Blog

Often cyber security is considered merely an IT concern. And while technical solutions are the cornerstone of effectively safeguarding your systems, it’s also important to train your non-technical staff on their role. According to Forrester’s “Global Business Technographics Survey 2016,” almost half of those interviewed had a security breach in the past 12 months – and more than half of those cited the cause as an employee or third-party partner or vendor.

Make sure all staff members understand the importance of cyber security and how serious the risks are. The loss of employee or customer data will not only cause difficulties for individuals, it could literally put the entire company at risk. Everyone in your organization who has access to a computer should understand the following important requirements:

• Protect Your Hardware: Teach employees to log out or lock their screens when they are away from their computer, lock laptops, and keep all portable media secure. This includes cell phones, tablets, and also any devices containing data such as USB drives or DVDs. Before using a USB drive or DVD from outside the company, scan them for malware to ensure they do not contain a virus that may spread through your network. And, if any hardware or software is lost or stolen, make sure employees know how to report the loss.
• Password Management: Make sure you create and share a company policy on how passwords should be structured, who they should be shared with, and how they should be stored. Employees should take care to use different passwords for each site they use, and also need to follow a password update schedule.
• Regular Updates: Anti-malware programs should be kept up to date. Software updates should also be done as they come up – employees will often skip updates if they are in the middle of a task, but these updates often include security patches that keep your system safe.
• Protect Your Data: Cyber criminals are typically looking for your confidential customer data – credit cards, email addresses, phone numbers. Employees need to understand that this data cannot be sent via email. Be sure you have a secure file transfer system available and that your employees are using it.
• Sniff out Phishing: Employees should be informed about the different types of phishing emails they may see, and should have a protocol to follow if they receive such an email. And, since humans make mistakes, they must know how to take immediate action if they accidentally discover they’ve fallen prey to one of these scams.
• Vendor Lockdown: Your third party partners can unwittingly pose a serious cyber threat. Make sure your contracts include safeguards and assurances about how they are handling security in their business.

Your employees are an important defense against the daily attempts to breach your security. And Blutone Technologies can provide your technical cyber security needs, ensuring your systems and connected computers are consistently updated, scanning for unauthorized access requests, and keeping you up-to-date on potential threats. When you combine our expertise with a cyber-aware staff, you’ll have the best chance of keeping your business moving forward without falling prey to scams and malware.

Earlier this year, more than 4,000 websites were hacked in a crypto-currency scam that used a website plug-in to infect them with malware. And that was just one incident! Websites are very attractive to hackers because they typically have contact pages or gather customer information in some way. They can redirect that data to themselves and then further spread mischief by emailing malware to your customers. Here are some of the steps you can take if you discover your website has been hacked:

• Inform your web hosting company. Often they will know how to solve the problem better than you. They will also likely have other clients on the same server, so they will need to check those other sites as well. Seek the assistance of security experts (like Blutone Technologies) to help you restore your website and protect it in the future.
• Quarantine your affected website – take it offline until the problem is resolved. Point your web site’s DNS to a static 503 HTTP responsive code page on a different server. This will also ensure your visitors do not encounter malicious code or spam files when they try to visit your site. Your web hosting company can take your site off-line for you, but let them know you will need to toggle your site to test it.
• Check all user accounts on the site. Hackers often create a new account. Note the account names and delete them, but keep the notes in case they are needed for further investigation. Use a “clean” computer to change access passwords. Be sure the new passwords are very different from the current ones – a small change will be more open to future compromise.
• Verify ownership of your site, as the hacker may have verified ownership and compromised your settings. Do this by going to Google Webmaster in your browser. Carefully check all settings and note any unusual changes before correcting them. Restore the website from a clean backup, and take the site back offline to continue to work on it.
• Determine the severity of the attack. Sometimes a hacker will want to use your site to distribute “spam” content, malware, or for phishing purposes. Look for modification of existing pages, new “spam” pages, open “backdoors” for the hacker to use for re-entry, or writing functions that post on clean pages. You may need to compare the hacked website with your clean back up. Check configuration files, look for failed login attempts, creation of user accounts, command history, etc. Update the website with the latest content management system version and security updates.
• Identify your vulnerabilities. Possible suspects include weak or re-used passwords, an infected computer used by an admin, permissive coding, or out of date software. Install security plugins and harden the website to prevent further security compromises.
• Remove new URLs created by the hacker. Be sure the backup website was created prior to the hack. Put your website back online and re-scan it to make sure there are no more security issues. Change the passwords again. Clean and maintain your site and server – be sure you have done a clean installation, not an upgrade, which could leave files from a previous version.
• Request a review by Google to unflag your site or page. For phishing hacks, go to google.com/safebrowsing/report_error/. For spam or malware, go to your Search Console and find the Security Issues report. Click to request a review, and provide the information Google requires to know the site has been cleaned. Phishing reviews typically take a couple days; Malware 3-4 days; and spam hacking may take several weeks.

As you can imagine, avoiding a website hack is much preferred to taking all these steps after the fact! It is imperative to keep up and maintain your site. You do not want to fall into the same traps and be hacked again. With Blutone Technologies, you can rest assured that your site and all your devices are secure, and that clean backups are always available. Get in touch today and get peace of mind knowing you have kept your individual information and business data secure from hackers.

Ransomware is a type of malware (malicious software) that takes over your computer and threatens harm, typically denial of access to your data. The modern era of ransomware began in 2013 with CryptoLocker which targeted Microsoft Windows via infected email attachments which encrypted certain types of data. When the computer was infected, it would display a message noting how you could make payment to have your data released. Sometimes paying the ransom worked, sometimes not. In the intervening years, ransomware has become more sophisticated in its targeting and operations.

The first thing is to determine what type of ransomware is attacking your computer: encrypting ransomware, screen-locking ransomware, or “pretend” ransomware. Check to see if you can access files or folders, such as desktop or My Documents items.

If you can’t get past the ransom note on your screen, it’s likely screen-locking ransomware. Notes claiming to be from the ASIO, ATO or police saying you owe a fine, that’s typically screen-locking as well. This is the least destructive form of ransomware.

Check to see if you can browse through directories or apps. If you can open those but can’t open your regular office files, videos, pictures, or emails, you have encrypting ransomware. This is more destructive and difficult to manage.

Fake ransomware threatens that your documents are encrypted. If you can still navigate your system and read most files, then you are probably seeing something fake and you can ignore the ransom note. Try closing your browser; if that doesn’t work, hit Control/Shift/Esc at the same time to open the Task Manager. Choose the Application tab, right click your browser app, and select End Task.

Security experts, including Microsoft, advises against paying ransoms. Paying does not guarantee the return of your files, and paying encourages more attacks. Especially resist paying a screen-locking ransom, as it can almost always be corrected. Paying the ransom also makes you vulnerable to future attacks, as the perpetrator experienced success once and may expect to do so again.

Take a photo of the ransom note presented on your screen, as you may need it for a police report or insurance later. If you do decide to pay, negotiate first. Often you can bring down the price of the ransom. Make sure you contact your financial institution immediately to alert them and have your credit card re-issued or to put your bank on alert.

If you are struck with encrypting ransomware, disconnect your machine from any others, and from any external drives. Go offline if you are on a network, to avoid spreading the ransomware to other devices or to services such as Dropbox. If you have decided not to pay the ransom, use antivirus or anti-malware software to clean the ransomware from the machine. Removing ransomware will not decrypt your files and may end your chances of getting files back with the ransom.

At Blutone Technologies, we ensure your computers and systems are safe from all types of attacks. If you are experiencing a cyber security event, get in touch and let us help. If you’re ready to take serious action to secure your devices, we’re ready to give you the peace of mind you deserve.