In October of last year news broke about a new form of malware called Cryptolocker. This malware posed a particularly large threat to many business users and led to many quick and important security updates. Now, almost a year later, it appears that the second version of this – CryptoWall – has been released and is beginning to infect users.

What is Crypto malware?

cryptowall-exCrypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don’t pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn’t go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some “improvements” to the malware that make it more difficult to deal with for most users. These changes include:

  • Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
  • CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn’t paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
  • Payment servers can’t be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn’t go after passwords or account names, so the usual changing of your passwords won’t really help. The best ways to prevent this from getting onto your systems is:

  • Don’t open any suspicious attachments – Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
  • Don’t open emails from unknown sources – Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don’t have an account with or bills from a utilities company you don’t use. Chances are high that they contain some form of malware.

Should your files be attacked and encrypted by this malware, then the first thing you should do is to contact us. We can work with you to help find a solution that will not end up in you having to pay the ransom to recover your files.

If you are looking to learn more about CryptoWall malware and how to boost your security and protect your data and systems, then let GCInfotech be your first line of tech defense.

Published with permission from TechAdvisory.org. SOURCE

FirewallCartoonWith the ever growing number of security threats faced by businesses around the world, the vast majority of business owners have adopted some form of security measures in an effort to keep their organizations secure. But, how do you know the measures you’ve implemented are actually keeping your systems safe? Here are five ways you can tell if your security measures aren’t sufficient.

1. Open wireless networks

Wireless networks are one of the most common ways businesses allow their employees to get online. With one main Internet line and a couple of wireless routers, you can theoretically have the whole office online. This method of connecting does save money, but there is an inherent security risk with this and that is an unsecure network.

Contrary to popular belief, simply plugging in a wireless router and creating a basic network won’t mean you are secure. If you don’t set a password on your routers, then anyone within range can connect. Hackers and criminal organizations are known to look for, and then target these networks. With fairly simple tools and a bit of know-how, they can start capturing data that goes in and out of the network, and even attacking the network and computers attached. In other words, unprotected networks are basically open invitations to hackers.

Therefore, you should take steps to ensure that all wireless networks in the office are secured with passwords that are not easy to guess. For example, many Internet Service Providers who install hardware when setting up networks will often just use the company’s main phone number as the password to the router. This is too easy to work out, so changing to a password that is a lot more difficult to guess is makes sense.

2. Email is not secure

Admittedly, most companies who have implemented a new email system in the past couple of years will likely be fairly secure. This is especially true if they use cloud-based options, or well-known email systems like Exchange which offer enhanced security and scanning, while using modern email transition methods.

The businesses at risk are those using older systems like POP, or systems that don’t encrypt passwords (what are known as ‘clear passwords’). If your system doesn’t encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and potentially compromise your systems and data.

If you are using older email systems, it is advisable to upgrade to newer ones, especially if they don’t encrypt important information.

3. Mobile devices that aren’t secure enough

Mobile devices, like tablets and smartphones, are being used more than ever before in business, and do offer a great way to stay connected and productive while out of the office. The issue with this however is that if you use your tablet or phone to connect to office systems, and don’t have security measures in place, you could find networks compromised.

For example, if you have linked your work email to your tablet, but don’t have a screen lock enabled and you lose your device anyone who picks it up will have access to your email and potentially sensitive information.

The same goes if you accidentally install a fake app with malware on it. You could find your systems infected. Therefore, you should take steps to ensure that your device is locked with at least a passcode, and you have anti-virus and malware scanners installed and running on a regular basis.

4. Anti-virus scanners that aren’t maintained

These days, it is essential that you have anti-virus, malware, and spyware scanners installed on all machines and devices in your company and that you take the time to configure these properly. It could be that scans are scheduled during business hours, or they just aren’t updated. If you install these solutions onto your systems, and they start to scan during work time, most employees will just turn the scanner off thus leaving systems wide-open.

The same goes for not properly ensuring that these systems are updated. Updates are important for scanners, because they implement new virus databases that contain newly discovered malware and viruses, and fixes for them.

Therefore, scanners need to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.

5. Lack of firewalls

A firewall is a networking security tool that can be configured to block certain types of network access and data from leaving the network or being accessed from outside of the network. A properly configured firewall is necessary for network security, and while many modems include this, it’s often not robust enough for business use.

What you need instead is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like us, in order for them to be most effective.

How do I ensure proper business security?

The absolute best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you have proper security measures in place and the systems are set up and managed properly. Tech peace of mind means the focus can be on creating a successful company instead. Contact us today to learn more.

Published with permission from TechAdvisory.org. SOURCE

Tips On How Small Businesses Can Secure Their Wireless Networks

In a corporate environment, wireless networking should be as secure as your wired LAN, especially with the growing adoption of BYOD (bring your own device).
Today’s employees use smartphones and tablets as an extension of their workstations, which raises concerns of how secure they are from leaks and hacking.
What can businesses do to secure their Wi-Fi network and at the same time tap into all of the resources on the corporate LAN – as well as the cloud -with confidence?

Here are some tips

Don’t rely on WEP encryption.

If your Internet service provider (ISP) set up your Wi-Fi, it likely enabled encryption. This version of encryption, however, may be an older security option that’s now easily breakable: Wired Equivalent Privacy (WEP). The Wired Equivalent Privacy (WEP) encryption method was debunked long ago and provides inadequate Wi-Fi security. The WEP encryption keys can be cracked, in some cases, within minutes. You should use the Wi-Fi Protected Access (WPA or WPA2) encryption method.

Use the Enterprise version of WPA/WPA2

To prevent employees from seeing the encryption keys or passphrases and having them loaded on their computers, you should use the Enterprise version of WPA or WPA2 rather than the Pre Shared Key (PSK) or personal version. Otherwise, when an employee leaves the company, he or she will still have the key to unlock the network. Additionally, their laptop could be stolen and a thief could have the key.

WPA/WPA2-Enterprise hides the actual encryption key; it’s never loaded onto the computers. After everything is configured, users log onto the network with a username and password that can be changed or revoked. Most likely, you will need a professional IT installation for WPA/WPA2

Do Not Leave Ethernet Ports Exposed

Though you can use the latest Wi-Fi encryption, it’s useless if someone plugs directly into a port within the building and can access the network. Moreover, your employees could even plug their own AP into a port, intentionally or not, giving out open wireless access. Make sure that all routers, APs, and network devices are hidden and secure. You could use hard to get into locations like closets, or the space above false ceilings.

Use Extra Encryption (VPNs)

To encrypt the wired side of the network and for double Wi-Fi encryption, you could use VPNs. You can buy a standalone VPN server, install server software on a computer, or purchase a hosted service. Every computer on the network could be configured to connect with the VPN server. Then even the users’ traffic on the wired side of the network will be encrypted and double encrypted over the airwaves.

Eliminate Possible Connection To Other Networks

“We have seen cases when employees were intentionally connecting to neighboring networks because they were faster”, said John Murray, VP of Operations at GCInfotech.

Since computers may be sharing files or have sensitive data on them, you need to prevent them from connecting to other networks. Check Windows to make sure it isn’t set to auto connect to available networks. In Vista, you can even use the WLAN commands for the Netsh utility to block all networks but yours.

Keep Hardware Updated

Securing your network and computers requires some maintenance. You need to periodically check for firmware updates for the router, access points, and other network components. You also need to keep track of the network adapters that are loaded in the computers and update them with new drivers if and when they become available. Additionally, make sure the operating systems on all the machines are kept update-to-date with security patches and fixes. Keeping everything maintained will help ensure any known vulnerabilities are addressed and any new security features are supported.

security

Protect your business with mission critical data back-up strategies.

Inadequate protection or spotty management of critical data can have profound effects on sustainability. Regular scheduled testing of your data back-up strategy and implementing a daily back-up routine will help prevent the disasters that prove fatal for many companies.

  • 31% of PC users have lost all of their files due to events beyond their control.
  • 34% of companies fail to test their onsite back-up solution, and of those that do, 77% have found back-up failures.
  • 60% of companies that lose their data will shut down within 6 months of the disaster.
  • Every week 140,000 hard drives crash in the United States.
  • Simple drive recovery can cost upwards of $7,500 and success is not guaranteed.

GCInfotech recommends that you assess your existing data protection and data back-up strategy and consult your IT professional to learn what data repository and storage medium options are available. It’s important to understand traditional backup methods as well as the benefits of developing an enhanced protection solution that flexibly meets the challenges of today’s business environment.

Fun Facts: 

  • There are over 600 IT firms in Ireland, including Intel, Google, HP, & Dell.
  • Irish firms in the US employ over 80,000 people in the 50 states.
  • Since 1956 Ireland has maintained one of the lowest corporate tax rates.
  • The US is Ireland’s top export destination.  
  • US tech investment in Ireland is higher than Brazil, Russia, India and China combined.
  • There are 36.9 million US residents with Irish roots. This number is more than eight times the population of Ireland itself (4.6 million).
security

Cyber thieves target SMBs….are you safe?

  • It’s estimated that small businesses have lost $250 million due to various forms of cyber attacks.
  • A 2010 survey by Symantec Corp. of small and medium-size companies showed that about 73% of businesses reported they had been targets of cyber attacks in the last year.
  • 63% of data breaches reported in 2010 were at companies with 100 or fewer employees.
  • 95% of credit card breaches that Visa has discovered have been hits on small businesses.
  • Less than 50% of small businesses are estimated to assess and test their security safeguards.

The facts don’t lie, friends. The myth that any business is too small to get hit, is just that – a myth. Cyber security is not just for big businesses anymore. Hackers can steal data from at least a dozen small businesses in the same time that it takes for them to hack into one large corporation. And experts believe that the situation will only get worse before it gets better.

As more businesses hook into high speed internet, hackers are able to expand their target base and take advantage of small businesses that have weak security safeguards. Cyber criminals are taking notice– companies that store data in electronic form, or rely on computerized systems and digital records as many companies are now doing, are putting themselves at great risk. Cyber thieves are no longer discriminating, making it ever more important to take precautions to protect your business from online intruders.

How are they getting into your system?  

Though a broadband connection offers blazing internet speed, it can also mean greater susceptibility to cyber attack. Broadband is a direct connection to the internet that is always on, so because broadband usually has a static IP address with open, unprotected ports, a browser or your email does not have to be up in order for a hacker to enter your system. Hackers can locate these unprotected ports through a port scan, after which there’s no telling what they can do. This is particularly critical for businesses that do credit card transactions, as hackers can get their hands on the private financial information of customers.
Another way they might enter your system is through attachments or links sent to employees that implant computer code onto your computer. Once in, they can use your systems and your bandwidth to launch attacks on other businesses. The banks do in fact have security measures in place to help you protect against these types of cyber intrusion, but unfortunately due to inadequate regulations many banks are skirting this legal responsibility and only providing a bare minimum of protection, leaving many businesses open to fraud. For a growing number of small businesses, this system vulnerability often leads to significant financial loss, as most lawsuit complaints never even go to trial or only reproduce pennies on the dollar to make up for stolen money.

What can you do about it?

  • Make yourself invisible to the bad guys by installing and regularly updating an electronic firewall.
  • Don’t rely solely on your anti-virus software. It’s helpful, but not fail-proof.
  • Audit the data on your network, especially financial information.
  • Implement and explain an acceptable use policy for web browsing.
  • Educate your users on the dangers of open surfing while connected to the company network.
  • Remember basic security measures such as changing default passwords and creating secure passwords! Your last name, birthday, or 1234567 are NOT going to keep cyber criminals out!

Bottom line, cyber thieves are constantly on the prowl for the weakest link. Data security is not just important, it’s absolutely essential to the sustainability of your business. Give GCInfotech a call today to discuss how we can help you take the necessary precautions to keep your business data safe and secure!

security

What It Is and How to Avoid It.

Browser hijacking is one of the Web’s ever present dangers. It’s a type of online fraud that’s generally used to force hits to certain sites of a hijacker’s choosing. Chances are high that most internet users will be subjected to this practice in some form. A hijacker uses malicious software to change your internet security and registry settings to gain control over what and how your browser displays web content. Combating it can be tricky because it’s not necessarily a virus or adware, so software monitoring programs will not always suffice.

Signs that your browser might be hijacked…

  • Home Page has changed unexpectedly
  • Internet settings have changed and you can’t seem to reset them manually
  • New or unrecognizable links in your Favorites
  • Inability to navigate to certain websites such as anti-spyware and other security software sites
  • A new toolbar appears in your browser
  • An endless barrage of pop-up ads
  • Rerouting of URLs to other dubious websites

Precautionary measures you can take…

  • Use common sense. If a pop-up ad asks your permission to install an executable file, don’t accept it unless you’re absolutely certain of what that program entails. Make sure you have all the latest security packs and patches from Microsoft.
  • Run your anti-virus program regularly and set it to auto-protection. Heighten your internet security settings and add the sites you regularly visit to the list of ‘Trusted Sites’ so they aren’t affected. Consider changing your browser; many of these malicious programs are specifically designed for Internet Explorer and won’t execute on other browsers such as Mozilla.
  • Prepare an ‘emergency kit’. Free utility programs like Hijackthis or CWShredder are effective at removing malicious code while other programs like Ad-aware and Spybot remove Trojans and can help you recover your system.

GCInfotech can help you take the appropriate preventative measures to protect yourself from the dangers of browser hijacking.

GCInfotech is your total business IT solutions resource for your Mobile Workforce

How Smart is your Smartphone?

The smartphone continues to revolutionize the business world as new and innovative phones flood the market and slick apps make it easier to do business around the clock, from anywhere. From a profitability and productivity standpoint, the business enhancing affects are unquestionable. But with this rapid progression in smartphone technology come new mobile security challenges that not only CIOs and IT staff need to think about, but also small business owners and managers. Smart phones can be open portals to sensitive personal information and your corporate network making it absolutely crucial to understand the mobile security risks and how to maintain the integrity of your data.

GCInfotech’s Cory Visi adds, “Like laptops, smartphones are an extension of your corporation’s network not only containing sensitive or confidential data, but through VPN capabilities it can allow direct connectivity to the heart of your company’s business. It is imperative for the network administrator to view smartphones the same as employee laptops, and to apply the same (if not greater) precautions and access levels restricting access to the corporate network.”

36% of business network attacks originate from end-user devices, and according to the 2010 Data Breach study
28% of attacks occur through the various social networks that employees enjoy on their smartphones

Monitoring these types of activities and deploying a mobile device use policy will go a long way in securing sensitive company data that travels between the company network and employee smartphones. With volume of apps available, and with the rate at which they enter the market, it’s understandable that not all apps are vetted before they’re available for download. This is a huge source of vulnerability and an increasingly inviting platform for malicious criminal activity that can have devastating effects on your business. Policy should define and restrict which smartphones may be used on a corporate network.  If the phone does not support features such as password protection, or remote-wipe (ability to remotely erase the phone if lost) for example, it should not be allowed to access company data.

If you already have one or plan to deploy a business smartphone to your workforce, give some thought to the following:

  • Education. Make your employees aware of how their smartphone interacts with your network.
  • Create and strictly enforce a use policy, and ensure that security apps are included in said policy.
  • Understand that not all smartphones operate on the same platform. Phone software packages have holes and no carrier is immune to malware and viruses. Learn about the various vulnerabilities and safeguards of the smartphone options you’re considering.
  • Require employees to sync their phones regularly, keeping sensitive data off of their phones.
  • Maintain a corporate firewall and regularly monitor all server activity.
  • Limit employee permissions to only what they need to get their job done.
  • Have authentication protocols in place for accessing corporate networks.
  • Keep malware definitions up to date and running on all security software.

GCInfotech will help you maintain the integrity of your corporate network and mission-critical data. If you have any questions or concerns regarding how to develop a strategy for mobile phone security in your company, give us a call.

security

Password security is an increasingly important matter among technology experts as they debate the issue over usability, security and privacy. Ideally the three fields would work more compatibly, providing us with easier systems to use while still maintaining that rock solid security we need. There may always be a degree of inconvenience to the end-user when it comes to creating new passwords and upholding the expectations we set for impenetrable security.

Perhaps a little inconvenience is worth it– as Cory Visi, Managing Partner at GCInfotech, points out, “Millions of computers all over the internet (some hacked, some not) are running programs that scan other computers and servers for weak and empty passwords 24 hours a day, 365 days a year. If your password is simple and short, your account is likely to be hacked.”

It’s a dangerous world out there, one where technology experts have to battle the savvy hacker looking to gain access to your personal or company data while still considering that the legitimate user, you, demands accessibility with nothing more than a few keystrokes. It’s striking that balance between security and usability that ultimately determines how reasonable password requirements really are, and our willingness to comply with them.

It begs a couple of key questions– the more security measures we introduce, the harder it is to use a system? The more security a system has, the less secure it actually becomes? Fundamentally, people understand the need for security and are typically willing to comply because it seems necessary, but it’s really about the effort required to comply that make security measures successful or not. If a system is unusable because of overbearing security protocol, people will invariably create the necessary workarounds in order to get their job done. However this occurs, whether it’s posting a sticky note on the monitor or using “password” as your password – it all boils down to the fact that you just may be sacrificing security for convenience.

Overly restrictive password requirements could in fact decrease security and even increase your costs. Decreased security due to the methods people employ to recall a password, and increased costs due to the resources you may have to redirect toward helping users when they get locked out of their systems recurrently. In essence, the good guys are kept out while the bad guys aren’t affected, because, after all, they have other ways for penetrating your system, including phishing scams and key logging for example.

It’s very important that you have someone, if not the entire IT staff, who understands the intricacies between the systems you run, any new developments that exist for enhancing security measures, the needs of your end-users, and the psychology of illegitimate users. These factors will indeed play a meaningful role in securing your systems. And, of course, engage a mandatory password change policy for your employees.

Cory Visi further explains the need for such a policy by saying, “Even the owners and partners should comply. Password security policies should balance the frequency of changes with the complexity of the password. Passwords that are changed more often don’t have to be as complex. However, high security passwords should always be complex.”

Experts may provide different parameters for password creation, but always remember that the best password is both highly secure and easily recalled by memory. Here are some helpful tips:

  • Use long, non-word combinations
  • Don’t use personal info or follow any discernible patterns
  • Use different character types (i.e. symbols, numbers, upper and lower case letters if permitted by the system)
  • Use a passphrase (i.e. “I Love to eat Carrots and Dip 4 Snack!” = ILteCaD4S!)
  • Use a password management tool
  • Use different passwords for different sites, especially for those you want to keep secure
  • Change your passwords frequently and don’t reuse them for at least a year

If you don’t have a comprehensive plan of action for ensuring the maximum security for your systems, it’s time to have that discussion with your IT consultant. If you need help understanding what options are available or need to know more about password and system security, one of our expert technicians at GCInfotech can help you.