As the owner of an IT company, we take the risk of your cybersecurity threats very seriously. In April 2016, Samba and Windows users discovered the potential dangers of the Badlock bug. This bug is in its infancy but could get worse. By understanding what Badlock is now, how it affects users, what signs to look out for, and how to get rid of it, you can prevent Badlock from ever worming its way into our clients’ computers. What Is Badlock? This new bug was discovered in March 2016 with its own .org site. It began affecting Samba and Windows users by April. Any Samba users running 3.6.x, 4.0.x, 4.1.x, 4.2.0 through 4.2.9, 4.3.0 through 4.3.6, and 4.4.0 could be targeted. Any Windows users running Windows XP, Windows 2000, Windows 2003, Windows 7, Windows Vista, Windows 8, Windows 8.1, and Windows 10 can be affected as well. What Does Badlock Do? Badlock affects both the Local Security Authority Domain Policy or LSAD and Security Account Manager or SAM protocols. This bug can then attack users’ computers in one of two ways: Denial-of-service attacks: Also known as DoS attacks, denial-of-service attacks can kill service, preventing users from getting online and doing other basic computer functions. Man-in-the-middle attacks: Also known as MITM attacks, man-in-the-middle attacks can affect up to two users at once, as the name suggests. A hacker or attacker can glean information and gain private access by changing the conversation stream and other data between two users. How Do You Know If You Have Badlock? It can be difficult to know if your clients have Badlock. To be on the safe side, you should consider sending out an email or making a video informing all your clients of what Badlock is and what it could do. If any of your clients report that their computer has been acting strangely, it’s best to address this as soon as possible. How Can You Prevent Badlock? At this point, the respective Samba and Windows teams are working tirelessly to prevent the spread of Badlock to any other users. Samba users can download an office patch that was released for SAMBA+ and Enterprise SAMBA. Windows users can report any instances of Badlock. However, Microsoft is optimistic that the company is doing a good job containing the bug. Badlock: The Verdict While Badlock sounds risky and scary in name alone, the consensus is that it’s not as detrimental as other bugs and vulnerabilities. Microsoft has an Exploitability Index where bugs are rated on a scale of one to 10. The tech giant rated Badlock a three out of 10. One reason Badlock isn’t causing a huge panic is because of its MITM method of attack, which requires any hacker to know a bit about the network they’re invading. That takes more time, patience, and dedication than random attacks. Overall, you shouldn’t overlook Badlock entirely (especially if your clients use Samba or Windows), but with some education, your clients can prevent the spread of Badlock relatively easily. With enough awareness, it seems like the potentially dangerous Badlock bug can be contained and prevented from more widespread attacks. Are you concerned about the spread of Badlock? Our {company} in {city} can educate people about what Badlock is, which preventative measures to take, and how to remove it from computers and other devices with training seminars and other helpful courses. To learn more about our services, call us today at {phone} or contact us by {email}.
In the last few years, the concept of “ransomware” has evolved from a rare occurrence to one of the more dominant forms of cyber threats that both business and personal users face on a daily basis. Ransomware is a type of malware that encrypts all files on a computer’s hard drive including photos, documents, databases and more. In order to regain access to that data, the user is required to pay a fee to the attacker; however, there is no guarantee that the files can ever be recovered. Recently, a nasty strain of ransomware called CTB-Locker has created a particular cause for concern. What is CTB-Locker? What makes CTB-Locker such an interesting ransomware variant is that it doesn’t go after the files on a user’s hard drive – instead, it goes after entire websites. When an administrator uploads new files to a file server and pushes that data through to the website, the ransomware takes hold – displaying a message to all users that the site has been compromised. Administrators are completely locked out of all site data, preventing them from making any changes unless they pay a ransom of 0.4 Bitcoin. When a site has been compromised, CTB-Locker replaces the index page on the file server – either the index.php or index.html file. The new version of that file not only displays the ransom demand, but also starts a ticking clock. Users have a limited amount of time to pay the ransom before the site is gone forever. In an interesting twist, CTB-Locker often comes with a random generator decryption key that allows the site’s administrators to unlock two random files from their website. From a certain perspective, this is actually a brilliant bit of marketing on behalf of cyber attackers. Not only does it prove that the decryption keys that site administrators will supposedly receive after they pay the ransom works, but it also provides the administrators with additional incentive to comply with the demand instead of attempting to figure out a solution on their own. Ransomware Live Chat Support? Another factor that makes CTB-Locker so interesting is that it often gives users the ability to communicate directly with their attackers, which is something that other strains directed at computer hard drives often lack. The developers of the CTB-Locker ransomware strain make a chat room available, creating a communication channel between themselves and their victims. What CTB-Locker Actually Does When CTB-Locker infects a website, it utilizes a variety of different files in an attempt to make the situation as difficult to untangle as possible. In addition to the aforementioned index.php or index.html files, it also uses an allenc.txt document to keep a list of all files that have been encrypted during the attack. A test.txt file is also often present, which contains both the directory path and the filenames of two files that have been chosen that the victim can decrypt for free. Though the FBI has previously stated that victims of ransomware attacks should just pay the ransom, CTB-Locker and the complexity of this situation cast doubt on that idea. One thing is for sure: cyber security has never been more important, particularly when it comes to a business’s website, which is often the first point of contact and the first impression created between the customer and the organization. If you’re in {city} and you have any other questions about the CTB-Locker Ransomware, or if you’d just like to discuss other security and IT-related topics with someone in a little more detail, please feel free to call {phone} or email {email} to speak to a representative at {company} today.
Many Americans put their money in the bank as a method of keeping it safe and secure. Most do not realize, though, that one policy employed by financial institutions which is meant to protect them could actually be putting their sensitive financial information at risk. In fact, according to the Cyber Forensic Research and Education Group at the University of New Haven, most financial institutions have less stringent password requirements than other types of businesses including social media sites. Research Group Surprised by Results The research group looked at the password policies of 17 banks. Of those, the group raised concerns about the password policies of six. It found that the password requirements of some of the country’s largest banks — including Wells Fargo, BB&T Corp., Citibank, Chase, Capital One and Webster First Federal Credit Union — had flimsy policies that did not require industry standards. These six financial institutions represent about 350 million accounts — a staggering number considering the vulnerability of the information. What Makes These Policies Weak? What the research group — which was made up of five undergraduates — discovered is that the above-mentioned banks did not differentiate between upper and lower case letters when it comes to their account holders’ passwords. That is, they did not require that the passwords be case sensitive. A cyber security expert and assistant professor at the University of New Haven, Frank Breitlinger, noted that the failure of banks to support case sensitive passwords is both surprising and troubling. He pointed out that many people naturally use both types of letters when they are formulating their passwords. Because banks do not take the simple step of supporting these efforts within their passwords, the security of their account holders’ financial information is significantly reduced. Another Troubling Discovery Not only did the research group discover that these financial institutions do not support using case-sensitive passwords, they did not make the experience of reporting security issues user-friendly. Many of them had no listed phone numbers or email addresses to report a troubling security problem. Instead, researchers notified these banks by using their phone hotlines. Representatives for the banks that were reached on these hotlines didn’t seem to understand how to handle the researchers’ concerns or the potential for severe security issues. In addition, they did not notify their in-house IT or security department or seem to understand the need to do so. If you are looking for a reliable IT support partner in {city}, we can help! As experienced IT professionals {company} offers secure solutions that are designed to protect your sensitive financial information. Give us a call today at {phone} or send us an email at {email}.
Spam From the Cloud I hate spam. I really do. And if you’re like me, you hate spam, too. Possibly something even worse are those robocallers, but you can probably figure them out pretty quickly. The problem is that now telemarketers have a new way to get into our faces — and it’s cheap. It’s as cheap or cheaper than sending an email. When the Robocallers Get Sneaky It goes something like this: You get a phone call, and you check your caller ID. It’s a local number, but you don’t immediately recognize it. Maybe your significant other has car problems and is at a mechanic shop. Maybe it’s a new customer or client who wants to talk with you, and you just don’t have their cellphone number yet. Maybe it’s your kid, and he forgot to charge his cellphone. So you answer it. Little do you know that the “person” on the other end is actually a robocaller. At this point, you’re thinking it’s obviously a robocaller and not a person, but don’t be so sure. The programmers have gotten cagey, and you may hear someone on the end say “hi!” If you reply — like most normal people — the robocaller may introduce itself by a first name and even give you a fake title and company they’re “calling” from. If you ask the robocaller if it is a computer, it will deny it vehemently. But, you’re talking with anything but a human being. Interactive Voice Response Programs in the Cloud You have to give these scam artists an “A” for ingenuity. The robocallers come from the cloud and not necessarily a central location. The outbound interactive voice response programs or outbound IVR can be sent in Voice-over-IP, or VoIP, lines that will hide where the actual phone call is being made from. Numerous companies have sprouted up offering these interactive systems, including Nuance, PlumVoice and CallFire. If this behavior seems familiar, you’ll recognize it as the driving force behind Siri, Cortana, Echo and other voice-driven interactive systems. You can thank AT&T for this little bit of innovative technology, who patented the technology back in 2006. While many legitimate companies use these robocallers, they’ve become so cheap that less-scrupulous companies are using them for various scams. CallFire, for example, allows developers to interface with its application to build their own apps, which can perform outbound IVR from just about anywhere. The U.S. District Court for the Western District of Washington ruled CallFire to be a common carrier, which protects the service from litigation when it delivers an unwanted spam message. Why Telemarketers Like These Robocallers Telemarketers, as one would expect, love this technology. The scammers can easily choose from a host of VoIP numbers that are local to you to make the call. It doesn’t matter whether they are in the next town or on the other side of the globe. By using the cloud, they can cheaply and easily deploy their robocallers and deal with unsuspecting targets who may not even know they are talking with a machine. What’s more, once they have you, they can then forward you to a real-life person who can finalize the deal. Again, you don’t know whom you are talking to or where this person is. Obviously, the cloud has opened up a Pandora’s box of mischief. So the next time you get a phone call from a local number you don’t recognize, don’t be surprised if you get someone on the end who sounds like they might be human — but aren’t.
A disturbing new trend is emerging in the world of cyber attacks on businesses, and it could mean bad news for organizations across the board. In the past, companies may have been hacked and had data compromised or stolen. Or, perhaps their networks were infiltrated by a virus, and data loss and system downtime temporarily put a halt to operations. The latest evolution in attacks involves a slightly evolved bit of programming called ransomware, and it’s holding businesses ‒ and their data ‒ hostage. What Is Ransomware? In much the same way that users can unknowingly contract a more traditional virus on their computer ‒ from email attachments or unsafe downloads, for example ‒ ransomware is a tiny program that gains access to a computer or network by exploiting security weaknesses in the software. Rather than scanning and collecting information such as credit card information and social security numbers, ransomware locks down files and makes them completely inaccessible to users. The only way for users or businesses to regain access to their own files is to pay a ransom ‒ usually in the form of bitcoins ‒ to the person or group holding the files hostage. The use of bitcoins is an essential part of the equation since bitcoin wallets are completely anonymous, and there is currently no way to trace a bitcoin wallet to a real-life individual. This keeps the attackers hidden, and it prevents them from potentially exposing themselves by trying to use a stolen credit card number or other personal information. Where Are the Authorities? When a person or business is being held hostage, the usual response is to involve the authorities rather than simply paying the ransom. The problem with ransomware, however, is that it is exceedingly difficult, if not impossible, to trace the attack to an individual. Plus, many businesses are worried about exacerbating the situation or sending a beacon to other attackers, letting them know that they’ve been compromised. In some cases, businesses simply do not want the attention that comes with an investigation and do not want their clients and associates to know they’ve been compromised. For now, the authorities are spending most of their time investigating ransomware as a whole, while anti-virus and protection companies work hard to eliminate the weaknesses that are being exploited that make ransomware possible. What Does This Mean for Businesses? It is obvious that even the smallest business should take these threats seriously. Even a ransom of a single bitcoin ‒ about $426 ‒ can take a bite out of the books of a small business and make it worth it for attackers to target them. For most small- and medium-sized businesses, it’s simpler and easier to just pay the ransom than undertake the lengthy and expensive task of rebuilding systems. Updated software and protection systems are essential, but this is not news. What may be the key to keeping attacks like these at bay is changing the mindset of business owners, from the sole proprietor to the CEO of a multi-national corporation. They must start making security part of the everyday conversation and keeping it part of the continual operation of the business rather than waiting to deal with it after an event happens. In the same way that businesses with valuable inventories lock up their warehouses, make use of monitoring equipment, and employ security firms rather than leaving the door open and relying on insurance to cover the cost of theft, today’s businesses must do the same with their data and networks to stop the evolution and escalation of ransomware.
In a stunning, daring and lucrative — at least for the thief! — heist, a woman walked into the Buckhead branch of Wells Fargo in Atlanta on February 13, 2016, and brazenly drained a customer’s three savings accounts for a total of $32,000 in cash. While police are still looking for the woman, whose image was captured on the bank’s surveillance video, she didn’t raise the suspicions of bank personnel during the initial incident. This is because the woman not only provided bank employees with the account holder’s name and two valid forms of identification to make the large cash withdrawal, she also offered the right social security number as well. Routine Online Check Nets Surprising Discovery The crime was not discovered until a later date when the account holder went online to check her bank balances. It was then that she discovered that not only was her personal savings account completely drained and left with a zero balances, both of her children’s accounts were subjected to the same treatment as well. At that point, it became clear that the victim’s identity had been stolen and that the bold thief had made off with her life savings, as well as that of her children’s. Atlanta’s Record on Crime According to a study by CreditDonkey, Atlanta ranks number two — behind only Orlando — as being a hotbed for crime. The credit card comparison website looked at a range of statistics, but concentrated on three primary ones: ID theft, violent crimes and fraud. While the city’s rates for violent crimes trailed behind other cities that showed up on the survey, Atlanta’s rates of internet crime, ID theft complaints and fraud complaints make it one of the most dangerous when it comes to its overall crime score. How Banks Can Protect Their Customers It is clear that the current strategies that Wells Fargo has in place are not sufficient enough to protect its customers. This crime underscores the fact that banks must revamp their approach to data security in order to avoid these types of issues from occurring in the future. Even banks that have an in-house IT team can use the objectivity and experience of an outside firm to provide them with valuable security strategies. Looking for a reliable IT support partner in {city} that will protect your business against the devastating effects of identity theft? We can help! Give {company} a call at {phone} or drop us an email at {email}.
Today, most business require multiple facets of modern technology for the day-to-day operation of their business. Almost every aspect of our daily lives, both personal and business, are touched by technology every single day. It seems like every week a new business is getting hit by cyberattacks. In almost every story, you read the attack could have been completely avoided if the proper cybersecurity measures had been put in place. But, if you will notice, you never hear when a small business is attacked. You know why? The loss is not significant enough to make the news, but it’s a fact that small businesses are easy targets. Most of them share the same perception about being too small for cybercriminals to care about them. This is far from the truth; instead, you are the easiest target to hit. Take a second and think about the impact to your business if your IT systems were breached and your data was lost or stolen. Depending on the severity of the breach, you could be faced with fines, legal action and loss of customer respect and business. In addition, insurance companies will not cover cyber negligence. Who wants to be the person calling a customer to let them know someone has stolen their personal information or data? And don’t forget that you may be footing the bill to repair the damage. Relationships are the key to good business. Hammett Technologies is a company that builds strong and lasting relationships with our clients. Unlike our competitors who focus mainly on just supporting your technology, we focus on securing it too! I want to let you in on a little secret in our industry. Most IT support companies want you to get hit with viruses. They want your computers to break down. They only make money based on the time they spend fixing problems that could have been avoided completely. Our solutions are designed to provide budget-friendly enterprise-level security, management and support at a monthly all-inclusive flat rate. We know our proven enterprise strategy will keep you up, running ‒ and secure. One last thing! Do you know what the biggest threat to every business is today? It’s your employees! Everyone knows how to use a computer, they have personal email accounts on google, Outlook or yahoo. They have access to social media such as Facebook, twitter and Instagram. Employees get targeted on personal accounts just as often as businesses do! You should ask yourself: Are your employees misusing company assets to access personal accounts during business hours? Not only are they providing an unfiltered entry point into your network, think about the loss in productivity that may be occurring. You should put a stop to this type of behavior right away. Do your employees have access to file-share services like dropbox, onedrive or google drive? What are you doing to stop your proprietary business and customer data from being copied out to those locations and shared? These are a few questions a security-focused IT partner should be asking when helping to keep you safe. Should you have any questions about Hammett Technologies, please contact me directly. I look forward to the opportunity of building our relationship. Ultimately, what you do is dependent on your data – and our specialty is helping our clients Design, Deploy, Connect, Managed and Protect that data.
In today’s world, small- and medium-sized companies — and even large corporations — are losing literally billions of dollars because of Internet scammers. The U.S. Federal Bureau of Investigation states that more than $2.3 billion has been stolen from businesses in less than three years. Scammers often impersonate one of the executives at a company to send an email prompting employees to transfer money out of the company — and directly into the scammer’s hands. These email scams are becoming more and more sophisticated, and they have fooled countless unsuspecting employees. Business Email Compromise These types of scams are referred to as “business email compromise.” The problem has become so prevalent that the FBI issued a formal alert to businesses in February of 2016. Occurrences of cybercrime in the form of business email compromise are reported from all over the world, with more than 79 different countries impacted. While cybercrimes like these were known to be on the rise, that they have now reached a multi-billion dollar industry for scammers is new information — and unquestionably a frightening revelation for business owners. Scammer Success = Industry Growth Experts in the fields of cyber security and cybercrime report that because of the high success level of the scammers and the relatively easy methods involved in achieving the crimes, it is very likely that this type of cybercrime will only continue to grow. Even more businesses are going to fall victim to these scams. The only way to avoid these increasingly clever scammers is education coupled with an expert IT team. Signs It’s a Scam These email scams are successful because the criminals behind them spend considerable time and effort making them look as legitimate as possible. However, a few signs signal it may be a scam email, including: A request for immediate wire transfer. The wrong name on an email. For example, the email may be signed by a company’s CEO rather than the lower-ranked person from whom it would logically come. Unusual wording in the email message. While companies can keep an eye out for signs like these, it is possible that an email will be so sophisticated and well-researched that no clear signs will indicate it’s fake. The scammers may go to great pains to research the company they’re dealing with, the individuals they’re writing to, and the finances of the company. This may allow them to create extremely convincing emails that will put a company’s well-being at stake unless the correspondence is immediately discovered to be a fraud. Preparing Your Company to Outwit the Scammers Want to be sure that your company is fully protected from Internet scammers? It is completely possible, but you need the right guidance to do so. Our IT experts are here to help. To get more info, give {company} in {city} a call at {phone}, or send an email to {email} today.
In the interest of staying abreast of the latest technological trends, learning how to properly navigate on the Cloud is an imperative lesson for virtually anyone who uses the Internet in this age. While many believe the Cloud to be a much safer place than it is, there is actually a plethora of traps and pitfalls that can be highly detrimental to one’s life. The following is an overview of the top three ways to stay safe and secure on the Cloud. 1. Be Smart About Passwords First and foremost, it is important to carefully select your passwords. This means, choosing something memorable, but not so easy that others can guess it. In addition to that, try not to recycle the same password over and over because if someone happens to hack one of your accounts, they will have the password to all of them. Moreover, be sure to create a stronger password by using a mix of upper and lowercase letters, as well as symbols in order to make it more difficult to guess. Lastly, keep it simple. You definitely need to use a password that you can remember. A password is useless if you have to keep it somewhere written down in order to remember it. 2. Pay Attention to Your Network In addition to that, the average person has become quite accustomed to using public WiFi as a means of executing a number of online tasks. While public WiFi networks are certainly convenient, they are often far from secure. Be mindful of your location and the things you view when operating on a public WiFi network. Checking your Twitter page might be totally fine, but you may want to think twice before checking your bank balance or completing a financial transaction. 3. Keep in Contact with IT Lastly, one of the best ways to stay secure on the Cloud is by regularly consulting with your IT provider. They can tell you things, such as the best places to access important data, teach you about backing up your data, as well as ways your data can be encrypted. This is the best way to stay safe and secure on the web over time. Overall, staying secure on the Cloud is not as difficult as it seems. By simply following these tips and remaining vigilant while operating in the cyber realm, you will save yourself a world of turmoil and trouble.
Today a new type of malware is currently making the rounds that may be worse than anything we have ever dealt with before. It is called ransomware and it is a type of malware that not only hijacks your desktop, but also holds it ransom. Not only is ransomware scary for individuals who manage their lives almost entirely on laptops and smart phones, it is even more frightening for small- to mid-sized businesses that depend on the viability of their IT systems for their success. What is Ransomware? Ransomware is a type of malware that not only holds your vital data files hostage, but also seeks to extort money from you for their return. How does ransomware actually work? In a typical attack, the ransomware takes control of your desktop, displaying a pop-up that your computer is infected and you must purchase a software product to take care of the problem. In early versions of ransomware you could simply reinstall windows and the problem would go away. Today, however, ransomware developers have become increasingly sophisticated. The latest forms of ransomware will actually begin to encrypt your vital personal and business files, displaying a message that you will not receive the encryption key until you have paid a particular sum, often as much as $300. The ironic thing is that some of these programs actually treat extorting money as though it were an e-commerce shopping cart, happily guiding you through the checkout process by offering you a variety of payment options. Once they have extorted several hundred dollars from you they will give you the key to retrieve and restore your files, but can you really trust them to live up to their end of the deal? What Ransomware Can Do to Your Business While the effects of ransomware on individuals may be bad enough, a ransomware attack can cripple a small- to mid-sized business. Since 2014 the frequency and severity of ransomware attacks on small businesses have increased a great deal. Small and medium sized businesses are particularly vulnerable to cyber attack because they do not have the financial resources to invest in IT management and security services. Because they have limited staff resources, many small businesses are not always able to implement IT best practices. In the event of a ransomware attack, even if the company actually does pay the ransom and receives a retrieval key, there is no guarantee that the files will not be damaged. For this reason it is important for businesses to avoid ransomware and protect themselves from ransomware attacks. Avoiding Ransomware The best way to avoid ransomware is to follow IT best practices including: Never download any suspicious files. Ransomware may appear as an .exe file attached to an email. Do not open or run any of these suspicious files without scanning them first. This is especially true if do not know the sender and were not expecting anyone to send you any attached files. Keep your anti-virus program up to date. As noted earlier, ransomware is a new type of malware. This means that, if your anti-virus is old, it might not be able to detect certain kinds of ransomware. For this reason, ensure that you have the latest version of anti-virus software protecting your system. Keep your browser and operating system updated. Those who develop malware understand that older versions of web browsers and operating systems are sure to have certain security loop-holes that brand new malware, like ransomware, can penetrate. By keeping your system up to date, you effectively avoid this risk. Protecting Your Business Against Ransomware Attacks The best way to protect yourself and your business from a ransomware attack is to take the danger of losing access to your most important files away by taking backup and business continuity measures. This is done by moving important files to a location where they cannot be written over, encrypted or erased on either an external hard drive or a remote server. If you store your files on an internal hard drive the ransomware could conceivably gain write access to them, making your important files vulnerable to ransomware attack. While this may sound like a lot of work, it is actually a standard part of most managed IT security packages. IT security services routinely back up your company’s files on remote servers, keeping them safe from threats like ransomware. Through a multi-step process, including risk assessment, backup and business continuity measures, email protection and 24 hour network monitoring, an IT security service will also keep your systems up to date, so you are always ready to avoid or deal with the latest cyber threats.