What you need to know about Petya, the latest Cyberattack

Another hack has impacted the business world. Named, Petya, this attack exploited holes the WannaCry attack highlighted. Since WannaCry was defeated so quickly, many firms did not patch the vulnerability.

The Petya attack started in Kiev, the capital of Ukraine, when the ATMs stopped working. Workers at the old Chernobyl nuclear plant were forced to manually monitor radiation levels after their computers failed.1 Shipping giant Maersk had to shut down several systems once it realized it was affected. According to the company, “The breakdown affected all business units at Maersk, including container shipping, port and tug boat operations, oil and gas production, drilling services, and oil tankers.”2 Roughly 76 ports, including Los Angeles, were affected. The Port of New York & New Jersey released a tweet announcing its APM terminals were closed Tuesday afternoon. It is estimated that this attack compromised over 2,000 computers in a dozen countries including the UK, US, France, Germany, and Australia.

What lessons can we learn from this?

  • Never pay the ransom. You are dealing with criminals and cannot trust that they will give you the codes needed to unlock your data. Furthermore, it encourages them to continue hacking computers as they are compensated for it.
  • Backups are important. Instead of relying on a criminal to obtain your locked files, restore them from a backup.
  • Patches are key. The reason many of the machines became compromised is that they were missing important patches. Make sure you are regularly updating your machines to ensure loopholes are shut and your infrastructure is protected.

If you’re ready to protect your organization, it pays to work with a Managed IT Services/Managed Cloud Services company, like Bryley Systems, to ensure that you’re taking the right steps. Bryley will recommend solutions to eliminate weak links in your security chain, and help you develop an organization-wide policy to help prevent data loss.

Please contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We’re here to help.

 

1 Perlroth, Nicole, Mark Scott, & Sheera Frenkel. New York Times. “Cyberattack Hits Ukraine Then Spreads Internationally.” 27 June 2017.

  1. CNBC. “Cyberattack hits the world’s biggest shipping company.” 27 June 2017.

McGoogan, Cara. Yahoo Finance.Petya cyber attack: Everything to know about the global ransomware outbreak.” 27 June 2017.

Securing your Organization’s Computer System and Company Data

Cybercrime can have severe consequences for organizations that are victimized. “Cyber criminals want your company’s financial data, customer lists, credit card information, intellectual property, and anything else they can sell. Besides the immediate impact on your organizations’ ability to operate (for example, ransomware can shut you down), there are significant costs associated with a data breach.”1 These costs include:

  • Potential fines from regulatory agencies for failure to protect personal identification data (PI) or personal financial information (for example a credit card number). Some fines have been in million dollar multiples.
  • Loss of customers.
  • Loss of business reputation.
  • Inability to attract new customers or clients.
  • The cost of notifying all persons and businesses that had their data breached.
  • Costs of providing credit monitoring and identity theft protection for all involved.
  • The potential cost of defending a class action lawsuit against your company for failure to adequately protect sensitive information.

The following tips contain some best practices for keeping your organizations’ computer system, programs, and data, safe from prying eyes.

  • Make sure your firewall is on so that intruders cannot access your system from the internet.
  • Install security software and keep it updated.
  • Filter all email for computer viruses.
  • The more popular a program used by your business is, the more appealing it is a target for cyber criminals. Criminals know that many users do not regularly patch their programs against malware infections, so popular programs give them a wider pool for targeting. Make sure that your computer programs are updated as soon as a security patch is released.
  • Exercise caution when using free 3rd party software claiming they check for software updates. Free software may be bundled with malicious software.
  • Instruct employees that they should never open emails from unknown senders since they might be a source of infection to your company’s computer system. Attached malware might be anything from a virus to ransomware.
  • Tell your employees they should check with senders they know if an email has a suspicious attachment. A phone call to the sender can help avoid the consequences of a data breach.
  • Inform employees they should not open websites they are not familiar with and they should make sure the address bar is the site they want to visit. A random click could take them to a website that is just waiting to download malware onto your company computer system.
  • Buy your software from a reputable buyer and never use pirated software as it may be infected with malware.
  • Before using thumb drives and other portable media, scan them with security software to ensure they are virus.

Protecting your company’s data and infrastructure should be a top priority, but you do not need to do it alone.  The Bryley security team has the training and expertise to protect your company’s data and infrastructure. Please contact us at 844.449.8770 or by email at ITExperts@Bryley.com. We’re here for you.

Resources:
1 https://www.us-cert.gov/ncas/tips (US Computer Emergency Readiness Team)
https://www.consumer.ftc.gov/articles/0272-how-keep-your-personal-information-secure (Consumer Information / Federal Trade Commission
https://www.adp.com/who-we-are/data-security-and-privacy/safeguard-your-data/minimize-the-risk-of-computer-viruses-and-malware.aspx (ADP)
www.smallbusinesscomputing.com (Small Business Computing)
https://resource.elq.symantec.com (Symantec)
http://guides.wsj.com/small-business/technology/ (Wall Street Journal)

 

Defining “Virus” – In the World of Computers

There are viruses that can be implanted on a computer today, and lie dormant waiting until a network becomes completely vulnerable before attacking. Unfortunately, viruses have come a long way from 20 years ago. Today we refer to viruses as a specific kind of malware, one that can self-replicate and continue its destructive path indefinitely.

Viruses have gotten faster and more efficient. They can delete photos, files, and entire storage libraries. They’re developed to target Word, Outlook, Windows OS, Mac OS — nothing is safe. They can be designed to affect Facebook or Twitter users, or programmed to steal credit card information. Hackers are often out for destruction, chaos, or potentially for ransom. The more the average person understands them, the faster hackers create new tricks to get in. Viruses can come in the form of a pop up, an email from a coworker, or a completely undetectable program that waits until the time is right.

“How does a computer virus find me? Even if you’re careful you can pick up computer viruses through normal Web activities like:

  • Sharing music, files or photos with other users
  • Visiting an infected Web site
  • Opening spam email or an email attachment
  • Downloading free games, toolbars, media players and other system utilities
  • Installing mainstream software applications without fully reading license agreements

What does a computer virus do? Some computer viruses are programmed to harm your computer by damaging programs, deleting files, or reformatting the hard drive. Others simply replicate themselves or flood a network with traffic, making it impossible to perform any internet activity. Even less harmful computer viruses can significantly disrupt your system’s performance, sapping computer memory and causing frequent computer crashes.”1

What are the symptoms of a computer virus? If you recognize any of these malware symptoms in your machine, it may be infected:

  • Slow computer performance
  • Computer pop-ups
  • Suspicious hard drive activity
  • Running out of hard drive space
  • Frequent computer crashes
  • New browser home page, toolbars and/or unwanted websites
  • Unusual messages or programs that start up automatically
  • Your security solution is disabled 

How Antivirus Works. Most antivirus software works on a signature database, monitoring the internet 24 hours a day, 7 days a week. Every time a new virus is reported – it’s indexed, catalogued and added to the software’s database. Once your antivirus software is up-to-date it is equipped to tackle the new virus should it ever reach your device.”

Who needs antivirus software? 2”These days, everybody needs antivirus software. Computer viruses don’t just come from streaming or downloading movies. Many people think that they can avoid potential threats by making sure they don’t visit certain websites or download certain files. The truth is computer viruses can make their way on to your computer or any other device in a number of ways. You can pick up viruses and malware simply by checking your email, browsing the web, or from putting a USB memory stick into your laptop. Virus protection is a requisite of having your own personal computer.

With Managed Anti-MalwareTM (MAM) from Bryley Systems, your Windows-based computers and servers are protected against common virus, spyware, and other malware threats. To inquire about Bryley’s full array of Managed IT Services, please contact us by phone at 844.449.8770 or by email at ITExperts@Bryley.com. We’re here for you.

Resources:
1 https://webroot.com
2 http://www.top10antivirussoftware.com

 

 

What we can learn from the GOP Data leak

It was recently discovered that a third part analytics firm, Deep Root, had left the GOP’s voting database open to the public.  As reported by UpGuard, a security firm, “The data repository, an Amazon Web Services S3 bucket, lacked any protection against access. As such, anyone with an internet connection could have accessed the Republican data operation used to power Donald Trump’s presidential victory, simply by navigating to a six-character Amazon subdomain: “dra-dw.”1 The database contained roughly 25 Terabytes of data about more than half of the US population’s information including personal identifying information such as birth dates, home addresses, and phone numbers as well as other demographic information like ethnicity and religion.

This leak is a wake-up call for companies to ensure that their data is protected.  There are several steps an organization can take to ensure their data is protected:

  • Password Protect your data. The main problem with the GOP’s database was that it was left unprotected.  Make sure you have a strong password and that it is changed regularly.
  • Institute two-factor authentication. This adds a layer of security as it is used confirm a user’s claimed identity by utilizing a combination of two different components, generally something you know with something you have (in this case the password with a code sent to your email or phone).
  • Have a regular review of your infrastructure. It can often be difficult to do on your own as you may not have all the knowledge and expertise or the bandwidth to conduct a proper evaluation. Do not be afraid to ask an MSP, such as Bryley, to conduct a network assessment and evaluate your infrastructure. They have expertise and breadth of knowledge that will prove valuable and can highlight what you are doing well and areas where you can improve.

If you would like to improve your cybersecurity plan, or to inquire about Bryley’s full array of our Managed Cloud Services and Managed IT Services, please contact us at 844.449.8770 or by email at ITExperts@Bryley.com. We’re here for you.

 

1 Hatmaker, Taylor. Techcrunch.Exposed GOP database demonstrates the risks of data-hungry political campaigns.” 19 June 2017.

O’Sullivan, Dan. UpGuard.The RNC Files: Inside the Largest US Voter Data Leak.” 19 June 2017.

Bryley Named #14 By Worcester Business Journal

We are excited to announce that Bryley Systems was recently named 14th for IT Service Providers by the Worcester Business Journal. It is a testament to our commitment to our clients and putting their interests first.

Each year, the Worcester Business Journal (WBJ) compiles and publishes a list of IT Service Providers throughout Central Massachusetts. The list, published on June 12, 2017, ranked Bryley Systems among the top 15 organizations surveyed. Rankings are determined based on survey results, federal filings and Web sites.

Bryley has consistently ranked well on the WBJ list for the last 3 years.

If you are looking for a business partner to help you navigate the ever-changing technology and cybersecurity landscape, we’re here for you. For more information about Bryley’s full array of Managed IT Services, Managed Cloud Services, and Cybersecurity Services please contact us at 978.562.6077 or by email at ITExperts@Bryley.com.

 

Fireball – A New Malware Threat

A new malware has cropped up on the heels of “WannaCry”.  It is called “Fireball” and has been detected in more than 250 million computers and 20% of corporate networks across the globe.  According to security firm, Check Point, this malware originated in China, and is believed to be “possible the largest infection operation in history.”1

What makes Fireball unique from other malware is that it is used primarily to “manipulate web traffic to generate revenue from online advertisements, transforming browsers into ‘zombies’.”2 generate fake clicks and traffic for the creator, Rafotech, a Beijing advertising firm.  Check Point further warns that Fireball “serves as a ‘prominent distributor’ of more malware,”2 meaning it can cause further viruses to gain access your data and cause more harm.

How can you tell if your computer is infected? “Check by opening your web browser. Is your homepage set to the same website? Are you able to modify it? Is your default search engine the same? Check your browser’s extensions. Do they look familiar? If you answered no to any of these questions, your PC may be compromised.”2

How can you protect yourself and your organization from these threats?

  • Install anti-malware software and ensure it is up-to-date.
  • Conduct regular scans of your environment.
  • Perform updates and patches as they are approved.
  • Enhance your firewall to detect malware before it enters your environment.

These are but a few of the “Best Practices” that can be employed to safeguard your data and business. If you’re ready to protect your organization, it pays to work with a Managed IT Services/Managed Cloud Services company, like Bryley Systems, to ensure that you’re taking the right steps. Bryley will recommend solutions to eliminate weak links in your security chain, and help you develop an organization-wide policy to help prevent data loss.

Please contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We’re here to help.

 

1 Morris, David Z.  Fortune.Chinese ‘Fireball’ Malware infects 250 Million Computers.” June 2017.

2 Channel 5 News. ”Your computer may be infected with ‘zombie’ malware that hijacks browsers.” June 2017.

What you need to know about the OneLogin Breach

OneLogin, a single sign-on service that allows users to access multiple sites and applications using just one password confirmed on June 1st that its systems had been breached and login information had been exposed. According to the firm, this breach affects “all customers served by our US data centre” and the hackers had “the ability to decrypt encrypted data”1. This is the second time within the past year that the firm had its security breached.1

So, how can you protect your data from a breach? One way is to have two-factor authentication, which is a method used to confirm a user’s claimed identity by utilizing a combination of two different components, generally something you know with something you have. For example, when you withdraw money from an ATM, only the correct combination of a PIN (something you know) with the bank card (something you have), will grant the transaction to take place.

One of the safest ways to ensure your data is protected is to encrypt it before placing it in the Cloud or with a single sign-on provider, such as OneLogin. Provided your encryption key has not been generated from a simple password, your data will be protected from any breach to your provider, as the provider does not have the password to gain access to your information.

It is vital that one stays vigilant when it comes to protecting your passwords and data. Even the most difficult password can be deciphered if given enough time. Therefore, it is important to regularly change your passwords and ensure they are strong. We have more information on the Do’s and Don’ts of Password management on our blog.

For more information on password and security, connect with Bryley’s cybersecurity experts by calling us at 844.449.8770 or emailing us at ITExperts@Bryley.com.

 

1 Fiveash, Kelly. Ars Technica. “OneLogin suffers breach – customer data said to be exposed, decrypted.” June 2017.

BBC News. “Password manager OneLogin hit by data breach.” June 2017

 

WRCC Ambassadors on the Move — Tower Hill Botanic Garden

The WRCC Ambassadors visited Tower Hill Botanic Garden in Boylston, MA on May 3rd. Gavin Livingstone, President of Bryley Systems, is the Chairman of the WRCC Ambassadors.  He is pictured in the front row, 3rd from the right.

Joann Vieria, Director of Horticulture, was our host. She provided some information:

  • Tower Hill is located on 132 beautiful acres with two, large (4000sq’) greenhouses, an education center, outdoor gardens with fountains, walking trails, and views of Mount Wachusett and the Wachusett Reservoir.
  • Core values include:
    • Learning
    • Stewardship
    • Sustainability
  • It was founded in 1986 by the Worcester County Horticultural Society, which originated in downtown Worcester in 1842.
  • Tower Hill hosts indoor and outdoor events and programs year-round, from weddings to flower shows to Tai Chi to gardening classes.
  • It has several, pet-friendly times, permitting leashed-pets and their owner access to walking trails during specified, non-peak hours.
  • Tower Hill is volunteer-oriented; volunteers maintain the grounds, man the receptions areas, and present educational programs with only seven, permanent, grounds-based staff.
  • Affordable memberships start at $25/year (Student) and include access to facilities and most events.