SEPTEMBER 2016


IN THIS ISSUE


Check out
The ASI Archives


Tech Tip

Newly added features in ASI Mobile for Veri-Shred provide clients with a detailed account of what they are signing for, including a newly added “Bin Summary” which displays a short summary of all scanned bins on the signature capture screen.

If you'd like more info about this new feature on ASI Mobile or any of our ASI software solutions, please contact Jim Macmillan by phone at 1-800-807-2093 or email Jim at jmacmillan@AndrewsSoftware.com


Upcoming Events

NAID-Europe Summit
October 13-14, 2016
Barcelona, Spain

Shred School
October 5-6, 2016
Los Angeles, CA

Shred School
October 19-20, 2016
Chicago, IL

NAID Annual Conference
& Expo

March 22-24, 2017
Las Vegas, NV

PRISM International Annual Conference
May 8- 11, 2017
Tucson, Arizona


Congratulations to ARMA and NAID-ANZ!

This month, ASI attended and was proud to be a Silver Sponsor of the NAID Australia Conference.

The ASI team also attended the recent ARMA Annual Conference held in San Antonio.

Congratulations to these two dynamic industry organizations on providing valuable education and networking opportunities!


Useful Links

ASI Learning Center

Loads of educational and support information available online and onsite.

24/7 Software Support

Have an issue you need assistance with? Get help today by visiting our online Support Center with FAQ's and more.


THE 411 ON ASI

Please send payments, hardware and other correspondence to:

Andrews Software, Inc.
6930 W. Snowville Road
Cleveland, OH 44141

Toll-Free: 800-807-2093
(North America)
Phone: 440-546-9771

(Worldwide)
Fax: 440-627-2089

www.AndrewsSoftware.com
www.InfoKeeper.com


 

   

Your best defense against ransomware? Backups
Scott Bidwell, ASI President/COO

ransomware imageIn the digital world, ransomware - demanding a ransom for data - is an escalating epidemic. Increasingly, corporations are being targeted.

We first brought you a story about ransomware in our Oct. 2014 issue of The ASI Archive. Today, ransomware is still a serious online threat - and this threat is growing for businesses.

Statistics show that corporate victims of ransomware grew six-fold from 2014 to 2015 and since the beginning of 2016, 20% of ransomware victims are corporate users.

If you think it can't happen to your organization, think again. As recently as this month, the ASI support team was contacted by another customer who found themselves to be the target of ransomware.

Ransomware is a nasty version of malware that restricts access to an infected computer until a ransom is paid, usually by bitcoin. It targets security gaps in computers and computer systems. ANYONE or ANY ORGANIZATION is vulnerable. Consider this...29 U.S. government agencies experienced ransomware attacks in the last year. (DHS reports) You'll find more info about ransomware and its evolution below.

Your best defense against ransomware is a fairly simply one. - backups, backups, backups.

  • Companies with a good backup process will be able to recover much of their data that their attackers have encrypted.
  • Companies who are doing backups on premises should ensure they have multiple copies of their data. Any data that is backed up between the time of the attack and its detection will be unrecoverable due to encryption without paying the ransom demanded by the attackers.
  • Due to the fact that ransomware also targets shared networks, it's important that, in addition to any locally stored backups, you backup to offline locations. Tape backups and online incremental backups can be a great help and are recommended.
  • Ensure company-confidential, sensitive, or important files are securely backed up in a remote, un-connected backup or storage facility.
  • It is also critically important to conduct regular and rigorous testing of your backups to ensure data is actually backed up and can be successfully restored.
  • Ensure your systems are in compliance with access and security controls you've put into place at your company. For example, establishing access controls so only those employees who should have access to particular files or data are able to access that information.
  • Deploy a solution to detect and block ransomware in its initial stages before damage is done.

The good news is we are not powerless to protect our businesses against ransomware. Cyber criminals have only as much power over your business and its data as you give them. A rigorous backup plan, properly executed is still your company's most effective tool against ransomware and its creators.

Back to Top


What is ransomware?

The first ransomware emerged in 1989. It was called the AIDS Trojan. It spread via floppy disks and victims were told to pay a ransom of $189 (mailed to a post office box in Panama) to gain access to their data. How times have changed!

Since 1989, ransomware creators have become more sophisticated, utilizing various methods - spam email campaigns, malicious websites, botnets, malvertising campaigns and more - to detect and exploit any vulnerability within an organization's computer system.

Ransomware, whether it is encrypting ransomware (most common) or locker ransomware, makes it impossible for the consumer or business to access their data. To gain access, the cyber criminals demand that a ransom be paid,usually by bitcoin, within a certain timeframe. If no ransom is paid, the data is destroyed.

What's the difference between crypto- and locker-ransomware?
Encrypting ransomware incorporates advanced encryption algorithms. It’s designed to block system files and demand payment to provide the victim with the key that can decrypt the blocked content.

Locker ransomware, locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer.

How It Works
Infects
If the victim clicks on a link or downloads an attachment from an infected email or from another infected source (malicious website, etc.), a downloader will be placed on the PC. This downloader allows the cyber criminals to download the ransomware program onto the system.

Encrypts
Ransomware scans local drives, network shares and removable devices. It targets everything, including data stored in cloud accounts (Google Drive, Dropbox) synced on the PC. It can also encrypt data on other computers connected in the local network. Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” the files without the original encryption key – which only the attackers will have access to.

Extorts
A warning pops up on the screen with instructions on how to pay for the decryption key, usually within a specified timeframe, or the data will be destroyed.

Ransomware attacks are on the rise, especially for corporate users. It's important to take the threat seriously and to take steps to protect your data by employing detection software, security protocols that are tested regularly, and first and foremost, having a fail-proof backup plan.

Back to Top


Sharing is Nice...

If you know someone at your office who should be receiving The ASI Archive, please register them and we'll add them to our mailing list.

Back to Top


MicrosoftCertified
WindowsMobile