Alert: Petya Ransomware May Be the Worst Yet

Once the file has been downloaded, Petya causes a Windows error and forces the system to endure the typical ?blue screen of death,? causing a reboot. The computer will then display a red skull and crossbones, and a fraudulent ?system check? infects and encrypts the master file table (MFT) with military-grade encryption protocol. This causes the computer to basically forget which files it has, and where they are stored. Rather than closing access to particular files, Petya completely locks the user out of the system by overwriting the computer?s master boot record. The computer is essentially rendered useless by the user, who can?t even log in. Petya will display a list of demands, as well as how to meet them. As is the case with most ransomware, the ransom must be paid in Bitcoin. Once this has been done, the criminal supplies a decryption key that?s used to regain access to the files. The initial cost for the decryption key is .99 Bitcoins, which is an estimated $430. However, paying for the decryption key isn?t that simple. Once the user accesses the payment page, they?re given a limited amount of time to access the key before the price is doubled. While there are some websites that claim there are commands that can allow users to skip the lock screen, the MFT will still be encrypted, rendering the files useless. Even if the user pays the ransom, there?s still no guarantee that the decryption key provided by the hackers will work. This is why we always suggest that you don?t pay the ransom, and instead contact a professional technician who can consult you on the situation. In particular, business owners and human resources representatives who are responsible for the hiring procedure are the preferred targets. Petya is distributed through emails that are disguised as potential job seekers. The message will often contain a hyperlink that redirects to a Dropbox containing a resume, which is really just a Trojan horse containing Petya that?s capable of weaseling its way past your antivirus solution. Petya had been causing significant trouble for German businesses, but a programmer has found a solution. Admittedly, it?s a tricky solution to implement, but it?s still preferable to paying a ransom. As is the case with most ransomware, your best chance of escaping unscathed is by dodging the attacks altogether. Ransomware is notoriously difficult to crack, even for seasoned IT veterans, but keeping a watchful eye on anything you find on the Internet can help you avoid infections. With White Mountain IT Services?s security solutions, you can proactively detect and eliminate threats to your IT infrastructure. To learn more, give us a call at (603) 889-0800.

Forget Backdoors, Hackers Can Now Infiltrate Garage Doors

The contraption used to hack garage doors is built from a discontinued Mattel toy from 2007: the IM ME. The IM ME is a supposedly secure wireless instant messaging system that works similar to a mobile phone. It was meant to be a kid-friendly, secure alternative to a mobile phone for texting. The IM ME stores an address book for other users of IM ME, and used an Internet connection to communicate with each other. If you look at it now, you wouldn’t be surprised to hear that it?s no longer supported and that it has no place in today?s computing world. Smartphones are largely more efficient and dynamic as communication tools. Just last year, it was discovered that the IM ME could be turned into a device that can hack into any garage door that?s using an unsecured fixed code transmitted from a remote, rather than one which uses a ?rolling code? that changes with every button press. This flaw was discovered by Samy Kamkar, an independent developer and technology consultant, who then proceeded to exploit the flaw to demonstrate its danger. He built the device using the IM ME as a base model, then added a simple antennae and open-source hardware attachment. Kamkar, calling his device OpenSesame, explains that his device works differently from what are called ?code grabbers.? An ordinary code grabber will snatch the code from the garage door button when it?s pressed, and reuse it to open the door at a later time. This requires the hacker to be present when the button is pressed (similar code grabbers also exist for automobile key fobs, which is a pretty scary concept on its own). OpenSesame can accomplish this same goal without being near the user, which makes it much more dangerous. The most dangerous part of this hacking experiment is the fact that any hacker can walk up to a vulnerable garage door and have it open in around eight seconds. As reported by WIRED: Using a straightforward cracking technique, it still would have taken Kamkar?s program 29 minutes to try every possible code. But Kamkar improved his attack by taking out wait periods between code guesses, removing redundant transmissions, and finally using a clever optimization that transmitted overlapped codes, what?s known as a De Bruijn sequence. With all those tweaks, he was able to reduce the attack time from 1,771 seconds to a mere eight seconds. If you?re curious about how Kamkar?s device works, you can watch this video to see the device in action. Furthermore, if you want to see if your own garage door is vulnerable, you can view this video where he goes into detail about which doors are vulnerable, and why. This more than proves the fact that hackers engage in some dangerous and unpredictable acts, and that the Internet of Things continues to be a major reason for this. With so many more devices connecting to the Internet and communicating with each other with near-field communications and Bluetooth, the situation could very quickly turn into a nightmare scenario for your business. If your network isn?t prepared to handle the dangers and threats that come from unregulated Internet of Things devices, it?s a very real possibility that your organization could suffer a data breach or worse. It?s your responsibility to ensure […]

Tip of the Week: No Internet? No Problem! 3 Ways to Be Productive Without the Internet

The problem is that both a lack of electricity and Internet connectivity can lead to downtime, which is a well-known culprit for breaking budgets. Without electricity, your building’s technology cannot function, and without the Internet, your cloud-connected systems will be inaccessible. In both cases, productivity ceases, and you?re left without access to mission critical files. Your organization should be prepared to deal with these worst-case scenarios, which means you should have contingencies put into place to prevent downtime from sudden power or Internet outages. So, how can you bounce back from a power outage or an Internet connection problem? For starters, don?t immediately send your employees home. You only want to do this if you?re absolutely sure that there isn?t any work that needs to get done in the office. If you think that the Internet or power outage won?t last very long, you can probably get around wasting time by using this chance to take care of often-forgotten in-house tasks. Here are some ideas for helping you through your outage: Hold Staff MeetingsHave you ever canceled a staff meeting last minute due to an unforeseen phone call? If you don?t need technology to hold a staff meeting, there?s no better time than during an outage. If you can?t do anything anyway, you might as well talk about important initiatives, team building, or consistent issues within the workplace that need to be addressed. Think of it as a really convenient inconvenience! Organize and Clean Your OfficeThere?s a saying in the service industry that applies here: if you have time to lean, you have time to clean. Instead of having your staff sitting around waiting for services to be restored, you can have them tidy up the office and clean up their own personal workplaces. If your team needs an excuse to stay in the office to make financial obligations, you can put them to work. Catch Up On Employee EvaluationsIf you haven?t had time to catch up on employee evaluations, and you have some time to spare in between trying to fix the outage, you can take some time to tell your employees how they?re doing and what can be improved upon. Critically evaluate your employees so that they know how to improve their work performance. By the time you?ve finished, you?ll have a better idea of how your team is doing, and what you can do to make it better. If All Else Fails, Send Your Team HomeDowntime isn?t easy to overcome, and sometimes the only option that you have is to send your team home for the day. Even if this doesn?t feel like an option, and you have important work that needs to get done, there?s always the option of letting them work remotely, should they be equipped with the technology to do so. Either way, the more time that your team wastes sitting around waiting for the outage to be resolved, the more time and revenue that?s wasted. While making the best of downtime might be your only option, at White Mountain IT Services, we consider downtime to be an emergency. If your network or a critical part of your IT infrastructure goes down, leaving your employees high and dry, our technicians go into emergency mode. If your business wants to learn more about how to prevent downtime, give […]

Want to Improve Your IT Security? Don’t Overlook Your Employees

According to a 2015 study from CompTIA, employee errors are at the root of roughly 52% of corporate security breaches. Employee errors that compromise your cyber security include the following:?    Careless Internet browsing and email use; for example, thoughtlessly downloading email attachments.?    An inclination to take online communications and websites at face value and quickly trust them.?    A failure to protect sensitive data; this includes sharing passwords, transferring confidential files over insecure connections, and neglecting to apply encryption.?    A lack of awareness about cyber security threats.?    Ignorance or negligence regarding your company’s cyber security policies. Any of these behaviors can expose you to a devastating cyber attack. For example, a quickness to trust people at face value can lead your company to fall victim to a successful phishing attack. Phishing is a common cyber crime that involves tricking someone into disclosing sensitive information. Recently, for instance, cyber criminals obtained employee tax records from a variety of organizations. One method involved sending an email supposedly from the company’s CEO and requesting the information. Rather than double-checking the authenticity of the request, and remaining suspicious about a demand to send tax forms over email, employees complied. Any organization, large or small, can fall victim to these attacks. Cyber criminals attempt to exploit every vulnerability in a company’s IT configuration. And they can often count on human error to give them openings for an attack. What can you do about these kinds of employee errors?To begin with, your company needs to come up with a comprehensive cyber security plan that includes clear policies governing employee behavior in various IT scenarios. Whether it’s transmitting files or using only approved applications for work, your employees should have guidelines and standards to follow. However, as important as it is to devise comprehensive cyber security policies, those policies won’t make much of a difference if employees neglect them. Their neglect will undermine any efforts you make to secure your data and network. For example, a recent article from Business Cloud News reports that “employee negligence and indifference” weaken security when companies rely on cloud-based programs. How can you combat employee neglect? First, you must enforce your policies. If employees assume that their poor cyber habits won’t result in lost privileges or other consequences, they won’t have as much motivation to follow policies. At the same time, you shouldn’t make them so afraid of punitive action that they fail to quickly report errors that compromise security and require a rapid response. Having your employees undergo cyber training is an important step. Training should emphasize how cyber security is critical for a company’s success and that employees can apply it at home to make their personal computing safer as well. Good training will lead to a deeper understanding of cyber security risks and the need to question online communications, protect data, and collaborate in efforts to keep your company secure. Management should also model good cyber security habits to employees; when company executives don’t appear to care about cyber security, employees won’t concern themselves with it either. The key is to promote an overall culture in your company that stresses the importance of cyber security. Instead of leaving security solutions entirely in the hands of your IT personnel, make everyone a part of the solution. To further help your […]

Why Businesses Need to Quickly Distance Themselves From SQL Server 2005

The end of life event for SQL Server 2005 took place on April 12th, which means that if you haven?t upgraded yet to a more recent version, then you really, really need to. Let?s face it, 10 years is a long time to run any software without updates, much less SQL Server. You?ll want to upgrade to a version that?s supported by Microsoft?s security patches and updates. By going with the latest versions like SQL Server 2014 or Azure SQL Database, your data will be protected for years to come. White Mountain IT Services can assist you with such an upgrade so that you won?t experience any surprises with a lack of compatibility of your mission critical apps. Running into an error like this can severely hinder operations. Additionally, upgrading your SQL Server may require apps to be reconfigured and upgraded, which is much more challenging than simply plugging in a new version of SQL Server and walking away. Tim Hegedus, senior manager of the analyst team with Miro Consulting, explains to CIO, ?The biggest risk stems from continuing to use the product when there is any kind of uncontrolled or external access to that database. Any security breach can be damaging not just monetarily but also reputationally.” Additionally, organizations that work with sensitive data need to understand that using unsupported software like SQL Server 2005 (or any other unsupported software) can open themselves up to some hefty fines. Some of these violations can result in fines amounting to thousands of dollars, per record. For businesses looking to upgrade, now may be an opportune time to try out Microsoft’s Azure offering. An Azure SQL VM is a legitimate option to consider, especially if you?re wanting to move away from having to buy and maintain a new server unit, install a bunch of software, and move all of your data. Depending on your needs, there are many other options, and White Mountain IT Services can help you weigh the pros and cons of each solution. For help upgrading away from SQL Server 2005, or any other unsupported software that may be putting your company at risk, give our professional IT technicians a call at (603) 889-0800.