• info@pennyriletech.com
  • 931 771 1149
Remote Support

Cybercriminals

Ransomware-Attack-Prevention

5 Tips for Avoiding Ransomware

Information Technology, IT Support, Ransomware /

What is Ransomware? Ransomware is a piece of malicious software that infects a computer or device and encrypts the data making it inaccessible to the user. A ransom is then demanded to regain access to the victim’s data. A time limit to pay the ransom is often imposed (usually 24-48 hours) or you risk losing access to the encrypted data forever. If a backup is unavailable or the backups were encrypted too, the victim is faced with paying the ransom to recover personal files. Payment must be paid in Bitcoin and the ransom cost can be anywhere from a few hundred dollars to thousands of dollars. Once the ransom is paid, the attacker will send a private key that will allow you to decrypt the data. Tips for Avoiding Ransomware Back up your data – This won’t prevent you from being infected with ransomware, but this is one of the most important things you can do in the fight against ransomware. Regularly backup your computer and data to an external hard drive and disconnect it from the computer. This would be considered an offline backup. Even better, backup your computer off-site with a cloud backup service so that even if you suffer a ransomware attack, you can easily restore all your data and not have to worry about paying a ransom. Keep your software updated – Make sure to regularly update your operating system and the software installed on it. Ransomware attacks can take advantage of known bugs and vulnerabilities to attack and infect devices. Watch for suspicious emails and links – Be careful clicking on any links or attachments that are emailed to you. The biggest vector for ransomware infections are emails. Even if you know the sender, be mindful the their email could be compromised and a hacker is using it to infect others. If you weren’t expecting a file or link or the wording in the email seems off, it doesn’t hurt to double check with the sender. Use a anti-spam or email security service that can help block emails before they reach your inbox. Use antivirus software – Use a reputable antivirus software and keep it updated. There are some great free antivirus softwares out there along with paid ones. If you go with a paid solution, don’t let the subscription lapse so that you stop getting security updates. DNS filtering – Using a DNS filter like OpenDNS or Cisco Umbrella can help block malicious websites, content, and ransomware. By using a large database of blacklisted sites, the filter will check against the database when resolving a DNS query and then prevent the content from loading if it is blacklisted. Dealing with a Ransomware Attack If you are dealing with a ransomware attack now, here are some tips to handle it going forward. Isolate the infected machines – Try to prevent the infection from spreading any further by isolating all infected machines. Turn off the machines and disconnect them from the network by unplugging the Ethernet cable and disabling Wi-Fi, Bluetooth, and any other networking capabilities. Speed is of the essence and the longer a machine is turned on and connected to the network, the longer it has do encrypt your files and spread to other machines. Identify the type of infection – Try to identify the type of ransomware that is being used in the attack. It can help you understand how it spreads, the types of files it encrypts and possibly how it can be removed without paying a ransom to the attacker. Change login credentials – Ransomware can spread rapidly by gathering IP addresses and credentials. If the attacker manages to compromise administrative credentials they can move laterally around networks, encrypt files and wipe out backups in the process. To ensure your system is secured and to prevent attackers from thwarting your recovery efforts, you should immediately change all admin and user credentials. Assess the damages – To determine which devices have been infected, check for recently encrypted files with strange file extension names and look for reports of odd file names or users having trouble opening files. You should try to create a comprehensive list of all affected systems and data, including network storage devices, cloud storage, external hard drive storage (including USB thumb drives), laptops, etc. Notify the authorities – Once the ransomware has been contained, you will want to report the attack to the authorities. The FBI urges ransomware victims to report ransomware incidents regardless of the outcome. Victim reporting provides law enforcement with a greater understanding of the threat, provides justification for ransomware investigations, and contributes relevant information to ongoing ransomware cases. Evaluate recovery options – Ideally, you will have backups you can restore from. The quickest and easiest way to recover from a ransomware attack is to restore your systems from a clean backup. Alternatively, you may be able to remove the malware otherwise you will need to wipe all infected systems and reinstall. Performing a complete wipe of all storage devices and reinstalling everything from scratch will ensure that no remnants of the malware linger. If you need assistance dealing with a ransomware attack, Pennyrile Technologies can help! Contact us for a free consult today!

5 Tips for Avoiding Ransomware Read More »

Backup and Disaster Recovery

How Disaster Recovery as a Service Provides Peace of Mind for Small Businesses

IT Support /

If you sit down and think about all the things that might cause your business harm, data loss should be at the very top of that list. Very few businesses in today’s day and age still operate on a pen-and-paper model and have instead shifted into the digital realm. Though this affords a great deal of convenience, things like cyber crime, natural disasters, and even hardware failure can mean the end of the line for your company. Disaster recovery as a service can change this. The Three Biggest Disasters Facing Small Business When it comes to unexpected data loss that could potentially close your business forever, there are three ways it could happen: Natural Disasters: The NOAA, or US National Oceanic and Atmospheric Administration, reports that there have been 10 or more natural disasters causing $1 billion or more in damage every year for the last five years. They also say these disasters are becoming more and more frequent. Hardware Failure: Servers and computers – much like cars and home appliances – can fail, and when they do, it’s like the data inside never even existed. Though it may be possible to recover some data, other data may be lost forever. Cybercrime: Small businesses are targeted by cyber criminals just as frequently as large enterprises by things like spam, phishing, and even ransomware, among others. Cyber crime can completely wipe out your data and leave your company dead in the water. Disaster Recovery vs. Backup Many small businesses currently pay for what is known as BaaS, or Backup as a Service. This essentially means that the companies’ data is backed up regularly and stored in a separate location. If a natural disaster, hardware failure, or cyber crime should occur, the data is not lost forever. This is incredibly beneficial, but it often provides business owners with a false sense of security. There’s no provisioning for network or computer needs with BaaS, which means that even though the data is safe, it cannot be accessed remotely, and this creates a significant amount of downtime. DRaaS, or Disaster Recovery as a Service, solves this issue. It does include provisioning for network and computer needs. To better understand this, imagine that your company’s headquarters – including the onsite server – burned to the ground. Your BaaS provider has your servers and data saved and backed up on a server elsewhere, but it’s just a backup, so until you put a new server into place, your data and infrastructure is effectively useless. A DRaaS provider, on the other hand, allows your business to stay up and running with very little downtime (if any at all) thanks to offsite data redundancy. For many small businesses who are still trying to build a reputation and make a name for themselves, several days or even hours of downtime can be devastating. It is important for small business owners to maintain their online presence through thick and thin, even in the midst of a natural disaster. This is exactly what disaster recovery as a service was designed to do; it provides small business owners with unprecedented peace of mind by ensuring things continue to run with minimal downtime – even in the midst of a true disaster.

How Disaster Recovery as a Service Provides Peace of Mind for Small Businesses Read More »

Preventing Data Loss

Protecting Against DNS Attacks

Informative /

Not too long ago, the New York Times’ website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive? The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is. DNS Targeted Attack The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS. Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets. For now… There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road. Here are a few ways to stay safe Select a Registrar with a Solid Reputation for Security Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack. It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure. So what else can be done? Set Up a Registry Lock & Inquire About Other Optional Security A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available. Ask your registrar about registry locking and other additional security measures like two factor or multi-factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address. While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay. Email us at sales@pennyriletech.com or use our contact form to see how Pennyrile Technologies can help your business today.

Protecting Against DNS Attacks Read More »

thumb 1

Addressing the Threat of Mobile Hacks

Informative /

More cyber criminals are targeting small-to-medium sized businesses. One reason for this is too many workplaces have insufficient bring-your-own-device (BYOD) policies in place. Some have none at all. Although firms are generally more knowledgeable about network security risks than in years past, they still woefully underestimate the security vulnerabilities linked to mobile devices like smartphones and tablets. Protecting against mobile hacks is a real cause for concern since data breaches have the ability to put many already financially challenged SMBs out of business. If customer/client data has been breached, there could be potential litigation costs, and naturally, lost goodwill and an irreparable hit to brand or company reputation. Don’t Just Say You’re Worried About the Bad Guys… Deal With Them SMBs say they view network security as a major priority but their inaction when it comes to mobile devices paints a different picture. A recent study found that only 16% of SMBs have a mobility policy in place. Despite the fact that stolen devices are a major problem in today’s mobile workforce, only 37% of mobility policies enforced today have a clear protocol outlined for lost devices. Even more troubling is the fact that those firms who have implemented mobility policies have initiated plans with some very obvious flaws. Key components of a mobility policy such as personal device use, public Wi-Fi accessibility, and data transmission and storage are often omitted from many policies. Thankfully, most SMB cyber crimes can be avoided with a comprehensive mobility policy and the help of mobile endpoint mobile device management services. A Mobile Device Policy Is All About Acceptable/Unacceptable Behaviors Your initial mobility policy doesn’t have to be all encompassing. There should be room for modifications, as things will evolve over time. Start small by laying some basic usage ground rules, defining acceptable devices and protocols for setting passwords for devices and downloading third-party apps. Define what data belongs to the company and how it’s to be edited, saved, and shared. Be sure to enforce these policies and detail the repercussions for abuse to help protect against mobile hacks. What is Mobile Device Management? Mobile device management (MDM) is software that allows IT administrators to control, secure and enforce policies on smartphones, tablets and other endpoints. The intent of MDM is to optimize the functionality and security of mobile devices within the business while simultaneously protecting the corporate network. Features of Mobile Device Management Services MDM services are available at an affordable cost. These services help IT managers, administrators, and business owners identify and monitor the mobile devices accessing their network. This centralized management makes it easier to get each device configured for business access to securely share and update documents and content and more on the business network. Mobile Device Management proactively secures mobile devices by: Specifying password policy and enforcing encryption settings Detecting and restricting tampered devices Remotely locating, locking, and wiping out lost or stolen devices Removing corporate data from any system while leaving personal data intact Enabling real time diagnosis/resolution of device, user, or app issues It’s important to realize that no one is immune to cyber crime. The ability to identify and combat imminent threats is critical and SMBs must be proactive in implementing solid practices that accomplish just that. If your business needs help implementing mobile device management, give us a call or use our contact form and one of our staff will reach out to you and see how we can help secure your mobile devices.

Addressing the Threat of Mobile Hacks Read More »

Our Links

Our Addresses

Address

1910 South Virginia St. Suite 104, Hopkinsville, KY 42240

Address

1860 Wilma Rudolph Blvd Suite 127 P, Clarksville, TN 37040

Our Contacts

Hopkinsville Phone

270 632 0900

Clarksville Phone

931 771 1149

Fax

931 771 1150

Sales

info@pennyriletech.com

Support

support@pennyriletech.com

Our Recent Posts

Copyright © 2024 | Pennyrile Technologies | All Rights Reserved

Twitter Rss Facebook-f