TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Four Signs You’re Under Attack From Ransomware

You’ve probably heard a lot about ransomware recently. This is the computer attack where a hacker locks you out of your systems and data. And you must pay a ransom, typically in Bitcoin, to get access again.

While it’s not a new crime, it’s one of the fastest growing crimes online because it’s so lucrative to criminals. Thanks to COVID and work-from-home, more and more businesses are unintentionally opening themselves up to the threat.

In fact, it’s estimated there are more than a hundred calls to insurers every day relating to problems caused by ransomware. Unless you take necessary precautions, your business could fall victim.

But how do you know you’re not already under attack? Because here’s something most people don’t realize about ransomware. If a hacker gets access to your systems today, they won’t launch the attack right away. It can take around 60 to 100 days – if not longer – from the time you’re breached, to the delivery of ransomware.

You might be wondering why these cybercriminals spend such a long time launching their attack. They spend weeks or more just skulking around, investigating your network for weaknesses, and waiting for just the right time to maximize their profit.

So how do you know if you’re under attack? And what do you do if you are? Here are four of the best ways for you to check that your network is safe and secure.

Check for open RDP links
What’s an RDP link and how do you open or close it? We don’t want to get too techy here, so put simply, an RDP (or Remote Desktop Protocol) is Microsoft technology that allows a local computer to connect to and control a remote PC over a network or the Internet.

You’re probably utilizing this kind of thing if you’ve had any of your people working from home this year, as it makes remote access a lot easier. But RDP links left open to the Internet are a very common route for cybercriminals to enter your network.

Look for unexpected software
One of the methods ransomware gangs use to take control of your system is certain software tools. It’s important that you use a network scanner to check exactly what’s running and who’s running it.

Often, cybercriminals will take control of just one PC first, perhaps using a phishing email to persuade someone to click on a bad link without realizing it. Once they have control of one PC, they can then target the entire network.

Criminals also utilize tools to steal your passwords and log-in credentials. If you spot anything unfamiliar anywhere in your system, contact your IT support partner, who can investigate further.

Monitor your administrators
Your network administrators typically have the authority over which applications are downloaded to your network. So what’s the best way for hackers to download the applications they need? They create a new administrator account for themselves.

Then they can download whichever tools they need to compromise your network.

Check for disabled tools and software
Once the cybercriminals have administrator rights, they can locate and disable your security software. You can tell that an attack is close to being launched if something called Active Directory and your domain controllers are disabled.

Next, any backup data the criminals have found will be corrupted. And any systems that automatically deploy software will also be disabled to stop your attempts to update your computers after an attack.

It’s worth remembering that this will all be done slowly. Your hackers will take their time because that makes it much harder to detect them.

Once an attack has been launched and your data held to ransom, most of the time there’s little you can do other than attempt to restore backups. Or pay the ransom.

The hackers have normally been so thorough with their preparation that even the best IT security specialists have few options open to them.

So, once you’ve detected that something might be wrong, what can you do to stop an attack from being launched?

You can force a password change across your core systems, which many times will also throw your attackers out.

Monitor your administrator accounts. This may sound like a simple step, but you’d be surprised at how often it’s neglected.

Keep all of your software and security patched and updated. It’s very tempting to click ‘later’ on updates. But saving a little time now is not worth the huge amount of time and money that you’ll lose should you become the victim of a ransomware attack.

Implement multi-factor authentication across all of your applications, if you haven’t already. This adds another level of security for your network and helps to prevent unauthorized access.

Is There A Hidden Intruder Lurking In Your Business?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

If you’re like us, you believe you have the best, most trustworthy people working for you.

But have you ever considered the possibility you may have someone unknown hidden within your business, trying to cause a lot of damage and make a lot of money at the same time?

This might sound a little far-fetched. Perhaps something that’s more likely to happen in a film than in your business.

But actually, you’d be surprised. Cyber criminals are targeting businesses exactly like yours all the time.

Because often, small and medium sized businesses don’t spend big bucks on their cyber security. Hackers know this. And will put a lot of effort in to try to exploit that. [Read more…] about Is There A Hidden Intruder Lurking In Your Business?

Say Goodbye To Owning Microsoft Office

Jason Cooley is Support Services Manager for Tech Experts.

In the workplace, some would say there is nothing as important as ensuring your productivity. Working with computers is likely a part of your job to some degree. If you are working in an office setting, you likely spend a large amount of time on computers.

There is no doubt a difference in daily tasks between different fields, but there are also many similarities. No matter your industry, you are likely familiar with Microsoft Office programs. Excel, Word, and Outlook are the most commonly used software from the Microsoft Office suite.

Microsoft Office is not cheap. Many businesses will use their current version until it is no longer supported. If 30 users need a new version of Office or a subscription, it has been more cost effective in the past to purchase a copy of the program to use for years until the software becomes unsupported.

This is all going to change. Recently, Microsoft made the announcement regarding the newest version of Exchange Server, their mail server platform.

“This is going to be a version of Exchange that will only be available with the purchase of a subscription,” said Greg Taylor, director of product marketing for Exchange.

This applies to Exchange server, but also applies to Office as they try to move to a month-to-month, pay-as-you-go service. Email hosting and all of your apps are now something you can’t own.

This can result in one of two things, depending on your business. It could be the perfect time to start moving your employees over to the month-to-month model if they aren’t already subscribed.

Alternatively, it can be a burden on someone who will need to switch many users to the pay-by-month model. Microsoft wants the recurring revenue generated in a subscription service, and they don’t mind forcing you into it.

While the announcement came originally involving Exchange server, the end result is the same: Microsoft will make you switch, and it won’t be a choice anymore. For Exchange, 2019 Exchange server will be the last in the line that you can purchase and own.

Once that is out of the support window, you would need to move your licensing to the new subscription model.

As this applies to Office as well, many people may worry about when the changes will need to occur. The changes will not need to be made any time soon if you just purchased, say, Office 2019. You will have a few more years (likely three to four, based on past end of support dates) before you have to pull the trigger.

However, users holding out with Office 2013 will have to make a decision a lot sooner as the security updates end.

The switch to a subscription model is for Microsoft’s benefit. Assuming you used your Office software for five years, you will end up paying more for the new subscription service over those five years.

On the other side of things, you will always have the newest version of Office available to you as every major update and every new version is included.

While it is not an immediate concern, you should start to consider what your Office needs are as time moves forward. Like the rest of the world, Microsoft is always changing.

Targeted Attacks On Small Businesses Are On The Rise

Mark Funchion is a network technician at Tech Experts.
Many of us have heard of ransomware. This is an attack where someone gains access to a system and encrypts all of the data until a ransom is paid. Once they get their money, they either unencrypt the data… or not. There is no guarantee that paying the ransom will actually work.

Most attacks in the past, both viruses and ransomware, were the “spray and pray” variety. Basically, the attackers would send out thousands (or hundreds of thousands) of emails and hope that a small percentage of them were successful. This procedure worked, but the success rate was low and the attackers had to have a large volume to make it successful.

The more profitable attacks that are on the rise are targeted attacks. These attacks rely on quality rather than quantity. Research goes into the attacks that then target a single or very few companies. These attackers will even go as far to check a company or institution’s financial information to see how much of a ransom they can expect to get.

In addition to demanding a ransom for the data to be decrypted, there is often a threat that the data will be released if the ransom is not paid. The threat of data being released can lead to the ransom being paid even if the target has a way to recover from the attack.

While many home users would hate to have their data released, it would not be completely devastating in most cases. If you are a financial, medical, or education institution, it could end your business or severely harm it. These institutions all contain sensitive information of their employees and clients.

For this reason, a recent spike has been seen in the UK involving their schools. Attackers are seeing schools as an easier target in today’s environment with the increase in remote learning. Banks and hospitals have been targeted numerous times before, and their main goal is to be as secure as possible, spending large amounts of money on it.

Schools and universities, on the other hand, are concerned with security, but they’re in a position today with COVID where they need to have fairly open access.

As colleges are pivoting to a distance learning model on a scale never envisioned, they have to allow more and more access in. This means more and more devices the schools have no direct control over, creating potential entry points into the network.

Although most of you reading this are not educational institutions, there is no industry or business (regardless of size) that is safe from a potential attack. Having a good network security system in place with effective backups is critical.

Don’t rely only on a day or a few days’ worth of backups either; some attacks will infect a system, then remain dormant for a while, hoping to outlive the backups you have available.

Having a technology partner who understands the dangers and how to recover is essential. You cannot just plug in a firewall and use an antivirus software and consider yourself protected.

Your business should have an incident response plan that includes backups and restore procedures, as well as testing. You also need to make sure you have a procedure to keep all of your systems up-to-date with the most current patches. Making sure any remote sessions are secure and using 2FA whenever possible is another area often overlooked too.

The list of vulnerabilities is endless, but we are here to assist. Let us provide you the security and comfort that your business is protecting not only your data, but your users from a potential breach.

What Exactly Is “The Cloud?”

You may have come across people talking about ‘cloud’ storage and software that runs in ‘the cloud.’

But what exactly is ‘the cloud,’ and why should you care about it?

A place for networking
The cloud is a bunch of servers that are connected to each other over the internet.

Tech firms like Google, Microsoft, Apple, Facebook, and Amazon run huge networks of servers that let their customers (us) log in using different devices.

Can you imagine a situation where all your photos from the last 10 years were only held on your phone and not stored safely elsewhere? How many memories would you lose if your phone went missing?

The high freedom, convenience, and security offered by the cloud has seen a huge shift to cloud computing over the last few years.

It’s powerful stuff
Cloud infrastructure allows you to run apps and access data across multiple devices without needing to have everything installed on your devices.

This opens opportunities for businesses to offload computing and storage resources to cloud service providers, gaining the flexibility to easily boost or reduce resources as their needs change.

A real perk of running software in the cloud is that it means highly sophisticated applications can run from your computer or phone, with the cloud doing all the heavy lifting.

This can significantly reduce the amount you need to spend on your devices and how often they need to be replaced.

The cloud is also a collaborative place to be. Tools like Microsoft 365 and Google Workspace make it super easy to share documents and work as a team. You can even work together in real-time and give each other instant feedback as you go.

Ignore its fluffy reputation: The cloud’s a tough cookie
When set up and managed correctly, the cloud is the safest place to keep your data.

Let’s be honest, which is more likely: Colin leaving his laptop in a bar again? Or the might of an Amazon or a Google getting hacked?

If Colin loses that laptop, he’ll get a slap on the wrist. If Google get hacked, it would cost them millions and millions of dollars and cause irreparable damage to their reputation.

Different types of cloud

There are three main types of cloud.

Private cloud
The private cloud is a network of servers that are dedicated to supporting a single business.

The hardware is solely dedicated to this business, and they allow organizations like the CIA and banks to have full control over every aspect of their cloud environment.

Public cloud
The public cloud refers to networks of servers that are wholly controlled by cloud service providers. Clients share resources with other people.

The public cloud costs less than setting up a private cloud, and there is far less maintenance and an extremely high level of reliability.

Hybrid cloud
Some firms like to mix and match private and public clouds for different needs. Hybrid cloud setups let businesses quickly move between the two as their needs change.

We’ll help you to make sense of it all.

When embracing the cloud, it’s best to have an experienced hand guide you to the right solutions.

Working with the right IT support partner early will help make sure that you head in the right direction. And make the most of the opportunities that cloud computing offers. Give us a call at (734) 457-5000 if you’d like more information.

Could One Well-intended Click Take Down Your Business… From The Inside?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Not many owners and managers realize this… but the biggest data security risk to your business is actually your team.

We’re not talking malicious damage. But rather, them being caught out by cyber criminals.

It only takes one click on one bad website, and your business can be compromised. It really can be that simple.

Hackers target staff to try to install malware on your devices. Then they can try to extort money, corrupt files, or steal your sensitive business data.

In some cases, this can cause such extreme damage to your business that it makes genuine recovery very hard. Trust us when we say you want to avoid it at all costs.

Fortunately, there are a few things you can do to help protect your business from this kind of attack. And you’re probably already doing some of them. [Read more…] about Could One Well-intended Click Take Down Your Business… From The Inside?

Zoom In: A Look At The Increase Of Virtual Meetings

Jason Cooley is Support Services Manager for Tech Experts.
Quarantine as a whole was (and still is) a strange thing to see happen in the United States. With state-by-state protocols varying and dates in which states began to open back up done on a per-state basis, months were lost.

Schools shut down and businesses closed, some permanently. The businesses deemed “essential” stayed open with new restrictions in place.

Travel was restricted domestically and halted internationally. Anyone that could work remotely was reassigned to work from home.

With travel bans and remote work orders in place, Zoom saw huge increases in usage.

Zoom is meeting software, allowing users to do video or audio conferences as a group. There is a very good free tier for users to join unlimited calls, to host calls with up to 100 participants for up to 40 minutes, and unlimited one-to-one calls.

Among other similar solutions, Zoom has seen skyrocketing numbers since the pandemic started.

In December 2019, Zoom reported 10 million daily meetings taking place. Fast forward to March 2020, and Zoom hosted 200 million daily meeting. By the end of April 2020, Zoom reached 300 million daily meetings.

Zoom users vary from friends chatting, students collaborating, businesses meeting, conferences, and even the British members of Parliament.

Video conferencing has been used to keep gatherings to a minimum, teach students, conduct business meetings, and more.

While there may be a time that the number of video conferences may drop down, I believe the way we do business and operate as people has changed in some ways that will continue the prevalence of video conferencing.

Many schools across the US closed early late last year due to the pandemic. In Michigan, students in K-12 have a few different options when it comes to how they proceed with their learning now. Students can work remote or virtually.

Remote learning has two options itself, in-person learning with remote or just remote. The in-person learning involves a limited school day and less days in attendance per week. Or a class will be entirely remote.

Virtual school will remain that way all year. This is an existing system in place, and students will remain home doing virtual learning even when restrictions ease. Students may have already been using this system prior to the pandemic.

In both cases, students are typically using Google Classroom and Zoom. Remote learning with Zoom sees students join a conference with an instructor. They may have a lecture or another type of lesson that is done over the video conferencing. Virtual school’s lectures can vary based on the program itself.

When restrictions are lifted in Michigan for schools, those who are doing remote learning with attendance will attend school on a more regular schedule, but will still see some use of Zoom as a way to reduce traffic and students in different classrooms. Those doing just remote learning will stay home after restrictions are lifted and continue to attend video conferences as classes.

There have been many changes this year, and some are for the better. There will probably be a decrease in travel, even as bans are lifted. Some things that had previously been done in-person will now be done through video conferencing. Students will continue to be able to attend school from home. Work-from-home positions may offered by more companies.

Things will continue to return to how they were before the pandemic, but video conferences will continue to thrive.

It’s Time To Move On From Internet Explorer

Mark Funchion is a network technician at Tech Experts.
For those of us who have been online a long time, we remember the original browser war: Internet Explorer vs Netscape Navigator. In recent years, Internet Explorer has fallen off in security and usefulness. Meanwhile, Chrome, Firefox, and Edge (specifically Chromium-based Edge) have increased in usage and also do a much better job of updating frequently to mitigate security issues.

In 2019, Chris Jackson – who is a Principal Program Manager in the Experiences and Devices Group of Microsoft – wrote https://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-perils-of-using-internet-explorer-as-your-default-browser.

In the blog post, he writes that Internet Explorer is a compatibility solution. This means that IE exists now just in case it is needed, such as for a banking site that has not been updated to support modern browsers and does not function otherwise.

To further demonstrate that Microsoft does not want you to use IE, they are ending Internet Explorer’s support for MS Teams on November 30th 2020. Next year on August 17th 2021, MS will end IE support for Office 365, Outlook, and OneDrive, among other services.

In this time of remote working, ending support for their own remote collaboration software is a big deal, and to follow that up the following year with products so widely used like Office and Outlook shows that the end of IE is finally upon us.

There are a few challenges as some software (especially financial and medical fields) has been slow to change and still only work with Internet Explorer. Another issue is users who have been using a computer for a long time have grown accustomed to using Internet Explorer and do not want to change what they know.

Also, many users have accumulated a lot of favorites and passwords in Internet Explorer and do not want to give those up.

Many people with saved passwords may not know what some of their logins are because they have had their credentials saved for so long.

Fortunately, these issues can be handled by importing your information into another browser. To handle it manually would be a pain, but your information from Internet Explorer can all be easily transferred into the main modern browsers (Chrome, Firefox, and Edge). Aside from a few clicks from you confirming what you want transferred, it’s nearly automatic.

That aside, many browsers follow the same general design, making it easy to recognize icons and fields like your address bar or home page button. They are also customizable, much like adding toolbars on IE, so you can adjust a new one to your liking to match your old familiar layout.

What about those legacy web pages? All three modern browsers also have the ability to use a plugin to emulate Internet Explorer on specific pages. Or, if absolutely necessary, you can keep and use IE only as needed.

Another benefit to the three modern browsers is update frequency. Chrome will update within days, if not hours, of an issue being discovered. Firefox is also on a similar schedule.

Edge had three security updates in August of 2020, so it also updates more frequently than Internet Explorer ever did.

Change is hard, especially for some people when it comes to their computers and software. There was outrage when Microsoft Office introduced the ribbon bar and when Windows updated the start menu.

For some, the change was seamless; for others, it took some time. Either way, these have become the norm and most people are now comfortable with them.

The same is true of browsers. They are all used in generally the same way, and while using Chrome may be a little different in the long run, you are safer and your experience is more secure.

If the company who develops a product feels it is not useful for everyday use, it’s time to move on.

Why IT Professional Are Terrified Of Ransomware

If you want to scare someone who works in IT, start talking to them about ransomware.

There are few things as scary for IT professionals as the prospect of their systems locking up with hackers demanding money to return things back to normal.

When discussing it, you may notice them breaking into a sweat and starting fidgeting as they contemplate one of the most terrifying cybersecurity threats computers face.

How does ransomware spread?
There are several ways that ransomware can get into computers.

Email is one of the most common ways in. Hackers will send bad files that can trigger a ransomware infection when opened and quickly spread across your network.

Another favorite way to spread ransomware is to send bad URL links that download ransomware when they’re clicked. This ‘drive-by downloading’ can happen without anybody noticing that anything has happened until it’s too late.

These bad files and links are not always easy to spot. Cybercriminals are getting increasingly sophisticated in the ways they try to persuade people to do what they want them to do.

A growing trend is for cybercriminals to pose as trusted people, like a client, a colleague, or a friend. And ask you to do something urgently before you have the time to think things through.

This isn’t a modern crime. Ransomware’s been around for years
Ransomware dates to the late 1980s when payment was often sent by check through the mail!

Now, modern hackers normally demand payment in cryptocurrencies that make them much more difficult to track.

Here is some information on two of the more infamous ransomware attacks.

WannaCry
The WannaCry ransomware attack took over the news when it spread widely in 2017.

More than 200,000 computers in over 100 countries were left useless. The ransomware exposed weaknesses in critical IT systems, like those in hospitals and factories.

One of the worst-hit victims was the National Health Service (NHS) in the UK. Operating theatre equipment, MRI scanners, and other computers essential for hospitals were left useless and patients suffered.

NotPetya
NotPetya is less well-known than WannaCry but the financial costs are estimated to have been far higher.

Mainly spread among businesses due to the early infection of a major financial software vendor, the cost of this ransomware to small businesses and governments is estimated to have been around $10 billion.

This attack impacted computers around the world. But around 80% of the cases are estimated to have been in Ukraine.

The Eleven Types Of Phishing Attacks You Need To Know To Stay Safe

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Like Darwin’s finches, phishing has evolved from a single technique into many specialized tactics, each adapted to specific targets and technology. First described in 1987, phishing is now carried out via text, phone, advertising and, of course, email.

Boiled down, all of these tactics exist for the same purpose – to steal confidential information from an unsuspecting target in order to extract something of value.

Knowing about the hugely diverse set of today’s phishing tactics can help you be more prepared for the inevitable instance when you become the target.

Standard phishing – casting a wide net
At its most basic, standard phishing is the attempt to steal confidential information by pretending to be an authorized person or organization. It is not a targeted attack and can be conducted en mas. [Read more…] about The Eleven Types Of Phishing Attacks You Need To Know To Stay Safe