MSPNetworks Blog

Ransomware is such a common occurrence these days that it has entered the public discourse, but we also want to note that it’s such an important topic to discuss with your team that you can never talk about it enough. We want to address some of the most common questions we get asked about ransomware and what can be done about it.

How Does Ransomware Affect Your Business? Why Should You Be Concerned?

Ransomware is malware that encrypts, or locks down, data on a device or system, rendering it useless until the decryption key is provided by the attacker. The criminal attacking your device essentially holds your data for ransom until you pay a price of some sort, usually through Bitcoin or other cryptocurrencies, but hackers can also steal your data and sell it to the highest bidder if you don’t pay up.

This is obviously bad, but it gets worse when the hackers threaten to delete data after a time period has passed—usually represented by some sort of countdown clock. There is pressure to pay the ransom coming from multiple fronts, and it can be very difficult to manage if you’re inexperienced with threats like these.

Does Antivirus Help Against Ransomware?

Ransomware enters a network in all of the usual ways, but it’s often through social engineering that it makes its way to your network. In other words, the hacker skirts around your security solutions by using your users as a means to enter the network through phishing attacks. If hackers can get the requisite amount of information and access through the use of malicious links or email attachments, and if the user provides permission, then your antivirus software is not going to help prevent it.

What Do I Do if I’ve Been Infected?

Rather than react to ransomware as it occurs, you should be preparing to prevent ransomware attacks in the first place through maintaining a comprehensive, off-site, isolated data backup. This allows you to effectively restore your infrastructure without having to pay the ransom, which can be a powerful option if there are no others present.

Should I Pay the Ransom?

It can be tempting to just pay the ransom in exchange for the decryption key, but we urge you not to do so. There is no way to guarantee that the hackers will give you what you need, and worse, you’re providing financial support to those who are wronging you and will likely harm others.

What Do I Do After a Ransomware Attack?

It might be tempting to rest on your laurels after a ransomware attack, but the work is only beginning. There is a chance that your data has been stolen or compromised as a result of the breach, meaning you could have regulatory issues from noncompliance and legal concerns stemming from the attack. Furthermore, you’ll need to address the root cause of the issue—how you were attacked in the first place—and shore up the vulnerability as quickly as possible.

You might also experience some loss of trust and customer confidence as a result of the attack. Indeed, the prolonged impacts of ransomware could last for much longer and be much more devastating than you might expect.

How Can You Protect Against Ransomware?

If you want to keep your business safe from ransomware, you’ll want to focus on protecting your data by teaching your team about ransomware, phishing, and how it could affect the business. Additionally, you’ll want to ensure that your backup is prepared, tested, and ready to go at a moment’s notice. This will help you respond quickly should the need arise. There’s also the plethora of cybersecurity solutions we always recommend, as well, as you can never be too careful.

To best prepare your business for ransomware attacks and other cybersecurity threats, reach out to MSPNetworks at (516) 403-9001.

Ransomware is one of the more dangerous threats out there for businesses of all industries and sizes. To help emphasize just how dangerous it is, however, you have to look past the initial threat of having to pay a ransom and look at the other risks associated with it. We’re here to try to get the point across that ransomware is something your business should absolutely be taking seriously.

Ransomware Spreads Easily

There is a reason why ransomware is picking up in popularity, and it’s because it is a remarkably simple threat to spread. While it certainly spreads through the usual methods, like downloading infected files or clicking on suspicious links, ransomware is most effectively spread through the use of phishing attacks which trick users into falling for a trap. Whether it’s being fooled by a phony tech support email or being scammed through a social media message, you can bet that ransomware attacks will use phishing as one of their primary modes of distribution.

Restoring from a Backup is Not Enough

It never hurts to have data backups ready to go in the case of any security breach or attack, but it’s even more important in the case of ransomware as you often cannot get around the encryption on the system without them. Even if you do have a backup, however, there is always the threat that the hacker will steal your data or leak it online somewhere, creating additional problems. Simply put, restoring data from your backup might not be enough to solve all of your problems, and you should be aware of the fallout that could result from such a ransomware attack.

Ransomware Costs More Than Just the Ransom

Some individuals think that ransomware really only costs your business money in terms of the ransom, but the costs associated with ransomware are far more and far scarier than what you’ll pay the hackers for the safe return of your data. In reality, a ransomware attack is going to cause costly downtime—time that your business is not functioning as it should—and you could also be subject to compliance fines. Add in the cost of your data potentially being leaked online, and you have yourself a recipe for the downfall of your business, unless you play your cards right.

Obviously, ransomware is a scary thing to deal with, and not in the expected ways, but it’s fairly straightforward to protect against. And, thankfully, you don’t have to do it alone.

Don’t Let Ransomware Harm Your Business

If you want to ensure that ransomware doesn’t cause trouble for your company, then MSPNetworks can help. We can equip your business with preventative security solutions, train your staff on how to identify potential threats, and back up your systems so that you’re not impacted drastically in the event of an attack. To learn more, reach out to us at (516) 403-9001.

The threats for businesses to get hacked or deal with data breaches of some type are more pressing now than at any other time in the digital age. It’s as if there are thousands of cat burglars on the prowl looking for a way into your business. If one of them is successful, it can bring some severe consequences for your business including financial loss, reputational damage, and even legal issues. In this week’s blog we will go through some of the actions you need to take in the case of a network breach. 

Identify Malicious Code and Quarantine It

The first step in responding to a data breach is to identify and contain the incident. This involves promptly reaching out for help. This means contacting IT experts, legal advisors, and public relations representatives. The team should work together to investigate the breach, determine the scope of the incident, and take immediate action to stop any further unauthorized access.

Secure the Environment

After containing the breach, it is crucial to secure the affected environment to prevent any additional damage. This may involve isolating affected systems, changing passwords, and implementing stronger security measures. Businesses should also ensure that all software and systems are up to date with the latest security patches to minimize vulnerabilities.

Assess the Impact of the Breach

Once the breach is contained and the environment secured, businesses need to assess the impact of the data breach. This involves identifying what types of data were compromised, how many individuals or entities are affected, and evaluating the potential risks associated with the breach. This assessment will help in determining the appropriate steps to take next.

Make Sure to Notify Affected Parties

It may seem like you are shooting yourself in the foot by doing so, but ethically, businesses have a responsibility to inform individuals or entities whose personal or sensitive data may have been compromised. The notification should be clear, concise, and provide relevant details about the breach, including the types of data exposed and any actions that affected parties should take to protect themselves. Consult legal advisors to ensure compliance with applicable data breach notification laws and regulations.

Communicate with Stakeholders

Maintaining open and transparent communication with stakeholders is crucial during a data breach. This includes informing employees, customers, partners, and other relevant stakeholders about the breach, the actions taken to address it, and any ongoing efforts to prevent future incidents. Clear and frequent communication will help rebuild trust and maintain a positive reputation.

Data breaches are a significant threat to businesses, but by following these best practices, organizations can effectively respond to such incidents. By prioritizing data security and implementing robust preventive measures, businesses can protect their sensitive information and maintain the trust of their customers as well as employees and other stakeholders. If you would like help setting up your business’ cybersecurity policy, give the IT professionals at MSPNetworks a call today at (516) 403-9001.

When it comes to valuable data, hackers will go out of their way to try and steal it, placing businesses in dangerous situations. In particular, healthcare data is attractive to hackers, and considering how lucrative the prospect of healthcare data is, companies need to take extra precautions to protect it. But what is it about healthcare data that makes it so attractive, anyway? Let’s dig into the consequences of potential attacks on healthcare data.

It Sells for a Lot on the Black Market

You’d be shocked to see the value of data on the black market, particularly personal health information and medical records, insurance details, and prescription information. Hackers know that there is a high demand for this data, so they have no problem trying to take advantage of the market.

Personal Profiles Aid in Further Attacks

If a hacker can steal a personal profile from a healthcare provider, they gain access to all kinds of information, like medical history, genetic data, lifestyle choices, and more. This information gives hackers all they need to launch customized attacks against individuals based on their profile.

Identity Theft is a Possibility

Identity theft and financial fraud can often be a direct result of healthcare attacks. Once hackers have stolen records, they can impersonate individuals or obtain other medical information and prescription medications, as well as commit insurance fraud. Victims suffer in a variety of ways, including financial loss, damaged credit, and inability to receive medical treatment.

Blackmail and Extortion Can Scare Victims Into Acting

With sensitive personal records such as healthcare data, individuals often find themselves on the receiving end of blackmail attempts or extortion. They might threaten to reveal conditions or other personal information regarding treatments. For public figures or others in sensitive professions, this can be damaging.

Medical Research and Progress Could Grind to a Halt

Medical research requires that data be accurate, and if hackers steal or alter information in healthcare records, medical research grinds to a halt. This puts any attempt at developing new treatments, understanding disease patterns, or improving public health in jeopardy. 

Hackers Take Advantage of Weaker Security Systems

Healthcare organizations often have weaker security measures in place, putting them at greater risk of being attacked. These organizations are often more focused on providing better patient care, meaning their investment priorities are elsewhere, leading to more potential for security vulnerabilities in the process.

There is So Much Data to Steal

Consider how many patients a hospital might see over the course of a year. Now consider that the hospital will retain those records for an extremely long time. This shocking amount of data makes hospitals and other healthcare providers targets that have a lot to lose as a result.

Of course, it’s not just healthcare data that’s at risk of theft, destruction, or worse—all data is vulnerable to this type of treatment if it’s not managed appropriately. Let MSPNetworks help you address this with our managed IT services. Learn more by calling us today at (516) 403-9001.

There are quite a few platitudes that we support, in terms of business IT. Some that we haven’t really touched on, however, are Schofield's Laws of Computing. Let’s fix that today by reviewing where they came from, and what these laws entail.

So, Who’s Schofield, and What are His Laws?

Jack Schofield, born in Yorkshire on March 31, 1947, spent decades writing for The Guardian until his passing in 2020. His work appeared in numerous tech-centric media outlets throughout his tenure, but his best-known contribution is the collection of best practices that he published while working for The Guardian, which he referred to as his Laws of Computing. While the first of these laws is about two decades old at this point, they still offer critically valuable advice for businesses.

These laws are as follows:

1. Never put data into a program unless you can see exactly how to get it out.
2. Data doesn't really exist unless you have two copies of it. Preferably more.
3. The easier it is for you to access your data, the easier it is for someone else to access your data.

Let’s take a closer look at each of these tenets.

Schofield’s First Law of Computing Protects Your Data Portability

Let’s say that Jane Q. Businessperson works with Initech for her business’ cloud services, which help support her organization’s extensive data storage and software needs. However, one day, Initech is bought out by ACME, resulting in changes to the terms of service and the pricing structure. According to Schofield’s First Law, Jane Q. Businessperson should have no issue migrating her data out of Initech if she does not accept ACME’s new terms.

This principle of ensured data portability covers any reason a company would want to remove their data from a given software or service, from end-of-service events to those we highlighted above.

Schofield’s Second Law of Computing Endorses Data Redundancy

While “redundant” isn’t usually seen as a positive attribute, Schofield posits that your data absolutely needs to be—and for more reasons than we would normally emphasize, too. Naturally, data that is redundant means that you have at least one other copy to fall back on if something were to happen to the original data…and that “something” could be caused by an alarming variety of circumstances.

There’s the usual suspects, of course—lost or malfunctioning devices/infrastructure, user error, and criminal activity—but Schofield also referenced other possibilities, such as issues on the provider’s side. What if the cloud provider hosting your data goes out of business?

All of this is to say that the more copies of your data you have in different places, the better.

Schofield’s Third Law of Computing Explains Why Cybersecurity Has Become So Irritating

We’re not going to pretend that today’s necessary cybersecurity measures are any fun. They aren’t. However, with alternative means of storing data now available, and more data than ever presenting value for cybercriminals, it is important to keep in mind that the easier you find it to access your data, the more likely it is that someone without authorization will be able to as well.

Are the countless multi-factor authentication prompts annoying? Absolutely—but “annoying” doesn’t begin to describe how a successful cyberattack against your business would feel.

We’re Here to Help Ensure Your Business Adheres to All Best Practices Where Your IT is Concerned

Through the managed services that we here at MSPNetworks offer, we can ensure that your business’ technology follows all of these laws, along with many different compliance requirements and otherwise sound business security and productivity practices. Give us a call at (516) 403-9001 to learn more, and to set up a complete technology evaluation.

Your business’ computing infrastructure is a pretty resilient system. It has all types of tools added on to keep malicious code, bad actors, and even sabotage from ruining the good thing you have. This reliability has led to hackers changing the way that they go about their business. Nowadays, most of the attacks that affect businesses are phishing attacks. In today’s blog we will go through the elements of a phishing attack and how you can protect your business from them.

There are really four things you have to be aware of when you are considering if you’re looking at a phishing email. Let’s go through them now:

There is a Real Sense of Urgency to the Message

While a lot of the messages that we get in business have a demanding tone, there is something extraordinarily panicked about a phishing message. Essentially, phishing messages will urge the reader to take immediate action. This action could be in the form of clicking on links, downloading attachments, or giving over credentials that the scammer will then use to infiltrate organizational computing networks to deploy malware or siphon data.

Poor Grammar and Spelling

Many of these messages are created with the notion that the reader will be fooled by the overall legitimacy of the message. Many times they are subterfuge emails sent from a would-be financial institution or an insurance carrier; some business that has legitimacy. Typically, there are signs within the message itself that are blatant signs of its illegitimacy. Variables like misspelled words, poor use of grammar, and other red flags can tip users that the message is not legitimate. 

The Domain Is Wrong for the Message

When someone sends an official email from a business, typically the domain name of the email address that is sending the email will represent the organization that the message is coming from. If the address doesn’t come from the organization that is sending the message, that is a giant red flag. Most reputable organizations pay good money to host their own domain and if the address you are getting a message from doesn’t represent that, you have to believe that it is a scam. 

Suspicious Tone to the Message

You know the type of messages that you typically get. If a message you receive doesn’t meet the criteria of “normal”, you should immediately look to verify with the presumed sender of the message that it is legitimate. If it feels off, it probably is. Make sure you get this confirmation through a different means of communication.

Phishing attacks are everywhere. If you get messages that don't feel right, don’t interact with them—follow up. For more great tips and tricks return to our blog soon. 

The Federal Trade Commission, or FTC, has put together a Safeguard Rule to help establish guidelines for how businesses store and interact with customer information. Enacted in 2003, this rule was recently revamped in 2021 to stay relevant with the latest technology used by businesses. Let’s look at some of the policies and procedures that your business needs to know about the FTC Safeguard Rule.

What is the FTC’s Safeguard Rule?

The Safeguard Rule is a mandate put in place to protect personal information. Those impacted by this rule include financial institutions like mortgage lenders, payday lenders, finance companies, mortgage brokers, account servicers, check cashers, wire transferors, collection agencies, credit counselors, and other financial advisors, tax preparation firms, non-federally insured credit unions, and investment advisors that aren’t required to register with the SEC.

Compliance with the FTC Safeguard Rule involves applicable financial institutions writing out their information security program and having it address specific metrics. This plan must also be appropriate for the size and scope of the business, and it must be tailored to the specific type of information that the organization is responsible for.

With the Safeguard Rule in place and governing how businesses manage sensitive information, it should technically address challenges such as the security and confidentiality of customer information, threats to the integrity of this information, and protection from unauthorized access, theft, or destruction of that data, as well as any problems it might cause for the customer.

You Can Build an FTC-Compliant Security Platform Too

When you get into the details, the reality is that there is nothing in the FTC Safeguard Rule that you shouldn’t already be doing for your customer data. Here is a quick rundown that the FTC recommends for businesses that want to make sure their networks are FTC-compliant.

1. Designate a qualified individual to oversee organizational data security.
2. Conduct a comprehensive risk assessment.
3. Design and deploy necessary safeguards outlined in the risk assessment.
4. Monitor system and regularly test it.
5. Train employees in best practices of data security and privacy.
6. Oversee any third-party’s access and control.
7. Regularly update the security program to keep it current. 
8. Create a written response plan for necessary continuity. 

Need a Hand?

MSPNetworks knows network security and compliance laws like the back of our hands. To learn more about how we can support your business’ efforts, reach out to us at (516) 403-9001.

Cloud computing is a major growth industry as businesses and individuals look to use the computing strategy to either save money or get resources that they would typically not be able to commit to. With cloud computing becoming more and more integrated into business each year, it stands to reason that the once Wild West of cloud computing would start to see a lot more regulation. This week, we’ll take a look at how the cloud is regulated and what to expect out of cloud regulation down the road. 

The Wild West

The cloud has been growing for years. Currently it is a $450+ billion market that is growing at over 13 percent annually. That’s a massive increase. All this tells you is that it is quickly becoming the priority computing model for businesses and individuals of all types and sizes. This rapid growth has started to gain the attention of lawmakers who are looking to rein in the growing power technology companies are accruing. 

Recent events have made this relationship even more tenuous. The cloud, for all of its benefits, has had a checkered security history; and due to the reliance that organizations have on cloud computing, it has perked the ears of regulators that expect that these computing structures be extremely secure; a problem that has long been identified by IT security experts.

Cloud Security

The current regulatory landscape doesn’t currently have many mandates on it. Cloud providers like Amazon, Google, Microsoft, and Oracle have basically operated with very little governmental oversight. The same can’t be said for the users of cloud computing, who by-and-large all have some semblance of regulatory concerns. This creates a gap between what the cloud providers do in terms of cybersecurity, and what is the onus of the end user. Of course, regulators want to see the organizations raking in the huge profits from the use of these services do more, and that’s where this battle begins. 

The main point of contention seems to be that, since so many organizations rely on these cloud platforms for their central computing needs, that if full-scale regulation were to happen quickly, it could create problems for providers and thus have major effects on the economy. It stands to reason that regulation happens at some point, but many people in the industry are stumping for a more “light touch” approach, as the laissez-faire approach doesn’t really work for the national security of systems that are crucial to the sustainability of the world economy. 

Shared Responsibility

With security seemingly the hot-button issue, it’s important to understand where most of the cloud’s security comes into play. The provider is responsible for the security of the underlying infrastructure, while the customer is responsible for the security of their own digital resources. This can get a little hairy in terms of overarching regulation, as there are several issues that need to be addressed in order for both parties to keep their computing secure. They include:

• Larger attack surfaces - With more publically available surface area to your organization’s data (from use of shared physical resources), there is simply more that can go wrong.
• User error - With phishing attacks being the predominant way hackers gain unauthorized access to computing resources, the end user becomes the choke point for your organizational cybersecurity.
• Poor configuration - The less care that is taken when setting up public cloud resources, the more apt they are to be insecure. 

Regardless of how your organization will be impacted by the incoming regulation of cloud services: Rest assured it is coming. Let’s look at a couple of actions you can take to improve your cloud security:

• Deploy Multi-Factor Authentication - One of the best ways to secure your cloud endpoints is to enact a multi-factor authentication system. This system adds an extra step of security for any cloud-based resource, significantly reducing risk. 
• Manage access better - Not all of your employees need access to every cloud resource, especially if you plan on hosting a cloud platform yourself. Doing your best to restrict cloud access to users that need it, can reduce exposure to potential security issues.
• Train employees - Having a comprehensive security training program in place has been shown to cut your exposure to end-user risks by as much as 70 percent. 
• Sufficiently monitor end-users - One of the best ways to determine if you have intruders in your network is to use technology to consistently monitor it to see who is accessing resources and when. Sometimes unauthorized access will come at unusual times of the day. 

The cloud is going through a lot of changes, and time will tell whether or not widespread regulation will be in the cards in the upcoming years. The only thing you can do is strategically enhance your security posture so as to not be caught off guard. If you would like to talk to one of our security professionals, give MSPNetworks a call today at (516) 403-9001. 

Even the solutions designed to keep businesses and organizations safe are vulnerable to the threat of a cyberattack, as when it all boils down, these tools are still software solutions, no matter how secure they might be. The company in question today—Barracuda—is a huge name in the cybersecurity industry, and it has become the victim of a zero-day exploit. Let’s go over how you can prevent your business from experiencing the same thing.

A Vulnerability Was Discovered in Barracuda’s Email Gateway Security

A vulnerability was discovered in Barracuda’s mail Gateway Security application only after it was exploited. This is the part of the email security system that scans email attachments, so it’s an important one. The breach was discovered on May 19th, and patches were swiftly deployed to resolve the vulnerability.

The official statement from the company is as follows:

“Barracuda recently became aware of a security incident impacting our Email Security Gateway appliance (ESG). The incident resulted from a previously unknown vulnerability in our ESG. A security patch to address the vulnerability was applied to all ESG appliances worldwide on Saturday, May 20, 2023. Based on our investigation to date, we've identified unauthorized access affecting a small subset of appliances. As a mitigating measure, all appliances received a second patch on May 21, 2023, addressing the indicators of potential compromise identified to date. We have reached out to the specific customers whose appliances are believed to be impacted at this time. If a customer has not received notice from us via the ESG user interface, we have no reason to believe their environment has been impacted at this time and there are no actions for the customer to take. We thank you for your understanding and support as we work through this issue and sincerely apologize for any inconvenience it may cause.”

Explaining Zero-Day Exploits

Zero-day exploits are those that were previously unknown to security researchers, only having been discovered after they are actively being targeted by a threat. The severity of these exploits can vary, but they are extremely difficult to detect, as they often go undiscovered and undetected for quite a long time. After all, you can’t protect against something that you don’t know exists. Eventually, these vulnerabilities can become serious problems and logistical nightmares for security companies and businesses alike.

What Can Be Done to Stop Them

The worst part of dealing with a zero-day vulnerability is not knowing if one exists, as well as not knowing how long they have existed for. In the case of this exploit, it doesn’t appear to be too long, but any vulnerability in Barracuda’s ESG system is going to cause quite a stir. Businesses use a lot of software throughout the course of their operations, and the same issue could happen for any application on your network. You need to have a strategy in place to handle potential threats as they arise or become known, and it starts with making sure that patches are tested and deployed as soon as they are available.

MSPNetworks can help your business deploy patches and updates in a quick and efficient manner using our remote patch deployment solutions. We can keep your software secure and safe from all threats, and if zero-day exploits do arise, we’ll do what we can to deploy fixes and assess damages. To learn more, call us at (516) 403-9001 today.

Do you have an old Google account that you created years ago, only to replace it later with one that is more on-brand and less filled with spam messages? You’re not alone, but as you might expect, these accounts can create more problems than they are worth if you let them sit around unused for too long. Perhaps that is why Google is planning to shut down any old Google accounts that have remained dormant for the past two years.

The change is scheduled to start sometime in December of 2023 (although it’s possible that Google is already taking some action on older accounts), and it could impact users of Gmail, Google Drive, YouTube, Google Calendar, Google Docs, Google Meet, and Google Photos. YouTube accounts with videos shared are exceptions to the rule, as are accounts with open subscriptions. Furthermore, this change will impact only users of personal Google profiles, not those tied to workplaces or educational institutions.

If you want to save your old Google account from being deleted, then you need to do one simple thing: log into it. This activity will show Google that your account is being used and, therefore, should not be deleted. Just about any activity you perform in your Google account will constitute using it, too, such as performing a Google search while signed in, opening an email, watching a YouTube video, etc.

The reasoning behind this change makes sense, too, as Google hopes that this mass deletion of unused accounts will help make security easier. Considering that these accounts are old, their credentials have not been updated in years. This means that they could very well be susceptible to security concerns and breaches. These accounts are also less likely to have two-factor or multi-factor authentication implemented for them.

So, we recommend that you consider your Google accounts and whether or not they have anything important stored in them… before it’s too late to do anything about it.

As for password security on your current accounts, we recommend that you work with complex, unique passwords or passphrases that are easy to remember and difficult to guess. Furthermore, a password manager can be used if you’re concerned about remembering the many passwords that are expected of you. There are plenty of options out there to choose from.

Additionally, multi-factor authentication—utilization of something you own (a smartphone); something you know (a password or passphrase); and something you are (biometrics)—can be remarkably helpful for account security.

For more assistance with business account security, be sure to contact us at (516) 403-9001.

We talk a lot (and we mean a lot) about cybersecurity, with ransomware getting a lot of our focus…and for very good reason. Ransomware is a huge threat that today’s businesses need to be prepared to deal with. In light of this, we wanted to share a few tips to help you avoid the negative ramifications of ransomware.

Keep Stock of Your Network and Its Protections

When you consider how many potential access points an attacker has to target your business’ network with ransomware—or any other threat, for that matter—it can be really concerning, really quickly. In short, there are a lot of ways that your business could be targeted, so you need to take the time and ensure they are all sufficiently protected. All internet-facing applications need to be fully up-to-date, every endpoint needs to be locked down, and your team all needs to be educated to help lock down security further.

The key is that you need to be aware of these needs in order to do anything about them, so make sure you’re paying attention.

Protect Your Data Through Backups

Your business relies on its data, and as such, your data is a prime target for cybercrime. The entire point of ransomware is to take advantage of this reliance, cutting off your access to it in order to coerce a payment out of you—a payment that you’re more motivated to make as your business drags to a halt without its essential resources. However, this all hinges on the fact that you wouldn’t have access to your data. If you maintain your access to this data (by keeping it safely backed up, for instance) you’ve eliminated what makes ransomware so effective, allowing you to purge the infection and start fresh.

If you aren’t sure how you should be handling your backups, you don’t have to worry. All you need to do is call (516) 403-9001 for our help.

Train Your Team

One extremely common way that ransomware is spread is through various means of manipulating your business’ users, like phishing messages, malicious attachments, and infected downloads. You can help minimize your risk by educating yourself and your team members on how to identify risks and avoid them appropriately. Remind them not to open or click on unexpected attachments or links, not to plug in random devices they’ve found, and generally act in a more secure way.

MSPNetworks can not only help keep your business productive, but secure and resilient as well. Learn more about what we can do by giving us a call today at (516) 403-9001.

There is a lot made about ransomware, for good reason. It is quite simply one of the nastiest cyberattacks out there and it demands your attention. A lot of people understand what exactly ransomware sets out to do, but they don’t understand how it got that far and how to address the situation if they have the misfortune of being put in that position. 

How a Ransomware Attack Works

Basically, the ransomware attack can be deployed in any way that malware would get into a network. Most of the time it is deployed through phishing, which is a scam that uses fear to get people to make impulsive decisions and give network or system access to hackers. Once in, it is pretty simple for them to execute malware, including ransomware. 

Once run, the ransomware will encrypt and lock down all of the files on a device or even a network and then inform the user that they have been infected. File access is replaced with a notice with a ticking clock: Pay the ransom demanded or else. 

What Do You Mean “Or Else”?

Ransomware is one of those rare attacks that can hurt your organization in many different ways. Obviously, holding your files and data isn’t exactly targeted altruism, so that is the first sign that something terrible is happening. The ticking clock telling you that you have only a short amount of time before your files are lost forever isn’t great either. While we never recommend paying the ransom, it might seem like the only viable choice to get back in action following such an incident. This is especially true in more recent ransomware cases where hackers are also threatening to release encrypted data if the victim refuses to pay the ransom. This puts businesses in a difficult situation; do they risk the security of their data as well as the fines that come from the failure to properly protect it, or do they pay the ransom? It’s a lose-lose situation, and one that is entirely preventable with enough precautions.

What Can You Do to Stop Ransomware?

Let’s look at three strategies that you should have in place to help you ward off all types of cybercrime, including ransomware attacks:

Train Your Users to Detect Phishing Messages

Phishing is the #1 attack vector for ransomware and if you train your staff about the signs that they may be dealing with a potential phishing attack, the less likely your business will ever have to deal with ransomware. Some things your staff should be on the lookout for in their correspondence include:

• Messages that ask for sensitive information.
• Messages that use different domains from legitimate sources.
• Messages that contain unsolicited attachments and links.
• Messages that tend to have poor grammar and don’t typically have the elements of personalization that you would expect.
• Messages that try to elicit panic resulting in impulsive action.

A message having any or all of these variables doesn’t automatically make it a phishing message, but the illegitimacy of phishing messages can often be ascertained by the message itself. 

Keep Your Software Patched

You will want to make sure that firmware, antivirus software, operating systems and other applications you utilize are consistently patched. New ransomware versions come out of the blue and by the time anyone catches on, the hackers that perpetuated them are counting their Bitcoin. By patching software, you ensure that your software is current and has taken into account the threat definitions necessary to keep malware of any type out of your network. The knowledgeable professionals at MSPNetworks have a patch management platform that can save you and your staff the time and effort needed to keep up on all new software updates. 

Backup Your Data

Finally, you will always want to back up your data; not only to combat ransomware, but because it could literally save your business. Having up-to-date backups can help you bypass the ransom demand and restore data and applications affected by the hacker’s encryption. Since most ransomware today is sophisticated enough to search for backup files, you will definitely want to keep a backup offsite, so that they aren’t corrupted.

If you would like to ensure that your business is set up to combat ransomware, give the IT experts at MSPNetworks a call today at (516) 403-9001. 

The Internet of Things is everywhere and that means that it’s important to understand how much of a potential security risk these devices can be. From smart speakers to smartphones, it's important that you understand how these devices can create problematic situations. In this week’s blog we will discuss how you can protect yourself against IoT vulnerabilities at home.

Why the IoT Is So Insecure

There are several factors to why the Internet of Things is insecure. The first is that the demand for smart devices has created a situation where manufacturers are trying to get as many devices out on the market as possible and in their haste, they don’t do enough to build secure environments. Another reason is that many people don’t have the security acumen to do the things needed to improve security for a network that features a lot of IoT devices. 

These smart devices are super useful, but if they were to be hacked, it can cause a lot of problems for you. If not secured, hackers can gain access to webcams, access your heating and lighting systems if they are connected to the Internet, gain access to account information—or even financial information, deploy malware, and even turn your smart devices into agents of chaos (also known as a botnet).

How to Secure IoT Devices on Your Network

Obviously, with so much at stake, you will want to know some actions to take to properly secure these devices. Much of what can be done are good strategies to secure your network in general. These actions include:

• Secure your router - Obviously, securing your router has a major effect on your ability to keep your network, and therefore your IoT tools, secure. You will want to change the SSID and password of your wireless network.
• Start a guest network - A great way to ensure that your IoT devices aren’t going to negatively affect your network is to create alternative networks that separate these devices from your core computing infrastructure. 
• Change all individual device passwords - This may take some time, but if security is your aim, you can do worse than actively changing every device’s login credentials and passwords frequently. 
• Use complex and unique passwords - One of the best ways to secure password-protected digital assets is to make sure to build passwords with security in mind. Use all types of different strategies including a combination of upper and lower case letters, numbers, and symbols to give yourself the best chance at maintaining security. 
• Use two-factor authentication - Adding security to your strategy, two-factor authentication can be a really useful tool; especially with IoT devices that often lack the strong security features of more complex computing devices. 

IoT is becoming increasingly important at work and at home, so doing what you can to keep from dealing with attacks and other digital issues is important. If you would like more useful security tips, or you just would like to have a conversation about how to best secure your IoT, give us a call today at (516) 403-9001.

Most organizations are trying to figure out how to secure their IT against the constant flood of threats out there. Unfortunately, the biggest threat out there isn’t something that you can actively protect against. Can you guess what it is?

Unfortunately, it’s your employees, and their potentially lax password practices—and while you can’t really protect yourself against insecure passwords, you can minimize the likelihood that they’ll be used.

A Password Manager is a Great Security Asset

A password manager is a great little program, as it allows you to store all of the credentials that you would otherwise be tasked with remembering.

But wait, I can hear you saying, aren’t you not supposed to write down your passwords?

Usually, yes! However, reputable password management solutions give you a place to store these passwords that’s heavily fortified through encryption. That’s the key difference between the password manager and a little notebook that you keep around.to scribble credentials in…only one of these options features the security that encryption provides (and it isn’t the little notebook).

Considering that the average user needs to remember dozens of passwords, having a safe place to store them is a huge benefit.

This is just the start of the benefits that a password manager provides. In addition to the secure convenience, a quality password manager will allow you to generate more secure passwords to use…all accessible to you behind a single master password.

With all of the credentials you may need easily accessible, either through a browser plugin or dedicated desktop/mobile applications, you can rest easy knowing that you and your team members won’t be locked out of a necessary solution at an inopportune moment.

Speaking of your team, a password manager makes it far easier for them to share the credentials that they’ll need to use amongst one another. You can share access to them as needed, making it easier to endorse productivity.

So, to sum up, a password manager:

• Helps you to use sufficiently secure passwords
• Assists you in creating passwords that are more secure
• Enables your entire organization to access shared resources easily

We Can Get Your Business Set Up With a Password Manager

Turn to us to ensure you select a reputable and reliable password management solution, and any other tools or resources your business would utilize. Give us a call at (516) 403-9001 to start a conversation about it.

Remote work has seen unprecedented adoption in the past few years. While we’re all for the benefits that this trend brings, it is critical that any business that embraces remote or hybrid work does so securely.

Let’s discuss a few measures that your business can and should implement to achieve this security.

How to Secure Your Remote Operations

Let’s review some of the most key safeguards that anyone working remotely should have in place.

Use a Virtual Private Network

Which sounds like the more secure option to you: your organization’s protected and monitored network infrastructure, or your second-favorite coffee shop’s GENERIC-5G network, with password coffeebeans247 scrawled on a chalkboard for its patrons to use?

If you answered the latter, please give us a call right now, because we need to have a serious talk about cybersecurity. 

Of course a properly maintained network is going to be more secure, but what happens if you need to get some work done while you’re waiting on and/or sipping your macchiato? The smart answer is to use a VPN, which encrypts your connection and shields its contents from spying eyes, while allowing your team members to safely access the materials you’ve saved on your network.

The use of a VPN should be enforced wherever a remote worker happens to be operating from, whether that’s at home, away on a business trip, or if taking a working lunch at a cafe.

Only Use Approved, Secure Devices and Software

On a related note, it is important that wherever your team members might be operating from, they are using the right tools to do so. Unapproved technology being used for business purposes without IT’s knowledge or approval—given the ominous designation of shadow IT—brings a variety of issues with it. Not only do you not have any form of control over the device or the data stored on it, there are compliance issues to be considered. 

The same goes for software. If your team members aren’t using the software that you’ve designated they use, instead seeking out alternatives online and downloading potentially dangerous data packets, you are vulnerable to some serious issues and compliance concerns.

This makes it paramount that you provide your team with access and support for the exact tools you want them to use.

Maintain Your Equipment and Software

It’s also critical that the tools your team members are using are kept in proper working order, as this will not only make them more efficient, but more secure as well.

Your remote workers will need to have devices that are remotely monitored for threats and other issues, helping ensure that they remain secure even while they aren’t in the office under your watchful eye. The same goes for the software that gives these devices some direction—threats are actively being developed to undermine it, so it is important that you are just as diligent in keeping these devices up to date. We can use the same remote monitoring and maintenance software we use to manage your in-office devices to ensure your remote team is properly equipped.

Establish Basic Security Standards

We’ll never stop talking about how important it is for businesses to maintain their cybersecurity protections, and this importance is in no way diminished by remote work practices. More than ever, you need to ensure that your team is maintaining the cybersecurity standards you expect them to. Reinforce that they’re to abide by best practices—keeping an eye out for phishing, using secure passwords with multi-factor authentication, and others—and hold them to that expectation.

We’re Here to Help Businesses Operate Effectively and Securely, Regardless of Where Their Team Members are Working.

Give us a call at (516) 403-9001 to learn more about how we can assist you in making the most of your business’ technology.

It doesn’t take much to get us to start ranting about the dangers of phishing, and it’s a topic that we won’t stop talking about for some time. Unfortunately, phishing comes in enough forms that it isn’t always so simple to spot. For this week’s tip, we just wanted to run through the different formats phishing can take, focusing on how to identify each type.

First, let’s briefly review what phishing is.

Phishing is a Form of Social Engineering, Plain and Simple

To sum up phishing, it’s effectively the attacker trying to hack the user, instead of the network. This approach just makes sense. Let’s say you were trying to illegitimately access a business’ network—does it sound more challenging to develop the technical skills and know-how to break past today’s cyberdefenses, or to fool someone into giving you the keys to the castle?

Exactly.

So, attackers come up with phishing schemes, either targeting people on a wide scale or crafting specific attacks with a certain target in mind, and share them through various means of communication. Let’s go over these methods, and the warning signs you need to look out for.

Email Phishing

By sending an email that is purportedly from a trustworthy source or authority, phishers are able to extract sensitive information from their targets. As such, phishing emails currently feature a few hallmarks:

• Attachments—An unexpected attachment in an email can easily be used as a vehicle for malware and other attacks. These can be either individual documents, or in the form of a ZIP file.
• Spoofed Links and Senders—Many phishing emails will appear to come from certain senders or websites, trying to take advantage of the inherent trust that these senders or websites have in the public. Paying close attention to these links and senders will help you catch these efforts.
• Misspellings and Grammatical Errors—Most professional communications are (or should be) proofread fairly extensively before being sent. Therefore, an email that presents a lot of these issues is somewhat likely to be a phishing scam.

Smishing

Smishing is a form of phishing that is sent via text message, and as such, offers its own warning signs. For instance:

• Messages from Odd Numbers—Messages that come from non-cell numbers can be a sign of a scammer using an email-to-text service.
• Unsolicited Messages—If a message purports to come from an organization and you didn’t prompt any communication with them, take it with a grain of salt and reach out to that organization through another means.
• Personal Details—If there are personal details shared in the message itself, it could very well be a phishing scam, as scammers will try to add pressure on their victims.

Vishing

Vishing is a form of phishing where a scammer will call their intended victim directly, seeking to extract personal details from the call’s recipient. Watch out for these red flags:

• Too-Good Offers—Phishers will often place phone calls promising rewards or perks that are unrealistically appealing.
• Calls from Authorities—If you receive a call from some organization or higher authority, don’t be afraid to question its validity…particularly if they start pressuring you and/or trying to scare you.
• Excessive Personal Details—A lot of your information can be found online, if an attacker so wishes, so if a caller has more information than they should, that’s a red flag.

Social Media Phishing

Phishers will also utilize social media to their advantage, hijacking accounts and again, stealing personal information. To avoid this, keep an eye out for:

• Duplicated Accounts—Some phishers will find someone, make a copy of their profile, and start sending that person’s contacts invitations to connect. This is another time you should separately confirm that someone is who they claim to be.
• Bogus Links—Social media platforms offer phishers with a very convenient means to share out links to fraudulent websites, where personal details can be harvested from unwitting visitors.
• Integrated Phishing—Sometimes, phishers will use the messaging functions of these social media platforms to pose as authorities and extract key account information, like access credentials.

Hopefully, this will help you better spot phishing attacks in the future. For more assistance with your business’ IT and cybersecurity, give us a call at (516) 403-9001.

This past January, the Federal Bureau of Investigation issued an announcement that they had targeted and taken down the servers for a Dark Web organization responsible for the Hive ransomware group. While there is certainly cause for celebration here, one major statistic is enough reason to continue being concerned.

Only About 20% of Hive’s Victims Reported Their Problems to Law Enforcement

That’s over seven months, too. This is nowhere near enough, and even worse is the fact that law enforcement officials are under the impression that this number is high. There are several reasons why this might be the case, however. Some of them include:

• Federal investigators would be just another distraction to internal IT teams and complicate the process of data recovery efforts.
• Businesses might just not think to report it in the highly-stressful circumstances following a ransomware attack.
• Some organizations might believe that involving authorities would only escalate the attacks or get in the way of their own investigations.

However, the FBI’s goal is to identify those responsible for a given attack and to recover the data and/or funds, working discreetly to lend its aid to those impacted.

The FBI is putting forth effort to improve relationships with businesses so that proactive measures can be taken, in the event incidents occur. These resolutions can occur much more quickly if the organization has a good relationship with impacted businesses.

If You Work with Us, You Can Bet on the FBI’s Support

Considering the plethora of resources at the government’s disposal, it would be foolish not to involve the FBI in any ransomware attack. Furthermore, information from your attack could prove useful in finding and eliminating threat actors so that others don’t have to suffer the same fate as you—a worthy cause to say the least.

We’ll still work to prevent attacks whenever possible—after all, that is the best way to respond to attacks of any kind, to prevent them rather than deal with them as they happen—but that’s a different story. To get started, give us a call at (516) 403-9001.

Phishing is a remarkably dangerous tactic used by hackers to take advantage of those who might not be quite as in-the-know about security practices. Phishing attacks can be carried out against both businesses and individuals alike, and due to the many different forms these attacks can take—including email, text message, and even fraudulent websites—they can be quite problematic.

Let’s go over how you can train your team to avoid phishing attacks and how to appropriately respond to them when they are inevitably encountered.

Be Wary of Unsolicited and Suspicious Emails

Have you ever received an unsolicited email asking you to perform specific tasks, like filling out a form or downloading an attachment? Oftentimes hackers will use these methods to get the user to download a file or perform an action under the guise of someone else. If you think anything sounds suspicious within the email, then there probably is something suspicious with the email. Look for typos, misspelled words, poor grammar, and otherwise dead giveaways that the sender is not legitimate, especially in the professional environment.

Don’t Click on Links—Especially When the Sender is Unknown

The old phishing link is one of the oldest tricks in the book. The attacker might include the link to something supposedly innocent or important in the body of an email or a text message, only to hide something far more sinister on the other side. You should be cautious of any suspicious links you receive in an email or text message, as it is very easy to hide malware, phishing forms, or other types of attacks within a malicious link.

Also, be very careful of the links and the characters they use in general. It’s easy to substitute the character in a link with one that might look in place, but is really not, like a zero instead of an O or something similar.

Verify the Sender for Yourself When Possible

The types of phishing attacks you might receive will come from routes where it will be difficult to verify the identity of the person on the other side of the line. This is intentional; hackers don’t want you to be able to thwart their efforts easily. Whenever possible, you should try to get in touch with the sender through alternative means, like walking to their office or contacting them on the phone or social media. This can help you determine if the user is really who they say they are.

The best way to protect your business from phishing attacks is to implement a comprehensive network security plan, including spam blocking and content filtering, as well as training your team on the best practices for how to detect and avoid attacks. To get started with either of these, contact MSPNetworks at (516) 403-9001.

Phishing is a common issue that businesses of all kinds can experience, whether they are a small startup or a large corporation. Hackers are always trying to extol information from your employees, including account credentials, remote access to your systems, and in some cases, funds directly from a bank account. It’s up to you to teach them how to identify and respond to phishing attacks.

Here are some strategies you can teach them for how to address phishing attacks against your infrastructure.

Be Wary of Unsolicited Requests—Especially Suspicious Ones

Chances are you’ve seen the messages you get in your inbox about confirming special offers or doing certain tasks, like clicking on a link or downloading an email attachment. More often than not, these types of unsolicited emails are phishing attempts designed to get you to act in a specific way. If you think a message looks suspicious, then it probably is, and you should flag the message as such so your IT can handle it. You might look for unprofessional language, misspelled words, or other similar telltale signs when you are making your decision.

Be Especially Careful with Phishing Links

Although they are not necessarily anything new, phishing links are still quite dangerous because they take almost no time at all to put together. A phishing link can come in the form of an email, social media message, or even a text message. Hackers will use every trick they can think of to get you to click on the link, and if you’re not careful, you might actually do it. Links can look legitimate even if they are not; for example, a zero could easily be slotted in the place of a capital “o.”

Use Alternative Methods of Identity Confirmation

Let’s say you get a message that you are truly 50-50 on. It could be real, or it could be a scam. If there is even a shadow of a doubt as to the authenticity of the message, you should consider reaching out to the other party through an alternative means, just to confirm that the sender is who they claim to be. For example, if it’s GoDaddy support, contact GoDaddy support through the phone number on their actual website rather than the one in the email message. If it’s an internal message, like one from your supervisor or your IT department, reach out to them with the contact information you have on-hand to verify their identity. In all cases, it’s better to be safe than sorry.

You can help your business stay protected against phishing attacks by working with MSPNetworks. We can equip your organization with the tools to protect itself and the support your team needs to identify such messages. To learn more, call us at (516) 403-9001.

It’s the holiday season, and you know what that means: lots of gift-giving and online shopping. Regardless of what you and your family celebrate this holiday season, you should be prepared to handle the influx of phishing attacks which always surface around this time every year, including both the usual methods and the more sophisticated ones.

Here are three strategies you can use to avoid phishing attacks and effectively navigate the holiday season without putting your financial or personal information at risk.

Check With the Online Retailer About Orders

Sometimes you might receive an email claiming that there is something wrong with an order. Maybe it’s your financial information, or maybe it’s your shipping information. In any case, these kinds of phishing tricks are using the commercialization of the holiday season to convince you to hand over your sensitive information.

If you receive an email or a text about an order that needs to be updated, then we recommend you go directly to the website in question and log in through their official login portal—especially not through any links contained in emails or text messages.

Don’t Click on Links in Emails (or Texts)

The same advice that works for untrusted links also applies during the holiday season, when emails and texts are being received by the dozens to ensure that orders are confirmed, payments are processed, and shipments are arriving. Don’t get so caught up in receiving these notifications in your email and on your smartphone that you forget to keep security in mind, though. It’s easy to send a text that looks like it is from some random retailer asking you to plug in your payment information again or to confirm a shipping address, only the message isn’t from a retailer and it’s instead coming from a hacker or other cybercriminal to either infect your system with malware or steal credentials from you.

Again, when in doubt, check your order information on the retailer’s official website, not from a link received in an email or to your smartphone.

Only Do Business with Trusted Retailers

This tip is more of just a “be careful of where you shop” caution. During the course of the holidays, people are browsing the Internet all over to find the perfect gifts for their loved ones. Sometimes this search might take them to corners of the Internet they didn’t know existed, where niche online shops thrive. While we are all for supporting small businesses, we just want to raise awareness of how you go about choosing who to trust for online purchases.

The basic premise of it is to only plug your card information into secured portals hosted by trusted retailers. Look at the company’s history, location information, support and other contact numbers, and so on to ensure they are an authentic and trustworthy person to purchase gifts through.

Stay safe this holiday season, and MSPNetworks hopes you enjoy the time spent with your friends and family!