Ransomware is Still a Major Threat

What is Ransomware? Simply put, ransomware is malware that holds either files or entire drives ransom, until the perpetrator of the attack is paid via cryptocurrency. If the scammer isn?t paid in the time outlined, the data/drives are deleted, and if not properly backed up, lost forever. You can see how this can be a major problem for any business unfortunate enough to be victimized by ransomware.  Ransomware has been around for quite a while, but over the past few years, with the availability of an alternate source of payment (cryptocurrency), ransomware attacks have been commonplace. As media attention surrounding these attacks has grown, businesses have started being more vigilant. How Businesses Ward Off Ransomware It?s not just the one thing that can keep ransomware from being a problem for your business, but there are a few actions that need to be taken to help avoid exposure to these nefarious strains of code. Let?s take a look at a few now: Have a strategy for emails – Most ransomware attacks are sent through phishing emails. Make sure that you–and your staff–understands the best practices of dealing with emails and how to spot fraudulent messages.  Have a backup strategy – Ransomware is a fabulous example of why organizations need to have offsite data backup in place. If your systems are hit by ransomware, having offsite backup in place will allow you to rest assured that your data remains unencrypted and available for use.  Patch your security tools – One major problem with many organizations? cybersecurity platforms is that the tools they rely on for network and data security aren?t always updated regularly. Keeping your antivirus and firewalls updated is a good practice regardless of the presence of ransomware.  Never pay – There have been high-profile ransomware attacks where the victims pay the ransom. There is no guarantee that these scammers will unencrypt the files/drives or won?t leave other malware behind after they successfully extort you.  White Mountain IT Services is the trusted name in New Hampshire when it comes to helping businesses utilize IT the right way. Our expert technicians can help you outfit your IT infrastructure with the tools you need to keep your network up, running, and free from downtime-causing malware. Call us today at (603) 889-0800 to learn more. 

How Cybercriminals Are Keeping Themselves Entertained

What is Credential Stuffing? Credential stuffing is an aptly named method for an attacker to gain access to an account. It?s also the reason why we always recommend that you use a different username and password for each account. Let?s say that Website A, a popular social media platform, suffered a data breach, and some of its info was leaked, with usernames and passwords included in the mix. This means that John Q. Hacker can take this list, go to other sites, and start trying them out. If a user was reusing their credentials, our hacker has a match and now has access to their account and information, whatever it may be. So, by essentially running through a spreadsheet, an attacker can gain access to far more accounts than they should. The Current Problem In their most recent report, Akamai (a platform-based service provider) had reviewed data collected throughout 2018 and 2019 to deliver insights to the media industry. As they explain in their included letter from the editor, the rise of the COVID-19 pandemic quickly caused them to reconsider. Thanks to this reconsideration, the report also shows trends as influenced by the pandemic. As you might imagine, these trends are quite telling. Credential stuffing exploded as the coronavirus tightened its hold. In fact, reviewing the documents that Akamai produced shows that their graphs needed to be dramatically increased in scale, tens of millions transitioning to hundreds of millions as numbers increased fourfold. As Europe locked down, a video media service was hit on March 26 by over 364 million malicious login attempts, with over 6 billion attempts taking place in that month alone. The economics of these stolen credentials also share some insights. In the beginning of Q1 2020, researchers took note that video media accounts were priced at about $1 to $5, with bundled services coming in at $10 to $45 each. However, these prices plummeted by the end of Q1 with all the new credentials that were made available. Why This Matters As we have already stated, these kinds of attacks are exactly why it is recommended that access credentials aren?t recycled. ?Why would anyone hack into my stuff?? We?ve all had this rationalization sound off in our heads as we?re asked to provide a password for a new account. We wonder if it really matters how secure our password is, after all, we?re not anyone of interest, so is all that security really worth the effort? Besides, it?s easier to just remember the one. As a result, a sizable number of people have the same usernames and passwords on multiple platforms. This is where the problem lies. Sure, some person accessing your Netflix account is one thing, but someone accessing your bank, or your tax returns, or your work email (sending us down another rabbit hole) is quite another. So, where do we go from here? Well, first thing, you need to go over your own accounts and make sure that all of them are properly secured. At White Mountain IT Services, we tend to recommend that your passwords include the following, to help boost their security: Lots of characters A diverse mix of letters, numbers, and symbols No personally identifiable details (like your pet?s name, hobbies, etc.) Alternatively, you could consider a passphrase. A passphrase (like ?flankingcollisioncurtlytabletbovine?) takes […]

Managed Services Can Help Stabilize Costs

The concept of the managed IT services provider has only been around for over a decade. Many businesses that have pivoted in that direction were once break/fix value added resellers (VARs) that dealt in some pretty specific products and services. The shift from break/fix to managed services was facilitated by the development of powerful automation software that provided well-trained technicians the opportunity to proactively monitor computing networks from a remote location. This, in turn, provided the businesses with a much more affordable service, more effective IT, and a massive reduction in downtime.  Industry Growth One of the major draws that partnering with a managed IT service provider brings to your business is that, for a small business, hiring expert IT talent is expensive. By simply choosing to outsource their IT management, a business can enhance the value of their IT support budget. They receive comparable attention to their IT, get access to the IT service provider?s direct availability to newer, more robust technologies, all while paying a static monthly rate to do so. . From hardware to software, from networking to security, the modern IT company has access to all of the technology the modern business needs. That?s why companies have been slowly switching over to managed IT services for the better part of the past decade.  The industry?s growth is steady, but in that time, companies? use of technology has exploded. Some choose to hire in-house technicians, some choose to try and manage their own technology, but those that have chosen managed IT services get more bang for their buck.  Most companies in North America and Europe expect their IT expenses to increase in 2020, and that was before the COVID-19 pandemic went ahead and through a major wrench in the works. Regardless of what is going on in some sectors, IT budget growth is as large as 30% in some markets. Small and mid-size companies have been extremely active upgrading their IT as newer solutions provide them with more upfront capital, while larger organizations have been rolling out strategic security upgrades to keep organizational risk down.  Not surprisingly, the largest driver for IT growth is the need to upgrade outdated IT. This is leading the MSP into expanding their offerings, too. Many organizations have been utilizing cloud computing through their managed service providers. These days, almost anything you can do on a server, you can do on a virtual server hosted in the cloud.  Emerging Technologies For some time, IT companies have looked to innovative new technologies to build a catalogue of solutions that would be attractive to any-sized organization. This hasn?t stopped. Today, with data becoming a major commodity for almost any type of organization, these IT companies have begun using their expertise with information systems to push new ways for companies to collect, process, and analyze that data. That?s why you see IT support companies dabbling in data warehousing and business intelligence services; providing value that simply wasn?t there a short time ago. Another technology that many MSPs have really ramped up on recently is managed security services. With the use of specialized tools and practices, IT service companies can now provide solutions for any type of organizational security threat. Today?s IT service company is capable of protecting your company with traditional methods of training and […]

Tip of the Week: Altering Your Android Device?s Power Settings

We should mention that we are using a device with the Android 10 OS built in. Not all of these features will be available on older versions of the operating system, but many will be. Basic Power Settings There are some basic settings that you can access from your regular notifications menu on Android 10. First, swipe down from the top of the device, to expose the settings tray. In this settings tray, there is a brightness adjustment slider. Obviously, the lower the brightness on your phone, the less power it will take to display the content on your device. If you toggle the Auto setting on, your device will manage your screen?s brightness and will find a good middle ground between power-sapping brightness and too-dim-to-see.  Another basic power setting found in the settings tray is the battery saver. There is Extended and Maximum. The battery saver will: Disable location services when the device?s screen is off Update an app?s contents only when the app is open Prevent apps from working in the background Turn off voice recognition for Google Assistant Today, users can utilize AI to help them configure the battery saver feature to best fit their use. You can set it by user routine, which will use AI to learn how you use your device and set the battery saver option when it is necessary. You can also set it as before, based on the percentage of battery power that is left.  To enable the routine-based schedule you will need to: Open the settings app Tap Battery > Battery Saver Tap Set a schedule > Based on your routine To enable the percentage-based option, select Based on percentage in the Set a schedule menu. More Advanced Battery-Saving Options Those are the simplest options you can use to manage your battery, but there are other options in which to get the most out of your device?s power settings. One is to ensure that you have the Adaptive Battery setting turned on. Adaptive Battery will monitor your usage and start to present you with options on how to maximize your battery life while still making your device as user-friendly as possible.  To turn Adaptive Battery on, go to Settings > Battery > Adaptive Battery and make sure it?s toggled on.  Another way to help stem unnecessary battery use is to get rid of your always-on display. The display is the most battery-intensive part of any smartphone, and while an always-on display presents certain benefits, it isn?t more important than having a device that isn?t battling with power issues all the time. To accomplish this just go to Settings > Display > Lock screen display and toggle off ?Always on?.  If you would like to know more about smartphone settings that can help you keep your device running longer, call one of the professional technicians today at White Mountain IT Services at (603) 889-0800. 

What You Need to See in a Business Continuity Plan

There is always risk in business. The better your organization can assess–and plan for–risk, the better it will respond after adversity. Here are a few variables that you should see in your business continuity plan: A Threat Matrix – Risk management starts with identifying possible risks. That means all legitimate threats; of which there are quite a few. Take a while considering all the relevant risks to your business and rank them from most likely to happen to least likely.  Critical Processes – Outline what makes your business run. Every business relies on critical processes that if interrupted could be devastating to achieving success.  Command Chain – Not everyone is a boss. Businesses have a chain of command that should be documented. Be sure to accurately represent how your business works and not just the titles of the people involved.  Employee Safety and Evacuation Plan – One part of risk management is to ensure no one gets hurt and that everyone is updated with all relevant information. The first part relies on you having a comprehensive safety and evacuation plan in place. Communication Plan and Contact Information – The other part is to have an idea about who will be the point of contact for each threat. If your marketing office springs a leak and six inches of water rushes in, does your accounting team on the next floor need to be notified immediately? Breaks in continuity mean all breaks and every department should have a point of contact registered in the continuity plan. Backup Processes – One of the big considerations when any threat comes to fruition is data. It is one of the most important assets any company has. Ensuring that your backup and disaster recovery processes are regularly tested and maintaining redundancy is crucial to almost any problem.  IT Inventory and Infrastructure – Most businesses don?t have a whole other office ready to go when something fails. Ensuring you know what is in your inventory, how it is used, and how to restore those systems if something were to happen to your physical infrastructure is an important consideration.  End of Incident Criteria – When a breach in continuity happens, downtime is most certainly the enemy, but what would be worse is if you are fighting for your business? life and the threat has passed without any notice.  Be sure that when a situation comes to light that you have the system in place to be able to review the problem and return to normalcy. A business continuity plan can literally save your business from anything…from a malware attack to a flood. These line-items will help you build a solid continuity plan, but if you really want to hash your plan out, call the IT consultants at White Mountain IT Services. We can help you build a continuity plan that will allow your organization to respond to anything thrown its way. Contact us today at (603) 889-0800.