Category Archives: Security

Recent Virus Release Starts In Ukraine And Spreads Across The Globe

obal Hacking Attack

Cyber security is a critical component in preventing downtime in your network

An international cyber attack, known as “Petya”, struck computer systems across the globe, starting in Ukraine. Tens of thousands of machines in Ukraine and the United States were impacted. Automated teller machines stopped working in the capital of Ukraine. Workers all across the globe had to quickly scramble to make the necessary adjustments.

It has not been determined who is responsible for the cyber attack. No details have been released at how impactful the cyber attack was. The attack started on the Ukrainian government. This is not the first cyber attack that has taken place as of late. The difference between this cyber attack is that it seems to be one of the most advanced attacks that have taken place since the National Security Agency had some of its hacking tools stolen.

This global hacking attack took control of all the computers. Since the hackers obtained control of the computers, the attackers demanded ransom in order for them to release access to the owners of the computers. This recent attack used the hacking tool, Eternal Blue. Eternal Blue was also used in the WannaCry attacks. Not only did the attacks use Eternal Blue, but there were also other methods that were used to carry out the cyber attacks.

There has not been any acknowledgment on the National Security Agency’s behalf regarding the use of their hacking tools. However, there have been many computer security professionals who have requested that the National Security Agency to help everyone across the globe protect itself against tools that they created.

Microsoft releases patches for its software and operating systems, but this does not always mean that the patch will be installed quickly and correctly. Since the ransomware used more than one method to spread across the computers, even some computers that were actually patched correctly and patched quickly were not excluded from the attack.

One of the most well-known computer attackers is viruses. Viruses can do a great deal of damage to computers, and an entire organization. There are various types of viruses that each have the ability to compromise a computer in multiple ways.

While many people think they will never download a file that is corrupt or that they will never click a website that is a scam, it is important that everyone remembers that a hacker is very intelligent. A hacker can create any type of virus and anyone can easily be tricked. Some viruses can even lead people to believe that they are software that will protect you from a virus.

Once your computer has been infected with a virus, your entire computer can be damaged beyond the point of repair. Your computer’s performance can be slowed down, critical files, photos, and videos can be damaged, lost, spread across other computers, etc. Viruses can cause you to spend up to thousands of dollars in computer repairs, replacements, etc.

Fortunately, there are tools you can use to help you protect yourself. One of those tools is Webroot Antivirus. The internet is not as safe as we would like it to be. Even if you are a computer whiz or extremely tech-savvy, you may still accidentally download malware, viruses, or you may even be a victim of identity theft.

When you are aware of the consequences of not having the proper anti-virus protection, you will be able to spread the word to others. Hackers are savvy, and they can easily trick anyone into clicking a link or downloading a file. We want you to protect your files, your computer, and your business. Contact us today for additional information on the latest virus releases and the best protection for your servers and workstations.

What are we learning from Microsoft’s recent emergency security patches?

20170629

Are you running an outdated operating system?

This past May, the ransomware known as ‘WannaCry’ swept through 150 countries and affected hundreds of thousands of computers in organizations ranging from telecommunication companies to nationwide healthcare systems. Devices running older versions of Microsoft software (such as a Windows 7 operating system without key security updates) showed critical vulnerabilities to this powerful, rapidly propagating malware.

In response to WannaCry and to future threats of a similar nature or scope, Microsoft has recently taken steps to supply emergency security patches for various older software, including Windows XP, Server 2003, and Vista. Even when an older system does show some resilience to a WannaCry attack, it can still remain extremely vulnerable to other forms of malware.

The issue of updates and upgrades

Microsoft typically doesn’t support these older systems, and its recent release of free security patches is a deviation from how the company ordinarily operates. It’s an extraordinary measure for an emergency situation. However, where will Microsoft draw the line? What will happen during future occasions involving widespread malware or other security risks?

Some organizations that are reluctant to upgrade to Windows 10, for example, might take this is a sign that they can continue relying on Microsoft to support outdated versions of various Windows software when there’s an emergency. However, this is a flawed way of thinking.

  • Organizations can’t reliably depend on the fact that Microsoft will step in to fix old, unsupported software whenever there’s a major security problem. The company offers no such guarantee.
  • Upgrading to a supported platform like Windows 10 ensures that your organization benefits from the most recent updates.
  • Beyond updates or patches for specific security risks, an up-to-date platform like Windows 10 has also been designed with greater security built into it throughout. If you’re running an outdated system, there may be deep security flaws that can’t be comprehensively addressed just by performing certain updates. Older systems may be lacking in powerful security features that newer systems have adopted.

Managing your systems

Another key lesson we can take from the problem of rampant malware is how important it is to stay on top of managing your IT systems.

You need to make a full accounting of all the devices your business uses, and the information you must stay on top of includes the following:

  • The versions of operating systems and other software your computing devices use. (Maybe you’re using similar software across devices, or perhaps the software you use varies quite a bit from one device to another.)
  • The schedule of upgrades and updates you’ve developed for your systems. For example, have you made updates automatic, or are they manual? How often do you check for new updates?
  • The current vulnerabilities in your system, and your priorities for which to address first. Some security flaws are much more likely to be immediately exploited and cause potentially widespread damage, while others pose less of a threat, at least in the short-term.
  • What each device is connected to. For example, a major security risk comes from devices (ranging from laptops to digital security cameras) that are inadvertently exposed to the Internet and left unprotected. Configuring devices properly and limiting their exposure is critical for improved security.

To further discuss these issues and to receive assistance in strengthening the security of your devices and systems, please contact us. If you don’t manage your software and remain aware of the potential risks, you leave your business far more vulnerable to the threat of malware and other security breaches. The results can prove deeply damaging and include steep financial losses, damaged trust, and prolonged downtime. With our assistance, you can perform any upgrades or updates you need in a timely way and implement cyber security strategies that better safeguard you against the numerous threats out there.

The WannaCry Attack & How Webroot Protects You

20170601

The headache of WannaCry ransomware attack

On May 12th, 2017, a ransomware virus known as “WannaCry” rapidly spread through private networks and the Internet. The ransomware soon held data “hostage” in hundreds of thousands of computer systems, disrupting Great Britain’s National Health Service along with other institutions and businesses across more than 150 countries. However, systems with Webroot SecureAnywhere software installed found themselves thankfully protected from the virus.

Initial wave of attacks

The WannaCry ransomware virus uses a worm-like mechanism, or “cryptoworm,” to spread across private networks and the Internet. Once it affects a system, it encrypts the system’s data and holds it for ransom. The ransomware demands that the system owner’s deposit several hundred U.S. dollars’ worth of Bitcoins into a specific account before the ransomware will release their data.

The WannaCry virus works by exploiting a vulnerability in Windows operating systems. The vulnerability has a complex and storied history and may have been known to the U.S government long before it was known to Microsoft. However, soon after learning of their software’s security vulnerability, Microsoft released a security patch on March 14th, 2017 to protect supported systems.

The initial attack took place on May 12th, 2017 and quickly affected more than 300,000 systems whose owners or administrators had not yet installed Microsoft’s patch. Perhaps the cyber attack’s most prominent target was Great Britain’s National Health System. On May 13th, Microsoft took swift action against the attack. Although it had already released a patch for supported versions of Windows, the company now released an emergency update for legacy versions, including Windows XP and Windows Server 2003, despite the fact that Microsoft no longer officially supported these operating systems.

A security researcher who blogs under the name “MalwareTech” effectively halted the initially wave of attacks. Inadvertently, the researcher found that by registering an extremely long domain name found in the code of the WannaCry malware, the attack came to a halt. In short, registration of that domain was the “kill switch” for the virus.

Further attacks and findings

At least two variants of the initial WannaCry virus began to impact still more computer systems on May 14th, 2017. However, Matthieu Suiche, founder of Comae Technologies, found another kill switch in the code of one of the two variants. According to Suiche in a Tweet with an accompanying graph on May 15th, his company halted roughly “10K machines from spreading further.” As a result, the second wave of attacks was not as effective as the first.

After the initial two waves of attacks, further variants of WannaCry have continued to affect systems across the globe. As of May 25th, 2017, the most recent attack making headlines is WannaCry’s apparent penetration of the postal service in Russia.

Webroot’s protection

One indication of the effectiveness of anti-virus and security software such as Webroot may be customer call volume during an attack. One would expect call volume to spike as users suddenly find their systems compromised. However, according to Webroot’s LeVar Battle, responding to a comment on the company’s May 13th update to the Webroot Threat Blog “our call volume has not been impacted at all by this threat.” The post explains that despite the virus’ widespread impact, the basic structure of the malware itself is “similar to what we’ve seen before.” It is the worm-like propagation of the virus that has taken so many systems by surprise. According to the May 13th blog post, “Webroot SecureAnywhere does currently protect you from WannaCry ransomware.” At the same time, Webroot strongly recommends updating to the very latest version of your system software, a best practice that ensures mult-layered security. Moreover, they recommend becoming as educated as you can about ransomware and other common security threats.

Webroot’s latest post, addressing the second wave of attacks, reinforces their earlier reassuring statement and further maintains that Webroot is continuing to develop new solutions to protect their users against WannaCry variants as they arise.Â

Staying secure

The WannaCry ransomware attack is one of the most damaging cyber-attacks in years. The virus’ worm-like method of propagation exploits a vulnerability in Microsoft operating systems. Although Microsoft released a patch for supported systems well ahead of the attack, many companies and institutions did not install the patch in time. As a result, WannaCry’s initial wave of attacks affected more than 300,000 computer systems across more than 150 countries. Although cybersecurity researcher MalwareTech inadvertently halted the inital attack with a kill switch, new variants have continued to arise. Thankfully, users of leading security software Webroot SecureAnywhere found themselves protected from the attack.

Contact us to learn more about how Webroot can help protect you from malicious security threats such as WannaCry.

Recent Virus Release: Issues With Ransomware

Recent Virus Release

How to avoid dangerous Ransomware

Although computer viruses have always been a problem in the workplace, nowadays, surfing the web is getting more dangerous than ever. Not only are there plenty of websites filled with dangerous viruses, but many developers might even try to trick you into downloading dangerous software.

For example, let’s say you were looking for a solution to update your computer, and there was a seemingly legit website that provided some download links. In reality, this could just be a trick to get you to download some dangerous software. Even worse, though, many times, you might even accidentally download ransomware.

Basically, it is a sophisticated piece of malware that blocks the victim’s access to his/her files. Obviously, though, that’s only the gist of it, and the malware can be a lot more dangerous than it appears at first glance. With that said, even though many businesses know how to handle computer viruses, ransomware is in a league of its own. Here are a few things businesses should know when dealing with ransomware, and how to prepare it.

#1. What Makes Ransomware So Dangerous?

As I had mentioned before, even though it blocks access to your files, that’s putting it mildly. Aside from encrypting and locking all the data on your computer, the hacker also demands a ransom. If the sum of money isn’t paid within a certain amount of time, all your files will be deleted. Another downside is that once your device gets infected, it’s nearly impossible to get rid of the virus. In fact, the FBI has even encouraged victims to pay the ransom, since it’s the only way out. With that said, the only way to truly beat this piece of malware, is by paying the ransom, or avoiding it completely.

#2. How Does Ransomware Affect Your Business?

Aside from the obvious, which includes deletion of your files, ransomware affects your business from a more personal perspective as well. A company’s reputation is essential to running a successful organization, and ransomware can have a major effect on this, especially when it comes to your loyal customers. Remember, whatever happens in the workplace will have an impact on everyone, especially if it’s security related.

For example, let’s say you had both your files and customer documents on one device. If they got deleted due to ransomware, imagine how this would affect your customers. Not only would they go to look for business elsewhere, but more than likely, they will tell other potential customers about the incident as well. In the long run, this could turn potential customers away from your business. After all, customers don’t want to hear excuses. They want a business that not only protects their data, but one that also knows how to respond in the event of any unexpected incidents.

#3. How Can You Protect Yourself?

As dangerous as ransomware is, it’s definitely not unbeatable. One of the key ways to protect yourself, is by making sure to avoid it, since it’s very difficult to get rid of once you’re infected. Not only do you need to be smart about the websites you visit, but also be cautious of suspicious files and emails. Make sure to scan everything before downloading it, and always have anti-virus software installed. By taking these precautions, not only are you preventing yourself from getting infected, but you’re also setting a good example for your employees in the workplace.

For more information about the recent impact of ransomware, why it’s so dangerous, and how it affects customers, feel free to contact us today at SystemsNet. We look forward to hearing from you, and assisting you in the best way possible.