If you have the most recent addition to Samsung’s growing collection of smartphones, we hope you haven’t grown too attached to it. The company is recalling the Galaxy Note 7 on reports that the batteries explode. This event is largely considered one of the more high-profile recalls in the history of consumer technology.
Not since the British burned the Library of Congress to the ground in the War of 1812 has there been a more devastating attack on the famous library. Only this time, the recent attack was of the digital variety and King George III had nothing to do with it.
The attack was launched on July 17th by a hacking group calling themselves the Turk Hack Team. The group used a DDoS attack to shut down the Library of Congress website and hosted systems, including Congress.gov, the Copyright Office, Congressional Research Service, and other sites.
What makes this attack so sobering is that it could have been prevented if the Library's IT systems were properly managed and updated. This revelation caused a shakeup of the Library’s leadership, along with a call from government officials for an overhaul of the Library’s outdated IT systems. Until these updates are completed, those who rely on the Library of Congress to gather crucial information may find themselves stuck with an inefficient system.
Looking all the way back to 2002, the Library of Congress has a reputation for the chronic mismanagement of its IT systems, which includes the mishandling of contractors and the miscalculation of IT budgets. Much of the blame lies with the library's leadership, a head librarian of 28 years who showed patterns of resisting the latest IT solutions. The librarian’s anti-technology attitude was even seen on a personal level as they refused to use email.
This mismanagement of the library's IT is no secret around Washington DC. In a 2015 report, the Government Accountability Office (GAO) criticized the library’s infrastructure and demanded that they hire permanent employees to oversee their IT systems, which comes with a budget of $120 million. To give you a window into the library's mismanagement, consider the fact that, in the library’s report filed to the GAO, they claimed to have had less than 6,500 computers in their possession, yet the GAO found the actual number to be closer to 18,000.
In another telling example of the Library’s technology woes, it was found that another government department overseen by the Library of Congress, the Copyright Office, still has many of its important records card-catalogued. While the library’s paper-based card catalogue may be safe from foreign hackers, it’s certainly an inefficient way to run a major institution.
Businesses that don’t prioritize in updating and maintaining their IT infrastructure can learn a lot from this major data breach. Hackers are first and foremost looking for organizations with outdated IT systems. Companies that fit this bill are considered easy targets, or “low-hanging fruit.” Alternatively, businesses that implement current IT solutions, update their systems, and make network security a priority will be passed over by hackers like yesterday’s jam. To get this kind of protection and oversight for your business, call The Connection, Inc today at (732) 291-5938.
On Wednesday, several users found themselves the victim of a convincing phishing attack. The attack was designed to look like an invitation to view and edit a Google Doc, and is designed to steal your Google credentials and spread through your contacts.
Not only does the email look convincing, it’s also often coming from a contact you already know. Even worse, the link takes you to a Google.com URL with a legitimate-looking login screen. However, once you log in with your Google credentials, whoever is behind the attack will have full access to your account.
Once it has them, it sends the same email to your contact list in an attempt to propagate itself. This attack is well-crafted, to the point where the easiest way to catch it before getting snared is to click the small link on the page that Google hosts to check the developer’s information. Since the attack utilizes legitimate Google account functions, however, who would think to check?
Whenever you get an unsolicited email with links or attachments, it’s critical to think before you click!
Fortunately, Google was able to apparently put the kibosh on this attack within an hour of taking action, but there’s still no indication of who was responsible for this attack or if/when they will strike again. Therefore, it is important to understand how to avoid falling victim to emails like this in general.
First, if there’s ever any doubt of an email’s validity, check out some of the indicators that tend to go overlooked. This attack in particular had some oddities--for example, the email was addressed to “.” Secondly, if an email is unexpected, it never hurts to confirm its validity with the sender through an alternate method of communication.
To protect your business, you need to be sure that your staff understands that threats like this could be a major problem. In the meantime, be sure to keep your eyes out for more email-based phishing scams and other threats. If you do come across questionable messages, don’t hesitate to report it immediately, so that everyone on your team becomes cognizant of the threat.
For more information about phishing scams, social engineering tactics, and other attempts to infiltrate your network, contact the IT professionals at The Connection, Inc at (732) 291-5938 today.
Run your Windows Updates and be very skeptical about opening unsolicited emails. Failure to do so may result in a very dangerous strain of ransomware that could infect your entire network and spread to your clients, partners, and prospects.
Microsoft has even released patches for some older, unsupported versions of Windows to combat the threat that infected PCs all over the world over the weekend.
What’s Going On?
A ransomware worm variant dubbed ‘WannaCry’ struck critical systems all around the world. While the attack has been addressed by Microsoft and halted for the time being, the threat is far from over, especially for users who don’t keep their computers updated.
Discovered early in the morning hours of Friday, May 12, WannaCry spread at a startling rate, reaching victims in 11 countries within its first few hours, and over 45,000 attacks (spread through 99 countries) after a few more hours. By Monday, over 150 countries had been hit by this global cyberattack.
There’s No Specific Target
The victims included many companies that provide utilities, like telecommunications, electrical, and gas companies. Even more frightening, WannaCry caused serious trouble in England’s healthcare systems, leading to massive numbers of non-critical patients being sent home or turned away at hospital doors. Russia found that thousands of its interior ministry computers had been infected. In the United States, the ransomware managed to infect FedEx’s systems, and these are just the big highlights. Businesses everywhere went dark as a result of this attack.
However, WannaCry did not target businesses of any specific industry. This particular ransomware worm is a threat to essentially any PC, old and new.
WannaCry was first discovered by security company Malwarebytes, whose director of malware intelligence, Adam Kujawa, had a few choice words to describe the malware, “The spread is immense. I’ve never seen anything before like this. This is nuts.” This opinion was repeated by many others in the industry.
How Do I Prevent WannaCry?
WannaCry relies on a security vulnerability in Windows. Microsoft deployed a security patch on March 14, so it is critical that users run the update, especially before putting themselves at risk and opening unsolicited emails. Computers that are patched face a significantly smaller risk of getting the ransomware. Key words here; significantly smaller, as in not totally in the clear.
To run your Windows Updates in Windows 10, open up your Start Menu and type “updates” in the search box and choose Check for Updates - system settings from the results. A window titled Windows Update should appear. From there, click the Check for updates button. If it says your device is up to date, you have the latest update. If not, you’ll need to allow your PC to install them.
Evaluating your computer and network security would be a good step in the right direction, as well as educating employees on some basic best practices like not downloading and opening unsolicited attachments.
It’s also critical that your files are backed up securely. If ransomware infects your network, it makes your files inaccessible unless you pay the ransom which only feeds into the problem. Utilizing an offsite backup solution that can easily be restored is the only way to go.
I’m Updated, am I Still at Risk?
There is also the risk that WannaCry is still waiting on some systems that have not been used since the attack began, so this initial attack is still far from over. Any PC on your network that gets infected could infect the rest. Plus, even with the patch, a user could still accidentally download an infected file. It’s also possible that those behind WannaCry will devise a workaround to the patch. Therefore, you should always be mindful as you review your incoming email and do your best to protect your network with managed IT security solutions and backing up your files.
Events like these are why we always encourage timely updates to your systems. WannaCry depended on a vulnerability in Windows, and will continue to infect outdated, unpatched PCs to be effective, and so your first defense against it is to make sure yours has the most recent security patches from Microsoft.
As Microsoft's president and chief legal officer Brad Smith said, “The governments of the world should treat this attack as a wake-up call.”
What If I’ve Been Infected By WannaCry?
Contact us at (732) 291-5938 immediately. Under no circumstance should you attempt to pay the ransom.
If you haven’t been targeted, count your blessings. That said, it’s time to start thinking about having your IT managed and maintained to prevent issues like this. Contact The Connection, Inc at (732) 291-5938 and ask how we can help prevent business-crippling issues and security threats like WannaCry.
A new malware swept across the globe Tuesday, incorporating facets of many ransomwares that have made headlines recently. While it originally appeared to be a variant of the Petya ransomware, it has been determined that it shares more in common with WannaCry. However, “NotPetya,” as it has been named, has a few additional features that experts say make it worse than either of its predecessors.
Why NotPetya Isn’t Really a Ransomware
The first clue that researchers had that NotPetya had a different motivation was the fact that the ransom only demanded the Bitcoin equivalent of $300. Secondly, the only means of getting the decryption key was to send an email to an address hosted by German email provider Posteo. Despite the lack of preparation the payment method appeared to have, NotPetya itself was clearly designed to be able to infiltrate as many networks as possible and do maximum damage once inside.
A Hybrid Hacking Attack
Since the attack commenced, researchers have ascertained that despite its initial similarities with Petya, NotPetya shares many traits with other malicious programs. Like WannaCry, the attack that affected much of Europe, NotPetya leverages EternalBlue. EternalBlue is a National Security Agency hacking tool that targets unpatched systems and steals the passwords that allow administrator access. In addition to EternalBlue, NotPetya also utilizes EternalRomance, another code that was stolen from the NSA.
Once NotPetya has infected one computer, it extracts passwords from its memory or the local filesystem to allow itself to spread--including onto updated and patched Windows 10 systems.
How To Protect Your Files
First off, don’t expect that you can retrieve your files just by paying the ransom. Even if those responsible for NotPetya intended to keep their word and return them once paid, Posteo has shut down the provided email account victims were to receive their keys from. As a result, unless a victim was already following certain best practices, their files are as of yet unrecoverable.
However, this does not mean that everyone is vulnerable to this attack. Before the EternalBlue and EternalRomance exploits were distributed on the dark web, Microsoft had already released patches for the vulnerabilities. However, if these patches were not applied, a user’s systems were (and are) still vulnerable.
The best method to avoid infection from this kind of attack is to ensure your users understand the importance of cyber security efforts, and that all of your business’ systems are reinforced against the latest threats by keeping your defenses up-to-date.
Furthermore, even an infected user is not without hope if they have been backing up their files. If they have done so, all they have to do is disconnect their computer from the Internet, reformat their hard drive and restore their data from their backup solution. However, for this to work, you have to also be sure that your backups are up-to-date, and that your backup is stored in an isolated location, separate from your network.
The Connection, Inc has the experience and expertise to help prevent you from becoming a victim of a malware like this, whether we help you manage your backups or help educate your users to avoid attacks like these in the first place. Give us a call at (732) 291-5938 today.
Twitter is recommending that all 336 million users change their passwords as soon as possible due to the discovery of an internal security flaw. While the issue has been fixed and no data breach seems to have taken place, Twitter is clearly taking this situation seriously.
On Thursday, May 3, it came to light that there was an internal log upon which an undisclosed number of account passwords were recorded without any protection. As a result, this unknown amount of passwords can no longer be considered secure, even though there is no apparent evidence that any data breach has occurred.
Twitter uses a process called hashing to protect their passwords, as many companies do. However, a bug created a log of passwords before they were hashed, leaving them fully legible. This bug has since been resolved.
In response to this situation, Twitter is being proactive and recommending that all of its users change their passwords, just in case. To do so, log in to your account in your browser, access Settings and privacy, and from there, Password. It is also a good idea to enable two-factor authentication by accessing Settings and privacy, clicking into Account. Once there, click on the “Set up login verification” button and follow the instructions. You will find yourself on a Login verification screen, where you can activate the means to generate another authentication code.
While disaster seems to be averted this time, you should not hesitate to change your password as soon as possible, and makes sure that all of your online accounts have strong passwords in place. For more information about keeping your identity safe online, call the IT professionals at The Connection, Inc at (732) 291-5938.
July 14th is an important date in the business technology world. Why? Because it’s a major landmark for users of Windows Server 2003. In just a few short months, Microsoft will no longer support this decade-old server operating system. Therefore, you must take steps to upgrade away from this server OS before it’s too late.
The latest threats can put a damper on your business plan and put your company at risk. Therefore, it's only natural to protect yourself from them. This new threat in particular, Cryptowall 2.0, has the potential to do plenty of heavy-duty damage to your business's network, if given the opportunity.
A new malicious threat in the technical marketplace has just been discovered. The bug, dubbed the Bash bug, or "shellshock," is on the loose for users of Unix-based operating systems, like Linux or Mac OS X. It allows the execution of arbitrary code on affected systems, and could potentially be very dangerous for your business. In fact, CNet is calling it "bigger than Heartbleed."
Mobile? Grab this Article
