Peritech's-Blog

URGENT ALERT: INCREASING CRYPTOLOCKER TRAFFIC

Todd Ashabraner - Wednesday, June 18, 2014

URGENT ALERT: INCREASING CRYPTOLOCKER TRAFFIC

by: Ashley Dowdy


The Cryptolocker malware, also known as Ransom malware, is an especially destructive virus that encrypts all of your data.  For those that don’t know anything about it, it is malicious software that is usually passed around through infected email attachments, such as voicemail messages or faxes.  Once you download and open the infected attachment, it goes through your computer and encrypts ALL of your files.  Once the malware finishes, you will get a message on your computer informing you that your files have been encrypted.  Cyber criminals then force you to pay to get the data back, with no assurance they will actually follow through if you do. 

The Cryptolocker malware has been out for some time now, but emails infected with it seem to have increased lately.  This is just one important reason why you back up your files frequently and make sure if you data does become encrypted, that you do not overwrite your backup.  Since the spammers are constantly changing their messages, make sure you do not open unsolicited emails and download files without confirming their sources.  Keeping your anti-virus programs and anti-malware programs updated are other ways to protect yourself.

Microsoft Says That Windows 8.1 Will Not Be Supported

Todd Ashabraner - Friday, May 16, 2014

Will your Windows 8.1 be supported?  Will you be able to get the most current security patches, bug fixes, and new features?  Windows Vista, Windows 7, and Windows 8 are all supported and will continue to be supported.  However if you are not running the most current version of Windows 8.1, then your Windows will no longer be supported as of June 10th for personal users and August 12th for business users .

That sounds scarier than it is.  Microsoft released an update in April for Windows 8.1.  This update is going to be their base line for future updates.  If your Windows Updates are set to run and apply automatically, then you are in good shape.  If you prefer to manually run Windows Updates, then you may not be in good shape. 

If you are sitting there and wondering to yourself, am I up to date?  Simply go to the Start screen and look for the search button (the magnifying glass) in the top right corner.  If it is there, then you are running the current version and are ok.  If the search button isn’t there, then you will need to go to Windows Updates and run the update.  The specific update that you need is labeled KB 2919355.  Once that update is run and install, then your Windows 8.1 will be current and will stay support come June 10.

Dangerous Internet Explorer Vulnerability

Todd Ashabraner - Wednesday, April 30, 2014

     A new security vulnerability in Internet Explorer has been discovered.  It affects Internet Explorer versions 6 through 11.  It could lead to the complete compromise of an affected system. 

     The vulnerability, called CVE-2014-1776, has the ability to give hackers the same rights on the computer as the current user when the computer is infected.  So if the current user at the time of infection is an administrator, then the hacker will be also have the rights as an administrator on the infected computer.  At that point, the hacker will be able to install more malicious software on the computer.  They would also be able to add user accounts, remove user accounts, add unwanted files, change the contents of files, and even delete files from the infected computer.  Any computer that is still running Windows XP is especially vulnerable to this attack.  Support for Windows XP was discontinued by Microsoft earlier this month, so any fixes for this vulnerability will not include Windows XP. 

     The Department of Homeland Security is recommending that everyone should “consider employing an alternative Web browser until an official update is available.”  The United States Computer Emergency Readiness Team (US-CERT), a part of the Department of Homeland Security, is recommending that all users enable Microsoft EMET (Enhanced Mitigation Experience Toolkit).  It is a utility that helps prevent vulnerabilities from being successfully exploited.  It supports every Microsoft operating system from Windows 7 and up.  You can download it here.



Heartbleed Bug Breaks Worldwide Internet Security

- Tuesday, April 15, 2014
A new bug puts trust on the Internet at risk on a significant scale. The bug, dubbed ‘Heartbleed’, is based on a fault in functionality in the widely used OpenSSL library. This library is extremely widely used from security vendors products to secure web browsing and even mobile banking applications. So what exactly does this bug do and why should you care?

When the bug is exploited, the attacker can retrieve memory (up to 64kb) from the remote system. This memory may contain usernames, passwords, keys, or other useful information that enables bigger attacks. There are all kinds of variations that might be possible based on the ability to read this memory. 64kb may not seem like a great deal of data, but of course the attacker can connect repeatedly and progressively collect more information. This is a serious problem. It is very difficult, if not impossible, to retrospectively identify if someone attacked your systems so it is better to play it safe. You should assume that your system has been compromised, and re-set your credentials as soon as possible. There are some services which allow you to check if a service is patched but in some cases, such as with mobile app implementations, it is not simple.

What should you do to protect your services?
1.  Check whether your website, apps, or any other product uses Open SSL and whether they are vulnerable to the attack.
2.  There is a neat site at http://filippo.io/Heartbleed/ where you can quickly run the check. Regenerate any private keys that your site uses once you have patched.
3.  Update Open SSL to the latest version, which fixes the defect. This is not an automatic process in many cases.
4.  Check the state of the your SSL configuration for your website and mail services.
5.  Call perITech Solutions to assist 502-882-5555 (local) or 855-202-8012 (toll free)


How To Solve Big Problems with a Disaster Recovery Plan

- Friday, January 24, 2014

How To Solve Big Problems with a Disaster Recovery Plan by Randy Jackson



I have consulted with many companies that thought that putting together a Disaster Recovery Plan (DRP) meant just backing up their data on some type of media. NOT TRUE!!! There are many different facets that make up a true disaster plan. Being knowledgeable of what goes into a DRP is extremely important. I hope to eventually provide a more comprehensive overview of all the various elements that contribute to a solid DRP but for now, let’s start with some of the more common ones.

 

Data retention is probably the most obvious and common that people start with. I suggest two types of data retention that need to be done. Onsite backup and offsite backup. Whether its tape media or USB hard drives, you should back up your data onsite for the fastest recovery of your data. You should also sign up for some type of online internet backup system for offsite recovery. Buildings can burn down, or tornadoes/hurricanes can wipe a building out in seconds. If that happens, your tape backup is gone along with your building. There are manufacturers that can provide you with a system that will back up your data onsite and push that data to their secure site. These devices are more expensive but are great for easy administrative use.

 

There are other things you should do to create a true DRP. You should have a team that is responsible for all of your records, numbers, addresses, etc. as well as, keeping them up to date. You should have a backup plan in place and in some type of manual format. You will need a phone tree and know of where and how your employees should meet should a true catastrophic disaster happen to your building. You should have Disaster Plan Insurance from your insurance company to help cover the cost to get a new/temporary site setup. You should also keep cash in a safe because if there was a wide area type of disaster, banks could potentially be down as well. Cash is king.

 

You should begin putting some thought into backup plans for things as simple as your phone circuits, internet, electric, and so on. The planning involved in a good DRP is just as important as the plan itself. Feel free to ask questions on other types of solutions I have provided for other companies. Not every company is the same, so not every DRP will be the same.