Posts

How New Ransomware Threats Target Critical Infrastructure

Just when the world thought it had finally figured out how to stop cybercriminals for good, a new threat arises: industrial control system (ICS) ransomware. It’s ransomware, but it’s unlike anything that has ever appeared in the business world before. In addition, threats spike during the coronavirus pandemic.

It’s commonly said that data is more valuable than oil, making it the most valuable resource in the world. That makes cybercrime big business, and hackers are proving that they’ll go to any length to get their hands on a company’s most sensitive information.

As businesses adapt to stay one step ahead of criminals, hackers, too, are becoming much more innovative with their approaches. Here’s what ICS ransomware is, why companies need to know about it, and how a managed network service provider can help an office stay safe.

What Is Industrial Control System Ransomware?

Industrial control system (ICS) ransomware is a type of malware that targets the processes and technologies that industrial companies use to manage their operations. In business, this involves enterprise software on the backend that never faces customers or the public.

Although ICS malware was first discovered in 2010, it has remained relatively rare in the business world. Instead, such attacks have primarily existed only in state-sponsored espionage and cyberattacks against the critical infrastructure of a country. For example, CrashOverride (Industroyer), targeted Ukraine’s power grid in 2016. Havex, another malware with an ICS component, targeted the pharmaceutical, defense, aviation, energy, and petrochemical sectors in the United States and Europe.

ICS ransomware represents an evolution in both ICS malware and ransomware histories. They’re unique in that they not only target industries constituting a country’s critical infrastructure, but they also seek to cash in on the lucrative business of holding company data ransom. (Corporate ransomware earns hackers around $1 billion annually). Although rare, this blending of two different types of malware makes them particularly difficult to detect, prevent, and handle.

A Closer Look at EKANS

Until December 2019, there were only four identified ICS malware programs out there – until EKANS came along. Named after a Pokémon, it appears at first as a more typical example of ransomware. It makes its way onto a network, encrypts files, then displays a ransom note on all infected machines.

However, that’s where similarities end. EKANS is unique in that it contains a static kill list, a set of targets related to various industrial control system operations. When these operations are encountered on a machine, the ransomware systematically kills them and prevents them from restarting.

Remarkably, no self-propagation method exists in EKANS, making it both a primitive but troubling piece of code. That means it doesn’t spread technologically like most ransomware, finding new targets on the network then duplicating and installing itself like a virus. Instead, its operations require an interactive launch or a script to be executed. That suggests that the hacker already has access to the network through more hands-on means.

ICS ransomware, though rare, is troubling because it suggests that hackers are beginning to gain a deeper awareness of ICS systems. Likewise, though EKANS currently needs to be manually installed on a network, its ability to kill ICS processes on both the computer and server levels means that it can deliver a significant amount of damage to a company very quickly.

Fight Cyberattacks With a Managed Service Provider

EKANS shows that cybersecurity is more important than ever for companies in all industrial sectors. For businesses with a hand in critical infrastructure, it’s now time to review the existing attack surface and seek to minimize it. Consider deploying a managed service provider to elevate the level of security on a company’s network. A managed provider can enhance defenses against threats like EKANS by:

  • Introducing 24/7 remote monitoring to detect and prevent attacks as they occur
  • Segment networks to make it harder to access ICS processes from the outside
  • Properly configure servers and platforms for maximum security
  • Improve access and authentication methods
  • Implement regular, automated backups of data and systems to prevent them from being held for ransom
  • Enhance network visibility to spot unauthorized access before it has a chance to cause harm

Smile and Say Goodbye to Cybersecurity Threats

In the era of cybercrime, no company is truly safe. The evolution of ICS ransomware shows that cybercriminals will go to any measure to access valuable data and destroy critical infrastructure. What was once primarily a tool in state-sponsored cyber warfare is now making its way into the business world. That’s scary, but by taking precautions, it’s possible to remain protected against this new threat.

A managed service provider can go a long way to helping a company prepare and defend against threats like EKANS. By stopping the physical actors in their tracks, ICS processes remain undisturbed and able to carry out the vital functions they’re designed to perform.

Smile can help companies elevate their cybersecurity strategy. Reach out now for a conversation about network security.

What Are the Weak Spots in Your Wireless Devices?

With more and more critical business operations occurring online, device security is gaining an extra level of security. Wireless devices now come in a startling array of forms, ranging from recognizable laptops and phones to everyday items where it’s easy to overlook their connection to the internet.

The average modern business is a treasure trove of sensitive and valuable data – and hackers have noticed. Almost half of small businesses in 2018 experienced a cyber-attack. Of those, 44 percent experienced between two and four attacks, making small businesses the most common target for hackers last year.

Cyber-attacks occur through a myriad of creative ways, many of which take advantage of forgotten wireless devices or those which have been configured incorrectly. Read on to gain insights about how bad actors manipulate devices to acquire access to sensitive materials, and what to do about it.

Features of Secure Wireless Devices

There’s no such thing as “The Ultimate Secure Device” which a company can simply set up and forget about. Most security relies on a combination of correct configuration and the software to make it happen. However, all secure devices have a few traits in common. These include:

1. Encryption.

The FTC recommends that businesses encrypt access points such as wireless routers. In addition, strongly consider the use of VPNs, or virtual private networks, to hide or encrypt network traffic. Both measures help prevent eavesdroppers from watching network traffic for unsecured data being transmitted.

2. Strong passwords.

As a rule, if a password appears on any widely disseminated list of common passwords, it’s a bad one. Strong passwords are difficult to guess and result in more failed access attempts which are noticeable on a network.

3. Segmented networks.

Secure networks are segmented so that users can’t access the entire network. Often, businesses use multiple routers to maintain completely separated networks for public users and internal purposes. Traffic is spread out, making both networks faster, and the public can’t peer into the network traffic of the business.

4. Wireless intrusion detection/prevention.

Secure wireless devices have a means for detecting and protecting wireless intrusion. These measures automatically disconnect unauthorized devices and identify misconfigured or rogue access points which might be used to access the network.

5. WPA2 or WPA3.

WiFi Protected Access, or WPA, is a security protocol and certification program to secure wireless networks. WPA2 is the most widely used protocol, but WPA3 was released in 2018. However, in April 2019, WPA3 came under scrutiny for a potentially serious design flaw compromising its security. It’s too early to confirm this, and IT security professionals should follow its developments.

What Devices Present the Biggest Risk?

There are two device types which are common in most offices but nonetheless present the biggest risk. Securing these goes a long way to keeping valuable company and customer data safe. These two items are:

1. Printers.

WiFi-connected printers constitute the most overlooked wireless device in the office space. Consequently, they’re one of the biggest targets for hackers. All manner of sensitive data passes through the modern printer, and this is compounded when it’s a multifunction printer which also handles scanning, faxing, and photocopying.

2. Personal devices.

Bring your own device policies are becoming increasingly common. However, they also open up a world of security headaches for IT professionals. Personal devices can’t easily be tracked or monitored for intrusion, may have malware, and may cause sensitive data to be spread beyond company walls. While it might be tempting to ban them as a result, these devices also bring an incredible amount of flexibility and functionality for employees to do their jobs.

Managed IT Can Help Harden Weak Spots

Companies can harden their device security by taking steps to ensure that all devices are governed under a clear policy. This requires an audit of the wireless devices currently being used in a workplace, including WiFi-connected smart devices. Managed IT or network services can assist with this, as such specialists will be more aware of the many devices which companies frequently overlook. Additionally, managed network services can:

  • Assist with developing a clear BYOD policy for staff which supports security.
  • Help educate staff on safe practices regarding data and cybersecurity.
  • Update security protocols and properly configure wireless devices.
  • Monitor networks in real-time for intrusion and unauthorized use.
  • Upgrade devices and hardware to align with current best practices.

Keep Security Current with Smile Business Products

Even startups and small businesses require robust security right from the gate to thwart the creativity and tenacity of today’s hackers. Likewise, the profusion of wireless devices means that it’s easy to overlook a device – which in turn creates an opening for malicious behavior. However, with managed network services, an IT expert who has seen all the tricks can help get a company’s device security in order.

Reach out to security professionals at Smile today to get started analyzing your wireless devices for weak spots.

Cybersecurity Trends to Look Out for in 2019

 

Cybersecurity is a dynamic, constantly changing environment that demands agility from IT teams. Last year’s best practices can quickly devolve into dangerous risks, and industry leaders are always looking for the latest security trends to cover their vulnerabilities.

2018 was a year of security failures, privacy problems, and surreal headlines like the Japanese cybersecurity minister’s admission that he’s never used a computer. It was an election year that finally exposed the true extent of digital voting machines’ lack of security.

It was also the year that Europe implemented the strictest privacy protection law in the world thus far. Most experts agree that this is a move that the United States will soon parallel.

These are the events that will influence and inform that security landscape for 2019. Security professionals are responding to these events when considering the latest cybersecurity trends to follow.

Top Cybersecurity Trends for 2019

The industry’s most reputable security professionals have sifted through the headlines of 2018 to identify the most pressing security trends business owners and office managers should be aware of for the coming year. Pay attention to these trends in your IT security plans for the coming year:

1. Zero Trust Is Giving Way to Behavioral Biometrics

With all of the uncertainty in the air, it’s unsurprising that last year’s top cybersecurity professionals largely adopted a zero-trust model for handling network traffic. Zero trust offers excellent protection against insider threats and sophisticated cyberattacks by quarantining damage to specific devices.

But zero trust is difficult to implement in legacy networks and it often presents challenges to employee productivity. Imagine completing a complex two-factor authentication every time you want to send or receive an email.

Now, cybersecurity professionals are looking to behavioral biometrics to address these problems. These applications capture and analyze behavioral data to authenticate users.

For example, your accounting supervisor may be a left-handed speed typist who regularly clocks more than 80 words per minute. If behavioral biometrics determines a right-handed user leisurely typing away on that supervisor’s account, it will immediately flag and quarantine the profile. Mobile applications can measure the angle at which users hold their mobile devices and a great deal of similar user-unique data.

2. Stricter Compliance Regulations

It’s virtually guaranteed that a GDPR-like national data privacy standard will surface in the United States within the next five years. Prior to that development, IT security teams will see stricter data privacy regulations and increased activity towards enforcing those regulations.

IT teams will find stricter regulations particularly more noticeable with respect to data breach notification rules. It’s likely that the terms for notifying users of breaches will become shorter while the price of noncompliance rises dramatically.

3. Increased Interest in Cloud-Based Security

Cloud-based security vendors are already an important part of the cybersecurity marketplace. But there are plenty of corporate holdouts who insist on maintaining their own in-house security solutions.

Upcoming changes in data security regulation are likely to convince corporate holdouts to consider cloud-based security solutions that offer on-demand compliance. Increasingly complex regulation will put in-house security teams at a disadvantage compared to cloud-based security vendors that can offer accessible, scalable solutions at a fraction of the price.

4. Cybersecurity Will Become More Intelligence-Driven

Cybercriminals already rely on fast-moving, automated attacks that often synchronize with multiple attack vectors to confuse victims while probing work weaknesses. Cybersecurity professionals will have to develop intelligent solutions to respond proactively to these threats.

Intelligence and speed will become the most important aspects of the cybersecurity framework. Cybercriminals have access to the same machine learning technologies that cybersecurity teams have, so the need for artificially intelligent security solutions will increase.

In 2019, cybersecurity solutions will have to determine malware vs. virus signatures using automatic processes so that IT security teams have more time to respond to advanced threats. Malware protection will likewise have to become more streamlined than it is now.

5. The Cybersecurity Talent Gap May Widen

The cybersecurity talent gap is one of the main factors pushing businesses towards cloud-based security options, managed network services, and artificially intelligent automation. The fact is that there simply are not enough skilled cybersecurity professionals on the market to fill the number of positions open.

Cybercriminals know that there are not enough cybersecurity professionals to satisfy the industry’s needs. This is precisely why they disproportionately target small businesses.

Prepare Your Organization for Tomorrow’s Security Landscape

With the cybersecurity talent gap widening, managed network vendors are dedicating more resources than ever to fulfilling their security needs. At the same time, noncompliance is becoming an increasingly risky position to take, and organizations need to invest in state-of-the-art security technology like behavioral biometrics to keep their users safe.

Invest in your organization’s cybersecurity infrastructure so keep your data private and your processes compliant. Talk to a Smile security expert today to get started.

Why Outsource Information System Management?

Why Outsource Information System Management?

Technology is critical to any business’s success. Especially in today’s fast-moving, constantly evolving economy, sometimes having access to the latest technology can mean the difference between thriving and merely surviving.

Organizations that wish to remain competitive in these conditions are increasingly looking to specialized service providers who can keep them on top of the latest developments in their fields. This approach has already proven itself in the world of imaging services, and it continues to become increasingly relevant for information system management.

When small businesses and enterprises outsource their management information systems to a third party, they usually do so through a managed network services agreement. This agreement ensures that the organization enjoys access to all the types of network services it needs under a customized service-level agreement.

This approach generates a number of benefits that organizations would be unable to enjoy purely by leveraging their own in-house IT talent. There are limits to what achievements are economically viable for in-house IT teams. This is why experts predict that the market for information system management services will continue to grow on a global scale into 2023.

What Benefits Does Third-Party Information System Management Offer?

Choosing a reputable provider of managed network services can transform the way an organization does business. It provides a scalable infrastructure solution that can serve the needs of growing businesses as well as help make extended growth a sustainable enterprise.

  • Guaranteed Access to the Latest Technologies. Organizations need to adopt the most advanced network solutions available to keep up with their competitors. Keeping up requires dedicating time, talent, and resources to the ongoing process of improving IT infrastructure. Managed network services allow organizations to offset those costs by outsourcing them to a reputable vendor.
  • Reduced Technology Costs. The initial outlay of third-party information system management is far lower than the cost of implementing an in-house IT system. The operating costs associated with using the equipment is also considerably lower when the team responsible is part of a managed network service provider. Organizations need only pay a fixed monthly rate that corresponds to the services they use.
  • Centralized Efficiency. When organizations choose to deploy in-house IT systems, they inevitably make compromises on speed and efficiency when choosing where to deploy the system in question. Managed network service providers use virtualization and cutting-edge SD-WAN technology to optimize business efficiency regardless of location and other constraints.
  • On-Demand Expertise. In-house IT teams are often ill-equipped to handle growing IT infrastructures on their own. They need help, and that help usually comes in the form of new hires. However, hiring new employees is both expensive and risky. In some fields, these businesses are lucky if they can find qualified candidates at all – cybersecurity, for example.
  • Guaranteed Uptime. One of the major issues enterprises face with in-house networking is that they get locked into using them without updating them or replacing critical components. This creates a situation where companies don’t fix problems proactively – they wait until the last minute when a small issue becomes an enormous problem. Managed service vendors cannot afford to let issues wait.
  • Excellent Disaster Recovery. Businesses with robust managed service contracts in place can recover faster and more completely from large-scale disasters that would cripple an in-house IT team. Off-site decentralization and redundant cloud backups put the vast majority of a business’s infrastructure out of harm’s way – whatever form that harm may take.
  • Better Risk Management. Every enterprise carries risk. Whether in the form of government regulations, changing economic conditions, or disruptive technologies, organizations need to find reliable ways to manage their financial outlays and weather potential storms. Managed services accomplish this by turning infrastructure into a predictable, scalable monthly service
  • On-Demand Compliance. Today’s organizations need to comply with a dizzying array of data regulations. This is even more true for businesses that operate in highly regulated fields. HIPAA regulation for the healthcare industry is a perfect example. More than ever, businesses need to find ways to entrust their systems to professional service providers who can guarantee compliance.

Have Smile Manage Your Network Infrastructure

When an organization entrusts its network to a reputable provider like Smile, it frees up its own in-house IT resources to focus on strategic initiatives. Without these service agreements in place, enterprise IT teams have to spend the majority of their time fixing printers, diagnosing network problems, and performing other low-impact, high-volume tasks.

Managed services allow organizations to put their talent to work in a more effective way. Information system management is just one step towards building an affordable, scalable infrastructure that permits sustainable growth in a variety of circumstances while protecting company investments against market risks and security vulnerabilities.

Is it time for your business to dedicate its all-important IT resources towards strategic, customer-oriented solutions? Let our team handle network management for you starting today!

How Can Managed Network Services Protect My Company from Malware Attacks?

The cybercriminal’s arsenal has grown drastically in the past decade. They have released more malicious programs than ever and continue to create new ones at an alarming rate.

According to AV-Test, there are an estimated 796 million malware variants present today, which is an increase of 274% from 2009. That means today’s hackers have 796 million different ways to target organizations globally.

For businesses and institutions around the world, the pressure is on. Taking the right protective measures is important to ensure you do not become a victim of the next big cyberattack.

Managed security service is one of the most effective ways to prevent both known and unknown cybersecurity threats. In order to understand how managed security solutions work, it’s important to establish an understanding of the different types of malicious programs out there.

What Is Malware and How Does It Work?

Malware is a combination of two words, malicious and software. The term refers to software created with the intention to harm devices, data, and users. Check out here for advanced email security platform, and more

Different types of malware work in different ways. Some may target individual devices while others target a whole network of devices. For the most part, the main goal is to either corrupt the device or data or gain access to it. Cybersecurity professionals use the term “malware” to describe all of the following types of unauthorized applications:

  • Trojans. Like the Trojan horse of myth, trojans use a disguise to deceive. They act like legitimate software and create backdoors into your network, creating security threats that can go undetected for years.
  • Viruses. A virus is an infection that attaches itself to files. They cause damage to these files by either corrupting or deleting them. Viruses typically appear as an executable file, which means unsuspecting users have to open them for them to start working.
  • Spyware. Computers infected with spyware allow hackers to spy and exfiltrate any data they want from the device – from surfing habits and passwords to credit card numbers. Skygofree is a recently discovered trojan/spyware variant that targets Android devices. It allows hackers to steal audio, photos, videos, WhatsApp messages, and any other data on the device’s hard drive.
  • Worms. Worms target the overall network. Once a device on a network is infected with worms, they make their way through the network infecting all devices. To do this, they must first compromise the network’s digital certificates, which leaves devices on the network vulnerable to other malicious attacks.
  • Botnets. Botnets are a complex network of computers that work like “zombies” under the control of a master user. They are typically used for spamming and tricking people into providing personal information for scammers to use.

The above list is not exhaustive and only includes the most common malicious software. According to experienced lawyers from Casper law firm helping to cope with DUI charges, hackers have become very innovative in how they conduct malware attacks, thanks to the flourishing profits that cybercrime pays.

Since malicious software is continually evolving, new strains feature zero-day vulnerability. A zero-day vulnerability is a threat no patch or security fix can repair – it’s brand-new.

For zero-day attacks, cybersecurity professionals must develop a patch after the attack has already occurred. This puts them on the defense, forcing them to spend valuable time and resources on damage control while trying to prevent new users from being infected.

How Managed Network Services Can Help Fight Malware Attacks

Detecting and fighting malware requires more than just installing an antivirus on your workstations. While that is part of the solution, making sure all aspects of the network and its devices are consistently protected from attacks is vital. Managed security services offer organizations a stronger contingency plan against any form of attack – zero-day or otherwise.

Hiring a team of experts and allowing them to take care of your company’s network security leaves little room for accidental error. Managed service providers lay down a proper foundation and infrastructure to fight off malware attack and offer reduced reaction times when attacks occur.

Our team at Smile provides a stable foundation for network security. Some attacks cannot be prevented, but they can be quarantined and controlled before causing serious damage. Activating layers of security and reducing the level of automatic trust that your systems and departments place in one another is a key strategy for mounting a powerful defense.

Active threat detection is an important part of any comprehensive plan for mitigating malware attacks. By constantly scanning network systems for known threats and suspicious behaviors, cybersecurity professionals can deal with them as soon as they appear. This ensures business continuity with minimal downtime.

Is your business ready to implement a top-shelf security solution to protect sensitive data from cyberattackers? Talk to our security experts to learn more.

4 Reasons Why You Should Lease a Copier Instead of Purchasing One

4 Reasons Why You Should Lease a Copier Instead of Purchasing One

Leasing an asset vs. purchasing an asset is often a difficult decision for a business to make. When you lease a device, you don’t actually own it. You’re just renting it for a specified length of time. Think of living in an apartment. It is the same concept, but it does have several advantages for a growing organization that buying or renting a new multifunction copier lacks.

Lease a Copier and Never Look Back

When you lease a multifunction copier, you are not stuck with a device that loses value over time. Your business will have more available credit and zero maintenance concerns. Your company can also upgrade your equipment easily with a leased copier.

Depreciating Assets and Liability

With depreciating assets, leasing is beneficial. Especially when Arizona Sedan and Limousine provide excellent limousine services in Chandler. While many individuals prefer to own their cars outright for various reasons, others like to lease because cars quickly lose value. Part of the reason is that a newer model gets released every year. Demand for older models then diminishes, decreasing their monetary value. Wear and tear also factors into depreciation.

Any device or product that gets updated or used over time is seen as a depreciating asset. For example, computers and cell phones share these qualities. Printers and copiers do as well.

Cash Flow and Credit

Purchasing a copier creates a large expense right away. Leasing a copier allows for small monthly payments to be made. A slight increase in monthly expenditures is usually preferable to a significant upfront and immediate cost.

In addition to not having to deplete a large amount of capital, a business will have more flexibility in terms of their credit line when leasing a copier. More available credit translates to the ability to increase operations.

On top of that, monthly payments for equipment needed to conduct your daily operations can be written off as a business expense. So, it’s possible that choosing to lease a copier could save you money even if the lease payments add up to more than the cost of the copier itself.

It also allows you to acquire a larger machine than you otherwise would be able to. A copier that costs twice as much as your current copier would require twice as much capital in a single month’s budget. Leasing that same copier will cost more per month, yes, but the impact of that increase on your budget will be tiny by comparison.

Zero Maintenance Concerns

Most lease agreements include a maintenance agreement. The cost is often included in your monthly payments. In the case of purchasing a copier for outright, copier maintenance is a key aspect of ownership that companies have to budget for. Leasing a multifunction device eliminates the need for budgeting for copier maintenance costs since most of the time it’s included within the lease payment.

 

Device Upgrades

There’s also an added benefit at the end of a lease agreement: the potential for upgrades. Lessees are often able to roll their lease payments into a new copier when all is said and done. This allows your company to upgrade without the added cost.

The acquired upgrade will allow your team to print faster or more efficiently while keeping your organization up-to-date with the latest tech without even having to purchase the newest machine. When leasing multiple machines, the lease payments can be staggered so that each of them are upgraded consistently. With a leased copier, not only have you relieved yourself of the liability associated with a depreciating asset, but you enable yourself to upgrade your equipment on a regular basis.

Ditch Your Current Machine and Lease a Copier Now

All aspects considered, most businesses will want to lease a copier more often than not. While there are some situations where a company needs to own its devices outright, the benefits of leasing a copier are too numerous to ignore.

No more being stuck with a depreciating asset and the liability that comes with it. Your cash flow and credit line will be greater with a leased copier. Your maintenance woes all but disappear. And upgrades become more readily attainable.

Leasing a copier allows greater freedom and relieves you of the liability associated with buying a copier outright. Lease a copier from Smile Business Products today.

 

 

 

Secure Hard Drive Destruction to Protect Your Privacy

Secure Hard Drive Destruction to Protect Your Privacy

When drafting cybersecurity policies, many IT professionals forget about an important and dangerous threat vector: old hard drives. Every computer workstation and multifunction printer an office employee uses has a hard drive that is likely to contain sensitive data. This can be company data that the employee saved to his or her desktop for ease of use, customer data kept in pre-cloud emails, or even the employee tax data.

While new business systems rely increasingly on the security benefits of cloud storage, older systems did not have this advantage, and had to keep sensitive data available locally. This makes hard drive replacement a unique cybersecurity concern. Simply erasing data is not sufficient to ensure that it never falls into the wrong hands. The actual means by which data is erased is very important.

Erase, Delete, or Wipe? The Physics of Secure Hard Drive Destruction

Secure hard drive destruction is a business necessity because of the way computers handle data. While Delete has entered the common lexicon to refer to throwing unneeded files away, Deleting data is distinct from Erasing, Shredding, and even Wiping data.

  • Deleting only tells the operating system that a particular file is no longer needed. The hard drive is free to write data over that file if and when it needs to. The data itself physically remains on the drive until it is overwritten.
  • Erasing tells the operating system to delete the file and then write a random collection of 1s and 0s over it, rendering it impossible to recover. Overwriting data is the important step to secure hard drive destruction.
  • Wiping is the process of erasing all data on the hard drive. Whereas you can erase a single file or a single application, you can only wipe an entire system, overwriting its data with a useless random information.

What About Formatting?

Most computer users have some experience with formatting hard drives. While formatting a hard drive seems to remove all of the data on it, it does not erase the data.

On early versions of Windows, formatting simply deletes an entire hard drive partition without overwriting the data it contains. As of Windows 7 onwards, normal formatting procedure involves overwriting the partition data with a one-pass write-zero overwrite. This process protects your data from most commercially available file recovery software applications.

Overwriting deleted data with random number sequences is even more effective. However, advanced hardware-based recovery methods can retrieve data after a one-pass write-zero overwrite – but these methods are expensive and difficult. Only a determined, highly capable cybercriminal specifically targeting your organization would take the time to perform a hardware recovery.

How to Protect the Data in End-of-Lease Equipment

Old desktop workstations represent a key risk when it comes to protecting company data, but more modern equipment must also be taken into consideration. For example, modern multifunction printers feature hard drives that store incoming data while preparing it for print.

Since a large number of organizations lease their print fleets, the data kept on the outgoing equipment’s hard drive can easily be accessed if it falls into the wrong hands.

For instance, Sharp office equipment features several cybersecurity features that speak to this need. Not only do Sharp multifunction printers immediately encrypt incoming documents, but they also offer automatic and manual memory clearance options. This prevents data from remaining in the system after completing print jobs.

However, the most important feature addressing the need for secure hard drive destruction in Sharp printing equipment is random number data overwrite functionality. The manufacturer’s print equipment can perform up to seven consecutive overwrites, providing unparalleled end-of-lease security to offices.

Sharp multifunction printers conduct hard disk overwrites alongside RAM overwrites for print, copy, and scan functions. For fax functionality, the devices conduct a flash ROM overwrite. This ensures that devices reaching the end of their lease cannot be abused by malicious parties.

In order to protect the sensitive data your organization is entrusted with, you must take a close look at every device your company leases and assess the risk it represents. Anything with a hard drive can potentially be misused after it leaves the office, so implement a secure hard drive destruction policy that keeps corporate, employee, and customer data safe.

Smile can help you implement a data destruction policy that ensures sensitive information does not get into the wrong hands. Find out more today.

 

 

 

How to Stop CryptoLocker Before It Stops You

How to Stop CryptoLocker Before It Stops You

What would you do if your computer workstations simply stopped working? The scenario usually runs like this: Productivity grinds to a halt. Management remains unable to communicate with employees, who are in turn unable to act without managerial guidance. Executives fly into full damage control and customers are left confused and disheartened.

All of this can lead to large damages. Small and medium-sized businesses lost an average of $117,000 to cyberattacks in 2017, and enterprises lost an astounding $1.3 million on average. One of the most virulent ransomware variants in the wild today is CryptoLocker. This particular strain of ransomware is also one of the oldest still in action today – it was originally discovered in 2013.

CryptoLocker established many of the tropes that have come to define the threat ransomware presents to businesses today. Unlike previous versions of ransomware, CryptoLocker aggressively targets businesses and encrypts critical data including their bitcoin blockchain by using professional Microsoft CryptoAPI encryption, which is effectively impossible to crack with today’s technology.

Because CryptoLocker and similar malicious programs can encrypt your data and render it completely unusable, prevention is key. The good news is that CryptoLocker prevention is not as difficult as it sounds. Adhering to good cybersecurity practices can help you mitigate the risk of falling victim to this attack.

CryptoLocker Prevention Means Using Email Securely

CryptoLocker, like many forms of ransomware, primarily infects computers through email. The preferred strategy cybercriminals use is phishing, wherein the attacker will impersonate a trusted contact through email and convince the victim to download and open a malicious attachment.

A trusted contact can mean anyone from a co-worker to a well-known corporation like FedEx or PayPal. The attacker can reasonably assume that most people have an account with PayPal and creates a forged email that looks like it comes from the company.

The email in question will usually require some kind of urgent action. It may ask the recipient to verify his or her account, or it may send an attached spreadsheet and request verification of fraudulent payments that were never made. Whatever the case, the ultimate goal is tricking the victim into downloading the malware. Once that happens, CryptoLocker begins isolating files and preparing them for encryption.

Be suspicious of any email that requires you to download an attachment or click on an embedded link. You should be suspicious even if that email appears to come from a trusted contact. It is extremely easy for cybercriminals to forge email identities. Whether coming from a trusted third-party or from an employee’s immediate supervisor, emails demanding urgent action cannot be trusted.

Put a Cybersecurity Policy in Place

Protecting your own workstation against ransomware is easy enough, but comprehensive CryptoLocker prevention becomes a great challenge when multiplied across an entire workplace. In order to guarantee your company’s safety, you need to implement a policy that addresses ransomware risks.

Since email is the most popular vector for ransomware attacks, email security should form the crux of your cybersecurity policy. Employees should know that supervisors and co-workers will not ask for urgent action through email – the phone is better suited for immediate action.

Furthermore, employees need guidance on how to deal with suspicious emails when they arrive. The cybersecurity policy must provide for verification of suspicious emails, or risk employees losing important messages.

But the best way to reinforce a cybersecurity policy is by implementing comprehensive disaster recovery backup tools. If your company has access to a cloud-based business continuity solution, you can simply leave encrypted files where they are and work off of your last backup.

However, implementing a disaster recovery solution requires planning for every contingency. For instance, your disaster recovery backup needs to be separate from your main systems. Otherwise, CryptoLocker may very well encrypt your backups!

Another key consideration is recovery time. If you had to reboot your entire business off of your backup data systems, how long would it take before you are up and running? In an ideal scenario, you should have systems in place that allow you to immediately begin working off of your backups, rather than waiting hours or days for them to transfer.

Cloud-based cybersecurity solutions can provide comprehensive CryptoLocker prevention, but only if properly configured and deployed. Consult a cybersecurity expert when planning your disaster recovery plan.

Are you ready to protect your business with industry-best cybersecurity? Our team is ready to help you implement robust security solutions.

 

 

 

Ransomware Prevention Tips: Stop the Threat

Ransomware Prevention Tips: Stop the Threat

On May 12th 2017, the biggest cyberattack in history took place. WannaCry infected tens of thousands of machines in a matter of hours and did untold damage, locking doctors out of patient databases in hospitals and holding vital data for ransom.

But this cyberattack – and many others like it – could have been avoided by the majority of its victims. In fact, there are several simple steps you can take to protect your data from the threat of ransomware.

In order illustrate how this is done, it’s important to define two types of ransomware and describe how it works and how these variants propagate from machine to machine.

Effective Ransomware Prevention Requires You Know Your Enemy

Ransomware operates by locking users out of their systems using encryption. The perpetrators then demand payment for the decryption key. It is a relatively simple plan for cyber extortion that nonetheless relies on some extraordinarily advanced technology. Two broad categories of ransomware exist:

  • Encryption Ransomware blocks access to individual system files by encrypting them. Examples include CryptoLocker and WannaCry.
  • Locker Ransomware blocks access to the entire computer by locking the victim out of the computer’s operating system. User files may not be encrypted in this case, but computer hardware often is. Examples include Satana and Petya.

Once the malicious applications trigger encryption and ask for a ransom, there is often no way to get your files back without paying. Modern encryption techniques are so advanced that the code is effectively unbreakable.

However, paying the ransom is not a good idea either – there is no guarantee that the cybercriminal will decrypt your files. Even if that happens, the attacker still has access to your system and can simply trigger the attack again the moment funds start running low. You will have already taught the attacker that you will pay.

The vast majority of ransomware bugs find their way onto victims’ computers through malicious emails. Email is the number one threat vector for ransomware worldwide.

People get so many emails from so many sources every day that it is easy for one bad email to slip through. Add in the fact that reports of email forgery are increasing, and it is easy to see the reason why cybercriminals prefer email for delivering ransomware to unsuspecting victims.

How to Defend Your Systems from Ransomware

Since email is one of the most important attack vectors for ransomware, one of the key steps to ransomware prevention is adopting secure email habits.

  • Forging an identity on email is surprisingly easy. Do not trust unexpected correspondence coming from authority figures through email. If you have to, call them and verify.
  • Be suspicious of any email that asks for urgent action. A typical ransomware delivery method involves impersonating a well-known business, like FedEx or PayPal, and convincing users to download malicious packages masquerading as receipts, invoices, or other paperwork.
  • Avoid clicking on embedded links in emails. A compromised link may not point to the URL it claims to. Type the address in your browser yourself or save it as a bookmark so you know where you are browsing.

Another important strategy for ransomware protection is having a backup data recovery and business continuity plan. Since many forms of ransomware encrypt local and network files, recovering a recent backup of your most important data can render the attack harmless.

However, you should be sure that your backups happen regularly and securely. One of the things that made WannaCry so effective was the fact that it would encrypt backups it found on the server. Your backup data has to adhere to the highest security protocols and be easy to recover.

What You Can Do to Protect Yourself Right Now

When it comes to WannaCry, tens of thousands of users could have protected their machines in one easy step, at zero cost. Simply keeping your Windows system updated to the latest patch would have prevented WannaCry from infecting the computer.

An entire two months before the WannaCry bug came out, Microsoft released a security patch that closed the security hole the malware used to propagate from machine to machine. Every user who kept Windows updated to the latest version was protected, and users who failed to download the security patch were punished for it.

WannaCry is unusual in that it did not use email as an attack vector. It used a file sharing protocol vulnerability that the NSA discovered and kept secret. When hackers leaked the NSA’s exploits, the institution alerted Microsoft, who quickly went to work developing the patch.

But not all Microsoft users keep their systems up to date. If you take just this small step, you can hugely improve your chances of escaping the next ransomware scare unscathed.

It’s time your business established a powerful defense against the threat of ransomware. Consult a Smile cybersecurity expert today.