

Share this
09 Sep

Fantom: A New Security Threat

The heart of a lady is not easily won; a man can’t rely on his looks or wallet to make a girl fall head over heels. He must charm his way into her heart. Let’s say that a computer user is the woman, and that ransomware, the man, is the dreamboat that has worked his way through all the woman’s defenses. How? He looked the part. This is how ransomware weasels its way into IT — because it doesn’t seem to pose a threat. Beware of Fantom, the most recently detected ransomware that is a master at deception.

 

AVG security researcher Jakub Kroustek recently spotted Fantom coded atop an EDA2, a ransomware-building kit that was open-sourced but eventually taken down. EDA2 contained certain flaws that allowed researchers to obtain decryption keys from its C&C server, yet these flaws have since disappeared, indicating that Fantom coders might have found and fixed them before anyone else had a chance to.

 

Very little is known as to how Fantom is distributed. As for the method of deployment, cybercriminals plant the file onto the target’s computer via spam email or exploit kits. Fantom-infected files are named criticalupdate01.exe; they utilize a “Windows Security Update” to prompt targets into running the file.

 

After activation, the ransomware starts by locking the user’s screen while displaying fake Windows Update graphics, complete with a fully-functioning percentage-based loading timer that mirrors the original Windows Update screen. However, beneath this pleasant facade, Fantom is encrypting your files right before your eyes. Luckily, the temporary lock screen is removable before it reaches 100% — simply press CTRL+F4. Unfortunately, the encryption process remains intact.

 

The MalwareHunterTeam states, “The ransomware uses classic ransomware encryption by locking files using an AES-128 key and then encrypting this key with a dual RSA key, with the private key stored on the crook’s server, and a public key left on the user’s PC.”

 

In order to retrieve the private key to unlock your files, you must contact the perpetrators by email. The email address is listed in the ransom note that appears after the process of encryption is complete. Fantom displays ransom notes in the form of HTML and TXT files, while changing the user’s desktop with a custom screenshot that lists the contact details. Lastly, after completing all its operations, Fantom cleans after itself by running two batch scripts wiping all the installation files clean.

 

Ransomware isn’t new, but the ways that cybercriminals utilize them are. Who would’ve thought that the ever so familiar Windows Update window has fallen prey to malicious intent? Pretend that you’re the Little Red Riding Hood and that the wolf is the ransomware that cybercriminals have disguised as your grandmother. They no longer wait to trap you, instead, they wait for you to walk straight into one instead.

 

The issue of ransomware is as extensive as it is meticulous. If you have any questions about Fantom or would like to request more information, feel free to get in touch with us! Give us a call or send us an email. Reach us at 1-866-BIT-WISE or sales@eitnetworks.net.

Share this
14 Jun

Ransomware Adopting Self-Replication

Although some may have hoped that the threat of ransomware was on the decline, the reality is that it’s quite the opposite. Until now, attacks seemed to be targeted directly at its victims, but Microsoft warns that may no longer be true. With their discovery of self-propagating ransomware it’s vital to fully understand the possible risk of infection.

 

Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”

 

And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.

 

Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.

 

Although previous ransomware iterations like Alpha Ransomware had the ability to find and encrypt files on shared network drives, security experts believe this is the first time a ransomware variant has included self-replication via removable drives into its framework.

 

When it was first detected in May, Microsoft found ZCryptor singling out 88 different file types for encryption. However, later on a security expert analyzed the ransomware and found 121 targeted file types — inferring that creators of the malware were continuing to develop its source code.

 

It’s commonplace for ransomware to demand payment to be made in Bitcoins as they’re an almost totally untraceable online currency. ZCryptor is no different, demanding 1.2 Bitcoins (500 USD) unless payment is more than four days after infection — then it increases to five Bitcoins (2,700 USD).

 

Compared to other more complex security threats, ransomware is still relatively easy to avoid. Always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.

 

Still concerned about security at your SMB? It doesn’t have to be as difficult and draining as you may think. Contact us today for advice on keeping your network protected around the clock. Reach us at 1-866-BIT-WISE or sales@eitnetworks.net

Share this
23 Jul

Understanding Malware

Ever been infected by malware or a virus? For most internet users, the answer is probably yes. But what is the difference between all the cyber threats out there? What makes a virus different from a trojan or worm? And how can you protect your critical data and your business from these threats? If you’ve never been able to answer these questions, here’s the explanation you’ve been waiting for.

 

What is Malware?

 

Malware is the short version of the word malicious software, and it is a general term that encompasses many types of online threats including spyware, viruses, worms, trojans, adware, ransomware, and more. Though you likely already know this, the purpose of malware is to specifically infect and harm your computer and potentially steal your information.

How do the different types of malware differ from one another? How can you protect your business from them? Let’s take a look at four of the most common forms of malware below.

 

Virus – like a virus that can infect a person, a computer virus is a contagious piece of code that infects software and then spreads from file to file on a system. When infected software or files are shared between computers, the virus then spreads to the new host.

The best way to protect yourself from viruses is with a reliable antivirus program that is kept updated. Additionally, you should be wary of any executable files you receive because viruses often come packaged in this form. For example, if you’re sent a video file, be aware that if the name includes an “exe” extension like .mov.exe, you’re almost certainly dealing with a virus.

 

Spyware – just like a spy, a hacker uses spyware to track your internet activities and steal your information without you being aware of it. What kind of information is likely to be stolen by Spyware? Credit card numbers and passwords are two common targets.

And if stealing your information isn’t bad enough, Spyware is also known to cause PC slowdown, especially when there is more than one program running on your system – which is usually the case with a system that’s infected.

A common mistake many people make is they assume their antivirus software automatically protects them from Spyware. This is not always true as some antivirus isn’t designed to catch spyware. If you’re unsure if your antivirus prevents Spyware, get verification from your vendor. And for those that are already suffering from Spyware infestation, two programs that work wonders to clean it out are Malwarebytes and SuperAntiSpyware.

 

Worms – similar to viruses, worms also replicate themselves and spread when they infect a computer. The difference, however, between a worm and a virus is that a worm doesn’t require the help of a human or host program to spread. Instead, they self-replicate and spread across networks without the guidance of a hacker or a file/program to latch onto.

In addition to a reliable antivirus software, to prevent worms from infecting your system you should ensure your firewall is activated and working properly.

 

Trojan – like the trojan horse from ancient greek mythology, this type of malware is disguised as a safe program designed to fool users, so that they unwittingly install it on their own system, and later are sabotaged by it. Generally, the hacker uses a trojan to steal both financial and personal information. It can do this by creating a “backdoor” to your computer that allows the hacker to remotely control it.

Similar to the other malware mentioned above, antivirus software is a dependable way to protect yourself against trojans. For further safety, it’s wise to not open up suspicious attachments, and also ensure that your staff members aren’t downloading any programs or applications illegally at the office – as this is a favorite place hackers like to hide trojans.

 

Curious to learn about other common malware that can cause trouble for business owners? Want to upgrade your existing network security system? Give us a call today at 1-866-BIT-WISE or email us at sales@eitnetworks.net. We’re sure we can help!

Share this
17 Apr

Removing Malware from Your Android Device

We all know that computers can get infected with malware, but did you know that your phone or tablet can as well? Yes, it is in fact true. And just because you have a new fancy Android device, doesn’t mean you’re immune. So if your phone or tablet starts acting funny and you suspect malware is responsible, it’s time to take action with these six steps.

The lowdown on Android malware

First off, let’s just put some things out there and clear the air. One, getting any type of malware on your Android product is actually incredibly rare. Two, when you see pop-up ads prompting you to buy a virus removal app, don’t freak out. This doesn’t automatically mean your device is infected. In fact, buying one of these apps could actually download malware instead! This is because malware is only contracted via apps you install on the device, which means the safest way to avoid it is to only install apps from the Google Play app store. If you must buy one outside of this, it’s wise to do your research first.

Before we get to what we think is the best solution, there are alternative ways to remove malware that should be noted:

•Use antivirus apps from Google Play – a lot of these are free and will detect and remove malicious apps, but some have a tendency to report apps as infected when they’re actually completely fine. Just be careful with the removal process.

•Perform a factory reset – if there’s a virus on your phone, this is a surefire way to remove it. However, in doing so you return your phone to its original factory settings. That means you’ll lose everything you’ve added that isn’t backed up.

With that out of the way, let’s get to the recommended option below.

How to remove malware

1.Turn safe mode on: To do this, access the power-off options by pressing the power button, then press and hold Power Off. This gives you the option to restart in safe mode. However, this doesn’t work with all models of the Android phone or tablet. If it doesn’t work with your device, a quick Google will pull up model-specific instructions. And what’s the point of turning on safe mode in the first place? Simple – it prevents any malware from running.

2.Search for the infected app: Do this by opening Settings and then Apps. Once you’ve done this, be sure you’re looking at the Download tab (since the infected app can only be something you’ve downloaded), and then start searching for the suspected app. If you don’t know the app’s name, it’s likely something that looks out of place.

3.Uninstall the app: Yes, it’s really that simple. Just click on the suspected app and uninstall it. Then you’re done. However, if the name of the app is grayed out and you can’t even tap it, it means the app has given itself Device Administration Status. In this case, follow the next three steps below.

4.Remove Administrator Status: Do this by tapping on Settings and Security, then Device Administrators. Simply uncheck the infected app and hit Deactivate on the next screen.

5.Uninstall the app: Now when you return to the Apps menu, the infected app will no longer be grayed out. Simply uninstall it.

6.Restart your device: This takes it out of safe mode. Now your phone will be malware-free.

Want more ideas for Android and IT security? Don’t hesitate to give us a call today at 1-866-BIT-WISE or send us an email at sales@eitnetworks.net.

Share this
03 Apr

What to do With a Suddenly Sluggish System

You just got back from lunch and are settling down into your office chair. You open up your planner to check your schedule, and then wake your PC from sleep. Time to check emails. But wait, something’s wrong. You’re…waiting. Your computer is moving as slow as a sloth in syrup, and the problem appears to go deeper than internet speed. What happened? When a PC slowdown strikes, there can be a number of culprits. Here are a few ideas to alleviate the problem, so you can get back to business in no time.

Restart

The most obvious but often overlooked fix is to simply restart your PC. Many people get into the habit of leaving their PC on 24/7 and, instead of turning it off, just leave it in sleep mode when they’re not using it. However, restarting it is like vacuuming a carpet or mopping a floor. If you let either of them sit for a while, a lot of temporary gunk builds up. A simple restart can help clean your computer up and get it running quickly again.

Uninstall new devices or software

Did you recently install new hardware or software? If you did, this could be causing your slowdown. If you don’t need it, it’s worth uninstalling. Here’s how:

1.Go to your Control Panel’s Programs and Features section.

2.If you think a driver is slowing you down, open Device Manager and double click the new driver.

3.A dialog box will open. Click the Driver tab followed by the Roll Back Driver button.

4.If that button is grayed out, it means the problem isn’t with that driver. If not, you can continue with uninstalling.

Using the Device Manager, you can also uninstall new hardware.

Note: If you do need the software or hardware, and you are certain it is causing the issue, check with the company that made the product to see if they have a fix.

Free up hard drive space

A lack of hard drive space can slow your PC down as well. To run your system smoothly, it’s recommended you have 15% hard drive space free. Having this extra space gives room for temporary files and swapping.

If you don’t have the space, you may need to purchase a new hard drive or transfer some of your files and programs over to an external one.

Search for the bloated program that are hogging your memory

Another potential problem could be a dysfunctional program that is using up too much of your PC’s memory. To see if this is the source of your problem, go to Windows Task Manager and click the Processes tab. Then look in the CPU or memory column. Either of these will show you if there’s one program that’s eating all your memory.

To solve this problem, click on the program in Windows Task Manager; and then hit End Process. Keep in mind that this is only a temporary fix. You’ll have to uninstall this program and replace it with something that will run more efficiently.

Scan for malware

Malware can seriously slow down your computer. To check if you’ve been infected, run a system scan. Besides using your regular antivirus program, it is a good idea to use antimalware as well. Currently, Malwarebytes is the best solution to finding and destroying malware. If you do have malicious software on your PC, and neither your antivirus or antimalware software can remove it, contact a local IT Services Provider to assist you in cleaning your computer and freeing it of potentially harmful malware. They can also advise you to a reputable solution to avoid future issues.

Want more tips on how to repair a PC that is suddenly sluggish? Worried you may have been infected by malware? Get in touch with us today at 1-866-BIT-WISE or sales@eitnetworks.net for help and advice.

Share this
16 Jan

Learning From Sony’s Security Breach

The scale of the recent security breaches at Sony, which led to the cancellation of The Interview’s theatrical release, can make the company’s problems seem beyond the realm of the average small business. But the security mishaps that created the circumstances for the hack are as applicable to modest local and regional companies as they are to multimillion dollar corporations. These three tips will take you back to security basics and help avert your own big-screen drama.

Don’t let basic security habits slip

Our modern-day instinct tells us that the answer to potential security breaches is to install new layers of antivirus software, firewalls and further encryption systems. While these are all worthy additions to your company’s armor of security shields, they will do little to help if good old-fashioned protective habits are allowed to slide.

Instill a disciplined, security-conscious mentality in your organization, and keep the messages simple so that staff remember and follow them. Focus on regularly changing passwords and keeping them secret, being vigilant about avoiding unexpected links in email messages, and limiting network access for the likes of external contractors to that which is absolutely necessary.

One of the ways hackers made their way into the Sony network was by tricking administrators into thinking they had a legitimate need for access. In IT terms, this is called “social engineering.” To avoid this tricky tactic, teach your staff to be careful, and praise cautiousness even if it turns out access is warranted. Encourage staff to flag potential security lapses, and make sure they know that reports will be followed up and loopholes closed.

Take a flexible and agile approach to IT

IT changes, and so do the ways best suited to keeping it safe. This means it is vitally important to keep your IT systems up to date, and where necessary to do away with outdated practices that could leave your business technology exposed. This involves more than just ensuring that your network is running updated antivirus software to catch the latest bugs and worms – it means staying abreast of emerging methods to mitigate potential threats from hackers worldwide.

All of this uses staff and resources that your small business might not have – which is where outsourced managed services come in. Using a managed service provider as an add-on to your own IT team can give you extra flexibility and the ability to keep abreast of industry security developments, even when you lack the time to do so yourself.

Equally, know when it is time to ditch data – think of emerging social networks like Snapchat, which set messages to self-destruct after a set time, as your cue to make your data retention policy less permanent, particularly in relation to email. If you no longer have a business need or a regulatory requirement to retain information, then delete it – in the process you can limit the possible damage even if the worst should occur and you fall victim to an external attack.

Backup, backup, backup

The last thing you want in the event of a security breach is for it to hit your day-to-day operations – the potential damage caused by the hack itself is likely to give you enough to worry about. But that is exactly the situation Sony found itself in after its latest hack, with its email system down and staff forced to return to the days of pen, paper, and even the fax machine.

As well as ensuring alternative means of communication remain open to your business in the aftermath of a possible attack, it is also vital to make sure that you retain access to the information most critical to your work. Regular, secured backups help ensure that, whatever happens, the show is able to go on and your firm’s productivity and revenue are not unduly hit. Engaging professionals to undertake your backups on a managed service basis also means this can happen routinely and without fail, while you stay focused on running your business.

Want to learn more about how to reduce your IT network’s vulnerability to attack? Get in touch with us today at 1-866-BIT-WISE or sales@eitnetworks.net.

Share this

© 2016 EIT Networks, LLC. All rights reserved.