Blog

A New Strain of Ransomware Attacks a Michigan Hospital System.

On July 5th, 2017, disaster struck a series of hospital networks in Michigan. Caro Community Hospital, Caro Medical Clinic and Caro Quick Care all lost access to not only their desktop and laptop computers, but also phones, email services and even patient records. A message on a computer screen confirmed administrators’ worst fears—They were a victim of ransomware.

Ransomware Hits Michigan Hospital System

According to Caro CEO, Marc Augsburger, the ransom note provided a single email address to use to determine the payment required to recover the locked data. The hacker specified a payment of $120,000 should be made in Bitcoin!

Instead of paying the hacker, hospital administrators decided to quickly shut down all electronics following the attack. This caused a great deal of disruption, but the damage was mitigated due to IT policies and procedures that were already in place. Hospital staff were well trained on keeping paper-based records in the event that such an incident occurred. All computers and other devices were also backed up remotely on a regular basis, so it was only a matter of time before Caro could get its systems back up and running.

What made this ransomware attack so unique was the extent of the machines affected.

Traditional ransomware strategies seem to be one of quantity over quality. The files on a single infected machine are quickly encrypted, and the ransom is typically a few hundred dollars. This particular strain didn’t just affect servers, computers and other devices, everything connected to the Caro network was affected, including the VoIP phone systems that were operated by those computers.

Make no mistake—The disruption was absolutely a bad thing, but the situation could have been far worse were it not for these policies. They also helped guarantee that no personal information of employees or patients was compromised during the attack.

It took nearly two weeks to get all hospital operations back up and running. Caro administrators contacted both the FBI and the local police in the immediate aftermath, both of which are still searching for the person or people responsible. The FBI indicated that this was a brand-new strain of ransomware, and one that they would continue to watch out for in the future.

The State of Malware  

As the Caro hospital staff discovered, ransomware is the “latest trend” in terms of cyberattacks. To say that the digital world is getting more dangerous is something of an understatement:

  • There were 22 million new malware samples in the first quarter of 2017 alone.
  • A new malware specimen is emerging every 4.2 seconds, a pace that’s getting faster all the time. To put this into perspective, there were only about 6.8 new malware samples discovered in the entirety of 2016.
  • In 2015, attacks occurred at a rate of about 1,000 per day. Fast-forward just a year later, and that number climbed to about 4,000 per day – an increase of 300%!
  • The number of phishing emails is also on the rise. In the first quarter of 2016, 92% of phishing emails contained some form of ransomware. Just a few months later, that number grew to 97.25%.

Learning as much about ransomware and other forms of malware is the key to ensure your organization doesn’t suffer the same fate.   

If you had to make a list of the worst cybersecurity threats facing businesses today, it’s this particular strain of malware that can encrypt all of the files on a computer and network. This means that every kilobyte of data on a machine is lost forever, unless you’re willing to pay a hefty fee to the criminal holding your data hostage.

According to a study conducted by Friedrich-Alexander University, most of these attacks are successful because of overconfident users. 78% of people claim to be aware of the risks associated with clicking on unknown links in emails, and of phishing in general—Yet they go on to click on these links anyway.

Because ransomware infections are most often the result of accidentally downloading a malicious file, many assume it’s a situation where a little common sense goes a long way. Recent events have proven this isn’t enough.

As a business leader, it’s important for you to understand that ransomware is just one of the many types of digital threats that should concern you. Hackers are getting more sophisticated all the time, and the key to staying protected involves making an effort to stay one step ahead of them. Cybersecurity training for your employees is essential.

If you’re in Omaha and would like to find out more about cybersecurity issues, OR if you’re interested in cybersecurity training for your staff, please don’t delay—Contact InfiNet Solutions at [email protected] or (402) 895--5777.

A New Strain of Ransomware Attacks a Michigan Hospital System. Read More »

Why You Must Replace Your “Subpar” IT Service Company.

The technological resources that your small business uses on a daily basis are more than just “tools” in the traditional sense. In many ways, they’re the very foundation from which your 21st-century operations are built.

  • IT is how you communicate with your clients, guaranteeing that you can perform the type of work that meets their needs and exceeds their expectations.
  • It’s how your employees communicate with one another, and come together to form something much more powerful than any one of them could have on their own.
  • It’s also how you address the challenges of today while getting ready for the demands of tomorrow—Carving out a competitive advantage for your business that will carry you through into the next decade and beyond.

However, none of this makes any difference if your subpar IT service company is killing your chances.

Bad IT Services

Many IT service companies get a low score from their clients. Lengthy response times, reactive approaches to technology, excessive turnover rates and high prices with poor value are all among the many factors that small businesses have just “learned to deal with.” But you shouldn’t!

Here are a number of reasons why you should replace your subpar IT service company with a competent one.  

They’re Not the Only Ones Who Know Your Network.

One of the major reasons small business owners are hesitant to look for alternative IT service companies is the fear that they won’t be able to find another that knows their network like their existing provider does. Regardless of the quality of your relationship, you can’t argue that it’s taken time to build. Third-party representatives have come in and examined your system, what you need, and what you’re trying to do. It will be difficult, if not next to impossible, to start all over again. Right?  Wrong.

In truth, your service provider should be documenting every aspect of your IT infrastructure in detail. Diagrams, passwords and asset documentation should all be readily available to you. All of this information can be turned over to your new provider, giving them an excellent starting place to make your IT foundation stronger than it was before.

Your IT Isn’t as Unique as You Think It Is.

We’re not saying that your business isn’t unique in the marketplace. Undoubtedly, there are things you do that nobody else can match — This is likely why you have such a strong relationship with your customers in the first place.

Luckily, this doesn’t extend to your IT infrastructure. Sure, things were built with your specific business in mind. However, a true IT expert will have seen it all before. Competent network engineers are ready for anything and everything they encounter.

The Transition Won’t Be as Tough as You’re Anticipating.

High-quality IT service providers are used to taking over for competitors who aren’t living up to their customers’ expectations. While it’s true that there is always the potential for some risk, it’s nothing that good short- and long-term planning can’t resolve. Remember that you’re bringing a new company into the fold—So leverage the power of their experience to your advantage.

The Benefits Outweigh Any Potential Disadvantages.

All of this gives way to the most important factor of all—the fact that the benefits will far, outweigh any perceived negatives you may be worried about. Sticking with your subpar service company isn’t just killing the return on investment for your IT assets, it’s literally stifling the growth of your business.

  • It’s making it harder, not easier, to do the essential work you’re responsible for.
  • It’s causing you to lose hours of productivity due to unintelligent infrastructure design and unnecessary catastrophes like server failure.
  • It’s causing you to play catch-up because you’re being reactive rather than proactive.

A truly great IT service company is more than just a solutions provider. They’re a partner in your business success.  They’re not just proactively maintaining your IT environment, repairing small problems today before they have a chance to become bigger and more expensive ones later—They’ll act as your virtual CIO, providing you with the expert insight and advice you need to align IT with your long-term strategy.

Absolutely none of this will be possible if you stick with your subpar service company. If so, you’re hurting your chances of successful growth for your business.

Even though the decision to switch is appropriate, replacing your subpar IT service company can be stressful. Luckily, the hardworking team at InfiNet Solutions is ready to stand by your side every step of the way. If you’re in Omaha and would like to find out more about this or other IT related topics, please don’t delay — Contact us by phone at (402) 895--5777 or by sending us an email to: [email protected]

Why You Must Replace Your “Subpar” IT Service Company. Read More »

Ransomware Infects a San Francisco TV & Radio Station with Devastating Consequences.

Radio and television station KQED has been taken “back to the stone ages” because of an advanced ransomware attack launched in June of 2017.  No one is sure how the ransomware got into KQED’s system.

KQED Cyber Security

Ransomware brought this public television and radio station to a grinding halt— All Internet-connected devices, tools and machinery were cut off in an attempt to isolate and contain the  attack that infected the station’s computers. More than a month later, many remain offline. Although the station has continued its broadcasts, it’s found that functioning in a non-Internet world is extremely frustrating and difficult.

This incident highlights the need for businesses like yours to protect themselves and their IT devices from debilitating cyberattacks.  We’re more vulnerable today than ever before.  It’s up to you to take proactive measures to protect your business.   

Ransomware: An Old Threat Reborn

Ransomware isn’t new. In fact, it’s one of the oldest types of malicious software programs, and is becoming increasingly prevalent as more people rely on IT and Internet connections for their day-to-day operations.

Ransomware essentially locks a user out of their system, or holds data hostage until a ransom is paid. Once the ransom is paid (generally through a wire transfer or cryptocurrency transaction), the data or service is unlocked, and (theoretically) the user can recover their data.

However, there are more issues of concern:

  • Ransomware is a type of virus, so it can self-replicate throughout computers, servers, and other devices operating on the same network.
  • Paying the ransom doesn’t necessarily mean your system will be unlocked. Some forms of ransomware are designed to just disrupt, while others may have been long abandoned by its creators.
  • Paying the ransom can be expensive. While some ransomware attacks only amount to a few hundred dollars, others can be in the range of thousands—especially those targeting large enterprises.
  • Paying the ransom doesn’t mean your data hasn’t been copied or otherwise breached. You still need to react as though your data has been shared, including confidential identity and financial information.

KQED’s Ransomware Attack

KQED’s ransomware spread quickly throughout their network, including their Internet of Things devices. The ransomware then encrypted data on their Microsoft computers, but was halted before it could encrypt a significant number of systems. The problem was that it had already infected the network; if the system was brought back up, it would only continue to propagate. Consequently, Internet access had to be removed for many of the systems until the issues could be properly isolated and dealt with, device by device.

To avoid further infection, all Windows computers had to be wiped and restored, and KQED had to upgrade its security measures. This attack came in the wake of—but was not related to—several global ransomware attacks, which took down computers throughout the world.

In order to decrypt the files, the ransomware requested approximately $3,637 for each file to be decrypted. The total ransom requested was in the millions, which was impossible for KQED to pay.

How Can You Defend Against Ransomware Attacks?

In the past, many security systems were limited to only identifying already known attacks. This meant new vulnerabilities and custom attacks were impossible to defend against. KQED was vulnerable to attack even though it had relatively up-to-date security—This may have been the case because its security system was running based on antiviral templates.

New security systems scan for the presence of ransomware attacks and can mitigate the majority of these threats, not only by identifying individual attacks, but also being able to identify suspicious behavior. Machine-learning algorithms and artificial intelligence have now made it possible to scan for the behavior of potentially malicious programs.

KQED was struck by a new piece of software that had not yet been identified. However, it’s unknown whether its suspicious behavior might have been flagged by a more advanced threat-detection system.

Note: In addition to having up-to-date security measures, your systems must be regularly backed up. You should be able to deploy a backed-up instance of an entire system to protect your organization from virtually any threat—including physical hazards such as fire or earthquake.

KQED had a single network composed of many different devices, which couldn’t be reset altogether. The ultimate consequences for KQED were that:

  • They couldn’t complete a significant amount of work for weeks.
  • Online broadcasts went down for more than twelve hours.
  • They lost a significant portion of their work and weren’t able to use their computers or the Internet for a substantial amount of time.
  • It took weeks to even begin to repair the damage—and these are weeks the station will need to pay for in terms of man hours and IT costs.

All of this could have been prevented through better security measures and security training for their employees.

Cybersecurity is our specialty and priority at InfiNet Solutions. Cyber threats are growing exponentially, and we’ll block them by eradicating all potential security weaknesses. Your systems will be protected by a next-generation firewall, antivirus, and spam-filtering system. Plus, we’ll conduct security awareness training for you and your staff on an ongoing basis, so they can recognize a threat in an email, or on a web page.

Ransomware Infects a San Francisco TV & Radio Station with Devastating Consequences. Read More »

The Latest Facts on Windows Virtualization and How You Can Use It

Microsoft is making key changes to how it offers office virtualization: It’s great for companies, and here’s what to expect.

Virtualization has greatly benefited from falling costs and increased ease of use in the past year. That makes it a whole lot easier for providers to talk about virtualization as a solution to more common business problems, especially for midsize companies. And Microsoft, no surprise, has also been keeping an eye on this trend. The result is a long-awaited update to Windows virtualization that indicates changes in the market and a new paradigm for how Microsoft is approaching the virtualization trend. That may sound a little technical, but it’s actually very exciting. Here’s where Windows virtualization is heading, and why we like what we see.

Microsoft Virtualization

Virtualization is growing more common via security and choice

Virtualization isn’t growing more common just because providers think it’s trendy and try to sell it; It also has answers for growing problems with data management. Take security, for example. Localization is growing increasingly dangerous for companies that are targets of hackers, and hackers are increasingly targeting smaller companies with less security. When you keep data on a local hard drive — especially a mobile hard drive on a phone or tablet — it becomes far less secure and far easier to steal. The security solutions for this problem are limited, but virtualization provides a better answer by allowing the information technology staff to group data on server hard drives and allow only limited access, as necessary, from other devices. Data is made available but becomes far more difficult to hack.

Another reason virtualization is a growing standard is “choice,” something that Microsoft is marketing heavily. Basically, this means that employees can work from any device they choose in pretty much any location as long as they can access their virtualized desktops. Providers can offer similar services no matter what machines a company likes to use, allowing for a lot more flexibility and compatibility.

The CSP will be offering usage rights — if partners want to offer them

Okay, onto the big news from Microsoft and the CSP or Cloud Solution Provider program, which is Microsoft’s fancy way of saying “online partners who sell our stuff.” The problem was that for years, Microsoft wasn’t quite sure how to sell virtualized services. It tried to package them in odd ways, and many companies were turned off by the high costs and limitations associated with virtualization programs — specifically, strange hardware requirements that didn’t make a lot of sense at the time and made even less as virtualization became more popular. Partners just weren’t on board.

So Microsoft has decided to turn this ship around by allowing partners to sell their own virtualization use rights for Windows 10 subscriptions. They will be able to host services either through Azure or through other third-party hosting partners. This allows for much greater freedom in creating virtualization packages and passing them successfully on to customizers. There will be various licenses for the new Windows 10 Enterprise and Microsoft 365 packages. Buy one of these packages and virtualization rights are basically included from the beginning, including for customers that don’t necessarily have per-user licensing or who don’t use a Windows client. Bottom line, this is Microsoft saying, “All right, everyone can virtualize services on our platform now.”

The new certification program

In addition to the new licensing options, Microsoft is also creating a new certification program for those third-party hosting partners that we briefly mentioned. If a third party wants to host Microsoft-ready virtualization, it will need to earn this certification. It’s Microsoft’s way of ensuring a bit of product and quality control. This was always going to happen, and it’s a good thing; setting some parameters on how to offer virtualization services is necessary to keep these new CSP subscriptions from going completely off the rails. Expect a lot of common virtual machine providers to immediately sign up for this certification process.

The rise of low-cost Windows machines

Microsoft’s change on virtualization wouldn’t be complete without talking about Windows 10 Cloud and other Microsoft plans for the future. It’s become pretty apparent via leaks and official statements that Microsoft wants to start offering a trimmed-down version of Windows 10 that operates primarily from the cloud, including machines specially designed to run Windows 10 Cloud.

This would be an interesting move for Microsoft, which probably has its eye on Chromebooks; the ultra-affordable, lightweight laptops running Chrome also depend on cloud software for most of their capabilities, and while they can’t do everything, they are very popular for a certain type of buyer or business looking to cut costs. Microsoft doesn’t like the idea of Google having a monopoly on this idea, so it’s stepping up with a cloud device of its own. What this will look like isn’t entirely certain yet, but virtualization is likely to be a big part of the plan. Even if you aren’t especially interested in virtualization, keep an eye out for these affordable Windows machines in the coming months.

Final note: cost scaling and complexity

Two final points about this big Microsoft change: First, cost scaling is still a little uncertain, especially for the end user. The new model is promising, but virtualization may still be a costly prospect. Prices are likely to be driven down over time, especially since Microsoft’s move encourages more competition, but don’t expect everything to be affordable right away.

Second, while virtualization has been simplified, we don’t want to promise anyone that it will be simple. With multiple providers and hosting companies offering competing ideas, it may even get more difficult to find out exactly what your company needs and what will save you the most money. If you are interested in virtualization, the first step is to sit down with your IT experts and start a thorough research project to find your options.

The Latest Facts on Windows Virtualization and How You Can Use It Read More »

Office 365 Business Center Helps You Run Your Business More Effectively

The Business Center apps available with an Office 365 Business Premium subscription can help to transform the way your small business does business.

Business Center

If you own a business, you should never forget that although your business may be small, you still need to run it like any other business.

And that takes a lot of time.

Whether you work alone, with a partner or even employ a small team, I know that you probably don’t have any time to waste.

That is why I always share with my clients every time-saving software solution I come across which I think real value for the majority of small business owners.

The importance of business management software.

Listen. If you are trying to operate your small business without business management software, you are just wasting your time. Management software helps you run your business and prevents your business from running you. It will help you complete tasks quicker and easier while doing more business than you ever thought possible.

These days, one of my favorite business packages for small businesses is Microsoft’s Office 365 Business Premium. Office 365 Business Premium provides small businesses with everything they need to get work done better, faster, and from anywhere there is an internet connection. Office 365 Business Premium is an affordable online service giving subscribers access to Microsoft’s popular suite of business applications including Outlook, Word, Excel PowerPoint, and Access (on PCs only).

But the best feature of Office 365 Business Premium is not the unlimited access to the top business applications. It is is the ability to access the exclusive Business Center which is only available for Office 365 Business Premium subscribers.

What is the Business Center and why should I want it?

The Office 365 Business Center is an online hub where you are able to manage a collection of unique applications which give you the ability to build better relationships with your customers, close more sales with less effort. increase your online presence, and most importantly run your business quicker and easier than ever.

Which applications are available in the Business Center?

The Business Center offers several unique business applications to handle the needs of your business. These applications include:

  • Listings. This application increases your company’s online presence by helping you to create and maintain your business’ listing information on popular social media platforms like Facebook, Google, Yelp, and Bing. Once you set up your basic information, Listings will walk you through the set-up procedures to make sure your customers can find you online. The great thing about Listings is that when your business’ information changes, you don’t have to change your information manually on every site. Instead, all you need to do is update your business’ information once at the Business Center, and then let Listings handle the rest.
  • Invoicing. Do you want to get paid on time and in full? Of course, you do. That is why it is a great idea to use Invoicing to create, edit, and send professional-looking invoices for your customers which let them pay directly from their invoice through PayPal. Invoicing also allows you to keep track of which customers have already paid you, and which ones still need to pay. Make your bookkeeping as stress-free as possible by generating yearly and monthly reports and by importing payment records directly into QuickBooks Online.
  • Bookings. Any small business which uses appointments will love Bookings. This application allows your customers to schedule an appointment without the need to speak with anyone from your company. This saves both time and money. You can place your booking page directly on Facebook or on your company’s website. Bookings is flexible enough to handle the needs of almost any business. You can edit operating hours, your list of services and their prices, and current availability. Bookings even provides business owners and their employees with a mobile app which will alert them to new appointments and provide customer information.
  • Connections. Stay connected to your customers with Connections. Connections allows you to create a variety of marketing campaigns to build the loyalty of your current customers and to expand your business through the use of referrals. Offer customers valuable new offers and encourage them to refer their friends. It is easy to keep track of the success rate of each individual campaign by using the metrics which Connections provides. You

How to use the new applications to drive business.

You now have a better understanding of the power of the Business Center from Office 365 Business Premium. But you still want to know how you can use all of these applications to save time and make more money, right? No problem.

Imagine you own a local small-town barber shop. It is a classic, old-time kind of place complete with a straight-edge hot foam shave. A potential customer who has just seen an old movie which featured a straight-edge hot foam shave and is intrigued. Surely, no one offers such a shave now, especially in this small town, he thinks. Without expecting to find anything, the potential customer searches on Bing for “hot shaves near me”. Amazingly, there is one result. It is the one you placed on online using Listings. The potential customer clicks on your business’ listing and he winds up at your Bookings form. He schedules an appointment for the next day. After getting an amazing shave, he takes a photo and posts it on Yelp along with a five-star review. Then he refers all his friends to you through Connections.

Now, your customer is happy, his friends are happy, and most importantly you are happy.

Office 365 Business Center Helps You Run Your Business More Effectively Read More »

Call Now Button