The warning comes from the Computer Emergency Readiness Team?s (CERT?s) National Cybersecurity and Communications Integration Center (NCCIC). In it, public reports from ESET and Dragos reported ?a new highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine.? You may recall a similar incident hitting the news not too long ago when workers at a Ukrainian power distribution center watched helplessly as hackers took control of their computers, and used them to shut down heat and power for over 230,000 citizens. Though the power wasn?t out for very long (somewhere between one-to-six hours, depending on location), the control centers are still suffering from the attacks several months later. In addition to turning off the power, hackers also overwrote crucial firmware, which left 16 substations unresponsive to remote commands. This is the first confirmed instance of hackers successfully taking down a power grid, and it?s thought that these hackers were very meticulous and sophisticated in the execution of this attack. Last year, the FBI began a campaign to raise awareness of the potential issue by briefing electrical power companies of the risk. Although, the possibility of such an attack hitting the United States was deemed improbable. Thankfully, there is currently no evidence to suggest that this malware has affected critical infrastructure in the U.S., but the recent CERT warning suggests that such an attack has grown more probable. This risk is due to CrashOverride having the potential to be modified to target vulnerabilities in U.S. critical information network and systems via the malware?s tactics, techniques, and procedures (TTPs).  To give you an idea of how dangerous the malware is, the Dragos report links the malware to the group responsible for Sandworm, a wicked zero-day vulnerability that executed code within affected systems by opening a backdoor for later access. This threat utilizes phishing attacks and has the ability to spread between networks with the goal of disrupting systems and stealing sensitive information. In the CERT warning, the recommended way to handle CrashOverride is for utility companies to take a proactive stance when it comes to cybersecurity. This includes implementing techniques for providing and identifying malware. In truth, this is the same approach to cybersecurity that we recommend for all businesses, regardless of industry, size or location. As the sophistication of cybercrime continues to develop, properly monitored and maintained networks are a company’s first line of defense. Contact us today to learn more about network security and best practices.

Over the past few years, there has been a significant shift from text-based content to image and video-based content on the Internet. Google is attempting to boost its use of these mediums in the search engine market, by taking advantage of machine learning. Simply put, Google Lens can use images or the camera on your device to do Google searches and pull up relevant information based on what is seen. For examples of how Google Lens can work, here is just a snippet of what it can do: Identify the species of flowers that the camera is focusing on. Log onto a wireless network by viewing the SSID sticker on the router. Translate text that the camera is looking at into a different language. Obtain information about local restaurants, stores, and other establishments. Google Lens can interact with both the Google Assistant and Google Photos apps. Google Assistant lets you add an event to your calendar by simply pointing your camera at the information board. On the other hand, Google Photos lets users check the details about businesses, like opening and closing times. For example, if you have someone?s business card, you can even call them directly just by scanning the image. More apps that will add even more functionality to Google Lens will be provided in the future. What are your thoughts on Google Lens? Do you think these features will change the way that you go about your daily tasks? Let us know in the comments.

The benefit of being able to quickly diagnose IT problems is obvious; the problem will get addressed and resolved in a timely manner, and a solution to the issue can be found that will help prevent any future IT outages. In the world of IT support, getting to the bottom of an issue is known as performing a root cause analysis (RCA). Such an analysis begins by asking basic troubleshooting questions, which usually begins by looking directly at the performance of the technology in use. Although, as IT networks expand to become more complex and businesses grow to have more managers making IT-related decisions, a company?s RCA approach will naturally become that much more complicated. Consider what it takes to perform an RCA for a small enterprise having one server and a few workstations, compared to a medium-sized enterprise taking advantage of advanced technologies like virtualization and cloud computing in addition to a robust in-house IT network. In the latter example, getting to the root of a problem involves looking at more systems and questioning more parties. Therefore, getting an accurate RCA from more complex IT systems requires a higher degree of expertise from the IT technician overseeing the troubleshooting process. This is also where a case can be made about why it?s important to involve IT in matters where executives are making IT-related decisions. This is due to the fact that root causes of an IT outage often go beyond equipment malfunctioning and extend to poor policies being put in place by management. If the root cause of an IT outage is a poor policy, then any good IT technician will be able to spot this and inform management accordingly. For example, let?s take a look at a hardware replacement policy. Any good IT technician understands that hardware doesn?t last forever. It must be replaced periodically to prevent catastrophic failures that can lead to data loss. Before an inevitable hardware failure, most solutions–like servers, workstations, and networking components–will start to show signs of wear and tear. Unless these solutions are being monitored properly by an IT department, these signs could fly under the radar and eventually result in much more damage than if they were addressed properly. A good IT technician will be able to identify and resolve issues on your network before they become major problems. This type of proactive maintenance is something that is often neglected, especially amongst smaller organizations that have limited budgets and no internal IT department. In cases like this, it?s beneficial to outsource this responsibility to a trusted managed service provider like White Mountain IT Services. We can monitor your network to ensure that any issues are addressed before they cause major problems, like downtime, hardware failure, and data loss. To learn more about how managed IT can help your business succeed, reach out to us at (603) 889-0800.

Where (and How) Data is SoldWhen your data is stolen, it will more than likely be put up for sale on the dark web. The dark web is only accessible via specialized identity-cloaking software. Many of the pages offering stolen data and illegal services look just like a ?normal? sales website would, complete with buyer ratings. These dark websites offer caches of stolen data that other criminals would find useful, and sing cryptocurrency like Bitcoin, anyone can buy stolen identities or credentials. Let?s assume for a moment that you fell victim to a cybercriminal that managed to steal the information for a variety of corporate bank accounts and credit cards. A buyer can access the seller?s page and specify what information they are looking for, which will influence the price of the information. Buyers can request specific information such as: The kind of credit card, like Visa, MasterCard, etc. The card?s security codes Any associated login credentials The card?s expiration date The name that appears on the card The card holder?s credit score The Social Security Number associated with the card The card holder?s date of birth History of where the card has been used The original owner?s mother?s maiden name. Once the purchaser has selected which information they want, the cost is calculated and the data can be downloaded. The CostLike any business transaction, the price for stolen data is subject to the laws of economics. The less that the data is currently available, the higher the price will be. Alternatively, if a recent hack has flooded the black market with a massive supply of the desired data, then prices are apt to decrease significantly. Due to the rapid changes that this black market experiences, these prices vary wildly. On average, the data from a stolen credit card will cost someone somewhere between $13 to $21. These cards are typically bought will a comprehensive (or very nearly) set of the associated information, denoted as ?fullz? in dark web jargon. Pricing for other types of data is a little different. Many cybercriminals are mostly interested in online payment service accounts, which are priced based off of account balances. Bank account information can vary from $100 for a $2,000-account, to $1,000 for a $15,000-account, while electronic medical records can bring a cybercriminal $350 each. What This MeansThese days, it?s more important than ever to secure your company?s data against theft. Cybercriminals tend to reach for the low-hanging fruit when selecting a target. White Mountain IT Services can help you put the security measures in place to keep your data secure and off the dark web. Give us a call at (603) 889-0800.

The first thing you want to do is find any shortcut on your desktop. By shortcut, we are referring to any icon on your screen that opens up a program, such as Microsoft Word or your Internet browser. Once you?ve found the icon, go ahead and right-click it. Scroll down to the bottom of the dropdown that appears and click on Properties. This opens up the Properties window, which will be–by default–on the Shortcut tab. Next, look for the Run dropdown menu. It will be a few selections down from the top of the Shortcut tab. You?ll notice that it is set to Normal Window, but when you click the down arrow, you?ll be given the choice of Normal Window, Minimized, or Maximized. If you click on Maximized, any time you open this program in the future, it will be in full screen mode by default. Go ahead and click Apply, then close the window. If you want, go ahead and give it a shot to see it work like magic before your eyes. It might not seem like it will save you a lot of time, but it will certainly be convenient. It?s a classic example of how spending a few moments to optimize something can make things easier. For more ways to take full advantage of your business?s technology assets and optimize your workflow, subscribe to White Mountain IT Services?s blog.