Tag: ransomware

  • Hackers and the holidays, US government warns ransomware doesn’t take days off

    Hackers and the holidays, US government warns ransomware doesn’t take days off

    As you prepare to take some time off to enjoy with your families (especially if a certain health crisis kept the festivities to a minimum in 2020) it’s important to take some steps to make sure your business is still protected in your absence.

    The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory yesterday to businesses and consumers alike, warning that hackers often take advantages of holidays and other times people may let their guard down to wreak more havoc.

    The advisory included a warning of a possible increase on the following cyber threat events:

    1. Phishing attacks: That email from your Aunt Beth seeing if you’re going to bring the green bean casserole with a “Google Form” to check it off may not be what it seems to be.
    2. Fraudulent site spoofing: Especially for sites that may be seeing increased traffic due to holiday shopping (Black Friday anyone?).
    3. Unencrypted financial transactions: An easy way to check, is to look for the S in HTTPS, don’t enter your financial data into unencrypted websites.

    Beyond attacks aimed at individuals, attacks aimed at businesses also tend to rise during the holidays and on weekends.

    Such was the case for the attack on Kaseya, which occurred over Fourth of July weekend in 2021, and the Colonial Pipeline hack happened during Mother’s Day weekend the same year. Hackers realize there is less coverage on the weekend and during Holidays and they have taken advantage of it to great success.

    It’s not just large businesses that are a target either, many wannabe hackers have day jobs too and more time on their hands during the holidays to target businesses that could be local to them. That includes yours.

    So, here’s a list of things to check off before you leave the office this week to enjoy some well deserved time off.

    Holiday Crisis Checklist
    Click to view the full size version.

    As you can see, our number one recommendation is knowing who is going to cover your business if a cyber event does happen while everyone is home for the holidays. If you try to think of who that person is and you either come up empty or maybe it’s you, that’s a problem.

    Another problem is if your normal IT coverage is on a one time or break fix solution basis. The service you normally use could either be too swamped themselves to help you during the holidays, or maybe they’re taking time off too and are simply unavailable to help you.

    This is where having a contract with a technology service provider could really save the day during a crisis. When you have a contract with a business to provide your technology services, they’re bound by the service level agreement (SLA) you sign at the start of service. They will be better equipped to help your business if there’s a crisis – even during the holidays.

    If you’re in the Fresno, Modesto, Sacramento or anywhere else in the Central Valley and aren’t really sure who you would turn to if a technology crisis occurred during the holidays, Valley Techlogic is here for you. Learn more today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Massive DDoS Attacks Cripple VoIP Services

    Massive DDoS Attacks Cripple VoIP Services

    If you use VoIP in your business, you may have been affected by service outages so far this week.

    That’s because Bandwidth.com, a major hosting provider for VoIP services such as Accent, Ring Central, Twilio and more has been under assault by a major distributed denial of service (DDoS) attack. While they’re working tirelessly to reroute call streams, as of Tuesday outages were still occurring nationwide.

    Distributed Denial of Service (DDoS) attacks are not a new occurrence in the VoIP world, hackers regularly target VoIP services in an effort to gain a ransom to make the attacks stop. Canadian VoIP provider, VoIP.ms, has been under siege since last week by a DDoS attack being performed by the hacking group REvil.

    REvil, a Russian linked ransomware gang, was also responsible for the attacks on Kaseya that made major news in July. They are demanding $4.5 million from VoIP.ms to end the attacks but so far VoIP.ms is holding firm and not giving in to the demands.

    You may be wondering what happens during a Distributed Denial of Service (DDoS) attack or even what a DDoS attack is. During a DDoS attack hackers flood the target networks with service requests, bogging down the systems until they either slow to a crawl or go offline completely due to the overload.

    To put some context behind it, Cloudflare a cybersecurity oriented service provider that helps websites mitigate DDoS attacks were themselves hit by a DDoS attack last month that served their website 17.2 million requests per second. The real target of the DDoS attack, a financial customer of Cloudflare, was served 330 million attack requests in seconds. Most websites and online servers cannot bear the brunt of that many requests instantaneously.

    VoIP providers are an easy target for ransomware, cutting off communications to the outside world for those who are affected is a tangible problem that creates a heightened sense of urgency. The same urgency cannot be replicated from your business’s website being down for a while, though the loss of revenue that may occur from that should not be overlooked. For some business’s that loss can equal as high as $250,000 hourly.

    You may be thinking, I can’t have my phones go down I’ll just switch back to a landline provider even if the cost is higher and it would lack many of the features acquired with VoIP. I’m sorry to say It would do you no good.

    Nothing is truly cut off from the web these days, even your typical landline phone utilizes a web-based connection somewhere down the line. POTS aka Plain Old Telephone Service which performed phone services over copper wires is going the way of the dodo in most places.

    The FCC even called for a mandatory termination of POTS lines In 2014. As of 2018 only 5% of the country was landline only.

    To sum it up, avoiding the internet when it comes to making phone calls is no longer a possibility. With that said we understand that having your phone lines down is disruptive and unnerving. We’ve created this checklist with steps to take if you find your phone service down.

    If you don’t have a service provider to reach out to in the event of a service outage, we can help. We are proud of our VoIP service solutions and the reliable uptime we maintain for our clients. You can learn more about our VoIP services here. We even have a promotion for new customers. ?

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • The Extreme Side of RAAS (Ransomware As A Service)

    The Extreme Side of RAAS (Ransomware As A Service)

    When many people think ransomware they usually think on the small scale, someone’s email or computer being held hostage until a small sum is paid or an IT professional can assist with the problem (for the lucky ones).

    Or perhaps you think of the major breaches where millions of accounts are leaked to the public, usually containing emails, phone numbers and other identifying information. As a whole the public has become desensitized to these sort of breaches (even though they’re still a serious problem).

    What we probably do not immediately jump to is a full-scale terrorist level attack that can cripple large swaths of the country – such is the case with the Colonial Pipeline Hack.

    Tech News #10

     

    While it’s still an ongoing situation, here are the details in summary.

    Systems were shut down Friday at the Colonial Pipeline, a pipeline which supplies 45% of the fuel used on the East Coast. FBI has confirmed the pipeline was shutdown voluntarily to prevent future damage and to assess the situation, however this has left much of the country in limbo as gas prices climb and many states have declared a state of emergency.

    It’s being urged that residents in those states do not stock pile gas as that will only prolong the problem of shortages once operations resume. As of Wednesday, operations are still down but they say they hope to resume operations by the end of the week.

    It’s also been confirmed by the FBI that the RAAS (Ransomware As A Service) group DarkSide is responsible for the attack. They create hacking tools that are then used in attacks on businesses, the group itself usually targets for profit businesses in English speaking countries.

    As a relatively new hacking group, they have since August 2020 conducted attacks on various businesses trying to extort money from them by threatening to release the data they obtain in their hacking efforts. They claim to donate all or part of their ill-gotten gains to charity organizations. Their ransomware demands range from $200,000 to $2 million.

    They claim to operate with a code of ethics and will not attack hospitals, schools etc. However, this pipeline attack will have a trickle-down effect to those services and the public at large.

    Ransomware in any form is disruptive and violating and it’s clear more needs to be done to stamp out these attacks.

    Raising public awareness about cyber security and the efforts required to be safe online will help. In addition to that, requiring businesses to have protective measures in place will cut off these groups before they’re able to acquire the funding they need to become large hacking organizations.

    We need to work together to making hacking less lucrative, because as it’s been shown our way of life and public safety may be at stake.

    If you run a business and need help with your cyber security services, we’re here for you. We have tailored cyber security plans for businesses of all sizes, and we would be happy to guide you through the process of protecting your business. Schedule a free consultation here today.

    Update: As of Thursday, the Colonial Pipeline has resumed operations. It’s unknown how long the gas shortages caused by the outage will last.

    Looking for more to read? We suggest these tech articles from the last week.

    This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • It’s Not Your Imagination, Ramsonware is On the Rise

    It’s Not Your Imagination, Ramsonware is On the Rise

    We have talked about several major ransomware events over the past year, but these were far from unique. Ransomware and cyber security events have been on the rise lately and it’s been made abundantly apparent that NO ONE is immune to them.

    From the yet to be officially validated Kia Motors attack, to the narrowly avoided disaster with a Florida Water Plant. No attack had more widespread coverage for a while (including by us) than the SolarWinds breach that seems to go deeper and deeper. These are just a few in a massive list of growing ransomware events that have happened to companies of all sizes. If you think your business is too small to be a target think again.

    According to this Datto report, one in five small businesses will experience a ransomware event. While larger businesses may be eyed as prized targets by hackers, most of the time they also have the staff and resources to put up a better defense against cyber security threats. This makes them much harder for hackers to infiltrate.

    A lackadaisical attitude towards being hit by a ransomware can cost your business big time. Ransomware extortion amounts continue to skyrocket, with the average demand in Q3 2020 being $233,817 according to the cybersecurity firm Coveware.

    If you’re thinking a demand like that could bankrupt your business, you’d be correct in that fear. 60% of small businesses will go out of business within 6 months of a cyber security attack.

    We have made an infographic with statistics on cyber security threats in 2021 so far.

    Infographic on Cyber Security

    We’re not presenting this facts to you in an effort to make you feel hopeless, there is a way to prevent an attack from hitting your business in the first place. The ONLY way to avoid a serious cyber security threat is to have proactive cyber security prevents in place. Many business owners cannot achieve this on their own.

    Cyber security prevention is an ongoing process, it’s not just installing a virus scanning software and configuring a firewall and calling it good. Business level cyber security protections can be complex to configure and manage.

    Your business has more hardware, more data and more assets to protect. Comparing it to what’s needed to protect a home PC network is apples and oranges. If you’ve just been crossing your fingers that it won’t happen to you that’s NOT a good idea, because statistically there’s a good chance that it will.

    If your business needs assistance in a cyber security plan that’s not just about checking boxes or relying on hope but actually protecting all of the valuable systems you need to run your day-to-day operations, reach out to Valley Techlogic today.

    Looking for more to read? We suggest these tech articles from the last week.

    This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • The ransomware attack crippling a major repair firm that no one’s talking about

    The ransomware attack crippling a major repair firm that no one’s talking about

    Dell, Lenovo, even Apple brand computer and device repairs might be seeing major repair delays at the moment as a top repair firm they use was hit by a ransomware attack that ground their operations to a complete halt.

    This has been seemingly squashed as a news worthy event for the moment but we think customers should be made aware that if they send their desktop or laptop in for a repair at this time they face major delays in getting it back. In fact, there may be a delay in even getting a box to send the machine back in as even shipping has also been affected by this ransomware.

    Reported briefly by ItWire, this attack aimed at the security firm Symantec has taken down a number of systems across the country. From the attackers’ view point they were able to disable one of the end point protections allowing access, and to make matters worse the software was up to date at the time, leading to major questions as to how this was able to occur at all.

    CSAT, used by Dell, Lenovo, Apple and more was hit just over a week ago and customers have been facing problems ever since.

    We haven’t been able to confirm that any customer data was leaked, however, according to the ItWire article a number of screenshots of computer directories were placed online.

    If the General Data Protection Regulation (GDPR) that governs in the UK applied in this case, these companies should have reported any exposed customer data within 72 hours. It’s possible no customer data was leaked but the scope of this apparent ransomware has us questioning whether that’s true.

    We’re uncertain if business support class customers are facing the same delays as home users however as with most things there may be a trickle-down effect.

    The ransomware that allowed this to occur was called NetWalker and it’s been responsible for 10 major breaches just this year. It’s clear to us ransomware as a service is not going anywhere soon when the payouts are so lucrative.

    Released in April 2019, the average payout on a NetWalker attack is $175,000 in bitcoin following each successful campaign. One of the highest payouts was $1.14 million from the University of California. It’s estimated the NetWalker ransomware gang has made $25 million in all.

    This latest attack shows that it’s not only a loss of data and having to pay a hefty sum that come as side effects from being hit with ransomware, the affected security firm and repair firm are also experiencing a major loss of credibility with customers that they may never fully recover from.

    You may think your business is too small to be hit with a ransomware attack, but the fact is ransomware as a service has made orchestrating these attacks easier than ever. Even a small payout of a few thousand dollars may be worth it to some individuals with low moral standing just looking for some quick cash.

    Or maybe they’re not interested in your money at all, maybe they’re interested in your data which may be more lucrative for them. Also, many hackers commit their attacks just for the thrill of it and will think nothing of dismantling your technology operations and leaving you stranded.

    We don’t think this should happen to anyone; we can help businesses located in the Central Valley beef up their cyber security provisions to stop ransomware gangs in their tracks.

    VTL Cyber Security

    Looking for more to read? We suggest these tech articles from the last week.

    This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

    Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!

     

  • Ransomware and Small Businesses: Why Some of Them Just Pay It

    Ransomware and Small Businesses: Why Some of Them Just Pay It

     

    One of the biggest misconceptions among small business owners is that their company is too small to be the target of many cyber crime events – including ransomware. Statistically, this couldn’t be further from the truth.

    In 2019 205,280 businesses submitted files that were victim to a ransomware attack, and 71% of those attacks were aimed at small to medium sized businesses. The average payout was $41,198, but many payments are significantly higher. Could your business withstand losing a lump sum of money right now?

    Luckily for many businesses the use of prevention tools and having a proactive tech team means you won’t have to, but what if you’re not so lucky? Why do some businesses just pay the ransomware?

    For many businesses their computer systems are directly tied to their day to day operations. So, if your files are being held by a hacker (or many times a group of hackers) you’re basically shut down. As a business you require your day to day operations to remain sustainable, but for many the margin for sustainability and being out of business is razor thin.

    This means their business won’t survive an extended downtime while they wait for authorities to try to get their files back (if they ever do). So, they just pay the ransom.

    Another scenario is if you’re in a sector where client confidentiality is paramount (think healthcare or finance), then the leaking of those details and the fines incurred will also put you out of business.

    When it comes to ransomware the best method of protection is prevention. This means making sure your computers remain up to date – as of this posting there is a dangerous worm targeting Windows machines that haven’t been updated (learn more here.) It also means having a comprehensive security suite protecting all the machines attached to your network (even mobile ones!).

    Finally, the best means of protection is having a good IT team backing your business – and backing up your important files! Your tech team will often be able to restore from backup if you DO get hit by ransomware despite having the other methods of protection in place. Their backup could literally save your business.

    If you’re in the Central Valley and don’t feel 100% confident your business will be protected in the event of a ransomware attack, reach out to us today.

    This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

    Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!

  • 2020 is Here – Here’s your Technology and Cybersecurity Forecast

    2020 is Here – Here’s your Technology and Cybersecurity Forecast

    It’s 2020 and the start of a new decade. Technology has changed a lot since the beginning of the last decade. Inexpensive computer options like Raspberry Pi and Chromebook became available, the first iPad was released.

    Computing also got a lot faster, the first 8 core processors were released, solid state drives became a lot more widespread, and graphic cards reached new heights for computer gamers shattering the previously achievable FPS (frames per second) and ushering in a new era of high-end gaming.

    The previous decade also brought new records on cybersecurity issues but unfortunately not in a positive light. Malware became more sophisticated and harder to track, ransomware became widespread (it’s estimated it cost the US $7.5 billion in 2019). So, what’s on the horizon for 2020 and beyond in the realms of technology and cybersecurity?

    As wearable technology advances increase, we will see even more of it aimed at integrating tech with the world around us. Augmented reality devices will probably become more accessible and affordable. Sensor technology will continue to increase which will have a positive effect on healthcare and our ability to detect health scares before they advance to something serious (see watches now aimed at keeping track of our blood pressure and heart rate).

    Needless to say it will be something to look out for as our society becomes more dependent on the IoT (Internet of Things), for good and for bad.

    What about the field of cybersecurity? While it’s probably true hackers won’t stop trying to gain access to our private information – especially as it pertains to our financials – even the most layman user of technology is becoming keen to protecting their privacy.

    Consumers will demand corporations be made accountable for leaks of private data and businesses not wanting to shoulder the financial burden of an attack (or the bad press) will utilize the tools available to thwart would be bad actors in their tracks.

    On that front we can help. At Valley Techlogic we are on a mission to have the most comprehensive and effective cybersecurity tools available to protect our clients. We also offer 24/7 help desk so no matter when you have a problem, we’re on it.

    If you’re in the Central Valley or surrounding area reach out today for a free security audit and begin this new decade tackling your business’s technology needs.

    This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can visit us on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://twitter.com/valleytechlogic.