Why Do Australian Businesses Require Cyber Security? Here are Some Eye Opening Stats

[box style=”simple”]

This is a guest post by Gavin McDowell, Chief Security Officer at Gridware Cybersecurity. Gavin is a highly experienced information security expert with over 17 years experience in the IT industry.

[/box]

In just the last five years, business leaders have changed the tone of their cyber security conversations. It is no longer a discussion about layers of defence or the beefiness of the firewall, instead Directors now understand it’s no longer a matter of ‘if’ but instead a matter of ‘when’ the system will be breached. And the smart companies have already started to shift their resources from preventative techniques to detective ones.

The fact that historical approaches to cybersecurity are no longer good enough is an indication that cyber attackers have become more intelligent and patient, and that the nature of the attacks are more sophisticated. In today’s digital world, this is something business leaders have come to accept.

The perimeter of your network can no longer be defined and effectively controlled, instead attackers have learned to be patient and exploit lower risk vulnerabilities that are usually ignored by internal IT teams, allowing exploits to go unnoticed.

This demonstrates all the more reason Australian businesses need to take cyber security more seriously. The first step will be to focus on predicting where the next risks will be for their business and working pre-emptively to come up with solutions.

There is no better way to demonstrate the urgency of developing formal cyber security plans for your business than looking at some of the big players and the cost of their data breaches:

Case Study 1 – Target

The brand we know and love, Target was subjected to a malware based attack through a compromised point of sale system that allowed hackers to steal credit card information of customers for three years without detection. Target’s share prices dropped 13.7% the month of announcing the data breach, and said the cost of the breach aftermath was close to $163 million.

Case Study 2 – Sony Pictures

This time hackers used more complex exploits. They utilised highly sophisticated phishing, calling employees pretending to be from internal IT teams, and ended up creating fake digital authentication certificates to bypass security systems. The breach allowed the hackers to expose the entire Sony employee email servers to the public. Sony admitted the cost of the IT repairs after the breach totalled $35 million, with the total cost of the breach coming close to $1 billion.

Case Study 3 – US Office of Personnel Management

Government departments are especially vulnerable which is why the Coalition has recently introduced an Australian Government Cyber Security Strategy. In the United States, however, the Office of Personnel Management had 22 million government employee records stolen by a contractor who was tasked with performing background checks. The information stolen included employee driver’s licences and passport information.

Case Study 4 – Yahoo

One of the largest breaches of customer information ever recorded, Yahoo reported in late 2016 that a breach occurred three years earlier in 2013 of over 1 billion user accounts that were compromised by hackers. The cyber criminals took and published the user records which included full names, emails, data of births, secret questions and answers and passwords. Verizon Communications reduced its original take-over bid of Yahoo by $925 million as a result of this breach, with the real implicated cost of the breach not disclosed, the catastrophic effect of the breach has certainly been felt in the reputational damage Yahoo has faced in the media.

So How can My Company be Compromised?

This is question most want answered. How can I be breached? With the premise of the question being ‘what can I do to prevent this particular breach?’ The reality is, for close to 60% of cases, attackers will be able to compromise an unprepared organisation within minutes.

Between 70-90% of malware samples were uniquely created to an organisation. This means attackers will likely evaluate your specific business, looking closely at the applications you are running to develop a unique exploit.

The prevalence of phishing is also a very high risk. Two thirds of incidents where a business was compromised included a pattern of phishing. In a recent study by the Ponemon Institute, 23% of business employees open phishing messages and 11% click on attachments within the first hour of receiving them.

What Will a Cyber Breach Cost?

Perhaps you’re not in the middle of a take-over bid, but the cost of cyber breaches will still be great. IBM interviewed 1500 organisations and found that the data breach cost per record (that is, think how many paying customers you have ever had in your company records) would amount to between $200-400 per customer. And the costs are growing. You need to consider not only the IT repair and hardware costs, but the reputational damage that will inevitably occur when you are forced to publically disclose your company was breached by the Privacy Commissioner (and the cost of fines if you don’t).

Where should I Focus If I Want To Protect My Business?

Start by assessing the cyber risks that apply to your business. Look at your cyber maturity and your business objectives:

 

    • What digital solutions are changing in line with where the business is heading?

 

    • Consider how you will mitigate those risks, what is your ‘plan b’ and ‘failsafe’ for each critical system?

 

    • What type of cyber awareness training might be appropriate for your employees and how regularly should they refresh their knowledge?

 

    • Ensure you have senior management support for good cyber practices and that is reflected through the company culture.

 

    • Ensure you have three lines of defence for critical systems:
        1. the right configurations,
        1. effective and regular monitoring of those controls and configurations, and;
        1. having an independent expert regularly audit and assess those controls to determine any weaknesses.

Cyber threats will continue to rapidly evolve in the years to come. In 2017, it is now more critical than ever to ensure you remain a step ahead of cyber criminals and your competitors to give your company the edge to grow and succeed securely.


 

References:

 

https://techcrunch.com/2015/02/25/target-says-credit-card-data-breach-cost-it-162m-in-2013-14/

 

https://www.csoonline.com/article/2879444/data-breach/hack-to-cost-sony-35-million-in-it-repairs.html

 

https://cybersecuritystrategy.dpmc.gov.au/assets/img/PMC-Cyber-Strategy.pdf

 

https://www.cnbc.com/2017/03/14/verizon-sought-925-million-discount-for-yahoo-merger-got-350-million.html

 

https://fortune.com/2017/01/09/yahoo-marissa-mayer-board-verizon-acquisition/

 

Cost of Data Breach Study: United States, Ponemon Institute LLC, May 2016.

 

https://www-03.ibm.com/security/infographics/data-breach/

 

https://www.oaic.gov.au/media-and-speeches/statements/mandatory-data-breach-notification

 

[box style=”simple”]

Gavin McDowell is the Chief Security Officer at Gridware Cybersecurity. Gavin is a highly experienced information security expert with over 17 years experience in the IT industry. Prior to Gridware, Gavin held several senior security roles at Accenture Consulting, Symantec Australia and Westpac Banking Corporation. Gavin has a Bachelor of Computer Science (First Class Honours) from the University of Sydney and a Masters of Business Administration from Macquarie Graduate School of Management. You can find Gridware on Facebook and Twitter.

[/box]

Tips for creating a memorable and secure password

Tips for creating a secure and memorable password

Remembering your password can be difficult at the best of times. To add to that, most websites these days require password security so they can store your personal information and keep it secure. So you have all these passwords for countless different website and it can begin to be difficult to remember them all.

To help you create memorable (and secure) passwords we’ve put a lists of tips you can use:

[space]

[/space]

    1. Base your password around a personal goal and add the date by which you want to reach that goal, e.g.: Europe2019
    2. Make up a visual password by following a pattern on your keyboard, e.g.: cvghyu89
    3. Combine three random words, e.g.: TreeLibrarySound
    4. Include words from a different language. e.g.: VeniVidiVici (I came, I saw, I conquered in latin).
    5. Revere a word or phrase, e.g.: esarhp
    6. Try referencing an unsual word, phrase or quote from your favourite book or movie, e.g.: “May the Force be with you”.
    7. Use the first letter from each word in a quote or saying, e.g.: MtFbwy
    8. Use a phrase that includes punctuation, e.g.: WhySoSerious?

[space]

[/space]

To add another layer of security for all above instances, why not replace some letters with numbers or symbols, e.g.: 8=B, @=a,$=s, 1=!, 3=E. Or use capitals for the words that normally require capitalisation.

Most passwords requirements are between 6-8 characters, if you’ve chosen a quote that’s a little short, try adding a random number or symbol to increase your password length.

However, avoid using the simple number patterns such as “1234” or your birth date. Find something that holds meaning to you. For example, the first Star Wars movie was released 25th May 1977, so my password would look like this: MtFbwy25577

So, the next time you lock yourself out, why not try one of these examples to make sure you never forget it again. And if you haven’t changed your passwords in a while, maybe it’s time for a refresh to keep it all secure and safe. 😉

Backing up Office 365 with Backupify

More and more companies are relying on Office 365 to get their business done, but all that cloud data is followed by risks you may not be aware of. What if a file is accidentally deleted or overwritten? Do you have a plan for when employees leave the company? How do you ensure their files and information stays within the company? Enter Datto Backupify.

Datto Backupify fills a gap in the Office 365 offering by backing up the data within user mailboxes, OneDrive & the company SharePoint sites. It ensures that companies can access and control the data they entrust to these systems and prevents data loss from external threats, user and service error.

If you’re currently using (or looking to migrate to) Office 365, you should know that Office 365 doesn’t back anything up long-term. If you delete something, after a 30 day period it is gone forever, unless you use a third party tool like Backupify.

Backupify lets you restore individual files/emails to entire SharePoint libraries and mailboxes as well as an external download so you can actually download your data to your computer/server. This is a function that a lot of other products can’t do, instead they can only restore back into Office 365.

[list type=”icon” style=”none” icon=”double-angle-right” icon_color=”#90a105″]

    • Manage backups, view restores, and see an activity feed from an easy-to-use dashboard
    • Zero in on files, emails, contacts, and calendar invites with robust search parameters
    • Restore files, emails and calendar invites directly to a user’s account or download them instantly to your own computer

[/list]

[box style=”simple”]

It’s also inexpensive, 1-24 staff is $75ex/month for the client and they get three backups a day. For more information about Datto Backupify contact us on community@grassrootsit.com.au

[/box]

Protecting your business with Cyber Insurance

With digital technologies on the rise, more Australians than ever before are falling victim to cyber crime, and recently businesses have been in the cross-hairs.

[space]

[/space]

From identity theft to credit card fraud, email scams, and computer viruses, the number of ways that criminals can access your personal information online has more than doubled in the past decade. In fact, a startling new report released by Veda, the leading provider of credit information and analysis in Australia and New Zealand, shows that one in four Australians claimed to be a victim of identity theft or fraud in 2015. This means that 3.8 million people inadvertently became pawns in the global fraud marketplace last year. But, Fiona Long, Veda’s Head of Cybercrime, says she fears that this is just the “tip of the iceberg,” with many more Australians living their lives like normal, completely unaware that their data has been stolen or compromised.

[one_fourth valign=”top” animation=”none”]

[/one_fourth]

[one_half valign=”top” animation=”none”]

[quote author_name=”Ms Long” size=”small” style=”simple”]

“The issue of identity fraud is not going to abate. The virtual economy has created a world of opportunity for cybercriminals,”

[/quote]

[/one_half]

[one_fourth_last valign=”top” animation=”none”]

[/one_fourth_last]

[space]

[/space]

Is your business at risk of cyber crime?

[space]

[/space]

With cyber crime growing in frequency, many businesses have discovered that their valuable data is at risk too. For example, the CFO of one of Australia’s largest insurance groups recently received a precarious email with an attached invoice for $50,000 from his CEO. The email contained the appropriate sender address, signature, privacy blurb, and even the language sounded just like the CEO in question. Everything seemed perfectly normal. Except for one thing. The CFO had never, in the seven years that he had been working at the insurance group, received an email with an attached invoice from his CEO. He jumped on the phone immediately and confirmed with his CEO that the email was a scam.

Unfortunately, not all cyber crimes end quite so easily. The Australian Government estimates that identity crime costs Australia around $2 billion a year with a further $350 million spent on preventing and responding to identity crime annually.

Imelda Newton, the General Manager of Veda, says that the damage caused by online scams and identity theft can sometimes be irreparable.

[one_fourth valign=”top” animation=”none”]

[/one_fourth]

[one_half valign=”top” animation=”none”]

[quote author_name=”Ms Newton” size=”small” style=”simple”]

“The cost of brand damage to an institution that suffers a major data breach, or the cost of the embarrassment felt by a consumer if they are refused credit because their identity has been stolen, is immeasurable,”

[/quote]

[/one_half]

[one_fourth_last valign=”top” animation=”none”]

[/one_fourth_last]

[space]

[/space]

Earlier in the year, the Government announced that it was prepared to strike back at cyber criminals, with $230 million of funds to be spent on a new cyber security strategy, including 100 new cyber specialists to combat “foreign adversaries”.

But what about cyber crime insurance? Can you protect your business from financial losses incurred by hackers, criminals, and online offenders?

[space]

[/space]

Cyber crime insurance grows in demand

As with every other technology sector, cyber crime insurance is an emerging field. Many insurance companies offer some form of protection against cyber attacks, but the solutions are not all-encompassing.

For example, at Allsafe Insurance, one of our clients recently came to us with a dilemma involving an email scam and an unlawful bank transfer. A supplier received an email from our client advising them that they now had a new bank account and enclosed were the details. Not thinking anything of it, the supplier promptly updated our client’s bank account details and paid an outstanding debt of $10k into the new account. Once again, the email looked legitimate; the sender email address was correct, and there was a familiar signature and privacy blurb at the bottom. However, about a week later, our client contacted the supplier chasing the $10k debt and was told it had already been paid. The supplier told the client that they had paid the funds into their new account. But, of course, our client had not changed their bank account details in some 15 years!

As cyber security has been thrust into the spotlight, cases like this have prompted businesses and insurance companies to start a conversation about what needs to be done to safeguard against cyber crime. According to Chris Mackinnon, the General Representative of Lloyd’s Australia, the truly difficult risks of today are those which are rapidly evolving in the cyber crime space. “The unquantifiable threats surrounding cyber represent one of the biggest challenges the industry has ever faced,” he says. “The perils are evolving more rapidly than the products. Liability wordings become exposed to risks that didn’t exist at the time of writing, so how do you price that risk?”

[space]

[/space]

Stay alert and educate yourself

[space]

[/space]

Okay, so if you can’t gain access to cyber crime insurance or there are no existing policies that fit your unique situation just yet, what is the best thing to do? For now, we recommend educating yourself about cyber security and training your staff to be vigilant. In a lot of the cases we have seen, it has been because of dedicated and observant staff that cyber attacks have not escalated into something much worse.

You can read more about cyber crime at the Australian Cybercrime Online Reporting Network (ACORN). And, rest assured that the insurance industry is working on new solutions!

[space]

[/space]

Keeping your business safe with Datto Business Continuity solutions

Ransomware is becoming a leading threat to small business in Australia. It’s a type of malware that encrypts data on infected systems and locks its victim’s files and allows criminals to demand payment to release them. Small businesses are particularly vulnerable to these attacks.

In this webinar, James Bergl from Datto shares the steps you can take to keep your business safe from these expert hackers.

[space]

[/space]

[space]

[/space]

More data is being created and stored, by companies of all sizes. Data will continue to grow at rates from 11% to 40% annually (Enterprise Strategy Group). Amount of data could grow by 50 times by 2020. (IDC)

SMBs are part of the “big data” wave.  It really just means smarter use of their data, in turn making it more valuable.

For SMBs, their data is their lifeline.

[space]

[/space]

perfect-data-storm

[space]

[/space]

Have you experienced disaster in your business?

Earthquakes are a real threat here.  And even in a minor earthquake you may not be let back into a server room until the building is inspected. However, there are more and more threats to a business’ data.  Not just big natural disasters but the day-to-day data loss disasters caused by malware, server failure, power outages and human error.

[space]

[/space]

Evaluate your risk

Aging equipment and more security risks will drive more data failure and potential data loss for businesses of all sizes, particularly small business.

95% of companies experienced an unplanned data center outage in the past two years. (Ponemon Institute)

[space]

[/space]

Protecting your data is protecting your business

You wouldn’t consider running your business without insuring your employees or the physical components.  For example, you have have insurance for the physical desktops in case they get stolen, but what about the more valuable data that it contains?

Most business liability insurance policies do not cover data loss.

[space]

[/space]

What is true Business Continuity?

Just backing up the data is not enough. Business Continuity is about keeping the business up and running in the event of an outage.

  • Hybrid cloud-based backup
  • Image-based backup

Backup entire servers, not just select sets of files.

  • Delivers superior

RTO = Recovery Time Objective
How much downtime can you withstand?

How long can your business be down without it affecting your bottom line?

  • Seconds
  • Minutes
  • Hours
  • Days
  • Never

 

RPO = Recovery Point Objective
How much data are you willing to lose?

  • Eliminates downtime (Virtualization)

[space]

[/space]

dattoo

[space]

[/space]

To sum it up…

 

[list type=”icon” style=”none” icon=”double-angle-right” icon_color=”#90a105″]

  • Ransomware is rife & will cost your business money and time
  • Backup is not enough to deliver business continuity
  • Grassroots & Datto are committed to delivering a complete solution to protect you against downtime

[/list]

[box style=”solid”]

Offer:

FREE RTO/RPO Consultancy Session with Grassroots IT

30% discount on all 3 year contracts before December 14th 2016

Email: ben@grassrootsit.com.au

 

[/box]

[space]

[/space]

Should I get Cyber Insurance for my Business?

We’ve had a few inquiries recently about whether it’s worth getting Cyber Insurance to keep businesses safe from cyber incidents. Insurance isn’t our area of expertise, so we’ve asked insurance expert Todd Ferguson from Allsafe to give us a run down of how Cyber Insurance can ensure peace of mind for business owners.

 

[divider style=”none”]

[/divider]

Technology in the 21st century has opened up many possibilities for streamlining greater efficiency, production and processes for businesses. However, as life starts to transition rapidly into the digital world, so does the risk of cyber breach. So let’s discuss the importance of cyber insurance and its advantages.

[space]

[/space]

In 2014, it was calculated that 1,131 cyber incidents were reported through the Australian Signals Directorate (ASD) – an Australian Government Intelligence Agency tasked with ensuring our information security. This figure was a 20% increase from the previous year and these statistics prove that as the move into digital and cloud-based services starts to gain momentum, so does the increased risk of cyber-attacks.

 

Did you know that many major companies have in fact been hacked in the past?

 

Familiar names and brands such as Nike, the FBI and in one now infamous incident, Sony Pictures. During this episode involving Sony Pictures, it was believed that North Korea had hacked the multi-billion dollar company and stolen vital information from the controversial movie ‘The Interview’ – a fictional movie on the assassination of the North Korean supreme leader. More recently, Australia’s Bureau of Meteorology (BOM) was hacked, as was (very publicly) the Australian Census website, which had the nation questioning the Australian Cyber Security Centre.

Today, statistics show that 1 in 3 businesses are or have been hacked, with 40% of this figure representing small-medium (SME) sized businesses. Ultimately, this then means there are three different types of businesses; companies that have been hacked and are aware of it, companies that have been hacked but are unaware and companies yet to be hacked. If your business suffers a cyber-attack or breach, the following can be compromised:

[space]

[/space]

[list type=”icon” style=”none” icon=”double-angle-right” icon_color=”#90a105″]

  • Sensitive or confidential data stolen or revealed.
  • Software can be disabled or held to ransom.
  • Personal data belonging to your customers can be stolen.
  • Share prices may decrease as stakeholders lose confidence within a company.
  • Lawsuits which may give rise to other liabilities.

[/list]

[space]

[/space]

You may be thinking, “It’s ok, I have the top of the line malware for my business, my IT provider said so”. Like fire insurance for your business and so many other unforeseen events, even if you have the best software protection money can buy, you still run the risk of being compromised. Human error alone (which we will discuss in our next post) accounts for nearly 30% of all Cyber Insurance claims see through our office in the last 12 months. Cyber insurance is the best way to protect your businesses online data and presence in the long run. Simply speaking, cyber insurance will cover your business for the situations which are listed above and many more, as opposed to having to foot the bill if you are relying solely on your existing software security.

Cyber insurance gives you the chance to know that your business, and the businesses you look after, are in safe hands when things go wrong. So whether you’re in business with aviation, agriculture, construction, marine, trades or property, Allsafe has a cyber-insurance specifically tailored for you and your business.

[space]

[/space]

[space]

[/space]

[box style=”simple”]

If you’d like to know more about Cyber Insurance, you can contact Todd by visiting the All Safe website or ring All Safe directly on 1300 908 404.

[/box]

[space]

[/space]

[space]

[/space]

Business lessons from Department of Education Report

A recent report by the Western Australia Auditor General has found a number of critical shortcomings with the Department of Education’s ICT program, all of which present remarkable parallels with challenges we see regularly within the Australian small business sector.

Specifically, the auditor general found that there appears to be no clear strategy in place to maintain, support or update ICT infrastructure, resulting in schools struggling with the use of aging and outdated ICT, in some cases abandoning its use altogether. This combined with a lack of suitable IT expertise is resulting in many schools rapidly falling behind.

[quote size=”medium” style=”solid”]

“It is clear that some schools are struggling to understand and keep up with changes in ICT”

[/quote]

Some key points covered in the report include:

[list type=”icon” style=”none” icon=”double-angle-right” icon_color=”#90a105″]

  • Poorly planned replacement strategy for aging technology, resulting in 28% of all student devices being over 4 years old (the point at which computers are generally considered obsolete).
  • Insufficient IT support and poorly standardised equipment and operating environments resulting in substantial productivity loss.
  • Ballooning internet and data usage requirements due to the increasing use of online services is rapidly outstripping available bandwidth.
  • Wifi is rapidly becoming a core element of networks without sufficient consideration given to appropriate infrastructure.
  • BYOD has either already been, or is actively being considered.

[/list]

[space]

[/space]

So, what lessons can we take from the auditor general’s report for our own businesses?

Well, there are both strategic and tactical lessons we can find in the full report, but for now let’s stay focussed on just the points mentioned above, and what we can take from them.

[space]

[/space]

  • Plan and budget for the periodic replacement of ICT assets. With normal business usage, most desktop and laptop computers can expect to have a 3-4 year working life. Servers have traditionally worked to a 3 year working life, however in recent times this has been extending towards 5 years. Creating a replacement plan and budgeting accordingly is a simple, straightforward task that will avoid lost productivity and costly surprises, and all you need to get started is a list of your computers and when they were purchased.
  • Don’t underestimate the benefits of standardising and properly supporting your ICT. Quite simply this will help your staff and your business stay productive and happy, and if delivered properly will save you money and make you more profitable.
  • Online and cloud services are transforming the way we do business, but you need fast, reliable internet. Don’t underestimate the load that cloud services can place on your internet connection, or the loss of productivity if staff can’t use these services efficiently (or at all).
  • Getting wireless networking right doesn’t need to be complicated or super expensive, but it may require more than a single $50 access point. Wireless networking can also provide a range of business benefits that you may not already be realising. Consider assessing your existing and potential use of wireless networking, and seek advice on how best to maximise your return on investment.
  • BYOD is a real thing with real potential benefits, but it needs to be properly thought through and well implemented. BYOD has implications not just for IT, but for most other areas of the business from recruitment through HR to legal, compliance and finance. When done well BYOD can transform an organisation. When done poorly it can create a chaotic, expensive mess.

[space]

[/space]

DattoCon 2016 Round Up

What do you get when you drop 1,000 technology geeks and entrepreneurs into the centre of Nashville for a week? One of the year’s best tech conferences, DattoCon, that’s what! As it turns out you also get a lot of jet lag, country music, late nights and cowboy hats. Who could ask for more?

DattoCon is the annual conference hosted by Datto, the company behind the awesome business continuity solutions that I’m sure you’ve heard us talk about before. (What’s that? You haven’t? Madness. Email me now, you need to know about this stuff.) As with most conferences the most valuable bits happen in the hallway conversations, discussions over dinner, and the people you meet at the bar. Here’s my roundup of the top 5 things I took away from DattoCon 2016.

[section background_repeat=”repeat” background_position=”center top” background_attachment=”static” background_scroll=”none”]

Backup and Disaster Recovery is no longer enough

[space]

[/space]

We all know that having a proper Backup and Disaster Recovery solution in place is absolutely critical, right? It may be something simple like an accidentally deleted file, or something far bigger such as a server failure, but having proper working, tested backups in place is pretty much “IT 101”, and should be considered a ‘non-negotiable’ in your business.

The thing is, in 2016 that’s no longer enough. Now you need to be extending your thinking through BUDR to Business Continuity – IE: How do you keep your business running during and immediately following the incident. You see, with traditional BUDR thinking, the actual recovery process can take hours or even days, and that’s assuming you have suitable hardware on hand to restore the backups to (this is called the Recovery Time Objective or RTO). While systems are being restored from backup your business may not be able to operate.

By adding Business Continuity to your thinking, you can start to consider ways to keep your business operational while the full restoration and recovery process takes place.

[space]

[/space]

Ransomware is now the key reason that a Business Continuity solution is critical

[space]

[/space]

Ransomware infections including ones like the CryptoLocker virus that got a lot of mainstream media attention not that long ago are still running rampant. Interestingly one of the key themes coming through at DattoCon was that ransomware is now one of, if not the most important reason for businesses to think carefully about their Business Continuity plans.

Recovering from a ransomware infection isn’t always a quick and easy process, so giving the matter some consideration in advance as to how your business can continue to function while that process takes place is important.

I can cite specific examples where we have been able to activate a client’s Business Continuity plan immediately following a ransomware infection, and keep their business operations flowing while the full recovery continued behind the scenes. Unfortunately, I can also cite examples where client’s operations have been seriously disrupted for days because they did not have an effective business continuity plan in place.

[space]

[/space]

Network Security is a multi-layered thing

[space]

[/space]

Back in the good old days, having antivirus software installed on your network was generally about as far as most people went when it came to network security. Surprise, surprise, those days are gone. Solid business grade antivirus software is still critical, but no longer enough.

Here’s a basic checklist of everything you need to be thinking about when it comes to your network security:

[list type=”icon” style=”none” icon=”double-angle-right” icon_color=”#90a105″]

    • Business grade antivirus software
    • Intelligent internet UTM/Firewall device
    • Monitored backup solution including offsite replication
    • Staff education around staying safe
    • Business continuity plan for when things still manage to slip through

[/list]

The good news is that these days you can address each of these points far cheaper and easier than ever before. Remember too that this list is just a starting point.

[space]

[/space]

The Cloud is not rendering IT Support unnecessary

There’s been a lot of chatter in certain parts of the IT industry over the last few years, with some providers worried that the rapid uptake of cloud services could mean the end for their business. After all, according to the cloud providers marketing, moving to the cloud will solve all of your problems for a fraction of the price, right? Catching up with so many colleagues at DattoCon was a great opportunity to see if there was anything to this.

In actual fact, what we’re starting to see emerge is a very clear “Yes and No” to this concern. Those IT providers whose business has traditionally been based on the sale and installation of servers and the like are having to adapt or suffer. A lot are adapting quite effectively, however others are not.

For those providers with a strong focus on customer service and IT support, it seems that business is busier than ever. Most seem to be successfully integrating cloud services into their offerings, and the load on their support teams are no less with cloud based services than they were with on premise services.

[space]

[/space]

Nashville is Awesome!

[space]

[/space]

OK, so this one doesn’t really have anything to do with DattoCon, technology or entrepreneurship, but I had to throw it in anyway. Nashville is an absolute hoot! The live music scene is just out of control, the bars and venues are a heap of fun, and the people super nice. If you ever have the chance to drop in on Nashville, I definitely encourage you to do so. Just remember the Panadol.

[/section]

WOZ-250-CM2D3482
Ben with Steve Wozniak (aka The Woz), co-founder of Apple, at #DattoCon16.

[space]

[/space]

Spammers are at it again

Over the last couple of weeks that a nasty infection is doing the rounds. This infection, generally referred to as the CryptoLocker virus, spreads a viral email, so an email arrives with a malicious attachment or a link to a malicious website. If one of your users clicks on the attachment or that link, their machine will be infected and so will your network.

It looks like the spammers are at it again with a new variant of the CryptoLocker virus. You and your team need to be wary of strange emails coming from places like the ATO or Australia Post but this particular variant is making it look like it’s from a power company.

You can see what it looks like below (note the sender address, doesn’t look legitimate to me!).

You can see how the link has popped up after I hovered my mouse cursor over the “View your Bill”, that is clearly not an AGL website.

As we’re approaching the end of financial year, we will continue to see an influx of these spam emails. Please make your team aware of these emails and the risks involved.

If you have any questions, please contact us on 1300 554 138 or help@grassrootsit.com.au. 

[space]

[/space]

pic

[space]

[/space]

Infectious Email

A potentially infectious email containing a zip file and a word document

Hello. Ben again from Grassroots IT. Look, I really do not want to become the guy on YouTube who posts about every single new virus and infection that comes out, but I have just got hold of a new variant on those phishing emails that are coming through and wanted to show you very briefly.

What we can see here is an email that has come to my proper address. They’ve got my address from somewhere, not that that’s hard mind, and it’s come from Michael John Stone at something or other .co.uk. I have no idea who this person is for starters. That’s the first thing we need to be aware of. Coming down into the body of the email. “Denied BPay transaction”. They’re using the sort of bait here that’s likely to get everybody interested. Denied transactions. I’d better fix that otherwise I’m going to hit with fines and fees et cetera.

They’re really baiting people well. They’re talking about Australian dollars here, which makes it seem a little more legitimate given that I work in Australian Dollars. Obviously there’s my email address there.

Here’s a couple of interesting things. Can you see the attachment? Aborted Bill Payment transaction. Can you see on the end there, it says .zip? A zip file is a compressed file, a compressed archive that may contain multiple other files. It is a classic way for spammers to send through potentially infectious payloads.

What I’m going to do, I’ve already checked this out in advance so don’t panic, is I’m going to double click on that to open it. Now I would recommend that you do not. If you do receive one just like this, leave it alone. Delete it. Okie doke? So what we can see here is that it’s uncompressed that and there is a single file in there. It is a Word document. Word 97 – 2003, so a slightly older format. Again, this is looking a little bit suspicious. I’m not sure why anyone would legitimately zip up a single word document. But I’m going to double click on that again.

Now, again, do not do this yourselves, please. I’ve already been through this. I know what I’m doing. These are trained professionals, people. Now this is interesting. We get a Word document. The main way that they can potentially infect your computer or cause problems, is using macros. Macros are like little scripts or computer programs that can run within a Word document. But by default, Word will not run those macros. It’s got security settings in place that don’t let that happen. So what they’re trying to prompt you to do here is to essentially disable that security, okay?

See this, Macros must be enabled to display the contents of the document. They’re actually trying to get you to disable that built-in security that Word has so that their malicious payload can run.

Now going through the document here, they do give you instructions on how to do that for every version of Microsoft Word. Again, don’t do this. What I’m going to do though is do this. So I’m clicking on enable editing. Okay. So it’s changed views now into the editing view of Word. You can see our document there but here’s another security warning. Security warning: Macros have been disabled, so Word is still trying to protect me. Now, I’m not going to click on Enable Content. That will cause problems on my computer and I don’t want that. What I am going to do, though, is show you something which is a bit geeky but I thought you might like to see it.

What we’re looking at here is the Visual Basic for applications editor. This is the actual window that you can use to work with these malicious macros and scripts and so on. And there’s one here. See that one there. Project Bill Pay Cancelled? That is essentially the malicious little script which will try to do nasty stuff to our computer. When I click on that, they’ve got it password protected so that you can’t go in there and see exactly what the scripts are trying to do, etc. etc.

That’s the end of this particular video but I did just want to step you through that. If you get those emails coming through, it’s from somebody who you do not know. Big giveaway. It’s got that zip file attachment. It ends in .zip. Be super careful about those. Probably best just to delete them to be honest. In this case, because I knew what I was doing ahead of time, I went through, opened up a Word document with macros there that would try to do something nasty to my computer and infect it. I don’t know what it was going to try to do to my computer but you know what? I’d rather not find out.

For another example of a suspicious and potentially infectious email, have a look at this other post for one pretending to be from the Apple store.

 

Get the latest Updates