ransomware

Phishing Scams Aim to Exploit Coronavirus Fears

How To Keep Uninvited Guests Out of Your Zoom Event

Zoom is a videotelephony and online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and social relations.  With most of the country working from home and using Zoom as well as other cloud-based communications there has been an uptick in hacking stories.  So, what are we to do?  Let’s look at a few ways we can practice Zoom Safety. At designDATA we believe the following best practices will help:

  • Create separate passwords for each virtual meeting;
  • Establish a Zoom waiting room for meeting participants
  • Lockdown the meeting once everyone invited to attend has joined
  • Do not publicly post-meeting links on social media or any other public forum

IT terms you need to know

Jargon can be intimidating if you’re dealing with IT issues and you’re anything but techy. Running an anti-malware scan can generate auto pop-ups that leave you clueless with IT terms that sound Greek. Learning the basic concepts listed here will help you move on and not be surprised the next time that happens.

Malware

For a long time, the phrase “computer virus” was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as malware.

Ransomware

Don’t let all the other words ending in “ware” confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is “ransomware,” which is malware that encrypts valuable data until a ransom is paid for its return.

Intrusion protection system(IPS)

There are several ways to safeguard your network from malware, but IPSs are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.

Social engineering

Not all types of malware rely solely on fancy computer programming. Experts agree that the majority of attacks require some form of what is called “social engineering” to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.

Phishing

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value — always verify the source of any service requesting your sensitive data.

Antivirus

Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well-known malware variants.

Zero-day attacks

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyberattackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

Patch

When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest malware.

Redundant data

When antivirus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.
We aren’t just creating a glossary of cybersecurity terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out just how we can help you with your IT woes.

Published with permission from TechAdvisory.org. Source.

Cybersecurity for small- and medium-sized businesses

Has your organization been hit with a data breach or ransomware recently? This happens more often than you might think to businesses of all sizes. Given the frequency, complexity, and increasing number of threats, a multi-level, agile, and cutting-edge cybersecurity strategy is the only response that will protect businesses from massive losses. Fortunately, managed IT services providers (MSPs) are filling this gap with solutions and expertise that even small businesses can afford.

The numbers

According to the Ponemon Institute’s 2018 State of Cybersecurity in Small & Medium Size Businesses (SMBs) survey, cyber attacks on SMBs have increased from 61 percent in 2017 to 67 percent in 2018. Only 28 percent of these SMBs evaluated their ability to mitigate threats, vulnerabilities, and attacks as highly effective. 58 percent of SMBs in the study experienced a data breach in the last year.
Most SMBs in Ponemon’s research said attacks against their companies had severe financial consequences. For instance, the report cited that many of them spent an average of $1.43 million because of the damage or breach of IT resources, a 33 percent increase from 2017. Disruption to operations also cost an average of $1.56 million, a 25 percent increase from 2017.

The attacks

So what types of cyberattacks on SMBs were prevalent last 2018? According to the study, the order from most to least common are as follows: phishing/social engineering, web-based attacks, general malware, compromised/stolen devices, denial of services, advanced malware/zero day attacks, SQL injection, malicious insider, cross-site scripting, and uncategorized attacks.

Why managed services?

Partnering with MSPs is the most effective way to prevent attacks and protect your business from these malicious threats. They include a full range of proactive IT support that focuses on advanced security, such as around the clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection, security awareness training, and more.
Not only that, but because managed services are designed to identify and fix weak spots in your IT infrastructure, you’ll optimize the digital backbone of your business processes. You’ll have faster network performance, a business continuity and disaster recovery strategy, as well as minimal downtime. One of the best things about managed services is that you get a dedicated team of IT professionals ready to assist you for any technology problems you may encounter. This is much more effective and budget-friendly than having in-house personnel handling all your IT issues.

Being proactive when it comes to cybersecurity is the only way to protect what you’ve worked hard to build. If you’d like to know more about how managed services can benefit your business, just give us a call, we’re sure to help.

Published with permission from TechAdvisory.org. Source.
The-best-anti-ransomware-tool

Virtual DR: The best anti-ransomware tool

From CryptoLocker to WannaCry, ransomware has grown in sophistication and scope over the past few years. And given its widespread success with hackers, more ransomware attacks will likely be developed further into 2018. In anticipation of these attacks, many experts are saying that virtualized disaster recovery solutions may be the best way to defend against future ransomware.

Virtual DR

Virtual DR solutions allow you to create point-in-time copies, or “snapshots,” of operating systems, data, and virtual machines as they appear at a given point in time. These snapshots can then be loaded onto any workstation with everything still intact. In the event of a ransomware attack, administrators can essentially roll back the system to a point before the malware hit.

What’s great about point-in-time copy features is that they are automated. Just schedule the snapshots, and your virtual DR software will do the rest. And although virtual DR solutions vary, most of them have the capacity to store thousands of point-in-time copies, giving you plenty of restore points to choose from.

Why virtual DR trumps traditional DR

Traditional DR methods don’t have these features. Even though most computer operating systems have a system restore functionality, modern ransomware strains are designed to disable them. On the other hand, virtual DR software isolates point-in-time copies and restore functionality from virtual machines, which means they can’t be affected if one virtual machine was compromised with ransomware.

Another reason why traditional DR is not a great option is because there is a lot of manual labor involved. You have to copy all your data into a backup drive, reinstall applications, and reconfigure hardware. By the time you’ve recovered from the ransomware attack, the financial and reputational damage caused by downtime will have taken its toll on your business.

When recovering your system, you want as little hassle as possible. With virtual DR, you can load a clean, ransomware-free snapshot onto your system in less than 30 minutes.

However, implementing virtual DR can be complex, especially if you don’t have much IT expertise. But if you partner with us, this won’t be a problem! Call us today to get robust solutions that guarantee business continuity.