SystemsNet Blog

Category Archives: Malware

Six Steps to Make Your Company Ransomware Proof (Part 2)

March 15, 2018Malware, Securityantivirus, Help from ransomware, malware, Protect your computer, securitySystemsNet Administrator

Protect your business from ransomware attacks with regular data backups.

Welcome back to the second half of our two-part article about how to completely harden your company against the threats of ransomware. The entire reason why ransomware is so scary is because it is a known cause for complete computer wipes with all your data gone in seconds and you’d better think twice about paying a mysterious criminal who does not have to decrypt your files and will probably delete them anyway.

Rather than leaving yourself vulnerable to these malicious cybercriminals, the best defense is a stupendous set of backups. Last time we talked about creating an individual backup for each machine or group of identical machines, along with the importance of safe cloud storage. Today, let’s pick up right where we left off at point three, your final complete backup stage.

3) Create One Complete Infrastructure and Configurations Backup

Because ransomware sometimes attacks an entire network from a single connected computer, it’s important that you are ready to recover absolutely everything in case you become the victim of a particularly nasty piece of black-hat software. Just like you did with the individual computers, it is possible to take a snapshot of every setting and configuration for your entire network. This file will be pretty big but you only have to keep one or two to be ready for a ransomware attack. This way, even if the malware takes out an entire chunk of your network, you could potentially wipe every device to factory settings and reconfigure in a few hours, once again denying the hacker their opportunity to cause any real damage to your company.

4) Take Content Backups Regularly

Now that you have your infrastructure backups taken care of, you can start worrying about smaller content backups. These can either be updated to the big backups or kept separately to help you keep track of day to day changes. These should be taken even of cloud-stored data to ensure that you’re protected against everything from malware deleting files to human error entering unwanted changes. Regular content backups will ensure that once you factory reset and restore a machine’s configurations and software, you can also restore its local files for the convenience of the employee who works there.

5) Create New Complete Backups for Major Change

After all your backup preparation is done, remember that when you make configuration or infrastructure changes to either the network or an individual machine, these changes need to be updated to your collection of comprehensive backups or your restoration may bring back an older, less useful configuration. Put this responsibility in the hands of your IT technicians who will be the ones making these changes in the first place. This will ensure that your ability to immediately recover from ransomware is always up to date with exactly the data you need.

6) Run Ransomware Drills

Finally, never assume that an emergency plan is in place until you have proven it. While you may not want to wipe your entire system and re-install it, at least test the solution on a few computers or a test section of the network to ensure that everything is in good working order. The last thing you want to happen right after a ransomware attack is to discover that your backups have either corrupted or don’t integrate correctly. Check your backups and run a new drill about every six months to make sure you’re still ready.

This solution may sound complex but here at SystemsNet, we’re experts on malware defense and comprehensive backup plans. For more helpful information on how to defend yourself from ransomware or to plan your perfect backup solution, contact us today!

Six Steps to Make Your Company Ransomware Proof (Part 1)

March 8, 2018Malware, Securityantivirus, Help from ransomware, malware, Protect your computer, securitySystemsNet Administrator

Cloud Backup

Ransomware is a single word for a big, diverse problem. It isn’t just one program like WannaCry or GoldenEye, or Petya, it’s all hacker-borne viruses that have ever been or ever will be designed. One really good firewall and anti-virus setup won’t protect you forever because if history has taught us anything it’s that hackers won’t quit it. They will continue to look for loopholes, backdoors, and brute force attacks to invade your computer system and ruin your day. The good news is that even in a worst-case scenario where these malicious programs get into your company system and encrypt every important business file you possess, with the right preparation you can quickly and easily thumb your nose at the low-life hacker with a completely ransomware-proof plan.

It’s all About the Backups

Yes, in an ideal world we’d be talking about nothing but malware detection, email scanning, and firewalls and don’t get us wrong, these things are important. However, these things are like washing your hands before eating supper. It will reduce the number of ‘germs’ you are exposed to, but it won’t elimate your exposure completely. A comprehensive ransomware, and indeed any malware plan may start with firewalls but it always ends in backups. Why? Because with the right backups, you can recover from anything, even a full-encryption ransom attack.

1) Create a Complete Backup of Each Machine

Ransomware has to have an entry point, and this is usually a personal computer. These days it can also be a mobile or IoT device and the importance of recovering data on these devices should be considered when planning for backups. When ransomware strikes, it encrypts every file on the computer and then uses files from the program to project the ransom message and interface. While you could mess with the hackers, your best bet is simply to wipe the computer to factory settings and re-install everything you need.

Of course, doing this manually could take hours if not days so what you need is a total backup complete with software installs and configuration settings as well as the basic file system. This kind of backup takes more space to store but it also allows you to cut off a hack at the start and get the system back to safe working conditions in a matter of minutes rather than days. This method is especially useful if you have a floor worth of computers that share a similar if not identical configuration.

2) Save Your Data on the Cloud

In general, ransomware can only attack files stored locally on infected computers and networks. This means that while they may be able to reach out to remote servers you are actively connected to, if you save your business data through a cloud storage service or, better yet, through third-party SaaS servers for the platforms you use, the ransomware won’t be able to corrupt it. To harden your defenses and protect sensitive company and client information, make sure that important data isn’t stored on a local system, even in the Temp folder. This way, hackers will neither be able to breach your security and leak information or deny you access through encryption or local deletion.

Paired with the complete computer backup, a cloud data storage system means that after a localized attack, you can recover the compromised system up to the point where it is immediately compatible with your cloud platform again, putting the workstation back into use quickly.

Believe it or not, the setup is the most complicated part of establishing a ransomware-proof business plan. In fact, it’s only the first half of the article. Join us next time as we cover points three through six from your infrastructure backup to your restoration plan. For more tips and advice on best backup practices, contact us today!

What Should You Do If You Think You Have Been Hacked?

February 8, 2018Malware, Securityanti-virus, malware, securitySystemsNet Administrator

Small business owner upset over being hacked in the workplace. Leaning head on crossed arms over a laptop

Being a small business and being hacked can put you out of business if your not prepared

There are a couple of questions many business owners ask when it comes to hacking, and those two questions are:

How can I tell if I have been hacked?
What steps do I take if someone has hacked my business?

Unfortunately, many small business owners do not know they have been hacked. Apart from ransomware, there are many cybersecurity events that go unnoticed. Can you believe that many small businesses and medium-sized businesses can have data breaches that go unnoticed for a significant period of time, including several years? The breaches that are noticed are eventually noticed by someone outside the business, including law enforcement officials.

Can you imagine being breached and not knowing this has occurred until a third-party notifies you? If you data breach occurs and it goes undetected for a substantial period of time, you may never identify what actually caused the breach to occur in the first place. When you do not know how, why, or where the data breach took place, you may start questioning if all of your company’s data has been compromised.

How Do You Know If You Have Been Hacked?

When you have a full understanding of the different types of hackers and what their intentions are, you will be able to understand how anyone can be hacked. There are different businesses, small, medium, and large, that can all become a target for hacking. Hackers look for sensitive data that has not been carefully protected.

What Type Of Hacks Are More Common?

It does not matter if a hack is basic or advanced because even a basic hack can cause severe damage to a business. A small or basic hack can result in your computers or any devices doing things that they should not be doing. Some of the common hacker techniques include the following,

viruses
Distributed Denial of Service (DDoS) or Denial-Of-Service attack (DoS attack)
fake Wireless Application Protocol (WAP)
phishing attacks
in-house attacks

What Should You Do After A Hack Takes Place?

Do you have a plan in place if a hack does take place in your workplace? Your employees need to be trained well enough so they will be able to identify an attack on the business. When your employees are trained, they will be able to help your business get back to operating at its normal pace. Your business needs to get back to business as soon as possible after an attack has been identified.

If you have noticed that your system is behaving unusually and if you notice suspicious files that seem to be harmful, an attack has likely taken place. Professional and experienced hackers know how to carefully cover all their tracks. We suggest that you look carefully at your systems’ log files.The hackers also know how to delete those log files as well.

After you have identified you have been hacked, you should make sure the attack has been confirmed. Once there has been confirmation of the attack, you should check your computers, devices, and your networks to determine if anything else has been compromised. You will need to identify how much information the hackers have obtained.

When security breaches occur, critical data and information can be lost when your systems are down, include your network connections and content that is stored in your RAM. You will need to consult a professional so you can fully understand the options you have at this point.

It is extremely critical that you have the proper backups in place. It is also important that you have the right Managed Service Provider (MSP) that will provide you with the tools and resources you need to conduct business as usual after an attack has taken place. Contact us today for more information on how you can protect your business from hackers.

Recent Virus Release: Issues With Ransomware

March 30, 2017Malware, Securityanti-virus software, avoiding computer viruses, downloading dangerous software, help with ransomware, how to handle ransomware, recent impact of ransomwareSystemsNet Administrator

How to avoid dangerous Ransomware

Although computer viruses have always been a problem in the workplace, nowadays, surfing the web is getting more dangerous than ever. Not only are there plenty of websites filled with dangerous viruses, but many developers might even try to trick you into downloading dangerous software.

For example, let’s say you were looking for a solution to update your computer, and there was a seemingly legit website that provided some download links. In reality, this could just be a trick to get you to download some dangerous software. Even worse, though, many times, you might even accidentally download ransomware.

Basically, it is a sophisticated piece of malware that blocks the victim’s access to his/her files. Obviously, though, that’s only the gist of it, and the malware can be a lot more dangerous than it appears at first glance. With that said, even though many businesses know how to handle computer viruses, ransomware is in a league of its own. Here are a few things businesses should know when dealing with ransomware, and how to prepare it.

#1. What Makes Ransomware So Dangerous?

As I had mentioned before, even though it blocks access to your files, that’s putting it mildly. Aside from encrypting and locking all the data on your computer, the hacker also demands a ransom. If the sum of money isn’t paid within a certain amount of time, all your files will be deleted. Another downside is that once your device gets infected, it’s nearly impossible to get rid of the virus. In fact, the FBI has even encouraged victims to pay the ransom, since it’s the only way out. With that said, the only way to truly beat this piece of malware, is by paying the ransom, or avoiding it completely.

#2. How Does Ransomware Affect Your Business?

Aside from the obvious, which includes deletion of your files, ransomware affects your business from a more personal perspective as well. A company’s reputation is essential to running a successful organization, and ransomware can have a major effect on this, especially when it comes to your loyal customers. Remember, whatever happens in the workplace will have an impact on everyone, especially if it’s security related.

For example, let’s say you had both your files and customer documents on one device. If they got deleted due to ransomware, imagine how this would affect your customers. Not only would they go to look for business elsewhere, but more than likely, they will tell other potential customers about the incident as well. In the long run, this could turn potential customers away from your business. After all, customers don’t want to hear excuses. They want a business that not only protects their data, but one that also knows how to respond in the event of any unexpected incidents.

#3. How Can You Protect Yourself?

As dangerous as ransomware is, it’s definitely not unbeatable. One of the key ways to protect yourself, is by making sure to avoid it, since it’s very difficult to get rid of once you’re infected. Not only do you need to be smart about the websites you visit, but also be cautious of suspicious files and emails. Make sure to scan everything before downloading it, and always have anti-virus software installed. By taking these precautions, not only are you preventing yourself from getting infected, but you’re also setting a good example for your employees in the workplace.

For more information about the recent impact of ransomware, why it’s so dangerous, and how it affects customers, feel free to contact us today at SystemsNet. We look forward to hearing from you, and assisting you in the best way possible.