ThrottleNet

Managed IT services, support and cybersecurity

Learn About Different Types of Ransomware

Security

Ransomware is a major problem for companies big and small. Resources need to be implemented to prevent ransomware attacks or to recover data. The best defense is a good offense, as the saying goes. The best offensive strategy is to know your enemy. The following information about the types of ransomware will help you in the event of a cyber attack.

What is Ransomware?

Additional services paragraph separator long thin golden yellow triangle graphic

Ransomware silently encrypts the user’s data on their computer. After encryption, a message appears demanding an account of money before the victim is given back access to their data. The victim usually only has a certain window of time to give the cybercriminal the money. If the deadline has passed, the ransom could increase.

Some types of ransomware have the ability to search for other computers on the same network to infect. Others infect their hosts with more malware, which could lead to stealing login credentials. This is especially dangerous for sensitive information, such as the login information for banking accounts.

Types of Ransomware

Additional services paragraph separator long thin golden yellow triangle graphic

Locker ransomware and crypto ransomware are two main types of ransomware. Locker ransomware locks the victim out of their computer. Once it prevents access, it prompts the victim to pay money to unlock their device.

Crypto ransomware prevents the user from accessing their files, usually through encryption. Meanwhile, the user interface can be accessed. Then the cybercriminal demands payment to decrypt the data.

Ransomware Examples

Additional services paragraph separator long thin golden yellow triangle graphic

WannaCry is a ransomware attack that occurred in 2017 and spread throughout 150 countries. It was designed to manipulate a Windows vulnerability and, in May 2017, had infected over 100,000 computers. The attack affected many UK hospital trusts, costing the NHS about £92 million. Users were locked out and a ransom in the form of Bitcoin was demanded. The attack exposed the problematic use of outdated systems. The cyberattack caused worldwide financial losses of about $4 billion.

Ryuk is a ransomware attack that spread in the middle of 2018. It disabled the Windows System Restore option on PC computers. Without a backup, it was impossible to restore the files that were encrypted. It also encrypted network drives. Many of the organizations targeted were in the United States. The demanded ransons were paid, and the estimated loss is at $640,000.

KeRanger is thought to be the first ransomware attack to successfully infect Mac computers, which operate on OS X. KeRanger was put into an installer of an open source BitTorrent client, also known as Transmission. When users downloaded the infected installer, their devices became infected with the ransomware. It sits idle for three days and then encrypts roughly 300 different types of files. Next, it downloads a file that includes a ransom, demanding one Bitcoin and providing instructions on how to pay the ransom. After the ransom is paid, the victim’s files are decrypted.

How Ransomware Spreads

Additional services paragraph separator long thin golden yellow triangle graphic

As ransomware becomes increasingly complex, the methods used to spread it also becomes more sophisticated. Examples include:

  • Pay-per-install: This targets devices that have already been compromised and could easily be infected by ransomware.
  • Drive-by downloads: This ransomware is installed with a victim unknowingly visits a compromised website.
  • Links in emails or social media messages: This method is the most common. Malicious links are sent in emails or online messages for victims to click on.

Using a Ransomware Decryptor

Additional services paragraph separator long thin golden yellow triangle graphic

If you are the victim of a ransomware attack, do not pay the ransom. Even if you were to, the cybercriminals could still keep your data encrypted. Data could be restored if it was backed up to an external drive or the cloud. If your data is not backed up, contact your internet security company to see if they offer a decryption tool for these types of circumstances.

Avoid Becoming the Next Victim to Fall to Ransomware

Contact us today for IT security and safety tips. ThrottleNet will perform a risk analysis without cost or obligation. Click here to schedule for your risk analysis and read more information about ransomware.

We are in unprecedented times as COVID-19 spreads across the globe. Students of all ages are forced to attend classes online from home. Office workers are now forced to work from home. Because people are now forced to stay home in this era of “Social Distancing,” there has been an uptick in finances as less money is being spent by families. People are also streaming their entertainment services more as well. These are prime situations for cybercriminals, in particular, brand phishers.

Homepage yellow horizontal boarder

What is brand phishing?

Brand phishing attacks are when a cybercriminal tries to imitate the official website of a well-known brand using a similar domain name or URL as well as using a site design that looks almost identical to the brand site they’re imitating. Cybercriminals use this technique to steal sensitive information from the people that they are targeting. This information could be credit card information, bank account information, personal details, etc. They will try and get this information through imitation by email, mobile, or fraud websites. Anyone and any business is susceptible to brand phishing, so everyone should be aware of brand phishing; but some people and business are more at risk than others.

Who is susceptible to brand phishing?

The top three types of websites that are susceptible to phishers are technology sites, banking sites, and other media sites. Sites that require you to enter personal information, credit card information, etc. are going to be the ones that are targeted by cyber criminals. Although these are the top three websites being targeted by the cyber criminals, nobody is immune from brand phishing.

What brands are known for being faked by phishers?

In Quarter 1 of 2020, Apple was the number one faked brand for phishing while Netflix was a close second. Both of those companies require credit card information to be put on the accounts of the users, which makes them prime candidates to be imitated by phishers. Other top companies that were faked in Q1 of 2020 were Yahoo, Paypal, Chase, and Amazon. Just like Apple and Netflix, each one of these websites has personal information, including credit card info. Of course not all emails and notifications from these brands are going to be from phishers; just look out for the emails or notifications that look suspicious. Again, it comes down to being aware of brand phishing as no brand or company will be immune to this.

During this unusual time, cyber criminals are licking their lips with the possibility of acquiring so much information from so many people due to the stay at home orders. There’s no way to prevent it from happening, but being cautious and being aware of brand phishing is the best defense against it. Be vigilant and be cautious when you are disclosing any type of personal information online.

Don’t become phish bait!

Looking for a secure work-from-home solution? Try EverFuel secure remote access from ThrottleNet. Just $9.95 per computer per month!

CONTACT THROTTLENET

Due to the current situation, employees find themselves working from home, and students are finding themselves attending class online. Zoom has become the go-to method of video and audio communication among employees, students, teachers, etc. because they are able to access Zoom on almost any device from anywhere, anytime. With Zoom comes a new trend, Zoom Bombing.

Homepage yellow horizontal boarder

What is Zoom Bombing?

Zoom Bombing occurs when uninvited guests, otherwise known as hijackers, guess the correct URL or meeting id for a public Zoom session, giving them access to the feed/meeting. These hijackers cause disruptions by releasing personal information or simply yelling profanities in the meeting. This new trend has people asking how to prevent zoom bombing from happening.

Here are ten ways to prevent Zoom bombing:

(As recommended by the Better Business Bureau)

1. REQUIRE A PASSWORD TO JOIN YOUR MEETING

One of the easiest ways to prevent Zoom bombing from happening to you is to require a password to join your meeting. Requiring a password provides extra security against hijackers because not only would they have to guess the correct URL/meeting id, but they would have to guess the correct password as well, which is unlikely to happen.

2. USE A UNIQUE ID FOR LARGE OR PUBLIC ZOOM CALLS

Whenever you create a Zoom meeting, you are required to either create an id for the meeting or generate a random id. Generating a random id will always give you the more unique and secure id, but creating your own id will work as well, as long you…

3. DON’T SHARE THE UNIQUE ID’s PUBLICLY

Another trend that has come with Zoom is taking a screenshot of your Zoom meeting and sharing it on a social media website. This makes your meeting EXTREMELY public and allows for hijackers to get in much easier. If the meeting is private, keep it private.

4. ONLY ALLOW HOSTS TO SHARE THEIR SCREEN

This is also a simple yet effective way to keep the hijackers out is to only allow the host(s) to share their screen. Giving anyone in a Zoom meeting the ability to take control of the screen is an easy way for guests, whether invited or uninvited, to share unwanted content.

5. CREATE A WAITING ROOM

A Zoom waiting room works just like any other waiting room. A waiting room stops guests from joining the meeting until the host(s) is ready for them to join. It’s a way to make sure that no uninvited guests are waiting to get into the meeting, kind of like a bouncer at a club.

6. CREATE AN INVITE-ONLY MEETING

An invite-only meeting is just like it sounds. Nobody can enter this meeting unless they have been invited by the host(s). Nobody likes it when an uninvited guest shows up to a party, so don’t allow it to happen here either.

7. LOCK THE MEETING ONCE IT STARTS

Once the meeting starts, the host has an option to lock it. Locking your zoom meeting will not allow any new members to join the meeting, even if they have the correct id and password. It’s better to be safe than sorry when locking your car or the doors in your house, so do the same with your Zoom meeting.

8. REMOVE ATTENDEES OR PUT THEM ON HOLD IF THEY BECOME DISRUPTIVE

Anytime someone in your meeting is being disruptive or distracting other attendees, just remove them from the meeting. If you remove someone from the meeting, they are not allowed to rejoin.

9. DISABLE THE UNRUY PARTICIPANT’S CAMERA OR ALL CAMERAS

Assuming this is an option, hosts are allowed to disable the camera of any and all members of the meeting. This will allow any unwanted, inappropriate gesture to be blocked for everyone in the group.

10. MAKE SURE THE DISABLE FILE TRANSFER SETTING IS ACTIVE

Once in a meeting, if file transfer is not turned off, it is common for hijackers to spam the chat with memes, GIF’s, and inappropriate language/photos. Turning this setting off will stop each and every one of those things from happening before it even happens.

Now that you have learned 10 EASY ways to prevent Zoom bombing from happening in your next or all future Zoom meetings, take action. Zoom bombing may seem harmless, but people are having to get used to working and going to school remotely and need each and every minute to learn and concentrate on their work without any disruptions.

Don’t let this happen to you!

Looking for a secure work-from-home solution? Try EverFuel secure remote access from ThrottleNet. Just $9.95 per computer per month!

CONTACT THROTTLENET

There are overarching concerns when working remotely are safety, security, and compliance.

It is important to ensure remote work can be performed safely and securely to avoid data being compromised.

Those in the healthcare and financial industries need to take extra precautions to ensure they are not only secure but also remain compliant.

A Solution That Meets All Compliance Requirements For Your Business

Homepage yellow horizontal boarder

For those that aren’t aware, your remote work solution must be compliant if you are subject to HIPAA, FINRA, SOX or PCI regulations. If the method remote access isn’t compliant, you are exposing your data and business to unnecessary risk.  Some things to consider when thinking about this.

Am I working in a secure, web-based environment or am I working on a local server infrastructure located in my office?

If you answered a web-based environment, you’re most likely in compliance since the provider is responsible for ensuring their systems meet whatever regulations you might be subject to.

Conversely, if you’re working via remote connectivity, you need to make sure you’re accessing the data via a secure VPN or RDP connection. If you’re not, you need to get this in place as soon as possible to ensure your data is secure while in transit.

What does working remotely means for file access and collaboration?

If you answered Office 365, you should be in compliance as these meet minimum standards; however, there are those organizations that require heightened compliance measures when using these solutions and this may require upgrading your subscription to a more compliant variation. For example, your Office365 account may need to be increased from E2 to E3 for those familiar with how Microsoft designates these.

Finally, and most importantly, if your solutions allow for MFA, please turn this on. This is one of the simplest yet most effective ways to ensure security around your data. For those that may not be familiar with this, when you log in to an application, it sends a code to your phone which provides a number you key in addition to your username and password.

Reliable Internet Connections

What does working remotely mean for a secure home internet connection? This is pretty simple since you just need something that provides minimal bandwidth and is reliable.

However, for the employer, you will need a more robust internet connection that can handle many simultaneous secure connections since you’re going to have your entire team remotely accessing the network and, as a result, consuming bandwidth. We recommend Charter as our experience with them has been positive and the speeds are typically consistent.

Keep in mind that cloud-based apps such as Microsoft Office 365 or Google Apps do not require or put any strain on the employer’s internet bandwidth.  This is because your end users are accessing those secure cloud platforms directly from their pc and internet at home; however, you do want to make sure the data is as secure as possible on a home network. We’ll talk more about this later.

Either way, your remote workforce shouldn’t have to increase their connectivity – in most cases – unless they live in rural areas in which case they may be limited.

At Throttlenet we’re here to help you decide what does working remotely mean for you and your business? How can we help you and your employees stay compliant and productive? Call us for a FREE consultation today!

In our effort to better serve you in these unusual times we are unrolling a 3-part series that covers A-Z for each aspect. Check out our blog on safety and security here.

CONTACT THROTTLENET

A carpenter can get the job done with a screwdriver, but it gets done better with a drill. The same is true for your employees who will now be working from home. Setting up your employees with the right tools for working remotely can keep productivity high.

Third-Party Solution for Direct Connection to Computers at Work

Homepage yellow horizontal boarder

Now that we’ve established secure connectivity and compliant solutions, let’s discuss solutions that allow for access to your PC remotely.

There are great 3rd party applications that end users can download and install on their home PCs and on their computer at work; however, they will require that their computers at work stay powered on. An example that most are familiar with would be Go To My PC.

ThrottleNet offers a solution as well via our Everfuel Remote Access solution which we introduced specifically for the situation we find ourselves in today. You can start researching some of our solutions today.

Other solutions include Nord VPN, Private VPN or ExpressVPN.  I only mention these as ThrottleNet doesn’t have personal experience with them nor do we represent any of these organizations; however, they are viable options. Once connected, your end-users will be able to securely work directly from their desktops at work!

Windows Virtual Desktop

Another method you can use is the Windows Virtual Desktop. This solution allows for a secure virtual Windows experience that is usable by any device including phones and tablets and lets them securely access their work data and apps from anywhere even on an unsecured device such as the end user’s home PC!

Keep in mind, this isn’t the same as accessing your Office365 account online. This too offers access to all the same tools you have access to via your desktop, but in the Microsoft hosting environment instead. This allows for the creation of documents and collaboration but won’t provide you with a virtual desktop with all of your users’ settings and profile information. Check out some of the dos and don’ts of email security here.

You also use Citrix as a number of virtual desktop solutions to use this to house your virtual workspace allowing access from anywhere, anytime and on any device.

Secure Access to Your Files and Folders

If your end users are using a 3rd party solution to connect directly to their work PC, are using Windows Virtual Desktop or are accessing their files via Office365 online, they should be good to go.

Keep in mind that users can still download files meaning if they are doing so on a local, consumer-grade PC, there could be security and compliance risks which we’ll discuss later in our presentation.

Robust Cloud Phone Solution

An often overlooked yet valuable tool for working remotely is using a contemporary cloud phone solution such as RingCentral as this allows your users to use their business phone extension directly from their cell phone or desktop.

Cloud phone solutions include the ability to securely and remotely communicate through chat, text or video on a computer using an encrypted channel in addition to allowing for conference calls depending on the features you’ve chosen.

Another solution we’ve been using and for those companies that have it is Microsoft Teams. This has a built-in VOIP and video conferencing solution that works well if you don’t have a phone system that’s hosted; however, this would be limited to internal team members only since this isn’t something that allows you to redirect internal calls.

It does allow you to make outbound calls through assuming the contact is in your list of contacts and are added to your list of speed dials.

Webcams for Remote Meetings and Presentations:

One of the biggest challenges with social distancing is the ability to connect with people one on one. This is where having a good webcam can come in handy when trying to overcome the disconnect.

Another recommend tool for working remotely is to create a solid PowerPoint presentation for your Sales team as this will convert them from a voice over the phone into an interactive presenter. As they say – a picture is worth a thousand words.

High-Quality Headphones and Microphone

It should also go without saying but invest in high-quality headphones as these can greatly reduce distractions from the home environment around you – especially if your end users have kids or animals!

There’s nothing worse than being on a conference call only to have your kids break into a full-blown fight in the next room. I’ve been there more times than I can count, and you will be too if you have little ones at home. This will forever be my favorite video of kids disrupting a working from home dad.

Make Sure your Online Meeting is Setup to Manage More Participants

Regarding online meetings and presentations, you should remember that the number of participants you can have on a call is limited. This means you may need to increase your subscription to accommodate the increased number of online participants.

Check this BEFORE your meeting since there’s nothing worse than finding out the hard way that you don’t have enough space to accommodate everyone.

Another thing to keep in mind, these companies are being inundated with requests, so if you can do this online and without involving a customer service rep, you should.

Collaboration Tools

For those organizations that require a lot of collaboration, we would encourage you to check out Office 365’s tools such as OneDrive, SharePoint and Teams – all of which can provide your team with the ability to work remotely while still collaborating in real-time with team members. Other solutions include Monday.com and Basecamp as these allow you to create project plans as well as collaboration with designated team members.

We’ve found this to be a great way to keep your people on task by creating to-do lists that are updated daily. This allows your managers to view the progress each team member made that day.

And as an Open Book Management company, we would encourage you to put in place metrics to track employee activity and performance. These might be the number of calls made, the number of tasks completed, or, in our case, the number of tickets resolved.

Our goal and mission is to keep you running full throttle full time, it’s more important than ever to be adaptable and keep working through social distancing. These are our best tools for working remotely. If you’re ready to explore the full capabilities of offsite managed IT and security contact us for a consultation. We will show you first-hand how we are staying connected and working through social distancing.

CONTACT THROTTLENET

You’re working from home, now what? As more people are working from home these days, security issues with working remotely are at the forefront of everyone’s mind. How can you tell if network issues are due to being compromised vs technology hiccups? 

As people break from routines and start using new technology, it can be hard to keep things in line. Security issues with working remotely can be averted with good support and communication with your team. It’s critical not just to continuing service to your customers and clients in challenging times but to keep your business operating properly and smoothly.

As more work from home office jockeys are trading lunch breaks for fishing breaks, cybercriminals are phishing too. Check out this blog post about how to make your network a no phishing zone. Security issues with working remotely bring new challenges that we will address here.

Homepage yellow horizontal boarder

Spotting Email Scams

Keep in mind that Phishing attacks aren’t going away because of the virus. If anything, they’ll increase since cybercriminals love to exploit people in times like this. Make sure your team knows what to look for as well as what to do in the event of a phishing attack.

Things to look for include emails from unknown recipients with links or attachments, requests to make wire or financial transfers, tracking numbers from UPS or FedEx – especially right now given that this is how most people are shopping during this time – odd phrasing or misspellings.

You also want to check the sender to make sure it’s not a spoof email. A way to do this is simply to hover over the from address which will show you if the person is who they say they are. Check out our blog that goes into more detail about email scams and gift cards.

Homepage yellow horizontal boarder

Cybercriminals Are Preying on Fears of the Coronavirus

Another way hackers are exploiting this is via charities or websites claiming to be for the public good that are malicious sites which could download malware onto your computer, or steal passwords. These scams may claim to have a ‘cure’ for the virus, offer a financial reward, or by encouraging you to donate.

Like many phishing scams, these emails are preying on real-world concerns to try and trick people into doing the wrong thing.

Homepage yellow horizontal boarder

What to do if you think you’re the victim of a phishing attack?

If you feel you’re the victim of a phishing attack, please follow these steps in addition to providing them to your users.
  • If this is your home PC running your AV solution, open your antivirus (AV) software and run a full scan. Follow any instructions given.
  • If you’ve been tricked into providing your password, you should change your passwords on all your other accounts immediately.
  • If you’re using a work device, contact your IT department and let them know.

The sooner an issue is identified, the more effective we or your IT team can be in resolving it.

I’d like to take a moment to outline a few ways ThrottleNet can assist you in alleviating security issues with working remotely.

EverFuel

For those organizations that require secure remote access, we’ve introduced Everfuel Secure Remote Access. This solution is only $9.95 per user/per month plus a one-time setup and training fee of $10. There’s no commitment and you can cancel anytime. Take a deeper dive into Everfuel today.

Managed Network

Of course, for those of you on one of our Managed Network plans, most of what we’ve discussed is covered assuming you’ve kept your network current and have been heeding the advice of your vCIO.

For those that aren’t familiar, Managed Network is where ThrottleNet serves as your full time IT department by providing maintenance, monitoring, and management of your network in addition to a fully staffed help desk and dedicated team of IT professionals.

Remote Maintenance and Monitoring plus AV

If managed services aren’t for you, we’d recommend our workstation remote maintenance, monitoring, and AV combo as well as our server safeguard. This ensures your machines are protected in addition to sending alerts in the event of an issue.

Hosting

Finally, we offer a variety of hosting solutions via Microsoft including Office365 and Azure Cloud Hosting.

These solutions – when working in concert – allow you to work from anywhere as long as you have an internet connection. Couple this with a hosted VOIP phone system such as Ring Central and you should be good to go if this ever happens again.

How Can We Help?

If you need anything or are interested in learning more about our services, contact us today or give us a call at 866-829-5557

CONTACT THROTTLENET