Wiperware: New Malware That Shouldn’t Be Taken Lightly

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Any business can be a target for hackers who use ransomware. However, in recent months, a major new threat has emerged. The recent Petya attack was initially perceived to be another form of ransomware.

However, as the firms involved took stock in the aftermath of the events, it became apparent that the attack took the form of “wipeware,” code that is designed to completely destroy the files stored on any system.

What is wiperware?

Wiperware is designed with one goal in mind: total destruction. The malware asks users to install a software update and then it immediately takes control of the device. Once it has gained admin access, it completely overwrites all files on the device and in some cases the entire network. Any attached storage is also vulnerable, included USB external drives, memory sticks and network shared drives.

While the motivations behind Petya remain unknown, what is abundantly clear is that wiperware is a threat that needs to be taken very seriously. Here are a couple of things you can do right now. [Read more…]

Rules Of Thumb To Avoid An Infection

Anthony Glover is Tech Expert’s senior network engineer and service manager.

A virus can be an upsetting, expensive endeavor to deal with. A virus can wreak havoc on your personal files (like important spreadsheets or family photos) or the system files that keep your computer functioning.

These files can become corrupted, encrypted, or deleted, which makes recovery difficult or sometimes impossible.

Some less obvious viruses — the ones that might slow down your system instead of destroying it — can still affect you by stealing data and what you type on your keyboard, gaining access to your stored credit card information or important sites you use, like your bank. [Read more…]

Anti-Virus: It’s Worth Protecting Yourself

Ron Cochran is a senior help desk technician for Tech Experts.

You can have any machine — from the latest and greatest, to the old dinosaur in the corner — but if you don’t have virus protection, your latest and greatest machine might soon run like that dinosaur in the corner.

All of your sensitive images, documents, billing information, and passwords are subject to infection. No matter how careful you are, there is always something that slips through the cracks.

Often, users say, “I have such and such subscription,” or “I don’t click on anything I don’t know,” but the people spending countless hours causing havoc on computer users will always find new and sneaky ways to infect computers.

Viruses can be attached to images or links on websites. They can also be renamed to look like something that you should install. Once inside your computer, they are hard to track down even by a seasoned computer technician.

Viruses very rarely remove anything from your computer. Instead, they have a tendency to add things that can record your activities on your computer. A person could install a silent program that will start recording your keystrokes triggered by keywords; it can also take a screenshot or record email addresses and passwords. Most of the time, they don’t need to even gain access back to your computer to report the data.

They can have an email sent from your computer and Internet connection without you knowing it. That email, secretly sent from you to them, would contain your information (keystrokes, clicks, etc.).

By now, you have heard of the “crypto virus” and all of its variants. There are many solutions out there, but select few offer “zero-hour” infection reversal, however it’s something that businesses can especially benefit from. Let’s say you accidentally encrypt your machine; it would then be inaccessible until you pay the ransom to unlock your files.

Protection that offers infection reversal can revert your system back to its state right before you were infected and it would be like you never infected by the virus at all. This feature is part of Webroot Secure Anywhere, which is something we can provide.

Viruses not only help people steal your data, but they can also delete or corrupt files, degrade system performance, and make your computer run slower.

Viruses can also prevent programs from working and they can use your email to send out copies of itself to your contacts and other users. Sometimes, they can disable your computer from starting up by corrupting your BIOS firmware.

A couple of the main things that you’ll notice once you’re infected is that your system could run slower and you’ll receive all kinds of fake pop-ups, ads, warnings from “Microsoft,” etc. These type of files are referred to as “scareware” and the makers feed on the fear that you might lose your data, so you’ll pay them to “unlock” your system or “remove” the virus.

Again, we go back to protection. If you had virus protection, then it’s likely that would stop it before it even established itself inside your computer.

There are a few things you should do, if you haven’t already: get some sort of whole computer protection (such as Webroot), have restore points saved on your operating system, have a backup of your operating system install saved on some sort of external media, and save your documents, pictures, and videos to an external source.

When you find yourself in a predicament where you have to wipe an entire computer to remove an infection, you’ll be glad you took the time to prepare for the worst.

The Importance Of Having Ad-Blockers

Luke Gruden is a help desk technician for Tech Experts.

Every day, millions of people go online and go to a familiar website, just to get an advertisement pop-up that disrupts their online experience.

Ads are a way of life for many websites to generate profit from viewers visiting their website and, when clicked, these ads can take a person to another website, usually for their product.

While annoying and harmless when used as intended, issues in this system start to happen when the intentions of an “advertiser” go beyond just advertisement.

There are malicious people on the Internet utilizing advertisements to leave our computers and information vulnerable for theft and abuse.

Some advertisements will come in as scareware trying to pressure people into calling their number or download a harmful program.

Scareware is a common pop-up that thousands have fallen victim to – giving up Social Security numbers or access to bank accounts, allowing malicious connections to their computers, leaving networks vulnerable and infected, and more.

Some advertisements, if not filtered by a website correctly, can actually contain viruses and infections that don’t allow a person an opportunity to protect their own browser and computer.

These infections usually leave spyware and trojans that try to steal your information from your computer.

Surprisingly, the websites with these sorts of advertisements may have never intended for you to fall victim to scareware or other infections.

Usually, websites with these ads tend to be smaller websites using an advertisement agency that does not fully screen all the advertisements they are receiving, allowing malicious people to send their harmful information out onto the Internet.

There is a very simple solution to these real threats: ad-blocking software. If you use Firefox or Google Chrome, there are two good options that you can attach to your browser.

The first option is Adblock Plus, which is a common choice that works well. There is also uBlock Origin that uses less processing power than Adblock Plus that also blocks most advertisements. Both of these options will go a very long way in protecting your computer.

If you are using Internet Explorer or Microsoft Edge, these web browsers do not support add-ons and have weak advertisement blocking capabilities.

Firefox and Chrome on their own, even without add-ons, are more secure than Internet Explorer. If you have not switched to Chrome or Firefox, I highly recommend you make the change soon.

The installation processes for Adblock Plus and uBlock Origins are very straightforward and easy on Chrome and Firefox. You can Google the ad-blocker you want to use and go to either the Chrome web store or Add-ons For Firefox, based on which browser you are using.

Keep in mind that this isn’t a substitute for anti-virus. Ad-blocking extensions for your browser simply help to block the things that could become nasty infections.

For a more protected computer, you should absolutely use both anti-virus and ad-blockers.

If you need help setting up ad-block software or have questions, you can always contact Tech Experts.

Stay safe and remember to use ad-blocking software to keep your Internet experience safe.

Five Common Causes For Business Computer Slowdowns And How To Fix Them

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

All computers inevitably slow down at some point. The more we use them to download programs, install extensions, and fill up the hard drive with files, movies, and photographs, the slower they get.

Fortunately, keeping your computer running at a rapid pace is relatively straightforward, providing you develop some basic electronic housekeeping habits.

Here are the top five reasons computers slow down and how you can fix them.

Your hard drive is failing
Hard drives fail eventually, so make sure you backup your files on a regular basis. Some users claim that solid state drives (SSDs) are more reliable than hard drives because they don’t incorporate moving parts. However, that’s nothing more than a myth and the data stored on them can still be corrupted. [Read more…]

Five Tips For Staying Ahead Of Malware

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Malicious software has become an everyday issue for many computer users, and it can have serious implications for your finances. To keep your information, data, and finances safe, you need to be aware of the common threats to your online security that exist and how you can protect yourself against fraudulent activity.

According to research from Kaspersky Security, malicious software, which is also commonly referred to as malware, impacted as many as 34.2% of computer users in 2015. But what is malware and how does it work?

Malware is somewhat different than computer viruses because instead of completely stopping your computer from operating, it sits quietly in your system stealing important and sensitive information.

It is estimated that over 1 million new forms of malware are released on a daily basis in the form of spyware, Trojan horses, phishing links, and ransomware. [Read more…]

Anti-Virus Advice For Your Small Business

Brian Bronikowski is a field service technician for Tech Experts.

Anti-virus has always been a major concern for users at all levels. From trojans and keylogging programs, to ransomware and malicious software, there is always a new threat on the table.

When we purchase an anti-virus software, there is a certain feeling of security we expect to have, that there is no worry when it comes to those malicious attacks. That’s what the money goes towards. The problem is that sometimes anti-virus actually does quite the opposite.

In a recent study, household name Symantec (Norton) was labelled with multiple critical vulnerabilities that in fact make the system less secure than if it was running without an anti-virus program.

One would hope that a company of this size would be able to resolve these before they’re discovered — or at the very least, promptly look for ways to clean up their act. Unfortunately, Symantec wanted to put on the brakes and wait before patching these flaws that affect every product associated with the company.

Most of the affected systems have been patched since the first reports from June. When you see a report like this and pair it with the performance-degrading effects large anti-virus companies impose, it becomes a simple question: what do you do?

There are a multitude of protection software on the Internet and in-store. Some of these will go back and forth in terms of highest rankings. Some are big brands that are pre-installed on most computers. Others are less well known, but gaining ground. It’s all about finding the right one for you.

More often than not, we will see the likes of McAfee and Norton on systems. These are loaded for you when you buy a new system and will start as a trial. Users will often purchase the system instead of going through the arduous task of properly removing an anti-virus program.

The problem here is that generally the user will purchase whatever is “recommended” which will often be an entire security suite. These will bring a low-end computer to a halt and greatly degrade the mid-range and higher end computers.

It is important to stay away from the big names like these as there is little innovation and plenty of flaws. Some of these flaws may be performance alone and others are security flaws.

Some of the lesser known programs are often times a good alternative. With these, it’s always good to look at any recent vulnerabilities or complaints users have had.

Some protection systems have deleted files or overwritten system files in the past. Research is important for these situations. That said, common free programs, such as AVG and Avast, are found on millions of systems.

Keep in mind, most free protection softwares have one catch or another. Spam-like interfaces that constantly ask for purchase or the requirement for manual scanning are the most common culprits. If you are able to stay on top of things, these can work out well enough.

Unfortunately, most users are unable to due to the workload given to them. Protection ends up being an afterthought; one that can cost a lot more than the software itself. There is one nearly foolproof way to get rid of these worries for good: allowing professionals to take care of your protection.

Tech Experts is able to supply a managed anti-virus that is inexpensive, well-reviewed, and kept up-to-date with the latest virus definitions. We are able to install it in both home and business environments.

With that in mind, it’s an easy choice when picking what you want to shield you from the dangers of the digital world.

Do You Have A Blind Spot In Your Security?

Security is only as good as its weakest link — one blind spot and a company can be compromised. It is important that each aspect of a company’s security is understood and up to date.

With the following best security practices, it can be better understood what to be aware of and how to better advance a company’s security.

From remote hackers, to in-person social engineering, and even your own e-mail, there are different methods of attacks and means of defense to maintain a company’s integrity.

Physical Security
The basic defense that predates IT security is physical security. Locked doors, restricted access, and watch patrol are some of the oldest methods to prevent aggressive physical security breaches.

Technology has only made physical security even better with security cameras, alarm systems, RFID badges, and biometric systems that identify a person from their physical being. Having the appropriate physical security is key to preventing and deterring break-ins and stolen items.

Social Engineering
With the right words and story, some people gain access to compromising areas and information that can give a company a real bad time.

Without a physical break-in or even a computer, social engineering works against human psychology, finding the vulnerabilities of staff and workers to trick and deceive their way past security. The best way to defend from this is to have a strong and easily understood security policy that educates staff and workers not give out credentials and access to unauthorized personnel.

Phishing
Billions of emails are sent out every day — promising a vacation, warning people about their bank accounts, or asking for charity — that are entirely design to steal or compromise a person or company. Phishing targets everybody, asking for credit card numbers, asking a person to sign in to their account on a fake site, or taking something in other ways.

Do not open emails or download email attachments with suspicious or unknown origins. If an email looks odd or is too good to be true, call or check a website directly to confirm if an email is legitimate.

Clicking or falling for phishing could end with a stolen identity, stolen money, or a locked PC or network demanding ransom money. Be smart and wise about checking emails.

Hackers
There are people that spend most of their day trying to break security codes, finding software loop holes, and other abstract means to force their way through digital security to gain illegal access to computers.

There are just as many (if not more) people working together to prevent such people from ever gaining access with new security measures and patches. To protect a PC or a company from hackers, always update your security definitions on Windows and antivirus software. Knowing what software to trust and what updates are needed are important ensuring digital security. We at Tech Experts make it our business to keep digital security online and updated at all times, so that no one has to fall victim to the unseen security threat.

Being aware of these different security risk and knowing how to defend from them can give a strong basis in understanding and learning in what needs to be done to keep a company or person secure.

Security is always evolving and changing, but having a modern understanding with security in place can make the difference between a secure environment and a risky work place that could come to a grinding halt when security is breached. Be safe, be smart, and be productive with good security.

Yes, You Can Still Get Infected – Even With Anti-Virus

Scott Blake is a Senior Network Engineer with Tech Experts.

With the sudden release of a new variants of malware and ransomware such as CryptoWall, users are wondering why their anti-virus programs are not blocking the ransomware infection from infecting their computer.

As with many other forms of malware, the infection needs to exist before a cure or way to detect the threat can be created. This takes time and during this period of R&D, the malware spreads like wildfire.

While there are several forms and classifications of infections, there are basically only two different methods in which infections are released into your system: User Initiated and Self Extraction.

User Initiated infections are caused by a user clicking on a link within a webpage or email or by opening infected email attachment. Once opened, the malware is released and quickly spreads throughout your system.

Because the user manually clicked on or opened the link/document, most anti-virus programs receive this as an authorized override by the user and either internally whitelists the link/document or skips the scan.

CryptoWall is spread through this method, usually contained within an infected Word, Excel or PDF document. The creators of these programs take advantage of the programming of the document to hide the infection.

With the world becoming a paperless society, we are becoming more and more accepting of receiving and opening attachments sent to us through email. It has practically become second nature to just click and open anything we receive, regardless of any warning.

Self-Extracting infections are exactly what they’re named. These infections require no outside assistance to worm their way through your system, infecting as they go.

The number one method creators of this form use to place their software on your system is through “piggy back” downloads.

Red button on a dirty old panel, selective focus - virus

Piggy back downloads occur when you authorize the download and install of one program and other programs (related or unrelated to the original program) are automatically downloaded and installed with it. The most common way is by downloading programs promising to speed up your computer.

Infections can also exist on your system and lay dormant for long periods of time, waiting for the computer to reach a certain calendar day or time. These infections are called “time bomb” infections. Just like piggy back infections, they require no outside assistance to infect your system.

They are mostly found buried in the registry of the system or deep within the system folders. Because they are not active on the time of placement, most anti-virus programs will not detect them. Active reporting through toolbars is another means of becoming infected over time.

When a user downloads and installs a toolbar for their browser, they authorize at the time of install that it is okay to install and all of its actions are safe. However, most toolbars are actively scanning, recording, and reporting back to the creator. They also act have conduits for installations of other unwanted programs behind the scene.

If left unchecked, those additional programs can become gateways for hackers to gain access to your system and spread even more infections.

To help stop the spread of malware/ransomware such as CryptoWall and its variants, we need to become more vigilant in our actions when either surfing the Internet or opening email and attachments.

The best rule of thumb to follow for email is: if you don’t know the sender, or you didn’t ask for the attachment, delete it. As for websites, read carefully before you download anything and avoid adding toolbars.

Strategically Upgrading Your Computer Systems

Michael Menor is Vice President of Support Services for Tech Experts.

With technology growing faster than most businesses can keep up with, organizations have to continuously upgrade their solutions in order to maintain a semblance of modernity. The only issue with this is that many businesses can’t keep up, simply because they don’t have a team that’s dedicated to this important task.

What technology upgrades should be made a top priority and why?

Naturally, the first thing you need to know about workstation and technology updates is that you need to integrate them periodically in order to ensure optimal security for your organization.

Most viruses and malware will attempt to take advantage of weaknesses in your infrastructure in order to infiltrate it.

These weaknesses in your software and operating systems’ source code will ultimately allow these threats to force their way into your network, putting any contained information at risk.

These flaws are often addressed in software patches and system updates issued by the software developer, but tackling the updates in a timely fashion is a whole other monster.

Managing all software updates is easier said than done, especially without a dedicated IT department watching over your technology. Regular maintenance is often pushed to the back burner and dangerously close to being forgotten about.

Therefore, the best way to make sure that your systems are prepared to handle the threats that are found in today’s computing environment is to make upgrading your technology a priority for your organization.

Software Updates
There are several programs that your organization needs in order to stay functional, so your software updates aren’t limited to just your workstations’ operating systems.

The fewer unnecessary security flaws that can be found in your IT infrastructure, the safer your information will be.

Furthermore, users who are working with top-notch, optimized technology will be far more productive than they would be if they were using sluggish, bogged down computers.

It doesn’t make any sense to let your employees use machines that hold them back from achieving their maximum productivity.

In fact, sometimes you might encounter a situation where using a different software will be better for your business strategy.

It’s always recommended that you consult with a professional technician before making drastic changes to your business’s software infrastructure.

Antivirus Updates
Your antivirus solution is often a software solution, but virus and malware definitions are continuously being updated.

If your antivirus and other security software solutions aren’t properly maintained, it’s like you’re “leaving your keys in the front door,” so to speak.

Your antivirus solution needs to be managed on all workstations – or, better yet, centrally controlled from the server to ensure that all users are protected and up to date at all times.

Hardware Updates
Older hardware that’s been around the block a time or two might have proven reliable, but it will eventually start to show signs of its old age. Hardware failure becomes more likely and you run the risk of losing information due to the degradation of your technology.

This is why monitoring your systems for faulty tech and periodically upgrading to more recent models is preferable, if not necessary.

Granted, all of these software and hardware upgrades may feel overwhelming. This is why Tech Experts offers a remote monitoring and maintenance solution that’s designed to administer patches to your mission-critical systems remotely.

This helps your organization ensure that your systems are always up-to-date. We can also monitor your infrastructure for any irregularities that might be caused by hardware malfunctions, hackers, and much more. Call us at (734) 457-5000, or email info@mytechexperts.com to learn more.