ASI logo

THE ASI ARCHIVE

JUNE 2017

free wysiwyg web site generator software download

One Email Can Bankrupt Your RIM Business

By Scott Bidwell, President/CEO

It’s Friday morning and you’re on your way to the office – your home away from home – where you take great pride in what you have built over the many years. It’s a gorgeous, sunny day – even your building seems to shine. Security cameras capture you as you drive into the facility’s parking area. Nearby, you notice your new shredding truck has arrived, or you see the new pile of rack that was recently delivered, awaiting installation. You park your car. There’s a spring in your step as you walk up the sidewalk and pull out your key fob to enter the building. Much attention has been paid to ensure best security and business practices are in place. You’ve even obtained every certification possible (NAID AAAPRISM Privacy+). Unexpectedly, your feeling of satisfaction quickly evaporates as you enter the foyer as you're told there’s inventory that needs to be delivered and shredding bins that need servicing – and your trucks can’t leave the yard. 

Why? It isn’t because your employees didn’t show up for work, or the keys to the trucks are lost (yes, it’s happened). Your business is in a state of immobilization because someone clicked on something they shouldn’t have.

You’re the victim of ransomware and the survival of your business depends on how quickly you can resolve this cyber attack. HOW you resolve it depends on your backup processes.  

How does a business fall victim to ransomware?
A business falls victim to ransomare typically through an email that's received which appears to be from a legitimate source, usually with instructions to click a link. For example, a recent ransomware, Mole02, uses an email that appears to be from the US Postal Service.  You or your employee clicks the link as directed. Before you can say "Holy backup Batman," the ransomware has encrypted every file on your server, effectively shutting down all access and all operations. Even as we were in the process of putting this newsletter together, there was another ransomware outbreak reported.

You’re the victim of a cyber attack. Now what? 
A cyber attack is not a good situation, but it needn’t be a huge problem either. You have backups of your data, right? WRONG. Turns out, your most recent backup is a year old. It seems the backup agent wasn't installed on the new server that was configured at that time. To compound the problem, no routine backup checks have been done which would've caught the backup gap.

At this point, it's determined that your only option is to roll the dice and pay the ransom in hopes that you will receive a working decryption key. This requires a bitcoin account. If you don't have a bitcoin account - or know someone with a bitcoin account - you're facing 7 MORE DAYS DOWN (!!!). Why? Seven days is the amount of time it takes to verify a new bitcoin account. Even if you receive a decryption key (some have been dead-ends, lost bitcoin and no response), there is no way to be 100% sure the ransomware decryption tool will work or that it hasn't created a backdoor for another malware to gain re-entry at a later time.

Without protection against ransomware, it isn't a question of "if" but "when"
Cyber attacks are pervasive. Protecting your company's data is paramount to the viability of your business. Without taking the proper security precautions, it isn't a question of IF a cyber attack could cripple your business - it's a question of WHEN and for how long.  We've provided a list of 5 critical measures you can take today to protect your growing business against cyber security threats.  Ignore them and you could have to close the doors of your RIM services business permanently. 

The New Risks of Ransomware

By Kevin Baird, ASI Director of Programming & IT

It wasn’t so long ago that a computer virus attack presented nothing more than an unfortunate disturbance to the work day. One machine gets infected and you’d have IT support clean it up and get it back into service.

Today’s ransomware changes this dynamic – and with potentially dire consequences. Ransomware encrypts your files, turning them into worthless scrambled bits of data. Nobody – not even your anti-virus company – can unlock the files. You can’t go to another machine and access them. You can’t copy them off and run them through some cleaner. They are junk. Decryption can occur only if the person who encrypted them provides the decryption password.   Typically, the hackers demand money to be paid in bitcoin. Should you pay? Probably not. The hackers more than likely won’t unlock your data and will just vanish with your money. Can you clear it off your network? It's impossible. This puts your business in an extremely vulnerable situation. 


Your only viable recovery choice is to restore data from your backup
In the event of a ransomware attack, there are steps you can take to recover your data. Your most effective recovery option is to have current data backups. You may assume that your servers are set up to back up their data every night, or that your IT tech is handling it. Are they? Do you know for sure that you have a backup of your data from yesterday? What about last week? We have customers who have experienced hardware failures, only to realize that they hadn’t had a backup in 6 months or longer, or worse, that there’s no backup at all.  


Backups help your business move forward vs. starting over
Given today’s risks, it is imperative that you determine where you stand with your backups. Ask your IT specialist to restore a backup from the previous day to a test location on your network or on a separate machine. You’ll quickly identify any backup gaps such as data that’s not backing up properly, an incompatibility issue, that a piece of software is out of date – or whether there’s a backup at all. All of these factors should be checked frequently so that you aren’t caught without a way to get your business online quickly and with the least pain possible.


Cyber attacks are inevitable
The reality is that ransomware and other destructive programs will eventually get on your machines regardless of the processes you have in place. In recent years, we have seen nation states create sophisticated viruses that are designed to penetrate machines that aren’t even connected to a network. The virus hides in phones, in USB devices, on CD’s and DVD’s, in new hardware from the manufacturer, and there are even viruses that spread into chips that can activate even when your computer is turned off. There is a concerted effort being made by smart people to break into your business and hold your data hostage. At some point, they will succeed.


Backing up your data properly is a critical part of your business.
If you have a solid backup plan in place that is checked/tested frequently, you will have options to bring your company back online quickly. It gives you the peace of mind that, regardless of what happens, you know that you can revert to your backed up data with minimal downtime.  

Feel confident knowing your network is safe from today’s cyber threats. Check your backups as soon as possible to verify for yourself that they are working properly. Choose not to ensure the integrity of your backups and you could lose much more than your data -- you risk losing your business. 

ransomware image

How to Recover from Ransomware

If you're dealing with a machine that has been hijacked or contains a virus or malware, we suggest the following…

  1. Disconnect that machine from your network.
     In the event of it being connected wirelessly, shut the machine off and move it where it cannot talk to your wireless network until you can disable the wifi device in the PC.
  2. Copy anything that you do not have backed up to a USB device if possible.
    Do not insert this in a different machine. You can refer that data to an IT professional who will know how to treat it before it can be used on a clean system.
  3. Verify no other machines are infected.
     If they are, do the same thing outlined above.
  4. Rebuild & restore the machine.
    This includes repartitioning and formatting the hard drive. Install Windows fresh and apply all patches. Install your normal anti-virus and software packages onto it. Kevin Baird, ASI Director of Programming & IT, highly recommends Malwarebytes Premium as a secondary malware and anti-viral product that is hardened against ransomware attacks.

For more information on how to regain control in the event of a ransomware attack, check out "What to do if you're infected by ransomware: A step-by-step guide".

TECH TIP:  MS Windows XP update Released to Protect Against Cyber Attack

Microsoft recently issued a security update and patch for Windows XP, Windows 8 and Windows Server 2003. It was done in response to the recent "WannaCry" ransomware campaign where the trio was identified as points of vulnerability. On June 27th, another ransomware outbreak occurred which seemed to be spreading via some of the same Windows code loopholes exploited by WannaCry. 

If you are running Windows XP, Windows 8 or Windows Server 2003, you will have to manually download and install the update. It does not exist as an auto-update. 

ASI SUPPORTS NAID SHRED SCHOOL

ASI is proud to continue its sponsor support of NAID Shred School in 2017.  Shred School is designed to provide affordable training to all secure destruction industry professionals and NAID active members in an effort to improve their businesses. Attendees are introduced to the secure destruction industry, data protection legislation, sales tips, marketing best practices, and NAID programs. CSDS can even earn continuing education units. 

cyber attack image

These 5 Actions Help Protect Your Business Against Cyber Attack

Security experts agree that the level of threat posed by cyber attacks today is severe and shows no signs of slowing down. Your computer system is the heart of your operation. Like a heart, it must be cared for and protected to minimize the chance of a damaging - or deadly - attack. Below are 5 actions you can take TODAY to defend the heart of your business against these malicious purveyors of malware.

  1. Reduce cyber security risk by 70% through employee training. 
    Your employees are your first line of defense against a cyber attack. You can reduce this risk by as much as 70% by investing in employee training. Begin by determining their level of understanding of current risks, then structure training sessions accordingly. For example, teach your employees how imperative it is that they take notice of the URL in an email before they click the link.  Any embedded URL in an email should resolve to the domain the email is coming from. To say it another way, if you receive an email from the USPS with a link to check for delivery, the URL should point to "USPS.com" when you hover over the URL -- not "usps1235.biz" or some variation of it.  

  2. Install a comprehensive anti-virus program.
    Ensure that any anti-virus program you're using or considering purchasing protects against all forms of cyber attack. These would include viruses, malware, spyware, etc. ASI uses Symantec Endpoint Protection Manager. Kevin Baird, ASI Director of Programming & IT, highly recommends Malwarebytes Premium as a secondary malware and anti-viral product that is hardened against ransomware attacks.Your IT specialist can determine what program is best suited to your business needs.   

  3. Install the anti-virus program on the central server.
    It's important that it be installed on the central server where it runs and is administered from one central console so that updates are pushed out to all workstations, ensuring blanket protection

  4. Backup your system.
    What's the most expensive part of your computer system? Its data. Establishing a backup plan and process is imperative. Testing and confirming the integrity of your backups is critical. Destroy the computer and it can be easily replaced. Its data cannot be so easily replaced - except by backup.

  5. Establish data backup and recovery processes.
    Document, distribute and review data backup and restoration processes with staff. Revisit these processes regularly and revise as needed.


For more information about protecting your business against ransomware, check out:

UPCOMING EVENTS

NAID Shred School
September 27-28
Austin, TX

October 18-19
Los Angeles, CA

November 8-9
Orlando, FL

USEFUL LINKS

24/7 Software Support
Have an issue you need assistance with?
Access all ASI support and documentation in the customer support portal. The portal is also where ASI clients create support tickets and check the status of tickets. If you're unsure whether you're registered, simply click the "forgot password link" to receive an email with login instructions. If not registered, simply click the "Register" link.

SHARING IS NICE

If you know someone at your office who should be receiving The ASI Archive, please take a moment to register them and we'll be sure to add them to our distribution list.

ADDRESS
6930 W. Snowville Road
Cleveland, OH 44141


PHONE
800-807-2093 (North America)
440-546-9771 (Worldwide)