Five Ways To Prepare For, Respond To, And Recover From A Cyberattack

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

When we asked businesses about cybersecurity threats, breach points, policies, company readiness, and recovery, we were surprised at the responses that we received.

The most frightening response of all was the following: “We have no formal process for assessing readiness to deal with a cyberattack of any sort.”

Hindsight is always 20/20 – how many times has something happened that you could have and should have prevented?

Here are five ways to prepare every company for a cyberattack:

[Read more…]

The Best Ways To Deal With Security Threats

Jason Cooley is Support Services Manager for Tech Experts.

Only several weeks into 2018 and computer security has been a huge topic of discussion.

The Meltdown and Spectre discovery at the beginning of the year put people on notice. Any device with a modern processor could have potentially been affected.

While wide-scale vulnerabilities like Meltdown and Spectre are not common, it has brought some much needed attention to the potential of an attack.

Security vulnerabilities happen in many different ways, through different methods. There have been both hardware and software related issues that could have left a person open to an attack. Designed to steal data or infect your system, neither are hassles that anyone wants to spend time dealing with.

Hardware vulnerabilities are fewer and farther between when compared to software issues.

Software always has updates and upgrades or new programs for new uses. Because of the nature of software in a traditional Windows setting, many programs have access to file systems and other sensitive system information.

Have you ever installed software of some sort? Do you recall being prompted to allow the software to make changes to your computer? These privileges, while necessary to run the software, give the software the right to access and make changes to your system.

Typically, this is fine, especially with a trusted software company behind what you are using.

It would be nearly impossible to examine all potential areas of a program to see if there was any possible flaw or vulnerability that could be exploited.

Coding for software can get very in-depth and there are millions of characters involved.

As with all technology, it is constantly changing. A message telling you “software updates are available” is almost certainly something you have seen before. These changes can add functionality, but a lot of times, they are doing so much more.

Take Windows, for example. With millions of devices running on some version of Microsoft’s operating system, finding Windows security vulnerabilities are a priority for developers and the people behind the malicious attacks alike.

Microsoft is a tech mainstay, and one of the biggest players in business, and they are definitely not immune to having flaws that could leave you at risk.

There is good news, however.

Microsoft is constantly updating and patching their operating systems to close any potential flaws that are discovered. Those “annoying” Window’s updates? They are potentially protecting you from data theft.

Does waiting on updates when turning on your computer leave you feeling frustrated? That update may save your computer from malicious software.

Hackers and others behind malicious activities and data theft often find new ways in on existing systems, making updates necessary to fix the newly discovered flaws.

When it comes to security, the best thing for you and your computer is to stay up-to-date on those security updates and patches.

This creates a problem for older operating systems. When Microsoft stops updating an operating system, any discovered flaws remain unfixed. This has recently happened with Windows XP and Windows 7 will soon join the list.

Also keep in mind that out-of-date web browsers, such as Google Chrome and Microsoft Edge, can leave you at risk. Productivity software, like Microsoft Office, because of the way it operates and accesses both the system and network, has great attack potential when not properly updated and patched.

So, outside of the operating system, what other software should you keep up-to-date?

All of it. It is definitely better to be safe than sorry when it comes to your computer and personal data, so play it safe and keep it up-to-date.

Meltdown and Spectre: Protect Yourself With Updates

Jason Cooley is Support Services Manager for Tech Experts.

As I am writing this, it has been about a month since news broke of Meltdown and Spectre, two separate vulnerabilities affecting nearly every smartphone and PC in use today. It affects all modern processors – which encompasses a whole lot of users.

Meltdown and Spectre are different fundamentally, but they use a similar vulnerability to do different things. So what are the differences?

Meltdown breaks the isolation between user applications and the operating system. This allows a program to access the memory and, therefore, the processes and data of the software, even when it is not authorized to do so. [Read more…]

Windows Updates: Allow Them, Don’t Block Them

Ron Cochran is Help Desk supervisor for Tech Experts.

One of the first things you should do when purchasing a new computer (or rehabilitating an older computer) is to make sure the operating system is up-to-date with the latest security patches. In some cases, people disable the automatic updates and this can cause a whole host of issues.

Microsoft regularly puts out security patches, as well as other patches for their software. These patches are applied through the automatic update process. When that process is disabled, this means your computer hasn’t received the latest updates from Microsoft. Because your updates are halted, the system vulnerabilities that Microsoft engineers have found have not been repaired on your system.

You may remember the WannaCry Ransomware attack or, by now, heard of the most recent news of the Intel CPU flaw with Meltdown and Spectre. These two vulnerabilities, if exploited, can wreak havoc on an affected computer.

An affected system could suffer circuit issues, data corruption, system instability, and even data theft. There are always going to be people doing nefarious things when it comes to computers and the Internet, but the engineers behind your operating system and your antivirus company will always be on top of a fix for the vulnerability as soon as it is discovered.

Did you know that Microsoft releases most Windows Update patches on “Patch Tuesday” – the second Tuesday of each month? This keeps automatic system reboots to a minimum and also assists managed service providers like Tech Experts in ensuring that all of their clients’ servers and workstations have the latest software and security patches installed.

At home, you can set your Windows Updates to the “Automatic” option. That way, your system will automatically check for Windows Updates every 24 hours or so if the computer is connected to the Internet.

If you’re thinking to yourself, “I just use my home computer for browsing DIY pages, listening to music, and sending emails. Why would anyone want to get into my computer?,” reconsider how much personal information is actually stored.

It may seem as though your computer wouldn’t hold much useful information, but a hacker only needs a few passwords, an email address, phone number, and address to potentially gain access to cell phone accounts, shopping site accounts, tax information, and even banking and credit card accounts.

Even if the hacker isn’t looking for personal information like that listed above, they could still use your computer to send spam emails to other computers all over the world, slowing down your computer and Internet and causing a whole slew of issues for other computer owners.

Keeping your operating system up-to-date with the latest updates and security patches, keeping your anti-malware and anti-virus software updated and running on a regular basis, and adding robust security settings to your router and firewall will help keep all of these vulnerabilities behind closed doors. At least, until the software engineers can create and deploy the patches and updates to block access to them.

Important Aspects of Cybersecurity

Evan Schendel is a help desk specialist for Tech Experts.

In this age where dangers lie around every digital corner on your computer, what could possibly keep everyone safe and secure?

Cybersecurity experts are the first line of defense and are quite good at holding that line. These experts protect many fields ranging from hardware and software to sensitive data and financial information, even users themselves.

Hardware and Software

The maliciousness of viruses can cripple whole systems and a countless number of links or applications can deliver dangerous viruses or malware. These viruses and dangers evolve every day.

Hardware can be manipulated by vulnerabilities and exploitations as well. Without intention of frightening you, each part of your computer could be of interest to the right person, as the recent Meltdown and Spectre issues have shown. It isn’t simply your operating system or data that can be affected.

This constant cycle of attacker-and-defender leaves thousands of unfilled jobs for cybersecurity and the protection of devices. If these jobs were not filled or properly trained, computer systems across the world would fall prey to hackers. However, your device itself is not the only thing that can be harmed.

Sensitive Data and Users

When unauthorized hands gain access to personal information, it can lead to disaster. A person’s financial and personal data is important and the people who protect that data are far fewer than those seeking it out.

Anti-virus programs are made by people who know viruses well, often those who had created viruses or malware prior to their more noble ventures.

These should always stay updated and definitions for these pieces of software tend to be updated with frightening frequency. Staying up-to-date on malicious software and code is the only real method of stopping it, after all.

Systems administrators also have the need for people who can spot discrepancies or potentially malicious actions in their networks and keep standards up to snuff. Passwords and safety precautions must be set to a standard that is important to follow and uphold.

Information over the phone can also be an issue, as many users have trouble distinguishing a scammer from a legitimate caller. This is where education and prevention come in.

Educating people about how potential scammers may work is one of the most important aspects in preventing unsuspecting folks from giving their credit card information away, or worse.

Preventing these scammers from calling thousands of people a day is also of utmost importance, but requires experts and trained technicians (even the government, in some cases) to crack down on these cyber criminals.

Lastly, the most vulnerable aspect of a computer’s security is, unfortunately, the user. Tricky emails and legitimate-looking sites can be incredibly tough to distinguish from the original product. Most wouldn’t even suspect such an uncanny replication.

This is where user error molds with a criminal’s savvy nature. If this sounds unrealistic to fall for, then it’s even better, but more times than not, someone will fall for it – even the experts can be fooled by sophisticated trickery or maybe a simple lack of awareness. Luckily, if this is the first issue, the other sections can come into play and protect your systems and yourself from being subject to data loss or cyber-thievery.

Yahoo! And The Hack Heard ‘Round The World

Evan Schendel is a help desk specialist for Tech Experts.

In the age of Russian super-hackers and nationwide credit reporting agencies with pitiful security, what could be safe? One thing is for sure – not Yahoo!.

In September of 2016, Yahoo! released the news that 500 million accounts were hacked in the latter half of 2014. That news severely impacted Verizon’s business deal to buy them out, but they only lowered the price by $350 million USD to a total of $4.48 billion USD.

Three months after this business deal was done and the prior hack had been announced, Yahoo! let the nation know that approximately 1 billion accounts had been hacked in 2013. Verizon was not pleased, to say the least.

Just recently, Yahoo! released even more grave information.

In the earlier part of October, Yahoo! bumped the number of affected accounts up to 3 billion. This estimate encompasses every single Yahoo! account, including its subsidiaries like Tumblr and Flickr. That is a lot of data – and if you had any accounts (even unused) linked to these websites dating back to 2014, you could have even had the information sold.

The cybersecurity firm InfoArmor has reported some of this information has been sold on the dark web, a small part of the web not indexed by search engines.

The group selling this information has sold the data to three sources, two of which are known spammers. All paid upwards of $300,000 USD.

With this information, reused passwords from past accounts can be the largest risk, as many people recycle the same password(s) for all of their various online accounts. While no financial information was stolen, security questions, dates of birth, and backup emails were taken.

All of this can be used for not only breaking into the Yahoo! account in question, but also any other accounts with similar information.

A good course of action from here on would be to, as you should, never reuse passwords, and change any existing passwords you feel might be in danger. Ensure that no shady happenings have occurred with any accounts, up to and including bank accounts.

The information sold was reportedly utilized to spy on a range of US White House and military officials, alongside Russian business executives and government officials.

With this information kept in mind, a document was released stating that four men were indicted, two of whom were Russian intelligence officers working for the Russian Federal Security Service. Which is, ironically enough, an agency dedicated to aiding foreign intelligence agencies track cybercriminals.

To finalize, remember to keep safety measures on all your accounts and protect yourself from email fraud or spam to the best of your ability. Only sign up for accounts on legitimate websites and, when you do create an account, use a unique password for that site. For sites with sensitive information, elect to use two-factor authentication when possible.

That way, when a company’s security is pushed back in lieu of other things, you can serve as a second defense for yourself.

Is Your Network Due For A Security Audit?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Businesses always face security risks from a variety of different sources.

Performing a security audit can help you to identify where you have exposures, develop a better understanding of the security policies and controls you have in place, and catalog your IT assets.

This article presents a quick and simple guide to performing a robust security audit that will help safeguard your organization against risks.

Define the physical scope of the audit
The first major task involves determining exactly what you will audit.

For example, you may wish to focus on business processes, such as financial reporting, or asset groups, such as a specific branch office. [Read more…]

Anti-Virus: It’s Worth Protecting Yourself

Ron Cochran is a senior help desk technician for Tech Experts.

You can have any machine — from the latest and greatest, to the old dinosaur in the corner — but if you don’t have virus protection, your latest and greatest machine might soon run like that dinosaur in the corner.

All of your sensitive images, documents, billing information, and passwords are subject to infection. No matter how careful you are, there is always something that slips through the cracks.

Often, users say, “I have such and such subscription,” or “I don’t click on anything I don’t know,” but the people spending countless hours causing havoc on computer users will always find new and sneaky ways to infect computers.

Viruses can be attached to images or links on websites. They can also be renamed to look like something that you should install. Once inside your computer, they are hard to track down even by a seasoned computer technician.

Viruses very rarely remove anything from your computer. Instead, they have a tendency to add things that can record your activities on your computer. A person could install a silent program that will start recording your keystrokes triggered by keywords; it can also take a screenshot or record email addresses and passwords. Most of the time, they don’t need to even gain access back to your computer to report the data.

They can have an email sent from your computer and Internet connection without you knowing it. That email, secretly sent from you to them, would contain your information (keystrokes, clicks, etc.).

By now, you have heard of the “crypto virus” and all of its variants. There are many solutions out there, but select few offer “zero-hour” infection reversal, however it’s something that businesses can especially benefit from. Let’s say you accidentally encrypt your machine; it would then be inaccessible until you pay the ransom to unlock your files.

Protection that offers infection reversal can revert your system back to its state right before you were infected and it would be like you never infected by the virus at all. This feature is part of Webroot Secure Anywhere, which is something we can provide.

Viruses not only help people steal your data, but they can also delete or corrupt files, degrade system performance, and make your computer run slower.

Viruses can also prevent programs from working and they can use your email to send out copies of itself to your contacts and other users. Sometimes, they can disable your computer from starting up by corrupting your BIOS firmware.

A couple of the main things that you’ll notice once you’re infected is that your system could run slower and you’ll receive all kinds of fake pop-ups, ads, warnings from “Microsoft,” etc. These type of files are referred to as “scareware” and the makers feed on the fear that you might lose your data, so you’ll pay them to “unlock” your system or “remove” the virus.

Again, we go back to protection. If you had virus protection, then it’s likely that would stop it before it even established itself inside your computer.

There are a few things you should do, if you haven’t already: get some sort of whole computer protection (such as Webroot), have restore points saved on your operating system, have a backup of your operating system install saved on some sort of external media, and save your documents, pictures, and videos to an external source.

When you find yourself in a predicament where you have to wipe an entire computer to remove an infection, you’ll be glad you took the time to prepare for the worst.

Anti-Virus Advice For Your Small Business

Brian Bronikowski is a field service technician for Tech Experts.

Anti-virus has always been a major concern for users at all levels. From trojans and keylogging programs, to ransomware and malicious software, there is always a new threat on the table.

When we purchase an anti-virus software, there is a certain feeling of security we expect to have, that there is no worry when it comes to those malicious attacks. That’s what the money goes towards. The problem is that sometimes anti-virus actually does quite the opposite.

In a recent study, household name Symantec (Norton) was labelled with multiple critical vulnerabilities that in fact make the system less secure than if it was running without an anti-virus program.

One would hope that a company of this size would be able to resolve these before they’re discovered — or at the very least, promptly look for ways to clean up their act. Unfortunately, Symantec wanted to put on the brakes and wait before patching these flaws that affect every product associated with the company.

Most of the affected systems have been patched since the first reports from June. When you see a report like this and pair it with the performance-degrading effects large anti-virus companies impose, it becomes a simple question: what do you do?

There are a multitude of protection software on the Internet and in-store. Some of these will go back and forth in terms of highest rankings. Some are big brands that are pre-installed on most computers. Others are less well known, but gaining ground. It’s all about finding the right one for you.

More often than not, we will see the likes of McAfee and Norton on systems. These are loaded for you when you buy a new system and will start as a trial. Users will often purchase the system instead of going through the arduous task of properly removing an anti-virus program.

The problem here is that generally the user will purchase whatever is “recommended” which will often be an entire security suite. These will bring a low-end computer to a halt and greatly degrade the mid-range and higher end computers.

It is important to stay away from the big names like these as there is little innovation and plenty of flaws. Some of these flaws may be performance alone and others are security flaws.

Some of the lesser known programs are often times a good alternative. With these, it’s always good to look at any recent vulnerabilities or complaints users have had.

Some protection systems have deleted files or overwritten system files in the past. Research is important for these situations. That said, common free programs, such as AVG and Avast, are found on millions of systems.

Keep in mind, most free protection softwares have one catch or another. Spam-like interfaces that constantly ask for purchase or the requirement for manual scanning are the most common culprits. If you are able to stay on top of things, these can work out well enough.

Unfortunately, most users are unable to due to the workload given to them. Protection ends up being an afterthought; one that can cost a lot more than the software itself. There is one nearly foolproof way to get rid of these worries for good: allowing professionals to take care of your protection.

Tech Experts is able to supply a managed anti-virus that is inexpensive, well-reviewed, and kept up-to-date with the latest virus definitions. We are able to install it in both home and business environments.

With that in mind, it’s an easy choice when picking what you want to shield you from the dangers of the digital world.

Severe Security Vulnerabilities Patched By Microsoft

Early last month, Microsoft released 13 security patches as part of Patch Tuesday.

While such security measures are usual, this one was particularly important because six of those patches were categorized as critical and require user attention to be put into place.

These six patches addressed programming flaws that had the potential to give cyber-attackers the means to gain full user rights in a wide array of Microsoft’s software programs. The remaining seven patches address the elevation of privileges, denial of service, and ways to bypass security features.

The programs that were at risk from these flaws included all supported versions of Microsoft Windows, the new Edge browser, Internet Explorer, Microsoft Office (including Services and Web Apps), Microsoft Server Software, Adobe Flash Player, and Microsoft .NET Framework.

According to Microsoft, these flaws were detected before any actual security breaches stemming from these issues actually occurred.

If they had not been discovered, cybercriminals may have been able to gain user rights to Microsoft programs via specially crafted websites from remote locations.

Microsoft strongly urges Windows Vista and later operating system users to ensure the latest updates have been installed, especially if they do not have their systems set for Automatic Updates.