TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Major Password Breach Uncovered

Some people collect antique trinkets while others collect more abstract things like adventures. There’s someone out there, however, collecting passwords to email accounts, and yours just might be part of that collection. To date, it has been estimated that over 273 million email account passwords have been stolen by a person or entity now called “The Collector.” This criminal feat is one of the largest security breaches ever, and the passwords have been amassed from popular email services, including Gmail, Yahoo!, and AOL.

It is unclear exactly why “The Collector” has procured so many email passwords, aside from the fact that the individual is trying to sell them on the dark web. The puzzling part of this, however, is that the asking price is just $1. So, the hacker may only be seeking fame for achieving such a large-scale feat.

The email account credentials may have more value in being used in an email phishing scam, but it’s impossible to know the cybercriminal’s intentions as this point. While potentially having your email hacked doesn’t sound like that big of a threat, there are multiple ways in which this information could be used for harm.

The most notable risk is that the login information may be used to access other accounts; many people use the same username and password for their emails accounts as other ones, such as for online banking. So, there is far more value in this large collection than just the asking price of $1. To protect yourself, security experts advise you change your password immediately.

Protecting Your Business From DDoS Attacks

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

A Distributed Denial of Service (DDoS) attack prohibits access to a computer resource. This kind of assault rarely happens alone but rather occurs in waves once an attacker realizes they have been successful in the first attempt.

Using the same method of attack on a business’ computer system, such cyber-attackers can then overwhelm and suppress Internet facing websites and applications, which can greatly hinder the ability to conduct business as normal.

In order to safeguard against DDoS attacks, small businesses must first recognize they’re potential targets, especially since there has been a recent rise of such assaults on small businesses in the past year.

While the motivation behind such an assault can be difficult to understand, they happen for a wide variety of reasons. Attackers may seek to hold systems hostage in an extortion attempt, or the attack may not be motivated by the prospect of financial gain at all. [Read more…] about Protecting Your Business From DDoS Attacks

How Cloud Computing Can Benefit You

Michael Menor is Vice President of Support Services for Tech Experts.

Is your business using the cloud in 2016? If not, you should know that it’s a great tool that’s designed to help your business better manage its data and application deployment.

However, the cloud can be used for so much more and it’s quickly becoming an indispensable tool for SMBs.

Here are four ways that cloud computing is changing the way that small businesses handle their technology:

Data Storage
The cloud is a great way to share data among your entire organization and deploy it on a per user basis.

Businesses can store their information in a secure, off-site location, which the cloud allows them to access it through an Internet connection.

This eliminates the need to host your data internally and allows your employees to access information from any approved device through a secure connection, effectively allowing for enhanced productivity when out of the office.

Microsoft Office365
Access Office from anywhere; all you need is your computer – desktop, laptop, tablet, or phone – and an Internet connection.

Since the software is running in a data center, you just connect to the Internet to access the software.

Another benefit to this is that you have a central location for all your data. If you need to make a change to an Excel spreadsheet from your tablet and you share the file with your colleague, they will be able to view the changes that you just made.
Gone are the days of emailing files between members of your team and losing track of the most up to date file version.

Virtualization
The cloud can be an effective tool for virtualization, which is a great method for cutting costs for your business. By virtualizing physical IT components, you’re abstracting them for use in the cloud. This means that you’re storing them in the cloud.

Businesses can virtualize servers, desktop infrastructures, and even entire networks for use in the cloud. Doing so eliminates the physical costs associated with operating equipment, allowing you to dodge unnecessary costs and limit the risk of hardware failure. For example, you can deploy all of your users’ desktops virtually from the cloud so you don’t need to rely heavily on more expensive workstation technology and can instead use thin clients. Simply log into your company cloud and access all of your applications and data on virtually any Internet connected device.

Backup and Disaster Recovery (BDR)
A BDR device relies on the cloud to ensure quick and speedy recovery deployment. The BDR takes snapshots of your data, which are sent to both a secure, off-site data center and the cloud.

From there, you can access your data or set a recovery into motion. If you experience hardware failure, the BDR can temporarily take the place of your server, allowing you ample time to find a more permanent solution.

The cloud is crucial to the success of a BDR device, simply because the cloud is where the BDR stores an archive of its data.

Ransoming Your Business One Step At A Time

When it comes to business security, today’s climate is a careful one. It seems like every week the latest and most dangerous ransomware is coming for us.

These can come through a variety of ways, like employees, clients, and websites. The most recent threat we’ve seen is called Rokku. Built upon predecessors, it’s only the next step in the fight against business security systems. Ransomware is a dangerous thing. The main concept is a mix of fear tactics and file encryption. After the system is infected, the virus will normally lay dormant for a time.

Once every file is found and changed to an encrypted state, a message will display, stating the worst.

All of your files are locked until you pay whatever sum the developers demand. Once in this state, you are generally given only a number of hours before your files and content are deleted permanently.

In this instant, many people will jump up to pay for their files in order to save further expense and headache. Unfortunately, doing so rarely helps the issue.

After the ransom is paid, you are supposedly granted access to the files and everything continues on unhindered. That said, there are many times you can send the money in and receive nothing in return.

Your files will still have their encrypted extensions (e.g. *filename*.rokku) and you will be in an even bigger hole than before. Some of the older encryptions have programs made by third parties to help those infected, but this is also often not the case.

In the Rokku scenario, there is no progress made in decryption. No patterns have been found and files are completely distorted in comparison to their original state.

As if it isn’t already enough, there is still more to worry about. Rokku as well as other ransomwares will not stop at only the infected computer. Network shares are also subject to complete encryption.

In short order, your entire network is no longer your own. With this in mind, the question is simple. What can you do?

Ransomware is definitely a problem and is not going away anytime soon.

That said, there is more progress these days than when we first started seeing it pop up on systems. Using Rokku as an example, some newer versions are built off of older attacks.

As such, they can often follow the same patterns and can be taken care of. Anti-virus and anti-malware services are also more and more proactive against these threats.

User error can, however, still cause alarm and ruin things very quickly. Rokku and many of its predecessors are sent through email attachments. Once opened, they will start to run and everything will spiral downward from there.

It is important to know and keep others informed on basic safety practices when it comes to operating computers. Keep in mind to not trust strange sites, emails, or messages that you were not expecting or do not know the sender. Also, be aware of common spam signs.

Misspellings, exaggerated results, and poor grammar are often giveaways.

If you want to review your current computer climate, we recommend giving us a call. With preventive maintenance, business class protection, corporate antivirus, and monitors running to ensure a steady flow, we can ensure the safety and reliability of any network and the important files that it may contain.

The absolute best way to avoid a disaster such as Rokku and other ransomwares is to stop it before it happens.

Do You Have A Blind Spot In Your Security?

Security is only as good as its weakest link — one blind spot and a company can be compromised. It is important that each aspect of a company’s security is understood and up to date.

With the following best security practices, it can be better understood what to be aware of and how to better advance a company’s security.

From remote hackers, to in-person social engineering, and even your own e-mail, there are different methods of attacks and means of defense to maintain a company’s integrity.

Physical Security
The basic defense that predates IT security is physical security. Locked doors, restricted access, and watch patrol are some of the oldest methods to prevent aggressive physical security breaches.

Technology has only made physical security even better with security cameras, alarm systems, RFID badges, and biometric systems that identify a person from their physical being. Having the appropriate physical security is key to preventing and deterring break-ins and stolen items.

Social Engineering
With the right words and story, some people gain access to compromising areas and information that can give a company a real bad time.

Without a physical break-in or even a computer, social engineering works against human psychology, finding the vulnerabilities of staff and workers to trick and deceive their way past security. The best way to defend from this is to have a strong and easily understood security policy that educates staff and workers not give out credentials and access to unauthorized personnel.

Phishing
Billions of emails are sent out every day — promising a vacation, warning people about their bank accounts, or asking for charity — that are entirely design to steal or compromise a person or company. Phishing targets everybody, asking for credit card numbers, asking a person to sign in to their account on a fake site, or taking something in other ways.

Do not open emails or download email attachments with suspicious or unknown origins. If an email looks odd or is too good to be true, call or check a website directly to confirm if an email is legitimate.

Clicking or falling for phishing could end with a stolen identity, stolen money, or a locked PC or network demanding ransom money. Be smart and wise about checking emails.

Hackers
There are people that spend most of their day trying to break security codes, finding software loop holes, and other abstract means to force their way through digital security to gain illegal access to computers.

There are just as many (if not more) people working together to prevent such people from ever gaining access with new security measures and patches. To protect a PC or a company from hackers, always update your security definitions on Windows and antivirus software. Knowing what software to trust and what updates are needed are important ensuring digital security. We at Tech Experts make it our business to keep digital security online and updated at all times, so that no one has to fall victim to the unseen security threat.

Being aware of these different security risk and knowing how to defend from them can give a strong basis in understanding and learning in what needs to be done to keep a company or person secure.

Security is always evolving and changing, but having a modern understanding with security in place can make the difference between a secure environment and a risky work place that could come to a grinding halt when security is breached. Be safe, be smart, and be productive with good security.

What Can I Do To Strengthen My Wifi Signal?

A weak WiFi signal in certain areas of your house could limit where you do your work and enjoy your entertainment activities, such as streaming films music or playing online games. This is actually a common issue with a couple of relatively easy fixes that will improve your wireless Internet connection throughout your house.

The first option is to replace the antenna on your router with a taller one. If your router has a built-in antenna, you can likely add an external one and see a marked increase in signal quality. There are two main types of antennae: omnidirectional and directional. An omnidirectional antenna transmits in all directions, while you can point a directional antenna where you need to strengthen the signal without making it easier for others to latch onto your WiFi. The other alternative to improve your wireless signal is to install a range extender, particularly if the area that requires the strongest signal is behind thick walls or is relatively small.

Storm Season Is Just Around The Corner… Are You Protected?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.
We’ve just celebrated the first day of Spring, and before you know it, the weather will warm up and tulips will bloom. Of course, we’re also headed into Spring storm season.

If you haven’t already, it is time to prepare for those pop-up storms that occur randomly at this time of year. These unexpected storms often result in everything from ice damage to lightning fires.

During this time of year the threat of fire, flood, severe storms, water damage from office sprinklers, and even theft is very real.

One of the most valuable assets for any company is its data. Hardware and software can easily be replaced, but a company’s data cannot! As a reminder to all of our clients, here are some simple things you should do to make sure your company is ready for any natural disaster. [Read more…] about Storm Season Is Just Around The Corner… Are You Protected?

Don’t Use Your Keyboard As A Dinner Plate And Three Other PC Best Practices To Live By

Michael Menor is Vice President of Support Services for Tech Experts.
Computers are complex devices that require special attention to keep in optimal shape. Unfortunately, some people don’t pay enough attention to the current state of their computers.

Once you’ve cleaned your computer properly, though, it’s important to make sure that it stays that way for as long as possible. Doing so can increase the longevity of your technology and prevent it from an untimely demise.

However, before you decide it’s time to clean your computer, power it down and unplug it before doing so. It’s better to be safe than sorry, especially with expensive hardware.

Don’t eat, drink, or smoke at the computer
Remember all of those crumbs that fall out of your keyboard when you turn it upside down? All of those crumbs got there somehow and it’s probably thanks to one habit that you might have: eating at your desk.

To minimize the amount of crumbs that fall onto your keyboard, it’s best to just lock your PC and go eat somewhere else, like the kitchen, dining room, or break room. Furthermore, smoking in the same room as your computer can gunk up your fans and other components with ash, tar, and other nasty substances that are found in cigarettes.

In general, it can be good to separate yourself from your computer while you eat. If you’re doing it at work, it separates the work environment from you momentarily, which can be helpful for maintaining your sanity.

Clean your PC regularly
Giving your PC a thorough cleaning is only the first step toward ensuring that your computer remains in optimal shape. In order to keep it that way, you need to set up regular upkeep cleaning sessions where you clean out the keyboard, the monitor, and the main body of your PC.

Doing so can considerably prolong its lifespan and it makes it more appealing to look at when you have to sit in front of it for hours on end.

We think it’s safe to say that you should clean your PC at least twice a year, maybe more if your lifestyle calls for it.

Give it room to breathe
In order to keep your PC functioning at optimal efficiency, you need to give it the space it requires to run without overheating. In other words, you should keep it in an open location, where all of the fans are capable of keeping air circulation flowing.

This prevents overheating and can improve overall functionality of the device. Furthermore, you should keep your PC tower off of carpet if possible, to help with keeping the heat low.

Constantly clear dust collection
Desktop PCs and workstations tend to be a bit on the large side and therefore, don’t move around as much as laptops or other smaller devices do. This leads to computers collecting dust in the fans, vents, and just about anywhere else.

It’s important that you keep your PC dust-free whenever possible; otherwise, it could run into operational issues due to overheating, keyboard stickiness, and so on. In fact, dust can even cause PC components to seize up and stop working.

The best way you can keep your computer dust-free is to keep a can of compressed (or “canned”) air right on your desk. This way, you’ll have a neat tool for cleaning your PC available at your disposal. Please be sure that you don’t spray liquids at your computer, ever. If you have to use a liquid cleaner, use water, and use a damp cloth rather than a spray bottle to directly apply the liquid, but never use water on an internal computer component.

Bots! What Are They And How Do They Affect Me?

First of all, what in the world is a “bot?” Most people have at least heard of them before, but may not know what exactly they are. A bot is a program designed to operate on its own and carry out whatever function it was intended to. Basically, a robot doing what it’s told.

They can run offline, online, or even as a combination, running offline and collecting information then sending it via email over the Internet.

An example of a bot is a web crawler. When you type in a search into Google, it uses crawlers to search the millions of sites and content for keywords you enter, then reports back. Web crawlers can also be used for data mining.

So how do these affect you? People employ the use of both good bots and bad bots. Most that you encounter are good ones, such as the search engine crawlers, but others can collect your private information.

Good bots or data miners are helpful, making your life easier or personalizing your ad experiences.

They can track statistics for marketing, like what types of things you shop for or what videos you watch on YouTube. In turn, they use this data to put those personalized ads on your screen. Sure, they might be annoying, but their intention is good.

Another example of a good bot could be when you post something on your Facebook account. A bot goes out to the site you’re sharing from and grabs whatever information it is programmed to take, then that information is posted on your page. Although it might seem simple, it’s a time-consuming task to complete manually, which the bot takes care of for you.

Then we have the bad side of bots. As easy it is to program a bot or data miner to collect innocent information, it is just as easy for a malicious person to program a bot to gather information they should not have, like banking information.
They can be programmed to go to hundreds (if not thousands) of sites, servers, or computers where highly sensitive data is stored. They take the information and send it back to their creator.

A recent example of malicious bot would be from the Ashley Madison hack. What they did was create bots that acted as profiles to attract others and steal information from them. Of course there are a myriad of other bad bots out there.

So how do you handle bots? Typically, you would handle them just as you would other malicious content through anti-virus and strong firewalls – along with using your judgment and staying away from suspicious sites, emails, and chat messages.

Data-mining can be blocked, but contact your trusted tech support provider before downloading or installing any programs or browser extensions.

As always, if you have any questions or if you’re interested in finding out how to better block bots, feel free to give us a call at 734-457-5000, or email us at support@mytechexperts.com.

Ransomware Now Targeting Mac Computers

While ransomware has been around for some time, it has never appeared to pose a threat to Apple’s Mac computers. That recently changed with the first attack of its kind last month. Ransomware is a malicious software that, once downloaded, essentially locks important files on a computer and then prompts users to pay a fee to have those files unlocked. There have undoubtedly been attempts to target Mac users in this way in the past, but this incident involving KeRanger software transmitted through the peer-to-peer file sharing network BitTorrent was the first successful one.

The attack affected approximately 6500 Mac users who downloaded the malicious KeRanger software. In the scheme of things, that number is quite low. The incident, however, proves that Mac users aren’t immune to this type of threat. As John Bambeneck of Fidelis Cybersecurity notes, “It’s a small number but these things always start small and ramp up huge. There’s a lot of Mac users out there and a lot of money to be made.” In this case, Palo Alto Networks detected the ransomware quickly, which is why Apple was able to neutralize the problem.

In the future, however, ransomware attacks on Macs may become more subtle. Apple reports that it has increased its security measures and revoked the digital certificate that was responsible for launching the KeRanger software.