All Posts by Ryan Westoby

Tech Tip: WannaCry Ransomware Explained: Is Your Business At Risk?

WannaCry Ransomware Explained: Is Your Business At Risk?

You’d be hard-pressed to miss last week’s biggest headline, the WannaCry cyber-attack sent shockwaves around the globe. Businesses of all sizes and even police departments found themselves crippled without warning.

Among the most prominent victims were many NHS hospitals in the UK, affecting up to 70,000 individual devices such as essential MRI scanners and blood-storage refrigerators. But by the time it hit the news, it was too late – either your system was protected, or it was infected. Here’s how it all went so wrong.

What is WannaCry?

The WannaCry cyber-attack was a type of malware (the collective name for computer viruses & bad juju) called ‘ransomware’. Just like the name suggests, it’s actually a demand for money. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until you pay. In this case, the price was set at $300, payable with internet currency Bitcoin, and you had 3 days to pay before it doubled. If you didn’t pay, the ransomware threatened to delete your files permanently. It’s yet unknown how much money the WannaCry hackers have earned with their latest attack, but you can be sure plenty of people have paid the ransom. Even the FBI recommends paying the ransom, especially if the ransomed files are of a sensitive nature or weren’t backed up.

How It Spread So Fast

It seems WannaCry may be a ‘computer worm’ that self-replicates and spreads, rather than a phishing attack that needs to be activated with a click. So far, no common trigger has been identified, as is normally the case with phishing links. WannaCry moved rapidly from system to system, spreading out through the entire network, including all connected backups and storage devices. At the same time, it spread out to infect other networks, who then spread it further, and so on. Given the nature of the internet, it was everywhere within hours.

Why Some Businesses Were Safe

WannaCry could ONLY infect systems that have fallen 2 months behind in their Windows updates. This is because it was created to take advantage of a specific vulnerability in Windows, one which Microsoft patched months ago. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – no longer supported). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected – the virus literally had no way in

It just goes to show the importance of staying up to date. We haven’t seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick update could protect your business from weeks of downtime and lost revenue, making attacks like this a non-issue.

With our managed services, we can make sure you stay up to date – and protected. Give us a call today at 0800 4 VETTA.


 

Tech Tip: Cyber Security: 4 Ways to Travel Safe For Business

Cyber Security: 4 Ways to Travel Safe For Business

So your desk is buried in paper, your shelves are overcrowded with stacks of documents, and you’ve carved out just enough space for your keyboard, mouse and coffee? It’s time to go paperless, not just for your own sanity, but to streamline the entire business. It’s the one move that saves time and space while gaining flexibility for your mobile workforce. When you’re ready to adopt paperless processes, consider these 4 steps:

Working from anywhere is now as simple as accessing the internet on your device. Managers, owners, and employees are all embracing the flexibility of working while traveling, making it the new global norm. But while you were in the office, you were protected by professionally designed firewalls, security infrastructure, and robust software. As soon as you step away from the building, those protections disappear, leaving your device and the data inside at great risk.

Cyber attackers love to collect any data they can obtain, often preferring to hack first, assess value later. It doesn’t help that almost all data can be sold, including your personal details, those of your clients and suppliers, as well as your proprietary business data. These days, the information stored on your device is usually worth much more than the device itself.

 

Here are 3 ways a hacker will attack:

Flaunting Opportunity: Whether your employee left their laptop at a café or a thief stole the phone from their pocket, the outcome is the same – that device is gone. Hackers will take advantage of any opportunity to gain access to a device, including taking them from hotel rooms and even asking to ‘borrow’ them for a few minutes to install spyware, before handing it back.

Spoofing a Wi-Fi Hotspot: We’ve all come to expect free Wi-Fi networks wherever we go. Hackers will take advantage of this trust to create their own free, unsecure network, just waiting for a traveler to check a quick email.

Intercepting an Unsecure Network: Hackers don’t need to own the Wi-Fi network to steal content from it. Data traveling across an unsecure network is visible and available to anyone with the right software.

It’s okay, you don’t need to lock all employees inside the building or cancel all travel plans. Taking these four precautions will increase cyber safety and help protect your business data while on the go.

  1. Make a backup before you travel: In the event your device is lost or damaged, you’ll be able to replace the device with a new one and quickly restore all the data from a backup, all with minimal downtime.
  2. Don’t use public Wi-Fi: Wait until you have access to a secure network before going online – even just to check email.
  3. Use passwords and encryption: At a minimum, make sure you have a password on your device, or even better, have full drive encryption. That way, even if your data storage is removed from the device, the contents are inaccessible.
  4. Act fast after loss: If your device is lost or stolen, immediately notify the appropriate people. This might include your IT provider so they can change passwords, your bank so they can lock down accounts, and any staff who need to be aware of the breach so they aren’t tricked into allowing further breaches.

 

Need help with mobile cyber security? Call us at 0800 4 VETTA

Tech Tip: 4 Important Reasons to Use Anti-Spam Filtering in your Business

Remember when spam was obvious, and unless you desperately needed a special blue pill, it was easy to identify and ignore? Those were the days!  The impact on your business would have been minimal, as spam was more an annoyance than anything else. Unfortunately, spam has matured into an aggressive threat, marked by sophisticated attacks and rapidly evolving techniques. It’s not just random electronic junk mail anymore and it’s putting a costly strain on your business resources.

How Spam Impacts Your Business

Spam now contains malware, with hackers sending cleverly disguised emails to your business. Once clicked by an employee, it infects your computer system (virus) or steals your private data (phishing).  The malware can then spread across the entire computer network and beyond, including to your clients and vendors. The very fact that your employees must pause and examine every single link and attachment adds hours of lost productivity. Occasionally, spam is so convincing that only an expert would be able to visually identify it. Employees are also more likely to miss an important email, either not seeing it arrive at the same time as a spam attack or becoming overwhelmed with the sheer number of emails.

How Anti-Spam Can Save Your Business

  1. Block threats: The spam filter’s purpose is to block the spam from ever reaching your employees’ screens. The threat is automatically identified and either held securely or immediately deleted. This is the best way to avoid activating spam malware, as it’s so easy to click through links in an email that seems authentic and important. The effects of that one spam click may be instantaneous or may lie hidden for months. Removing the email before it becomes a risk is a much better option.
  2. Filter legitimate emails: Real mail needs to be able to stand out and avoid the trash. Anti-spam filtering has sophisticated recognition abilities which block spam only and allow real mail to land safely in mailboxes.
  3. Meet data regulations: Many businesses are subject to strict privacy and data storage regulations, some more so than others. To continue operation, they have to meet conditions including always using spam filtering to reduce the risk of data breach.
  4. Protect your business reputation: You can see how uncomfortable CEOs are when they hold press conferences to admit a breach. They must acknowledge that they failed to protect client data, or that users may be infected with a virus. Not only do they then face financial loss, their business reputation takes a nosedive. Anti-spam filtering can ensure these types of scenarios don’t happen to you.

Filtering has come a long way in recent years, with complex algorithms identifying and catching spam before it becomes a risk to your business. Real emails can now pass safely through without the classic catchcry of ‘check the spam folder’, and businesses can work with greater productivity and safety than ever before. You need email, but you definitely don’t need spam or the chaos it brings to your business.

We can block spam and keep your legitimate emails flowing. Call us at 0800 4 VETTA today!