For those of you who don?t know, CryptoLocker has been a major threat to all computer users, and will likely continue to be a major player in the hacking world for quite some time. In fact, ransomware in general has seen an incredible increase in the past few years, making it easier than ever to become a target. This, compounded by the anonymity offered by various emerging online technologies like cryptocurrency and a network called Tor, makes it exceptionally difficult to locate and capture these criminals. While this type of malware is incredibly dangerous to business owners who absolutely need access to their mission-critical data and applications, hackers are finding gamers to be a particularly lucrative ?market.? A new strain of CryptoLocker attacks gamers almost exclusively, according to Bromium Labs, essentially making them pay money for games that they?ve already previously purchased. The malware is distributed through an unidentified WordPress-based site, but the URL that distributes the malicious flash file is always changing, making it difficult to locate. Upon visiting the malicious website, the user downloads the malware unexpectedly. In fact, according to ZDNet, the majority of files targeted by this particular strain of CryptoLocker consists of games. So, if you know any gamers out there that indulge in games like Minecraft, World of Warcraft, League of Legends, or just about any other title distributed through the Steam PC-gaming platform, you should probably warn them about this danger. The researchers claim that this malware can also detect company-specific malware, like those from EA Sports, Valve, Bethesda, and more. The point of this article is to show that malware can and will evolve to survive in any way it must. This means that it will likely continue to adapt to changes in the technology industry, all to make everyone?s lives miserable. Don?t let this happen to your organization. Give White Mountain IT Services a call today at (603) 889-0800 to protect your business?s infrastructure from CryptoLocker and all forms of malware.

Unfortunately, bouncing back from a stolen device isn?t as easy as just buying a new one. It?s the data stored on the device that makes it so valuable, which is why a recent survey by IDG Research shows that 50 percent of phone-theft victims would pay $500 to get their phones back, and one-third would pony up a cool one grand. If that?s not enough of an incentive for thieves to step up their game, consider how much you would pay to get back a stolen device with sensitive corporate data on it, especially if the thief was savvy enough to take full advantage of the information on the device. And here?s the million dollar question (potentially), ?What do you do next if you discover that a mobile device containing corporate data has been lost or stolen?? While there?s a nice selection of security apps and preventive solutions that will help you remotely wipe your phone and even track its location, let?s assume that you?ve lacked the foresight to install these helpful apps and the only thing keeping a thief from having their way with your data is a puny lockscreen. What then? After you?ve panicked and ran around the office like a crazy person, stop, take a deep breath, and go into damage control mode by following these four steps: Contact Your Device?s Service ProviderYour service provider has the ability to cut off service to the phone so that it can?t be used under your name. Depending on the make, model, and service plan, they might be able to remotely ?brick? your phone, which is like a kill switch that will remotely render the device useless. Without such a kill switch, a thief will be able to swap out your SIM card so they can still use the phone, and they?ll still have access to any data actually stored on the phone?s memory. Change Your PasswordsIf a thief accesses your phone?s data, they?ll be able to view every online account connected to the device, which could potentially be dozens and dozens of accounts. Once you learn that your device has been stolen, you?re in a race with the thief to change your passwords before they can figure them out. And be sure to change the passwords to something complex so they won?t discover your passwords simply by rummaging through your phone. Report the Incident to the AuthoritiesReporting the incident to local law enforcement officials will give them a record they can use to spot trends and potentially catch the criminal. Additionally, it will give them a chance to return the phone to you, should it ever be recovered. Contact Everybody AffectedNow comes the tough part: admitting to your staff and your clients that a device has been compromised and has put their identity at risk. In some cases, you may be legally obligated to report this incident to them, which means it?s not something that you should try to cover up in an effort to save face. In fact, if you did try to cover this up and didn?t tell clients that their identities may be at risk because of the negligence of your company, then it will come back to bite you when this information comes to light. At the end of the day, most people will appreciate […]

While it might seem like it?s all in good fun (depending on how well pranks go over in your office), a worker pranking you by messing with your workstation?s desktop or settings could have far-reaching repercussions. Furthermore, you need to ensure that you?re practicing this same level of caution with every aspect of your office?s physical and digital security. Here are three best practices you can take when it comes to keeping your technology from being compromised by physical users. Log Off of Your PC Before Leaving ItYou might know that you should always log out of your accounts when you?re not using your PC, you should also lock or log off of your PC before stepping away from it. If you don?t, you run the risk of your co-workers messing with it in ways that you can?t possibly imagine. Plus, if your office is one which strangers frequent, like customers and delivery workers, it?s especially important to lock or log off of your PC before leaving it. You need to be cautious of everyone, especially those who don?t work for you. Besides the fact that it?s a best practice for security reasons, logging out of your PC is good for it. It gives it a chance to rest up for the next time you use it. Keep Mobile Devices Out of SightWhile it might not seem to be a big deal to leave your laptop or your smartphone on your desk, someone else might feel like taking advantage of your trusting nature. A mobile device that?s right out in the open is a welcome sight to most thieves. It only takes a moment for a co-worker to snatch your device to make a quick buck, so you need to take precautions by always putting away your devices when they?re not in use. A locked drawer or closet will suffice; or, if it?s actually yours and not the company?s, just take it home with you. Lock the Office Doors When You LeaveThis probably sounds like we?re stating the obvious, but it?s surprising how many organizations lock the front door, but don?t make sure that the windows, side-doors, and other entrances are secure from potential intruders. All access points need to be protected from a potential break-in. Being reliant on security measures like access codes, cards, and keys isn?t the best way to protect your assets, but it?s better than relying on remembering to lock the door. Still, you want to limit the number of employees who can unlock the office. For instance, a worker might lend their security code to a co-worker without a second thought. They might see nothing wrong with it, but what if that worker has some suspicious agenda? At that point, it?s a matter of holding employees accountable for their actions, so it?s best to be safe and just nip the risk in the bud before it?s too late. All three of these practices can be enhanced with an enterprise-level surveillance system. Having a surveillance system is a solid way to prevent threats from accessing your organization?s office, as well as helping you monitor what?s going on around the office. White Mountain IT Services can recommend the proper system and set it up for you so it doesn?t cripple your company?s network. What are some of your favorite ways […]

As reported by SailPoint, at least a quarter of your employees will take copies of corporate data with them when they leave your organization. This survey dealt specifically with cloud computing usage, and was issued to around 3,000 employees worldwide. As explained by SailPoint president Kevin Cunningham, ?The survey results are an eye-opener of how cloud applications have made it easy for employees to take information with them when they leave a company.? If you think about it, this number isn?t so surprising. With the popularity of Bring Your Own Device (BYOD) policies increasing over time, employees are able to make off with copies of your business?s precious files, even unintentionally, much easier than before. In fact, one out of every five employees has the intention of uploading corporate data to the cloud via Google Docs, Dropbox, or another service, and share this information with those outside the organization. It can feel disheartening that your trusted team would consider doing this, but it?s important to realize that not all employees will do so. The staff you really need to watch out for are the ones who storm out of your office in a fit of rage. Here are some more statistics from the survey: 66 percent of employees said they were able to access a business’ cloud storage applications after they left their last job. 60 percent said they were aware that their employer strictly forbids taking intellectual property when they leave the company. Only 28 percent said their employer’s corporate policies describe who can access mission-critical software-as-a-service (SaaS) apps. How does your IT department plan on handling this issue? Employees potentially stealing sensitive data isn?t something that should be ignored. You need to enact policies that restrict access and user permissions in order to minimize the chance that a rogue employee will contribute to corporate sabotage. It?s vital that you take initiative to restrict your network from terminated employees as soon, or possibly even before, they find out they won?t be working for you anymore. If you?re concerned about rogue employees leaving with your hard-earned data, or if you want to bolster your network security practices in general, give White Mountain IT Services a call at (603) 889-0800.

When you?ve gone quite a while without a hacking incident, it?s easy to feel that the waters of the Internet are pristine and free of corruption; however, this isn?t necessarily the case. Deep down, in the murky depths of the Internet, there?s questionable activity at every turn, and some hackers might even have their sights set on your organization. You might think that your company is small-time compared to the large businesses that have been hacked in recent times, but in all actuality, your organization holds a wealth of information that hackers want to take advantage of. For example, you probably have the credit card numbers of your clients stored away somewhere on your infrastructure for when they make purchases. Your human resources department holds the Social Security numbers of all your employees in their files. Despite the fact that you?re a small business, hackers will see this as more than enough of a reason to hack you. Of course, they might just be taking a chance and hoping to find something good; but either way, you should be prepared to fend them off. Hackers will often try to attack your organization through cracks in your defenses. If you use older hardware or software that?s prone to experiencing breaches of security, you will be in for a rude awakening when a hacker breaches your network. You always want your organization?s systems to be in tip-top shape, be it through purchasing reliable new hardware or applying updates to your infrastructure. The best way to ensure that your organization is secure from hackers is to keep track of these weaknesses and resolve them as quickly as possible. The problem with this is that it?s difficult to keep track of multiple systems, especially if you?re not an IT expert by trade. This is why small and medium-sized organizations often outsource this responsibility to White Mountain IT Services to make sure that it?s performed properly. One way to make sure that you?ve got all of your bases covered is with a comprehensive network consultation. By indiscriminately analyzing every part of your technology infrastructure, you can find out a lot about your current security situation. Or, better yet, have an external party perform the consultation. By doing so, you get an unbiased assessment that?s sure to give you hints on how you can prepare your network for the worst. All you have to do to take advantage of this offering is call White Mountain IT Services. We offer a network consultation that?s designed to identify weak points in your security, as well as components that might be on their way toward a hardware failure. Give us a call at (603) 889-0800 to learn more.