Purelocker

Built to Dodge Your Detection: Could This Be the First ‘Smart Malware’

Cybercriminals have done it again, they’ve developed ransomware that can now be ported to ALL MAJOR operating systems including, Windows, Linux, and MacOS. These attacks come targeted against your data servers. The name for this is PureLocker, a snaky nod to the programming language it’s been written in Pure Basic.

Carefully designed to evade detection, hiding malicious behavior in sandbox environments, using only functions seen in music playback. Reports have flown in that this malware can check if it’s in a ‘debugger’ environment, it will exit immediately deleting and hiding the payload from execution.

This has enabled PureLocker malware to stay hidden from many of the industry’s leading detection devices for up to several months. Many attacks will be launched on servers, laying aim to holding you hostage and only returning full-operation, after the ransom has been paid. Typically, these are seen by many as ‘high-value assets’ making these payment demands, suddenly sky-rocket. It should be noted, several of these examples had code to remove ALL DATA if the ransom was not paid within 7 days.

After doing some internet sleuthing, we uncovered several of these ransomware campaigns on the Dark Web, being offered to many as ‘Attacks-as-a- Service.’ Although cybercriminal operations and groups are on the rise, this bespoke attack is now being poised for use in phishing emails.

Don’t Be Fooled

These attacks mean business and are designed for criminals who know exactly how to hit organizations where it can hurt. Although uncertain how exactly its payload is delivered to businesses at this time, we know it operates with multi-staged attacks, further muddying the ability to rollback servers and systems from a single recovery point.

Those infected with the malware will see the normal signs of an attack, a ransom note with an email to begin communicating the negotiation of a fee to decrypt your files. BE WARNED: you will only have 7 days to pay the ransom, or all files will become uncoverable.

Concerned About the Health of Your Security Infrastructure?
We can help, with experts looking to provide your business, and employees with peace-of-mind knowing your data, and company reputation is protected. Bring constant visibility and threat reporting to your team, with NetCentral Secure from Clare Computer Solutions – Call us today to begin discussing your options.

10 Scary Tech Support Lessons Sure to Spook This Year

We take pride in continuing to educate our clients on the trials and tribulations seen in business technology today. The following images aren’t from our clients, but they are real-world examples of the tech support challenges many businesses face today, some completely unknowingly. No matter the issue, we always go to bat for our clients, focusing on correcting any technical support issues we uncover, and sometimes that includes educating businesses and solving their problems

Sometimes, there are problems so bad, you wouldn’t want to deal with them. So, instead of filling your inboxes with ghosts, ghouls, or pumpkins, we’ve rounded up 10 examples from the r/techsupportgore subreddit that is sure to send a painful wince or a shiver down your spine:

1. Enjoy this ‘updated’ network diagram!

Read more

Cybersecurity: 99% of Email Attacks Rely on Victims Clicking Links

While a tiny fraction of attacks relies on exploit kits and known software vulnerabilities to compromise systems, the vast majority of campaigns, 99%, require some level of human input to execute. These interactions can also enable macros, so malicious code can be run.

Sometimes it seems easy to blame users for falling victim to phishing attacks, but campaigns are becoming increasingly sophisticated. It’s often difficult to distinguish a malicious email from a regular one because attackers will tailor attacks to look as if they come from a trusted source, such as cloud service providers like Microsoft or Google, colleagues, or even the boss.

Social engineering is the key element in mimicking your routines as a business and ensuring their best-chances of success. If a user might be suspicious of ANY email, claiming to be from a colleague arriving at 10:00 PM your time, instead your working hours are when these campaigns hit, creating spoofs of legitimate emails, from well-known brands with the hopes of you interacting with it, and set off an attack.

No Geek Speak

Let’s get real for a moment here – phishing is one of the cheapest, easiest cyberattacks for criminals to learn, buy, and deploy. Just a few weeks ago, the FBI noted that Business Email Compromises are the leading attack vectors. The reason it continues to remain at the height of its potential is due to the large volume of interaction they receive. Put simply, phishing works and it can be difficult for many to implore the proper expertise when securing email systems and policies.

Although many attacks are designed to look legit, there are still ways to identify what could be a malware attack, just under your nose. If in doubt, contact the “supposed” sender of the sender to test its legitimacy. It’s worth noting that cloud providers like Microsoft, Amazon, and Google won’t ask you to click through weird looking links/URLs that ask for credentials. If one of your colleagues or yourself find something that appears suspicious, just close the email and go directly to a browser. Make sure you go directly to their website and login to check any alerts or notifications in online portals, not through email links.

Phishing by the Numbers

  • 74% of respondents say email attacks are having a major impact on their businesses. The most common effects cited were loss of employee productivity, downtime and business disruption, and damage to the reputation of the IT team.
  • 78% of organizations say the cost of email breaches is increasing.
  • Spear phishing is becoming more widespread: 43% of organizations have been the victim of a spear-phishing attack in the past 12 months.
  • More than three-quarters of organizations say their employees aren’t good at spotting suspicious emails.
  • 66% claimed that cyber-attacks have had a direct monetary cost on their organization in the past year. Nearly a quarter of respondents advised that attacks have cost their organization $100,000 or more.
  • 92% of Office 365 users have security concerns.
  • 79% of IT professionals said they are worried about attacks and breaches stemming from inside the organization.
  • 94% of organizations say employees are reporting suspicious emails to IT on a daily basis, but 58% say most emails reported to IT aren’t fraudulent.

It’s our responsibility, as the Bay Area’s #1 Managed Service Provider, that we ensure software updates, and security patches are applied regularly, in the case of someone clicking a link, malware can’t rely on any known vulnerabilities. Cybersecurity and technology are going to continue leading the changes, found in today’s business climate. Talk to a Clare Computer Solutions, expert today for a no-obligation meeting, to find out where you stand in today’s cyber-climate.

 

 

FBI Updates Statistics: CEO Fraud Is Now a $26 Billion Dollar Scam and Growing

In 2000, the FBI created the IC3, known as the Internet Crime Complaint Center was first developed to handle singular fraud cases, until 2003 when the expansion of this department became unignorable. As of late, the cyber climate began growing at a rapid pace, so to aid in safer business computing, the FBI utilizes this division to receive complaints regarding any cybercrimes or fraud dealing with intellectual property, business data, client information, or employee contact information.

FBI’s Internet Crime Complaint (IC3) reports updated numbers, with Business Email Compromise(BEC) scams, known for CEO fraud are continuing to grow year over year. With over 100% increase in identifiable losses between May 2018 and July 2019. Since releasing their last report in June 2016, the IC3 received complaints regarding 166,349 domestic or international incidents – that is too many people falling for CEO fraud. It gets worse, with a total of $26 billion being stolen from 2016 – 2019. These findings are starting for any growing business, as criminals prey on Personal Identifiable Information or Wage & Tax Statements.

What’s the scam behind the Billions lost?

Although business email compromise scams have grown, there is a heightened awareness regarding this style of fraud schemes. Making this scam the most reported scheme from victims all over the world, making up the estimated $26 billion loss. Obviously, the U.S. is hit hard, but so are 177 other countries, across 140 banking institutions. Forcing small business owners, to begin acting on proactive methods of protection, and reactive measures for employees and technology.

Defensive Measures Against Business Email Compromises:

  • Use two-factor authentication or multi-factor Authentication to verify requests regarding changes in account information.
  • Always check URLs in email links, to double-check the business is who it claims to be.
  • Be aware of purposefully misspelled links to suspicious domain names.
  • Do NOT supply logins or Personal Identification Information through email.
  • Monitor your personal accounts on a regular basis, like a missing scheduled deposit.
  • Keep software patches on ALL systems, applying any possible feature updates.
  • Always check the sender’s email address to the company, they claim to be from. In most cases, domains should be the same.
  • Ensure email extension settings are setup, according to your company policy, to address the 2nd largest attack vector.

To make sure your employees don’t fall victim to Business Email Compromises, many businesses have implemented more strict processes to double-check/authenticate information regarding payment processing, HR, or Tax Information. using familiar methods. Not sure where you Stand? Need more direction? Cyber Security is a multi-layered approach, designed to uniquely target threat-vectors in a proactive attempt to shore-up any defenses that could easily be breached.

Leave Worrying About Hackers to the Experts
Clare Computer Solutions has provided clients with IT consulting, and Managed Services in the Bay Area since 1990. Security isn’t a one-and-done approach – get the right fit security for your business.

4 Proactive Steps to Prepare Networks for Ultimate Agility

Growing in rapid popularity, networking professionals identified improving network agility as a top business goal for the year. Considered the future of networking and business computing, “Network Agility” itself has become a popular buzzword. With everyone talking about it, no one seems to agree on one definition or the next.

So what does network agility actually mean? We reached out to some of the most well-known brands in information technology, to gather and break down a jargon-free explanation. Hopefully, this will provide you some insight on network agility and answer any questions you may have.
Network Agility, So what is it?

To build agility in someone’s network, you need the ability to respond to network changes in real-time, while keeping pace with the evolving needs of your business. Agile Networking adapts to changes – like a rise in traffic, or newly-deployed devices as they happen, remaining flexible, secure, and easier to manage.

For a network looking to become more “agile,” it will need these three characteristics:

    • Scale Quickly: In standard network designs, the rules and configurations demanded to expand a network are coded by hand. In agile networking, scaling becomes a more hands-off process with network templates being deployed to address the reconfiguration of existing devices, with a more logical layout.
    • Total Visibility into the Network: In your current network, data is everything to you. All data from an endpoint, network devices, including performance data, alerts and more; must be collected and stored somewhere. This data is analyzed by machine learning and artificial intelligence in the background to work out maintenance and troubleshooting.
    • No Strings Attached: Using data collected, an agile network will discover root-causes behind specific alerts and notifications, with emphasis on the appropriate steps to troubleshoot issues. Trying each step until successful, agile networks further refine and focus their abilities in fixing problems. Eventually, leaving the entire network to find and fix issues on its own, without any interruption from the added workloads or constant human intervention.

Unless your 100% certain your network was built using modern architectures and technology, then there is likely a mismatch of different devices, spanning across many vendors.

If this sounds familiar, then achieving network agility, let alone a stable network will require modification. That doesn’t have to be done in one go, in fact, we break this process into 4 proactive steps to prepare networks:

    1. Standardization sounds scary, but limiting a network with fewer than 5 vendors is easier to monitor, and more simple to manage as a network grows diverse over time. The challenge for most businesses is the cost and time, but with a strong focus on expertise, a plan is key to avoid tossing more money at drowning technology.
    2. Become strategic when growing your network, with any modifications it’s important to make sure this is a logical extension of your network, not a cobbled-together hack. The question we always ask our clients is, “Does this position the network for success in the future?” You should be moving forward with resounding decisions, for further improving the automation and less in the difficulty in managing technology every day.
    3. Document Everything: Networks change, and having the ability to review items like topology maps, device inventory, alerts, troubleshooting efforts trending becomes easier, and a managed service provider like Clare Computer Solutions documents these changes progressively, giving access to internal teams or leadership to assist in decision making analytics. These are key when proactively, managing your network infrastructure.
    4. Tight-knit Processes are based on the documentation gained and held to create your helpful process for your internal employees, while we do the heavy lifting. When our alerts trigger, your internal teams will know exactly what is going on and know that it’s being fixed.

The fact is many businesses have already begun taking steps we’ve outlined to prepare their networks for the future. If you don’t start now, then you’ll be scrambling to modify your networks, which is a big task that requires a lot of your internal manpower, where using Clare Computer Solutions we can focus your resources, for next-level efficiency. What are you waiting forTalk to the network experts today!

The 12 Tricks to You Succeeding in Managing Office 365

Although it’s never recommended, some local businesses have taken their chances at managing and manipulating Office 365 configurations. With so much knowledge needed before making any moves, most of the time we only hear the horror stories from how things went from bad to worse. When it comes down to Office 365 management for your business, you need someone with a proven track record of knowing how to monitor, manage and grow your Office 365 tenant effective, this includes not OVER sizing/charging.

If you’re serious about managing more seats and growing your business, the time spent can quickly add up. Luckily for you, with a time-tested procedure, your business can take the pain out of managing mutilate Office 365 tenants or sites. I would not advise anyone, without expert knowledge of these products to tinker with the settings, so our team has pulled together a list of the 12 tricks to you succeeding in managing Office 365. Read more

Phishing: Even Without a Click, Your Employees Can Assist the Bad Guys

Employees can still assist the bad guys in compromising the overall safety of your organization. Over the years, we’ve reinforced these security ideas in our blogs and social media with the idea that clicking or interacting with these criminals only continues to broaden your vulnerability, making your risk of attack that much greater. These criminals are constantly adapting with every failed attempt. The criminals appear to have wised up again, as they have begun focusing more on getting employees to reply.

By drawing people into some form of back and forth email exchanges, employees begin unwittingly training these criminals, through what warrants a potential reply. One of the ways they learn to phish companies is by learning how your employees work. Read more

MFA multifactor authentication for SMB business bay area SFIllistraition_Final

Back 2 Basics: Prevent Data Breaches with Stronger Authentication

Identity security is one of the most significant challenges that IT organizations face. An identity compromise can ruin an organization, and it is the number one attack vector for hackers. Your traditional, not so secure way to log in, consists of entering your username, and that familiar password. You know, the one you probably use […]

Hackers Execute Ransomware Attack & Encryption on SF Asian Art Museum

In the wake of destruction from an ever-growing threat of cybercriminals, many major municipal branches in Baltimore and Atlanta fell victim to encrypted systems and were extorted for millions. Soon after, the major targets became local school districts and colleges, but it would appear the targets have changed once again. This time to an industry that will surprise many, who think this could NEVER happen to them.

Museums…. That’s right, last Tuesday it was reported that the Asian Art Museum in San Francisco was hit with a ransomware attack back in May. Initially, when I heard this, I was as surprised as you were, why would a Museum be hit with Ransomware? Why would someone search out cultural institutions to attack? The answer lays closer then we think, dealing in lower monetary value, museum donors’ personal information, can be easily stolen, alongside the typical digital footprint of email, phone number, first name, last name, etc.

It sounds like something out of an action movie, the hacking of a museum in San Francisco, came to the surface when the Asian Art Museum refused to pay the demanded ransom, sticking with the city’s official “no-negotiation policy.” Although everyone at the Asian Art Museum has been tight-lipped about the tactic’s used against them, we do know the data was recovered, by utilizing a trusted backup system.  Always making sure technology partners are checking-in, and running tests periodically, making sure systems built for fail-over are fully operational, and providing the museum the confidence needed to NOT PAY the ransom, knowing they can easily restore data, giving everyone at the Asian Art Museum, peace of mind.

Don’t be taken by surprise, protect your business with these five tips to better your data protection:

  1. End-Point Protection – To protect employees and business’ from cyberattacks and encryption, it’s critical to your success to employ up-to-date End-Point Protection (EPP) and Malware Alerting on high-value targets like servers or domain controllers.
  2. Gone Phishing – The human element is what gets most people, and it’s because these phishing examples have been developed to simulate a popular brand or coworker email. Without successfully phishing someone to gain access, the doors on your network can remain closed. Be warry, as social networks have been hit hard with email spoofing.
  3. See Something, Say Something – One of the most important things to teach employees within your network, is if they see a ransomware pop up, you should immediately disconnect this machine from the network. This will prevent the infected system from communicating with other nods on your network, damaging more of your data, and encrypting more technology.
  4. Group Policy Controls – Generate access controls or Group Policy, in case someone does get into one of the computers, they won’t be able to remote into someone else’s PC or system. Making it critical to prevent the spread and damage of further entities.
  5. Prioritize your Vulnerability – How much of a threat can your business take on, with information everywhere on the network, it grows impossible to secure everything, making it imperative to create a layered approach – to further secure financials and company email that could contain personal information.

In today’s cybersecurity landscape, ransomware poses a serious risk to every business. Taking a proactive approach is the key to reducing your risk. You can learn more about disaster recovery planning and reliable backup solutions by consulting a technology partner who understands your organization’s unique needs. Contact a Clare Computer Solutions Consultant today to determine your risk.

operating system security updates baseline

July Patch Updates: Correcting the Windows 10 Operating System’s Baseline Security

One of the focuses of the Windows 10 operating system was its improved security overall. While it does still dwarf it’s older versions in comparison; one aspect even your Operating System can’t fix by itself is – user behavior.

That’s right, your operating system, can only assist, guide, or require you to change your password, never focusing on its complexity. Microsoft has long stood-by their policies, that passwords should expire after so many days, to prevent compromised credentials. Having done numerous studies, when push comes to shove in most cases employees are forced to change passwords, they make a small alteration to the existing password and hit save. For many, this includes symbols and numbers tagged to the beginning or end of our credentials, to fulfill this task, before beginning our work.

In Microsoft’s latest release Feature Update #1809, they’ve updated password policies in the operating system’s including many changes to native application’s security baseline, making ALL passwords expire by force. Although this doesn’t impact password length, history, or complexity we’re moving towards much more secure environments. As many of these vulnerabilities, 77 in total related to business-line products used in our everyday working life. These won’t be the only changes, those utilizing the following Microsoft Solutions will receive security updates for two zero-day events: Internet Explorer, Microsoft Edge, Microsoft Office, Azure DevOps, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Microsoft Exchange Server.

Business’ and their employees should always focus on having a security-focused mindset, whether from Security Awareness Training, or just knowing what role passwords play in an attack. To sufficiently secure your data, organizations seek updated security tools to address their concerns and look towards in-house experts and close working relationships to build the latest guidance for securing employees and business data.

  • Banned Passwords
    Built to battle simple passwords, sticking with default passwords, makes it much less frustrating to hackers. By stopping employees who are using passwords like “123456” and “1Password!!” your organization can block the use of these commonly stolen credentials, making it more secure for the employees.
  • Multi-Factor Authentication
    Known by many as “MFA,” it’s grown common practice for most industries to require every employee within the organization to utilize more than one path for authentication. This company stance should be leveraged across your entire business, even if they ONLY have access to email.

By employing the use of these alternative controls, businesses can begin leveraging employees as their first line-of-defense. Begin to offset the potential for increased security vulnerabilities and risks, commonly seen today, educating your employees on proper password hygiene, length, and complexity, your business can easily meet the security needs of your customers and your employees.

Want the experts to educate your staff and assist your network hygiene efforts – give us a call today!