Blog

Archive for Security

WannaCry Ransomware – Keep Your Systems Safe

As many of you already know from news reports, this ransomware has spread rapidly since last Friday and affected hundreds of thousands of systems worldwide. So far, it seems to primarily be spread through e-mail attachments, and affects Windows PCs and Servers. Once it has been downloaded, it encrypts the files on the affected system, as well as any other files it can reach  through the network, such as mapped server drives, and pops up a ransom demand. It’s difficult or impossible to recover your data once it has been encrypted, so this a very serious issue.

On the bright side, it is extraordinarily unlikely to affect most of you as long as your systems are up-to-date.  Microsoft released a patch back in March that fixes the security flaw this ransomware takes advantage of, so if your PCs have the latest Windows security updates and patches you shouldn’t be affected even if you were exposed.

 

Ransomware has been circulating widely for several years now, and will likely continue to be an issue for the foreseeable future in one form or another, so there are a few things you should consider with regards to this issue, and others like it.

  1. Making sure your PCs and servers have the latest security patches. This is critical – if you aren’t sure this is happening, please let me know so we can verify.
  2. Downloading attachments is hugely problematic – most viruses and ransomware are spread through attachments at this point.  If you are not expecting an attachment don’t open it, even if it is from someone you know – they may have been infected and their PC may be sending out viruses without their knowledge. If you aren’t sure but think it may be something you want, give the sender a quick call and verify that they intended to send you something.  Also, consider sending files using a file sharing service like Dropbox or Sharefile rather than sending as attachments. These services are much more secure.
  3. Good antivirus and spam filtering can dramatically reduce the risk of these types of issues – nothing offers perfect protection, but making sure you have up-to-date, quality virus protection greatly reduces your risks and an offsite spam filter can stop most viruses before you download them in the first place.
  4. Have an offsite backup. If you don’t already, consider a cloud backup service like Carbonite. If you do get infected, ransomware can encrypt your backup drive(s) as well as you actual PC and server, rendering your backups useless. It is critical to have an offsite backup. I like Carbonite because it’s secure, HIPAA compliant, and runs automatically without the hassle of a staff member having to remember to swap backup drives and make sure one gets offsite. However you are doing it though, it is absolutely critical that you have an offsite backup of your data.

That’s about it for now. Be careful out there with your downloads and attachments, and as always, please let me know if you have questions.

Posted in: Malware, Security, Tech Tips for Business Owners

Leave a Comment (0) →

Homeland Security Recommends Removing QuickTime from Windows PCs

quicktime

 

Homeland Security has issued a bulletin recommending that QuickTime be removed from Windows PCs. QuickTime has been confirmed to have critical security vulnerabilities, which Apple has made clear will not be fixed as they are dropping support for QuickTime.

Not sure if you have QuickTime installed? If  you’ve installed iTunes, you probably do, as QuickTime was often bundled with iTunes installations and updates. An example of the logo is above.

Because of the high profile of this security vulnerability and the lack of support for the product, I would suggest you do go ahead and uninstall QuickTime. You can do this through Add/Remove programs; and as usual, if you have any questions or problems removing it please let me know, and I will be happy to assist

*** Update ***

There is one caveat for folks who use Adobe’s Creative Cloud products to edit videos: apparently, there are apparently some codecs that remain dependent on QuickTime being installed. If you are using Creative Cloud to edit videos, this may be an important consideration. You may want to consider the pros and cons of removing it if this is your situation, or do your design work on a Mac for the time being.

A more detailed and in-depth discussion of the vulnerabilities and consequences can be found here if you are interested.

Posted in: Apple, Malware, Security, Tech Tips for Business Owners

Leave a Comment (0) →