Identifying Tactics Used to Disseminate Ransomware

The report in question comes from security researchers at Coveware. This report analyzed ransomware attacks throughout the second quarter of 2021 and found that phishing attacks and remote desktop protocol (RDP) attacks were the most common methods of infecting systems with ransomware. It should be noted that these were for the initial methods used by hackers to gain access to systems prior to installing ransomware on the infiltrated networks. These methods are particularly noteworthy as they are low-cost, high-reward ways for hackers to attempt infiltration of networks. Phishing attacks can be leveraged against countless targets all at once, and remote desktop protocol attacks can be used to brute force accounts using guessed or stolen passwords. While these attacks can be protected against easily enough, it only takes one instance of such an attack being successful to create troubles for targeted organizations. For your reference, here are the three top threats that give other threats a foothold on your network, as reported by the Coveware report: Phishing: 42% RDP Attacks: 42% Software Vulnerabilities: 14% Also of note are the types of ransomware that are being spread by hackers. The one that made headlines not too long ago with attacks against Kaseya, REvil, was the top ransomware on the list, followed by Conti, a ransomware used against the Irish healthcare system. You cannot take risks with ransomware and any other security threats to your business, no matter how small or seemingly insignificant they are. You should utilize any methods possible to optimize your defenses in any way you can. You must make sure that your applications are as up-to-date as possible at all times, your network is secured with comprehensive security solutions, and you have multi-factor authentication enabled to keep compromised passwords or other account credentials from being used as a backdoor to your network. White Mountain IT Services can help your business ensure that it has done all that it can to protect your infrastructure. Even if you don?t know where to start, our trusted and knowledgeable professionals will work with your company to keep it safe from security threats of all kinds. We?re not talking about ransomware exclusively?we mean all threats, including viruses, malware, spyware, trojan backdoors, and so much more. To start taking your network security seriously, reach out to us at (603) 889-0800.

Are Virtual Machines the Next Step for Your Business?

What is a Virtual Machine? You can think of a virtual machine as a virtual environment that simulates a hardware-based machine using software. It allows you to emulate the computing system, complete with virtual hardware that keeps the machine running. A virtual machine can run in a window on your computer?s operating system, typically a web browser, giving the user the choice of where and how to run a specific instance of an application. For example, let?s say you want to download a new program. You can install it on either your computer or on a virtual machine. The computer running the virtual machine is referred to as the host, whereas the virtual machine is called the guest. The device?s ?hardware? is stored on the host computer?s hard drive; generally speaking, the guest?s virtual hardware will not be as powerful as the host, but it should be fine for certain tasks that would require obsolete or unsecured hardware. To simplify this even further, a virtual machine is basically a computer within a computer, and it grants users a certain level of creativity and flexibility that might not otherwise be possible with an ordinary machine. What Can They Do? There are many ways to use a virtual machine. The previously mentioned example included using a virtual machine to host a legacy application that might not be compatible with your operating system; this might be one of the more common ways to use virtual machines, but it is far from the only way to use one. Some businesses use virtual machines to try out new operating systems or test the deployment of various software or configurations. This gives businesses confidence that they can use their new solutions in the best way possible. On a similar note, some applications work better on certain platforms, so having the ability to switch between them as needed gives organizations the opportunity to switch their approach as needed as well. One especially helpful use for virtual machines is that they can give businesses a safe environment to test new applications outside of their current operating system. This helps because the virtual machine?s operating system is separate from the host machine, meaning that it does not allow for any software or data on the virtual machine to influence the host. Get Started Today! If you want to get started with virtual machines but don?t want to be bothered by the nitty-gritty, White Mountain IT Services can help. To learn more about how we can help you implement and take advantage of virtual machines, reach out to us at (603) 889-0800.

Don?t Make Security Harder for Your Business

Jumping on the Bandwagon Just because someone else is using the latest and greatest security solution out there does not mean that your business should. In fact, we would say that not all of these tools deserve the same blind trust that you would like to have in them. If a solution is universally praised in the business world as being a paragon of security, it makes sense that you would assume it as such, but we urge you to adopt a different mindset. You should always be critical of security solutions and try to identify any inherent problems with them before investing in one. Besides, even if there are no inherent flaws in the solution itself, you want to ensure that it is the correct solution for your business before jumping on the bandwagon, so to speak. Confirmation Bias It is also tempting to push away any information that does not already support the outcome you are looking for. You might believe that you are the exception to the rule. For example, let?s say that your business goes one year without a single security incident. This might make you think that your current security standards are enough to continue protecting your organization. This is the worst mistake you can make; threats are always evolving, and what works right now might not work months down the road. Don?t assume that you are not a target. Assume the worst and you can never be surprised when something does go wrong. Relying Too Much on Business Jargon Communication is an important part of any business, and this is especially true in terms of threat management and network security. That said, there might be some pressure to use specific language where security is concerned. It might be good to know this language when you are discussing security with IT professionals, it might sound great, but these terms don?t mean much to your average user.  Security must be described in layman?s terms if you want it to be used effectively by your staff. White Mountain IT Services can help your business move past the challenges presented by network security and not only uncover security biases but also educate users on the importance of security. To learn more, reach out to us at (603) 889-0800.

The Importance of Proper Disposal of Connected Devices

Let?s go over some reasons why it is beneficial to work with trusted technology professionals when disposing of your old connected devices. It?s Good for the Environment Before you throw away an old device, consider what happens to it after it leaves your office. Chances are it will just get shipped to a landfill somewhere in an off-shores country where it will sit for who knows how long. This is unfortunate, as devices are manufactured with parts that contain precious metals and other hazardous or harmful materials that can seep into the ground and contaminate it. Furthermore, doesn?t it just seem like a waste to you? All of these devices?some of which might still be functional?just getting tossed into the trash? There has to be a better way to dispose of devices. To keep the environment cleaner and safer, it helps to work with a managed service provider to ensure that your device will not wind up in a landfill. Depending on the age and condition of the device, it might also be repurposed or donated to others in need. Just make sure that the device is properly wiped before being disposed of. Speaking of which… Data Privacy is Critical While recycling or repurposing your old devices rather than throwing them away is great for the environment, the primary reason why your business must be cognizant of device disposal is the security ramifications of not doing so. If you improperly dispose of devices, there could still be sensitive data on the device that could lead to a data breach somewhere down the road. This might seem like a rather innocent thing and a wild possibility, but we assure you that even if your device isn?t discovered by a hacker, this could have very real consequences. For example, Morgan Stanley was fined an exorbitant $60 million in 2020 for failing to wipe its devices of personal data prior to disposal. Deleting files on your devices is not enough. Due to the way that files are stored on devices, you want to work with a professional to ensure that no traces of data remain on your end-of-life devices before you dispose of them. Understand Your Technology?s End of Life Timeline In today?s era of upgrades, replacing devices often happens prematurely. The next big thing comes out and everyone jumps on the bandwagon, eager to take advantage of the next new solution. This leads to implementing new technology for absolutely no reason, meaning that perfectly fine devices get thrown away or disposed of simply due to the urge to get something shiny and new. On the other side of this impulse are businesses that might try to cut costs by using technology until it absolutely has to be replaced, oftentimes right up until the device?s operating system or installed applications? end-of-life date. This is a dangerous practice in and of itself, as hackers are always looking for the next window into your organization?s defenses. Yet, you will eventually have to replace these devices, so how can you go about this process in a safe and secure way? We recommend working with White Mountain IT Services to properly dispose of your retired connected devices. Our technicians can ensure that not only are your devices wiped of any and all important data, but also that the device follows […]

Hybrid Work is the Future? But There Are Some Challenges to Overcome

Let?s discuss some of these hurdles, and how they can be overcome. Not Everything We Use is Compatible With Hybrid Work As of right now, many businesses still rely on tools that?while perfectly workable in-house?aren?t particularly well-suited for remote work. As a result, hybrid work isn?t really a workable option for these businesses. Moving forward, these businesses will need to shift their focus to tools that are consistently reliable in either work environment. This means that cloud solutions, digital communications, and mobile solutions will need to be embraced more than they are even now. On top of this, security will need to be refocused on remote workers to ensure they are fully secured wherever they are. Hybrid is Currently Viewed As a Half-Measure to Keep Employees Local Many employers have used hybrid work as a kind of leash to ensure that their employees remain local. After all, they need to be close enough to commute to the office when their in-house time comes. This effectively serves as the business version of testing the waters of fully remote work, leaving the employer free to pull their toe out and keeping everyone in house if they begin to feel too uncomfortable. While these practices are understandable, they aren?t going to help a business remain competitive in the hiring market as other businesses currently offer hybrid and fully remote positions. Labor Laws Focus on the Employee?s Location, Not the Employer?s As the labor laws currently stand, they are based on the location of the employee, not the company they work for. This simply is no longer applicable to many employees, who may have to travel for work purposes, live in temporary housing, or otherwise break the convention. Some people who work completely remotely have no permanent address, acting as so-called digital nomads? many of whom are full-time employees. These new methods of work have resulted in calls to shift how labor laws are written to reflect on the employer?s location. Culture and Management is Lacking for Hybrid Workers Let?s face it? a lot of businesses just don?t know how to manage workers that are only in-house some of the time. Job performance needs to be evaluated differently, meetings need to adjust, never mind how these employees should be hired, organized into teams, and promoted. Policies need to be developed that standardize these processes before hybrid work can really take off. White Mountain IT Services is here to help, at least in terms of equipping employees for their needs and supporting their technology. To learn more about how managed services can improve any work approach, give us a call at (603) 889-0800 today.