(866) 251-4459 support@compnetsys.com
A New Strain of Ransomware is Even More Virulent

A New Strain of Ransomware is Even More Virulent

This a simple breakdown of the new ransomware attacks spreading globally. The attack is quite different to anything that has been spread in the past. The intention may not even be money.  

Recently, a new and viral malware has been spreading throughout Europe. News organizations such as the Washington Post and The New York Times have been talking about it quite a lot. However, no one seems to have much information about it.
The stories began on the morning of June 27, 2017. While its method of infection has not been discovered, it is known that this malware in behaving like a worm. That means when one node is infected, it tries to spread to other nodes. When the virus infects a computer, it shows a “Chkdisk” screen that is meant to entice the user not to power off. This attack has been touted to be even worse than the Wannacry attack.
Kaspersky Discovered in First.
Kaspersky actually discovered this Ransomware a while back. Since then, they have noted that it has been spreading for weeks. The reason why it has become such a big issue in recent days is that it has started to affect huge organizations, especially government organizations.
What is Known About it.
Some researchers have christened it PetyaWrap. It uses a potent mix of techniques to enter a network and from there spread to all computers in that network. As with other attacks from ransomware such as WCry, it made use of EternalBlue. This advanced exploit was developed by the NSA to snoop on unwitting users of the Windows OS.
The new attack used a new exploit called the EternalRomance, which was developed by the NSA. Microsoft developed a patch for the vulnerabilities. However, many computers remain quite vulnerable. People with basic technical skills now have a powerful method to deliver any kind of digital warhead that they wish to install in a computer. It is especially so for those who had not installed the updates from Microsoft.
However, EternalRomance was not the only exploit that it used. The recent attack showed that it was a major improvement over past attacks. The new attack also used Mimikatz, which is a tool used to extract passwords from computers on a network. With that ability, they could use PSExec, which is a legitimate component of Windows.
That means even computers that had updated their OS and were immune to EternalRomance and EternalBlue could be hacked. Some of the Ransomware is also using a vulnerability of Ukrainian software called MeDoc. The result is that MeDoc is being used to send updates to the end users.
MeDoc Could be Patient Zero.
Kaspersky just fell short of saying MeDoc was the reason this ransomware attack spread so fast. Others are also fingering MeDoc as being the source of the weakness. MeDoc only indicated that their server made a virus attack in an update on their site. Most analysts have interpreted the post as MeDoc admitting guilt.
How it Works.
When the malware creeps into a computer, it waits for about 10 minutes before it reboots the computer. After that, the hard disk is encrypted, and a $300 ransom is demanded when the computer restarts. If someone switches off the computer before it reboots, he or she could save their computer if they allow a professional to restart their computer.
 
Ukraine Was Hit Hard.
Many news organizations globally report that Ukraine was hit hard. The malware hit metro networks, power companies, government sites, banks, airports, media organizations, and state corporations. Even the radiation monitors at Chernobyl were not spared.
One of the reasons WCry was killed off was that its developers hard-coded a kill switch into it. However, researchers are concerned that there may be no simple solution to stopping the spread this time.
Reports of Windows 10 Attacks.
Some reports indicate that it was able to attack an updated Windows 10 computer. Besides that, it is said that the computer had a working anti-virus installed and had the SMBv1 protocol switched off.
It is also Stealing Credential.
This new strain is targeting the master boot record of computers. It is an important file, which allows the computer to locate the OS and other important components. However, it also delivers a payload that steals usernames and passwords and sends it to a server under the control of the attackers. That means the attackers could be in possession of high-value data.
The attack was initially limited to Ukraine and Russia. However, it soon spread to Poland and then to Italy, Spain, France, US, and India. Major law firms and other companies in the UK said that their systems were under attack.
Peculiar Attack.
Victims of the attack were told that they had to email payment details. Within a few hours, the email went down. That made it impossible for those who had paid the money to recover data. The result was that it led to speculation the aim of the attack was destruction, not money.
What Can You Do to Stay Safe.
There are a few Steps, which computer users can take to stay safe. They are actually quite effective.
· Question All Attachments.
In a world where digital spoofing is so easy, do not trust anything. Do not open an attachment unless you were expecting it to arrive. If you feel you must open it, use your phone to call the person so that you can verify they sent an email to you.
· Do not click Links in an Email.
Before opening a link, position the cursor over it. If the URL is different from the text over it, avoid opening it. Besides that, use your phone to confirm any link sent to you.
· Be Attentive.
If an email uses language that suggests urgency, you should be quite cautious about clicking on it. If an email offers something to you for clicking the email, avoid it. Additionally, any email that seeks to generate some emotional response from you needs to be watched carefully.
· Stay Focused on Your Work.
Avoid receiving funny cat videos from your friends all the time. It is possible to receive a video that has bugs encoded into it. Unless your job involves studying cats, avoid unnecessary downloads at all times.
Most importantly, never pay any ransom. There is no guarantee you will receive the decryption key.

Warn Your Staff: Hackers Targeting Auto Employees on Social Media

Warn Your Staff: Hackers Targeting Auto Employees on Social Media

Don’t let a phishing spear take your automotive dealership down. Make sure your employees know that cyber attacks lurk in email and social media, too.

Back when cyber security was in its infancy, IT departments regularly warned employees against the dangers of clicking on links in an email address from an unknown sender. While most people can now spot a phishing email with ease, the focus from hackers is shifting to social media. Think about it, where else do you store a mass quantity of personal information with relatively minimal security? Many social media users don’t realize exactly how much information they are sharing with individuals who may mean them harm. Today, cyber security professionals agree that the biggest threat to your organization’s security may be an employee or a vendor who is “harmlessly” browsing social media at work.
Spear Phishing Attacks
With the rise of social media comes a new form of attack, called spear phishing. This attack is a play on the original phishing attacks that spread a broad net looking for someone to take a nibble — while spear phishing is targeted directly at a person of interest to the hacker. The cyber criminal spends time online getting to know the target — getting details about their posting habits, where they like to visit, where they work, members of their family — before launching a very targeted attack. These incursions are often to someone close to the person of interest, such as a spouse or significant other. The hacker then creates a special offer that may seem too good to be true to encourage the target to click through to get more information, and then use that new relationship to gather personal information such as login names and passwords. These details are then used to break into the auto dealership’s networks to hit the mother lode of personal information found there.
Personally Identifiable Information
The key target for many phishing attacks is personally identifiable information (PII) and bank account numbers. Since auto dealerships have to gather much of this information in order to complete a sale, they are now prime targets for cyber criminals. Once criminal gains access to the organization’s network, they are able to plow through enormous amounts of data in a very short period of time — making it difficult to stop the incursion before the damage is done.
Limitations of Liability
Unfortunately, if an auto dealership or any other organization is infiltrated, that company is potentially liable for damages from the attack. Perhaps the best way to prevent this from happening is to stop the attack in the first place by adequate training of team members and a solid security infrastructure that includes regular testing. Ensuring that all Microsoft and other hardware and software security patches are in place may also help prevent or lessen the damage from attacks. In addition, dealerships and other organizations may purchase cyber liability insurance, to cover the organization’s liability in the event of a widespread cyber attack.
Preventing Cyber Attacks
Aside from mentoring staff members to never click on social media ads while they’re at work or on any machine or device that can connect to the company network, there are several things you can do to limit the possibility of a cyber attack.

Counsel your teams to never respond to requests for their password or user information, regardless of where the question comes from. This includes phone, email, social media and websites.
Institute an aggressive schedule for updating passwords within your network, and add stringent standards around employee password creation.
Keep all firewalls, security patches and updates and network security software up-to-date. While this may not keep spear phishers completely out of your organization, it may slow them down and will stop some of them.
Notify staff members of the dangers of having a public profile on social media. While it may be fun to connect with people from around the world, it’s important to educate your staff about how personally identifiable information is gathered on social media.

Once one individual within your network is compromised, the attack will quickly spread between computers and networks. People tend to trust information that comes from family or a close friend, but it’s important to educate staff that this type of attack is very wily and can fool even the wariest individuals.
Catching Problems Early
Many organizations will suffer some type of cyber attack, but what are the steps that can prevent further damage? Early warning signals are critical to ensuring that the majority of your business stays protected even during an attack and that the duration and extent of the attack is limited as much as possible. Technology firms excel at creating specialized detection and notification systems that, along with user education, can be utilized to help counter the damage caused by spear phishing. Unfortunately, these attacks can happen very quickly, and once you click on an enticing ad within social media, you may have already infected your system. It’s important that auto dealerships and other organizations do not bury their heads in the sand and ignore the problem — because it is only growing in size and scope. Without adequate safeguards in place to detect or deter attacks, businesses of all sizes are vulnerable to these unscrupulous individuals.
After the massive cyber attack on Target’s personal customer information in 2013 that was caused by one of the organization’s refrigeration vendors, cyber security professionals are much more cautious about the possibility of a repeat performance by hackers. While the security attacks that get the majority of the national media attention are the widespread attacks that target anyone who will listen and click, the spear phishing attacks are much more insidious and personalized. By utilizing the personal information of the target, hackers are constantly looking for ways to slide under the defenses of the host organization.
Don’t let these insider threats damage your business and reputation. Instead, work with {company} to fully define a security structure that works for your business. Contact us today by calling {phone} or sending an email to {email}, and our cyber security professionals will work with you to ensure your organization is well-protected from spear phishing and other advanced cyber threats.

8 Ways Your Data Strategy Can Also Help With Work/Life Balance

8 Ways Your Data Strategy Can Also Help With Work/Life Balance

Work/life balance isn’t just about wellness: Here’s how data systems are an integral part of the puzzle.

The work/life balance used to be primarily about wellness benefits – what sort of health perks to offer at work, how to encourage people to take time off, and more. But now that the concept of a work/life balance has become more integrated into company strategies, we’re seeing that a surprisingly important part of the balance is the data systems that you and your company use: IT is an integral part of your wellness strategy! Here are the top ways that new data solutions and applications can impact your current workspace in stress-reducing ways.
1. Setting Personal Goals
Personal goals are surprisingly important for work/life balance and has become a common piece of advice for busy professionals who are looking at ways to reduce their stress and help clear up their schedules. While it may seem odd to write down more goals as a way of relieving stress, it certainly appears to work: Writing new goals, especially at night, allows you to get rid of worries you’ve accumulated throughout the day, and often leads to be better sleep and more confident morning preparations. Of course taking time to write a few goals every night can get tiresome, which is where technology steps in to help. Why not use an app like Microsoft To-Do that makes goal-creation and lists easy while also tying into Outlook and other common business software? List apps and calendars aren’t just there for organization, they also play an important role in stress relief.
2. Locking Away Distractions
A few years ago a new category of apps gained a lot of popularity – apps that blocked distractions from people who really needed to get work done instead of surfing Facebook for the 15th time or composing the perfect message on Reddit. These anti-distraction apps still have a place, and are now quite versatile, allowing you to add a surprising amount of productive time to your day – and isn’t that what everyone wants? Incorporate smart, selective blocking at work (which most modern companies need to be doing anyway, and not just with the X-rated content), and you can also see productivity rise among your employees. It’s also easy to find more personal, customizable apps for limiting time spent on specific sites based on your own habits.
3. Automating Email Replies to Reduce Stress
Even the simplest email clients available these days offer automation features, from Gmail’s mobile ability to create short automatic responses to categorization options that allow you to apply complex filters based on sender or subject. We highly advise you to take advantage of these tools and make them a common part of the workplace. One of the common work stressors is a long list of unanswered emails: It’s a feeling everyone hates, and it frequently leads to avoiding your inbox or ignoring emails for far too long, both at work and at home. Bringing in some automated tools and voice assistants like Cortana can make a huge difference when dealing with busy email inboxes.
4. Remote Work and Scheduling Options
Remote work and flexible scheduling have been vital parts of work/life strategies, allowing employees to plan their work life around the immovable parts of their personal lives, leading to a lot less worry and a lot more flexible thinking when completing projects. Data systems are one of the most important tools available for making flexible and remote work options available to employees. It just isn’t possible to easily schedule and reschedule or monitor teams no matter where they are working from without modern management software (Microsoft Teams is currently one of the top examples).
5. Digital Spaces for Workplace Fulfillment
It is understandable – and productive – if you block something like Facebook at the workplace. But that doesn’t mean employees cannot benefit from a social space: Indeed, a shared digital space can be very valuable when it comes to quick discussions, feeling like part of the company community, and keeping interested in the latest news and developments. We suggest adopting a company social space like Yammer so that employees understand their connection to the company and adopt better workplace relationships.
6. Reminders for Breaks, Meals, and Healthy Living
Speaking of scheduling and communication systems, it’s also a good idea to update these systems with broad types of company reminders. Those 10-15 minute breaks, lunches, and health benefits work a lot better if you move them from orientation into the workplace itself with a set of wellness alerts to remind employees to, well, take a break. Many of the tools we have already talked about all you to set up these types of alerts.
7. Metrics that Encourage Goal-Oriented Work
What do your current metrics study? If they focus primarily on hours and overtime worked, then you may want to rethink your goals. A number of companies are beginning to move more to a results-focused model that seeks to measure how much work employees are actually accomplishing rather than how much time they are spending at work – time that may or may not be spent working. The rise of the gig economy has helped this trend a lot, and it’s a great way for companies to check on productivity while also ensuring that employees are rewarded for completing goals and have the flexibility they need at work.
8. Automated Management of Benefits
Wellness perks can provide real help to employees – if employees know they exist, and how they work. If it’s been a while since HR has updated benefit systems, then some of the best wellness benefits may be languishing because people don’t really know how they work, how to sign up, or how it will affect their workflow. Data systems can easily automate and provide quick web forms, alerts, and other features for benefits including maternity leave, childcare, time off, yoga classes, and much more. Take advantage of technology!
Of course, your {city} workplace also has unique work/life balance challenges and goals. To find out more about what services {company} offers and how we can help you, contact us at {phone} or {email} to discuss our services.

The Four Most Important Things Every Accounting Firm Should Know about Cyber Security

The Four Most Important Things Every Accounting Firm Should Know about Cyber Security

Discover four tried and proven ways to keep your company’s computer systems and data safe and secure from cyber-criminals
A high standard of cybersecurity can mean the difference between a thriving, successful business and one that is crippled by lost data and/or customer lawsuits stemming from hacked information that is subsequently leaked or misused. Fortunately, securing important data and keeping it out of reach of hackers is not as complicated as it may seem. After working with numerous companies from a large variety of industries, I have come to the conclusion that there are really only four vital things you need to do to protect yourself from a cyber-attack.
Provide Employee Training
Both industry and government reports make it clear that over 90% of all cyber-attacks start with a hacker either successfully stealing access credentials or tricking an employee into providing access to a company computer system. Given this fact, it is clear that providing clear, ongoing cyber security training to employees is a must. Naturally, those who handle sensitive information will likely need more detailed training than those who don’t regularly use the company computer; even so, every single employee should know how to spot phishing attacks such as:

Email requests asking for log-in information, a request to transfer money or any other email that would require one to divulge important information online. Even requests from a boss’ email address are suspect and should be verified in person or over the phone.
Pop-up messages with interesting links that seem too good to be passed up
Emails from an email server asking for log-in information

Each person should have a personal username and password to access the company system. Passwords should never be typed in a text file or written on a piece of paper. Furthermore, employees should not be permitted to access personal email or social media accounts on company computers during work hours.
Continually Update Security Software
New viruses, Trojans, malware, worms and other malicious programs are created and disseminated all the time. Thankfully, a good security software program will keep up with new threats and provide regular software updates to thwart new types of attacks. However, these updates won’t do you any good unless you install them. Have someone in charge of making sure the security system on a company’s computer is always up to date. If there is no one in your company that can handle this task, consider outsourcing it to a reliable third party. At {company}, we have many years of experience with not only updating security software but also providing custom security software solutions to meet your specific needs.
Protect Mobile Devices
Ideally, it is best for employees not to use a personal mobile device for company business. Many personal mobile devices are not fully password protected and hackers can easily steal information by either stealing the phone itself or accessing information when a user is on a public network. Furthermore, many people use a mobile device to check personal emails, increasing the risk of a phishing or Trojan horse attack.
To prevent this problem, provide company employees who need a mobile device to use for company purposes with a company mobile phone. All data on such a device should be encrypted at all times and the device itself should be protected with a unique password that is different from an employee’s company account password. Additionally, employees should never install new apps on a company mobile device without express permission from a superior.
Make it clear to employees using a company mobile phone that the loss or theft of a company mobile device should be reported not only to the police but also your company. If such a device is stolen, immediately secure all information that could be compromised even if the device itself is recovered.
Backup Your Data
Ransomware is fast becoming one of the most common types of cyber-attack. Unlike other cyber attacks that are often conducted in secret, ransomware is in your face and you can’t miss it. All information will be immediately encrypted and you won’t be able to access it unless you pay the cyber criminal the amount of money that he or she is demanding.
To prevent this and other types of data loss stemming from cyber attacks, it is important to back up your data on a regular basis. Even so, be aware that not all data backup plans are equal; some are far better than others. A backup device that is always connected to your computer and regularly backs up data as it changes is convenient and helps you keep your backup system up to date; however, it is also vulnerable to ransomware attacks. Such devices will automatically backup encrypted versions of your files if you are hit with a ransomware attack, leaving you without access to any of your data.
Backing up data onto the cloud can be a good option but only if the cloud service provider offers a secure account that will not only protect your files while on the cloud service provider but also encrypt your files as they are sent to and from your company server. An external backup device that is only plugged in once a day to back up your data is a good option as hackers can’t access the device while it is disconnected.
Naturally, it will take time and money to fully secure your company computers to avoid cyber attacks; however, the effort is more than worth it as even a single serious attack can wipe out years of hard work. If you don’t have the time or feel you are tech-savvy enough to protect your valuable company data from malicious third parties, get in touch with us at {email} or {phone}. Our {company} has all the tools and experience you need to keep your systems secure both now and in the future.

BREAKING NEWS – New Worldwide Ransomware Outbreak Reported

BREAKING NEWS – New Worldwide Ransomware Outbreak Reported

Reports have begun to pour in regarding a new ransomware infection currently wreaking havoc in Russia, Ukraine, France, Spain, and several other countries. This highly sophisticated Russian strain is known as Petya or Petrwrap, and it has been advancing on a scale comparable to the recent WannaCry ransomware infection. However, unlike WannaCry, this strain lacks both the errors WannaCry contained as well as lacking a kill-switch.

A wide range of businesses have reported being hit with this infection, with victims receiving the following message: “If you see this text, then your files are no longer accessible because they are encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.” Sources state that the message appears as red text on a black background, and demands $300 worth of bitcoin in exchange for the decryption key.
While it has not been completely confirmed as of yet, Petya/Petrwrap looks to be taking advantage of the EternalBlue exploit, which was leaked by a group known as The Shadow Brokers. If EternalBlue sounds familiar to you, it should – it’s the same exploit WannaCry took advantage of.

Steps You Need to Take

If you haven’t already, you should be taking steps to protect your business against this exploit by installing the MS17-010 security update from Windows (which you can find here) and checking to see that your systems are fully patched. Like WannaCry, Petya/Petrwrap has the ability to compromise systems that are firewall protected. As this is a true worm, if the infection is able to reach a single computer within your network all of your systems and servers are at risk of becoming infected.

Take a moment to remind your staff that they need to be exercising extreme caution at all times when checking their email. If anything even slightly suspicious finds its way into an employee’s inbox, they need to know how to handle the situation and who to alert. All it takes is one mistake for your business to suffer serious damage, and events like this serve as an ugly reminder that a certain level of vigilance is required at all times to keep your business secure.

If you have concerns or want to find out more about what you can do to protect your business in the wake of this latest ransomware attack, please contact {company} right away at {email} or {phone}. Our team is here to help.

Your best source for tips, tricks, and hacks

Computer Network Systems (CompNetSys),is your best source for tips, tricks, and hacks as well as news relating to the latest advances in technology to help you work smarter, not harder.

Call us @ 866.205.8123 or send us an email @ support.staff@compnetsys.com

Everything You Should Know about the OneLogin Data Bleach

Everything You Should Know about the OneLogin Data Bleach

This is an article about the recent hack of the popular password manager OneLogin. We will briefly examine the impact this might have had on its users.  
In a blog post, the chief security officer of OneLogin Mr. Alvaro Hoyos said that they were aware of unauthorized access to their data in the US data region. Following this, the company had reached out to customers to inform them.
He added that the company had managed to block the unauthorized access after the bleach and was corporating with law enforcers to try to seize the criminals.

Initially, the blog post was very short on details. For instance, the post did not mention that sensitive customer data had been obtained during the hack, which the company had only mentioned in the email they sent to their customers.
The email said that OneLogin believed the breach had affected all of their US customers and that all their sensitive data had been compromised.
In an update, the company said that the hacker had obtained access to Amazon Web Service keys and used the keys to gain access to an AWS API from an intermediate host with a smaller service provider within the US.
OneLogin confirmed that the attack began at 2 am (PT), but staff only realized unusual database activity a few hours later. Within a few minutes of realizing this, they shut down the system as well as all affected AWS keys used to create the hack.
According to the company, the hacker was able to access the database tables that hold all information pertaining to users, the various types of keys, and apps. OneLogin added that although most of their data was encrypted, they could not rule out the fact that the hacker may have obtained a way to decrypt the data. However, the spokesperson did not clarify which type of data is encrypted and which is not.
People Have some Hard Questions
Some people want the question of how hackers had accessed customer data, which could be decrypted. For instance, they wondered how OneLogin could have encrypted data and made the decryption method accessible enough for hackers to gain access to it.
For now, OneLogin is advising customers to change their passwords, create new OAuth tokens, and generate new API keys for their services. Additionally, it is advising customers to create new security certificates. The company added that data used by IT administrators, stored in the Secure Note feature and used in storing important network passwords could be decrypted.
How Many Were Affected
The company did not give figures on how many of its customers the breach affected. However, on its site, it serves some of the largest companies on earth including Dun & Bradstreet, ARM, Conde Nast, and the Carlyle Group. However, Dropbox has denied they are a customer of OneLogin.
How Does OneLogin Work?
OneLogin lets corporate users of its service gain access to multiple sites, web applications, and services using a single password. It is estimated that the company serves millions of users in over 2,000 countries in dozens of countries around the world.
It integrates hundreds of third-party services and apps such as Office 365, LinkedIn, Slack, Twitter, Google, and Amazon Web Services with a single sign-in feature.
This is the second time the company is suffering from a major hack of their system in two years. In August of 2016, it warned users that someone had accessed to its Secure Notes service. However, it denied that it had lost any customer data because of the hack.
How will It Proceed from Here
One Login said that they were working with a security firm to determine how the hack occurred. In addition, they said they wanted to verify how extensive the leak had been. They also added that they were working on a solution on how to prevent a similar hack in future. For now, the company says it cannot divulge much else because law enforcement is still investigating the incident.
OneLogin is by no means the only company in the US that offers the single sign-on feature. However, that is not to suggest that other companies have also been hacked. However, it does mean that other companies should take precaution when dealing with customer data. The prospect of getting access to so many high-value accounts with one hit makes them a prime target.