Tag Archive for: data loss

While it’s easy to turn a blind eye against hurricane warnings and think “I already have a business continuity plan in place”, it pays to be extremely cautious, especially when the National Oceanic and Atmospheric Administration (NOAA) predicts up to four unusually active hurricanes this year. Needless to say, you simply can’t afford not to hurricane-proof your disaster recovery (DR) plan.

The NOAA forecasts 11 to 17 tropical storms in the Atlantic, the Caribbean Sea, and the Gulf of Mexico. Hurricane season has officially begun and is expected to last until the end of November. The four allegedly active hurricanes are presumed to be Category 3, 4, or 5 on the Saffir-Simpson Hurricane Wind Scale (Category 1 is the weakest and 5 the strongest).

But don’t panic just yet; here are five steps you can take to protect your business during hurricane season.

1. Schedule a DR drill

Despite having a DR plan, many companies don’t test their plan, at least not as often as they should. So if you’re one of those companies, it’s crucial to conduct a DR drill now. A lot can change in the months or years since you have last tested your plan — systems updates, infrastructure upgrades, employee turnover and more. By scheduling a drill, you’ll be able to make sure everyone knows their roles and that all critical systems are covered.

Note that you should try to perform desktop walkthrough exercises, operational tests, and simulated recovery exercises on a regular basis.

2. Make sure your staff are prepared

All your staff should know what the evacuation procedures are as well as their responsibilities in the DR process. If not, coordinate with HR to make sure everyone in your company understands what the plan of action is for hurricane season. Staff with specific responsibilities need to get the documentation needed to effectively manage their roles in the event of a hurricane.

Set meetings with your DR team and schedule training for new team members. Your DR team should be able to quickly mobilize other employees to the DR site before bad weather hits. Don’t forget to touch base with any providers you are supposed to work with in case of an emergency, too.

3. Secure your backup site

In addition to a secondary location for data storage, your DR plan should also include another backup site so that you can continue your operations. In the event of a hurricane, dedicated space is imperative since your backup sites will likely be occupied with employees.

You should also consider the redundancy of utilities at your DR site, making sure you have enough power feed, fiber carriers, and anything else you’ll need to remain operational.

4. Check for amenities at your DR site

Whether your DR site is in the hurricane zone or in the nearest city, chances are hotels will be overbooked as people fight for a place to stay. This means your staff will likely be stuck onsite around the clock, so you need to make sure there is enough amenities to get them through this hectic period. Is there a place for employees to shower and sleep? Is there enough food and water to last them for at least a couple of days? These amenities will help your staff pull through as they restore your operations.

5. Update your DR plan’s appendix

Your DR plan should have an appendix with contact information, SLAs, and systems inventories information. More importantly, this information needs to be up-to-date; the last thing you need is calling your IT vendor when a server goes down only to reach the wrong number.

Go through all critical information in your DR plan and add any other information as needed. Vendors and shipper’s contact information are a must as they will guarantee that you get hardware and power supplies backup without any hassles.

Unlike a fire drill which can be conducted on a yearly basis, your business continuity and disaster recovery plan needs to be tested regularly to meet your company’s changing needs. If you don’t already have a DR plan, or have any further questions, don’t hesitate to give us a call.

Published with permission from TechAdvisory.org. Source.

2016June9_Security_COne of the biggest fears security experts have may be coming true: self-replicating ransomware. Viruses that have the ability to copy and spread themselves to new systems are nothing new, but until now ransomware attacks have been targeted campaigns. The best way to protect your network from a security threat is to understand it, here’s everything you need to know about this latest development.

Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”

And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.

Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.

Although previous ransomware iterations like Alpha Ransomware had the ability to find and encrypt files on shared network drives, security experts believe this is the first time a ransomware variant has included self-replication via removable drives into its framework.

When it was first detected in May, Microsoft found ZCryptor singling out 88 different file types for encryption. However, later on a security expert analyzed the ransomware and found 121 targeted file types — inferring that creators of the malware were continuing to develop its source code.

It’s commonplace for ransomware to demand payment to be made in Bitcoins as they’re an almost totally untraceable online currency. ZCryptor is no different, demanding 1.2 Bitcoins (500 USD) unless payment is more than four days after infection — then it increases to five Bitcoins (2,700 USD).

Compared to other more complex security threats, ransomware is still relatively easy to avoid. Always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.

Still concerned about security at your SMB? It doesn’t have to be as difficult and draining as you may think. Contact us today for advice on keeping your network protected around the clock.

Published with permission from TechAdvisory.org. Source.

2016Jan25_BusinessContinuity_CDisasters. They do happen — it’s only a matter of ‘when’. While most businesses acknowledge it, surveys show that only one in four companies worldwide have adequate protection in the event of a major disruption. We’re not talking about insurance here, but a Disaster Recovery (DR) plan that could save you thousands of dollars in losses and worse, a business closure. If you haven’t heard much about what DR is, this post will help you gain some insight about what it is and how it can affect the future of your business.

As we all know, unpredictability is a fact of life. The aftermath of Tropical Storm Bill in Texas and recent floods in South Carolina are a grim and unfortunate lesson for many overconfident business owners who think their companies are spared from the likelihood of cataclysmic weather, technological malfunctions, or human actions. A 2014 survey by the IT Disaster Recovery Preparedness (DRP) Council reveals just how many companies worldwide are at risk: 73 percent of SMBs are failing in terms of disaster readiness. What does this mean? It means that 3 out of 4 companies aren’t prepared to handle emergencies and save their businesses from a worse-case scenario.

If it’s not clear and compelling enough for a business owner like yourself to consider putting a well-conceived Disaster Recovery (DR) plan into place, perhaps it’s time to give it some thought. Doing so can save you years of business loss. Here is some useful information about what DR is all about and how it can ensure your business’s survival in the wake of unforeseen circumstances.

What is Disaster Recovery (DR)?

Disaster recovery is a plan for restoring and accessing your data in the event of a disaster that destroys part or all of a business’s resources. It is a key component involving many aspects of business operations that requires this information to function. The job of a DR plan is to ensure that whatever happens, your vital data can be recovered and mission-critical applications will be brought back online in the shortest possible time.

What kind of disasters are likely to happen?

Business disasters can either be natural, technological, or man-made. Natural types of disasters include floods, earthquakes, tornadoes, hurricanes, landslides, tsunamis, and even a pest infestation. On the other hand, technological and man-made disasters involve hazardous material spills, infrastructural or power failure, nuclear power plant meltdown or blast, chemical threat and biological weapons, cyber attacks, explosions, or acts of terrorism and civil unrest.

Why does your business need DR?

Regardless of industry or size, when an unforeseen event takes place and causes day-to-day operations to come to a halt, a company will need to recover as quickly as possible to ensure you will continue providing services to clients and customers. Downtime is one of the biggest IT expenses that any business can face. Based on 2015 disaster recovery statistics, downtime that lasts for one hour can cost small companies as much as $8,000, mid-size organizations $74,000, and $700,000 for large enterprises.

For SMBs particularly, any extended loss of productivity can lead to reduced cash flow through late invoicing, lost orders, increased labor costs as staff work extra hours to recover from the downtime, missed delivery dates, and so on. If major business disruptions are not anticipated and addressed today, it’s very possible that these negative consequences resulting from an unexpected disaster can have long-term implications that affect a company for years. By having a Disaster Recovery plan in place, a company can save itself from multiple risks including out of budget expenses, reputation loss, data loss, and the negative impact on clients and customers.

How do I create a DR strategy for my business?

Creating, implementing and maintaining a total business recovery plan is time-consuming but extremely important to ensure your business’s survival. Many organizations don’t have the time or resources to dedicate to this process. If you would like to protect your company from unexpected disasters but need further guidance and information on how to get started, give us a call and our experts will be happy to discuss Disaster Recovery options and solutions with you.

Published with permission from TechAdvisory.org. Source.

Female hand giving a bribe to businessman - closeup shotThe threat of being infected by malicious software is part and parcel of spending time on the internet, and no sooner have the antivirus and security software programs released an update or new patch than cyber criminals are scrambling for ways to circumvent them. In addition, as end users become savvier to the tricks and scams used to steal our data, money or identities, new tactics are employed to try and fool us. And that includes Chimera, a new strain of ransomware which has recently been uncovered.

Business is booming in the world of cyber crime, and scammers, extortionists, phishers and hackers are constantly on the lookout for new ways to exploit our fears and naivety in order to boost their bank accounts, steal our data, or simply cause us mayhem for their own twisted pleasure. One of worst types of malware for playing with our emotions – and therefore increasing the likelihood of us capitulating to its demands – is ransomware. If you don’t know how this program works, read on for an introduction.

If your computer has been infected by ransomware, the first sign that something is wrong is normally discovering that you are unable to open one or more of your files. That’s because the malware encrypts them, rendering them completely inaccessible. The next thing you see will be a ‘ransom note’, either in the form of an email or a notice that appears directly on your screen. You will be told that if you want to see your files again you will need to pay a sum of money. After making payment you will (allegedly) be sent a code that will allow you to decrypt your files.

Some types of ransomware up the fear factor even further by pretending that the FBI, CIA or other national law enforcement or government agency is behind the ‘kidnapping’. You will be told that your files are being held hostage because you have downloaded pirated software or files, or visited an illegal or illicit website – such as those depicting extreme pornography or threatening national security. Regardless of whether or not you are guilty of any of the above – be it a visit to an x-rated website, or downloading a pirated copy of the latest episode of The Walking Dead, your first instinct is probably to panic. The thought of no longer having access to any of our information, files or data is enough to make most of us break out into a cold sweat. If you haven’t backed up, everything from your vacation pictures to your company’s data could be lost for good.

The problem for ransomware creators, however, is that many users have wisened up to their tactics, and are refusing to pay, instead calling in an IT specialist to try and restore their encrypted files. This has left cyber criminals needing to find a way to boost ‘trade’. And that is where Chimera comes in. Christened by the Anti-Botnet Advisory Centre – a part of Germany’s Association of the Internet Industry – unlike previous forms of ransomware, which were indiscriminate when choosing their victims, this latest threat primarily targets businesses.

An employee will receive an email, purporting to be an application for a job within your firm, or some kind of corporate deal. This email will include a link ostensibly to the applicant’s resume or to details of the offer, but will in fact go to an infected file stored in Dropbox. Chimera then infects the user’s computer and encrypts any local files. Once the PC has been rebooted, the ransom note will be displayed on the desktop. Payment is usually set at around $680 USD, which must be paid in Bitcoins. And in order to further scare the victim into paying, the note will also state that failure to make payment will result in the user’s files being published online.

If there is a slight silver lining to the Chimera cloud, it is that the Anti-Botnet Advisory Centre has not found any proof that files have been published – at least not yet. In fact, it is still unknown whether the ransomware does actually take the encrypted files or if it is just an empty threat. Regardless, it is still a threat which could easily convince many users to pay the ransom. And should Chimera make good on its threats, the ramifications for a business are huge – and that’s without taking into consideration the nightmare of having your files encrypted in the first place. With Chimera targeting businesses of all sizes, and random employees within the business at that, isn’t it time you took another good look at your organization’s security posture?

Contact us today and talk to one of our security experts. We’ll be more than happy to help ensure that your small or medium-sized business isn’t taken hostage by Chimera or any other type of ransomware.

Published with permission from TechAdvisory.org. Source.