About Us
Facebook-f X-twitter Linkedin-in

Tag: malware

Ransomware Threats in the Air: How to Prevent and Protect

Posted on by

Ransomware in the Air – Strategies to Prevent and Protect

Unless you’ve been living under a rock, you’ve probably heard about the latest flavor of cybercrime that is circulating the internet – Ransomware.  As an experienced technician who has encountered this threat several times throughout its development, I’d like to spend some time today discussing what it is and what we can do about it.

Imagine that you are working on a deadline and you need to retrieve valuable client data stored on one of your server shares.  You go to open the file and receive an error message that the file is unreadable.  In the same folder you see a new file called DYCRYPTMYFILES.TXT.  You open this file to reveal a note from a smug hacker.  “Send 500USD in bitcoins to a specified address or lose access to your files permanently,” it says.  Browsing through your folders you quickly discover that you cannot open any of the files!  Worse – you call your IT professional and they tell you that there is no way they are getting those files back.  They are gone for good.

How do you think a scenario like this would affect the operation of your business?  How quickly do you think you could recover and get back to normal working order?  How much do you think it would cost?  It is unfortunate to say that many businesses will ultimately pay the hackers what they want in order to retrieve business critical data that they cannot recover by any other means.  For this reason, the ransomware industry is growing rapidly and the malware programs themselves become increasingly more sophisticated.

Right Hand heavily discourages anyone from giving in and paying the ransom.  While we do recognize that there can be situations where this is the only remaining way to regain access to business critical data, there really is no guarantee that the hackers will actually decrypt your files.  In addition, paying the ransom will flag you as a successful target, and you are very likely to be targeted again.

So what exactly is going on here?  At its core, ransomware is just like any other virus or malware except that it wants to target your data and “hold it for ransom”.  It does this by using encryption on any of your files that it can find – Word documents, spreadsheets, PDFs, pictures, music, databases, etc.  Encryption scrambles the data within those files, rendering them unreadable and virtually useless.  The hacker possesses the decryption key (what is needed to unscramble the data back to normal) and offers to return the files to the user in exchange for a sum of money, typically payable in bitcoins.  The hacker may also threaten to delete the key if the user does not act within a declared period of time.

Every business today should have knowledge of this threat and know how to protect themselves from it.  I have narrowed down three major areas of focus that a business can use to accomplish this.

  • Awareness training
  • Good security practices
  • Keeping good backups

I will touch a little on all three.

Awareness Training

 The weakest link in your network’s security chain is – and always will be – the user.  You can spend thousands on the best security firewalls and intrusion detection equipment and it will do you no good if Barry from Accounting mistakenly initiates a virus program.

Ransomware usually begins with a fraudulent email.  They purport to be from a trusted source, i.e. your bank, one of your contacts, or known entities such as UPS, FedEx, or ADP.  These emails always contain a clickable link or attachment that the user should click on to view more information about the email.  This is the bait, because once that user clicks it will immediately and silently begin to execute ransomware code.  Employees should be trained to use caution when opening any email attachment or clickable link.  In today’s world it has even become a common practice to “spoof” email addresses, making them appear as coming from a trusted sender.  For this reason, a simple phone call could be all that is needed to verify whether an email is legitimate.  Training should occur on a repeated basis to make sure employees have knowledge of current threats, what to look for, and how to deal with them.  When the users have knowledge beforehand they are much more likely to recognize a fraudulent email or webpage.  Additionally, in the event that a computer becomes compromised, you want that employee to recognize what occurred, act quickly and notify a network admin so that damage can be mitigated quickly.

The key here is remembering that it is not good enough just to have a policy.  Barry needs to be made aware of, and refreshed on the policy if you want him to become effective at detecting fraudulent communications.  In order to assist businesses with achieving this end, Right Hand offers an in depth training program that can simulate actual attacks, giving your employees the edge they need.

Contact us for more information by clicking here.

Good Security Practices

You always want to be sure you are following good security practices with your network regardless of the threats involved.  Here I am referring to technical controls and equipment that you can use to limit any unauthorized access.  For example, having a firewall is great for your network’s security, but can be meaningless if not properly configured.

Most strains of ransomware require the user to unknowingly download and execute malware code.  One way to counter this is by limiting administrative access to user’s computers when they don’t require it.  Processes that install software and change the registry require administrative access in order to work.  In this scenario, if Barry clicks on the bad email link, the ransomware may download but cannot execute because Barry does not have administrative rights to the computer.  This is known as the Principle of Least Privilege, and it is a good all-around security measure that will defend against more than just ransomware.

Another useful tip to prevent ransomware is to utilize a spam filter.  Most email hosting providers have this feature built right in, but some do not.  Check to see if your organization uses spam filtering, and find out how to implement it right away if you do not.  As stated previously, ransomware likes to worm its way in via fraudulent emails.  Having a spam filter in place doesn’t provide a foolproof safeguard, but it can drastically reduce the quantity of these emails that make it through to user’s inboxes.

There are many other good practices that business can follow to protect themselves and their data.  Right Hand offers security audits to help you see clearly the current state of your network.  Often, our technicians can discover ways to increase your network’s security with the assets and controls that are already in place!

Click here and let us know you’re interested.

Keeping Good Backups

The power of keeping regular backups cannot be overstated.  A good backup solution takes backups regularly, they are redundant, and they are stored both locally and offsite.  Gone are the days of fighting with tape backups and praying that they work when called upon.  In 2016, a small business can purchase an effective solution for about the cost of a cell phone plan – which is nothing compared to the financial cost of losing valuable client data to ransomware, or any type of disaster for that matter.  A business that keeps good backups of their system cannot be harmed by the effects of ransomware – aside from the downtime involved with removing the infection and restoring good copies of data.  Good employee training and controls are always most effective when combined with a reliable backup system.

In this scenario, Barry’s infected computer is cleaned of malware and good copies of encrypted data are loaded from backups.  The business may suffer temporary downtime and inconvenience, but ultimately they will make a full recovery.

A strong backup solution is your ultimate protection against data loss for any situation.  If you do not have a suitable backup solution, talk to us about how we can help you get to where you need to be.  To view quick and easy solutions for single computer backups, check out http://backup.rhtg.net.

GET YOUR FREE RANSOMWARE RECOVERY TIPS

Worst case scenario?  If you have already been infected with ransomware, we’re ready to help.  Fill out the form below for a free recovery tip sheet.

Right Hand is a managed service provider offering custom IT solutions for any size business, large or small.  Our team has the experience and knowledge to protect your network from ransomware and other threats.  Don’t wait for disaster to strike – call us today at 844.254.RHTG (7484).

[gravityform id=”4″ title=”false” description=”true”]

4 BYOD security risks you should address

Posted on by

Bring your own device (BYOD) strategy is when an employee uses their personal mobile device to work with your company from anywhere. This strategy can bring about many advantages to your business such as increased efficiency and convenience. However, this can also bring a number of security risks for your IT infrastructure and data. If you’re thinking of incorporating BYOD in your office, consider some of the risks involved before making a decision.

Data leakage

The biggest reason why businesses are weary of implementing a BYOD strategy is because it can potentially leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and systems. There is also a chance that an employee will take work with them, where they are not using the same encrypted servers that your company is using, leaving your system vulnerable to inherent security risks.

Lost devices

Another risk your company has to deal with, is the possibility of your employees losing their personal devices. When devices with sensitive business information are lost, there is a chance that this could end up falling into the wrong hands. Additionally, if an employee forgets to use a four digit PIN code to lock their smartphone or tablet, anyone can gain unauthorized access to valuable company data stored on that particular device. Therefore, your company should consider countermeasures for lost devices like completely wiping the device of information as soon as an employee reports a missing or stolen phone.

Hackers can infiltrate your system

Personal devices tend to lack adequate data encryption to keep people from snooping. This along with the fact that your employees might not have updated their devices can allow hackers to infiltrate your IT infrastructure.

Connecting to open Wifi spots makes your company more susceptible to hackers. Open wireless points in public places can put device owners at risk because there is a chance that hackers may have created that hotspot to trick people into connecting. Once the device owner has connected, attackers can simply surveil web activity and gain access to your company’s accounts.

Vulnerable to malware

Viruses are also a big problem when implementing BYOD strategies into your business. Using personal devices means your employees can access whatever sites or download any mobile apps that your business would normally restrict to protect your system.

Jailbreaking or rooting a device also puts your systems at risk because it removes limitations imposed by the manufacturer to keep the mobile software updated and protected against external threats. It’s best to understand that as your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies to your business, prepare your IT department for an array of potential malware attacks on different devices.

So you might be thinking that it would probably be best to just avoid implementing a BYOD strategy in the first place. However, BYOD will help your business grow and adapt to the modern workplace, and should not be dismissed as a legitimate IT solution. It’s just important to educate your company about these risks so that problems won’t occur for your business down the line.

If you need some help implementing IT security solutions for your company, or if you have any concerns regarding IT, give us a call.

Published with permission from TechAdvisory.org. Source.

What is the Blue Screen of Death?

Posted on by

Everything seems fine at first, your PC is running normally but then a blue screen suddenly greets you. After restarting your computer you find that a lot of your unsaved work is gone. If this has happened to you before, rest assured, you’re not alone. What you’ve just encountered is the Blue Screen of Death (BSoD) and it appears when there is an issue with either your hardware or software. Fortunately, there are ways to troubleshoot these problems. Here are some of the common causes of a critical failure error and how you can fix them.

Find out what caused your BSoD

The next time you get the blue screen, don’t panic. This is just an alert to prevent further system damage to your computer and to indicate the cause of crash. The most important part of the blue screen is the error name which displays messages like “Driver_IRQL_not_less_or_equal”. For Windows 8 to 10 users, this information is usually displayed at the bottom of the screen. For troubleshooting advice, a memory dump containing details of your latest crash can be found in Event Viewer > System > Windows Logs and click any messages indicating an error. Under the General tab you will see a full report of your latest crash — this should be given to an IT technician so they can help you further.

Fixing the problem:

Update your drivers

Crashes are generally caused by problems with hardware or the driver software that is allowing that specific hardware to run. If you’re getting frequent blue screens, try to recall any recent changes you have made to your computer. Have you recently installed a new driver for an external device? You can also check if any drivers are conflicting by going to Control Panel > Device Manager. If you see a warning icon on any of the devices, there is something wrong with the device. Chances are, specific drivers are either outdated or weren’t properly installed.

To update, simply search online for your specific computer manufacturer and install the drivers provided in their list. Remember to only install the drivers that apply to the specific model of your device and your operating system. For example, if your operating system is Windows 8, only download Windows 8 related items for your specific model.

Other hardware problems

BSoD can also indicate hardware problems. Running very intensive programs that your CPU can’t handle will cause your computer to overheat and eventually crash. If you use a laptop, try to keep it on flat surfaces and away from fabric material as this could block the fan vents and cause your laptop to overheat.

Your RAM could also be faulty. Check if it’s attached to your CPU properly or go to Windows memory diagnostics to find out if you’re straining your RAM.

System restore

Using system restore will allow you to undo any significant software changes that are crashing your PC. To restore your computer to a previous time, go to Control Panel > System and Security > Backup and Restore then click on Recover System Settings for your Computer. From here you can select a restore point to a date where you think your computer was not experiencing frequent crashes.

Check for viruses

Some types of malware can cause instabilities in your operating system causing your PC to crash. If you are aware that your computer is infected with a virus, try running antivirus software. However, make sure you’re not running two antivirus software at the same time while you’re doing this. Both programs can conflict with each other and, in some cases, cause system crashes.

Clean reboot

This option is your last resort if none of the solutions above work. For Windows 8 or 10 users simply go to Settings > Update and Security > Recovery then select Reset this PC. If your computer is still getting frequent blue screens then it would be best to go to an IT consultant and have them look over your hardware.

The Blue Screen of Death is one of the biggest problems your company’s hardware is going to face. Consider using any of the above solutions to fix your blue screen and hopefully everything will be back to normal. If you would like to know more about any general hardware advice, or if you have any concerns regarding your IT, contact us today.

Published with permission from TechAdvisory.org. Source.

7 Warning signs of malware infection

Posted on by

Your computer has been acting up a lot lately. It keeps crashing, it’s slow and, to top it off, you keep getting pop-ups you don’t want to see. If these problems keep occurring then your computer may have a virus. So is there a way to prevent things like this from happening again? While there are various antivirus solutions you can take, it’s best to know how malware affects your computer first so you can quickly recognize and deal with the problem. These are a few ways to find out if your computer has a virus before it’s too late.

Slow computer

The most common symptom of a malware infection is a slow running computer. Are your operating systems and programs taking a while to start up? Is your data bandwidth suspiciously slow? If so, your computer may potentially have a virus.

However, before you immediately assume your computer has a virus, you should check if there are other causes to your computer slowing down. Check if you’re running out of RAM. For Windows, open task manager (Ctrl + Shift + Esc) and go to the Performance tab and check how many gigabytes of RAM you are using under the Memory section. For Mac OS users, you can open the Activity Monitor app and under System Memory you should be able to find out your RAM usage.

Other causes of a slow system include a lack of space on your hard drive and damaged hardware. Once you’ve ruled out the other potential causes, then a virus may have infected your device.

Blue screen of death (BSOD)

If your PC crashes regularly, it’s usually either a technical problem with your system or a malware infection. You might not have installed the latest drivers for your device or the programs you’re running could possibly be incompatible with your hardware. If none of these problems are apparent in your PC then the virus could be conflicting with other programs causing your crashes.
To check what caused your last BSOD go to Control Panel> System and Security> Administrative Tools> Event Viewer and select Windows Logs. Those marked with an “error” are your recorded crashes. For troubleshooting solutions, consult forums or your IT department to figure out what to do next.

Programs opening and closing automatically

Malware can also be present when your programs are opening and closing automatically. However, do check if some programs are meant to behave this way or if they are simply incompatible to run with your hardware first before coming to the conclusion that your computer has a virus.

Lack of storage space

There are several types of malware that can manipulate the files saved on your computer. Most tend to fill up your hard drive with suspicious files. If you find any unknown programs that you have never installed before, don’t open the application, search up the program’s name over the Internet and use antivirus protections once you’re certain that it’s malware.

Suspicious modem and hard drive activity

Combined with the other warning signs, if your hard disk is working excessively while no programs are currently running or if you notice that your external modem is always lit then you should scan your computer for viruses.

Pop-ups, websites, toolbars and other unwanted programs

These are irritating signs that your computer has a virus. Pop-ups come from clicking on suspicious pages, answering survey questions to access a website’s service or installing free applications. Don’t click on ads where Jane says she earned $8000 a month staying at home. When you get pop-ups appearing out of the blue, refrain from clicking anywhere on the pop-up page and just close out of the window and use your anti-malware tool immediately.

Equally, free applications allow you to download their service for free but the installation process can be riddled with malware. When you’re installing a program from the Internet it’s easy to just skim over the terms and conditions page and repeatedly press next. This is where they get you. In the process of skipping over certain installation steps, you might have agreed to accepting a new default browser, opening unwanted websites and other programs filled with viruses. Just be cautious the next time you download something for free. It’s best to try avoiding any of these practices when you can in order to protect your computer.

You’re sending out spam

If your friends are telling you that you’ve been offering them suspicious messages and links over social media or email, you might be a victim of spyware. These may be caused from setting weak passwords to your accounts or forgetting to logout of them.

In the end, it’s best to know how malicious software affects your computer so you can take steps to rectify the situation as soon as possible. Regardless of whether or not your system has experienced these symptoms, it’s always smart to perform regular malware scans to ensure your business is safe. To find out more about malware and IT security, contact us today.

Published with permission from TechAdvisory.org. Source.

Our Offices

Mohali, 8B industrial area, Punjab, India

Fynovus@gamil.com.

Quick links
Contact us

Copyright ©2025 Fynovus Technology Group, Inc. All Rights Reserved.

Facebook-f X-twitter Linkedin-in