Blog

Laura Herbolsheimer is an Assistant Account Manager and Service Manager with InfiNet Solutions Inc. She has been part of the team since April 2005. Her hobbies include gardening, traveling and taking road trips, and spending time with family and friends. Her favorite vacation spot is Jackson, Wyoming. Laura met her husband John in high school, but they waited until they were a state apart to start dating after their sophomore year of college. They have two rescue pups and a pair of rescue cats. Laura’s favorite part of working with the InfiNet team is the people, and the clients.

 

If you had to make a list of the most pressing threats that Internet users face today, ransomware would undoubtedly be right at the top. Now, thanks to a massive zero-day attack by a particularly tricky group of hackers, Microsoft Office 365 users in particular need to be incredibly careful moving forward.

What is Ransomware?

At its core, ransomware operates a lot like a traditional computer virus with a particularly sinister twist. When a rogue piece of software is downloaded and executed on a user’s computer, it snaps into action and actually encrypts the contents of that drive almost immediately. Encryption essentially “scrambles” information, making it impossible to get at a particular block of data without the appropriate encryption key.

Because only hackers have the encryption key, this essentially locks a user out of their own data. Their only choice is to pay a predetermined “ransom” to get access to the keys and to get their information back, but even this is not a guarantee.

Why Office 365 Users Should Care

Previously, ransomware only targeted files stored locally on a computer’s hard drive – meaning that anything that was stored in Microsoft Office 365 or another cloud-based service would be unaffected. According to a new report published by Avanan, however, this is no longer the case. Even though Office 365 has a number of sophisticated security tools built-in designed to prevent exactly this type of thing from happening, new variants of the “Cerber Ransomware” strain are now going after Office 365 email users in particular.

This means that if you were previously counting on Office 365 to alert you to any vulnerabilities and to prevent this type of thing from occurring, you’re out of luck. It is now more important than ever to follow Internet safety best practices and, if you’re a business owner, to educate your own employees of the same.

By far, one of the best ways to avoid becoming a target of ransomware is to avoid downloading files from senders that you are not already familiar with. If you get a random email out of the blue that has a file attached, do NOT download it and execute it on your computer. Also be on the lookout for clear signs of phishing and other types of SPAM email that could have these files hidden inside.

Regular backups to a secure, off-site location are also important as if you DO fall victim to a ransomware attack, these could be your only way to get things back up and running again when you come out safely on the other side. Even if your entire hard drive is encrypted, you can still wipe the entire operating system and start from scratch. You can then restore your system using the most recently available backup copies, circumnavigating the ransomware’s encryption and picking right back up where you left off.

This will only work, however, if the backups are stored in a secondary location NOT connected to the host computer. If they are only stored in a separate location on the same hard drive, they too will be compromised during the attack.

At InfiNet Solutions, we’re incredibly proud that you’ve chosen us as your go to source for all of the technology tips, tricks, news and other information that you need to run the type of business you’ve always wanted. If you’re looking for more information about this or any of the other important industry topics that we’ve covered, please feel free to send us an email at [email protected] or to give us a phone call at (402) 895--5777 today to speak to someone in more detail.

The manufacturing sector of our economy at large presents many challenges for business owners who plan on keeping data regarding proprietary information on goods and production methods safe and secure. Consumer goods in particular are big business, but can also present a major liability in terms of data center and networking security, compliance issues, and data theft. Theft of trade secrets and intellectual property costs manufacturing companies untold millions per year in the aftermath of a cyberattack or other type of data theft.  And although the newly-penned Defend Trade Secrets Act (DTSA) provides some relief in the form of federal civil action in the event of substantial trade data absconding by hackers and data thieves, the best action for SMEs and large corporations under the aegis of complete data protection surety is to have managed IT services in place.

A Clear and Present Danger

According to a Verizon Data Breach Investigation Report in 2014, “Companies in manufacturing are most likely to face security threats such as cyber espionage, denial of service and Web applications attacks.” Their 2016 report shows how emergent and critical the data breach threats to companies in the financial and manufacturing sector are. “Cyber espionage” privilege misuse is on the rise, according to Chintan Gohil speaking within Verizon’s 2016 report, referencing over 2,000 notable data breaches where Web applications in particular, are opening companies up to clear and present dangers via both infiltrators and “exfiltrators” who abuse permissions to gain access to sensitive data like manufacturing trade secrets which can cost companies millions.

Hard Statistics

A 2015 global study surveyed 9,700 executives worldwide in the business and technology sectors. When examined on a by-industry basis, the study reveals that around 75% of the industrial manufacturing entities said they detected notable security incidents in the preceding 12-month period. Roughly 20% reported they had detected 50 or more such incidents, while 18% said they had noted between 10 and 49 security threats. One rather shocking statistic on this point shows that 36% of the business leaders surveyed identified employees as the number one potential data security threat.

Reliable Protection

Based on the clear evidence that manufacturing companies are facing the greatest threat to their IT networks yet in 2016, in the form of cyber espionage, or spying, which has underscored the need for significant investiture in shoring up holes in cyber defense and security. Other threats are, as mentioned, employee data breaches, which are the result of poorly managed or mismanaged mobile devices and data centers. Mobile device management (MDM) goes a long way in keeping employee cell phones, iPads, smartphones, and other mobile devices encrypted and protected from proprietary data theft. Getting reliable protection for your mobile devices and network entire is simply a matter of finding an IT services firm who acts as an outsourced team player. Often less expensive than hiring and training an IT department in-house, having an information technology MSP in your corner day and night, 24/7/365 acts as the first and last line of defense between you and trade secrets theft that could mean millions in litigation and recovery time cost.

Trust the IT Professionals

It’s worth the investment in solid IT security management via professionals who are up to speed on all the latest technology and techniques to keep their clients’ data centers and network safe. InfiNet Solutions is the leader in providing managed IT services in Omaha. Have questions? Call (402) 895--5777 or send us an email at [email protected].