Hello guys! Niels here. Lately (well, for the last few years anyway, but more so in the last few months) there have been TONS of reports of businesses getting hacked in various ways. Some are simple email hacks that send out a bunch of spam, and some are the most severe, data breach ransom hacks. What can you do to stay protected?
Different Types of Hacks
This is the recent heavy hitter, the one we are all hearing about. In a nutshell, ransomware encrypts all your data, holding it hostage until a ransom is paid, usually in the form of bitcoin, to an untraceable wallet. We NEVER recommend paying the ransom, since you should have good backups in place. Once ransomware hits, it is IMPOSSIBLE to tell if any confidential data was stolen or if any backdoor access was allowed. If you are hit, wipe everything out, and pull from backups. This also falls under data breach, so you should inform the parties involved.
This is a bad one, but easier to track down whether or not confidential data was stolen. Data breaches can consist of different types of hacks, but it's worth talking about on its own. If you have a data breach, you must notify your customers and any compliance organization you must follow, like HIPAA. If you have a data breach, the first thing to do is secure the entry point of the breach. Usually, it's less technical than you think. Some data breaches come from physical stolen computers/phones/server, and some come from disgruntled employees. Keeping track of access logs will allow you to figure out what happened.
These are simple, sometimes more annoying than anything. Email hacks fall under the phishing category. We'll talk about that more in another post. Email hacks are easy to identify, easy to stop, but can cause real problems. Remember when you got that spam email from a client, business, or friend? They probably got hacked and their email is sending out garbage and spam in an effort to hack others.
How To Stay Safe
Staying safe is actually pretty easy. Most of the recent hacks come from only a few internal issues. Let's learn how to do it right!
If you are still saving passwords in a word doc or on sticky notes, STOP NOW!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Using a free password manager like LastPass or Bitwarden (our favorite) allows you to safely store all your passwords. This comes to point 2, you should NEVER reuse passwords. This is how the most recent hack on 400 dental offices came about-a management company reused a password and forgot the account was there. Using a password manager means you don't have to remember all those passwords you create. It will keep track of them, log you in, etc all without racking your brain over complex passwords. Also, changing your passwords every 90 days makes sure leaked passwords are unusable.
2 Factor Authentication
Another very easy one, 2 factor involves sending a text or entering a random code when you sign in. This means that someone singing in from an unknown location won't be able to get past unless you give them the random code. This means you must always have your mobile or other trusted device with you, but it is an EASY and HIGHLY secure way to prevent hacking. We recommend you go turn it on right now on everything you can.
Clicking on bad links on email is the # 1-way hacks start. Training staff is an easy and cost-effective way to stop hacks before they even get past the email. Most phishing emails are easy to spot, and if your service provider gives you an advanced spam filter, you may never even see them. Training staff on what to look for may save your business from disaster and expensive recovery.
Short post today, happy fourth of July!
How should you protect cloud services? Do you need to protect cloud services? It depends.
Some cloud services, such as business software, may be fine without any additional protection from you. Quickbooks online, Clio, and others generally do a good job protecting their services from harm. This means, while you need to do your diligence in protection such as password changes and 2 factor authentication, you can be confident that the cloud data and infrastructure is protected.
Other services like Google Apps, Office 365, email, and some websites require extra protection. While I was at a conference this week, we were shown a live demo of ransomware taking over an online email account. All the emails were encrypted, the content jumbled, and a nice email was sent to them that said “oops! Your emails are encrypted”. WHOA!!!!! Scary. The same thing can happen to some websites, google drive data, one drive data, and more. These services require active protection and backups to keep things safe, and help you recover if something does happen.
Stay safe out there today, and have a good day!
PLEASE PLEASE PLEASE PLEASE backup your important stuff.
You know the feeling. When you go to look for something on your computer, and you cannot find it. In fact, it seems like all kinds of stuff is missing. HUUUUUUHHHHH???????
A couple days ago I was helping a customer fix some settings which required the removal and re-installation of the software. After explaining the potential for any data loss, they confirmed that there was nothing there that could be lost. Well, it didn't go like that.
After reinstalling, and the initial problem resolved, they began to look for their old files. But none of them were there. In fact, the service that was supposed to be keeping everything was not doing so, and what once was thousands of files became only a handful. They panicked. They started stressing, worrying about what they would do. This was a business and all their work files for many years were now missing. But, thankfully, they weren't missing, they just hadn't been imported yet. The removal of the software did not touch any files, and a few minutes later everything was back as it was.
I was confused. The service they were confident in wasn't working (and it was not cloud or another type of backup), and after explaining to them that the ONLY copy that existed in the universe was here, vulnerable to user error, disaster, viruses, forgetfulness, and more, I proposed cloud backup.
We offer cloud backup starting at $10/month per TB that gets monitored, tracked, tested, and more. Other companies offer similar or cheaper plans that do not include testing.
Side note: A BACKUP IS BROKEN UNLESS IT IS SUCCESSFULLY TESTED!!!!!!!!!!! YOU DO NOT HAVE A BACKUP UNTIL YOU TEST AND CONFIRM YOU HAVE A BACKUP!!!!!!!! Please test your backups.
Okay, that's out of the way. The point is, it's cheap to back your stuff up. It's cheap insurance, and when we regularly do data recovery for $2000 or more (which buys over 11 YEARS of backup) you can understand our frustration with the answers we get.
And you will never guess what they said........
ARE YOU KIDDING ME??????????????? YOU JUST HAD A PANIC ATTACK OVER MISSING FILES!!!!!!!!!!! SERIOUS?????? LIKE, FOR REAL???????????? YOUR COFFEE COSTS MORE!!!!!! AND THAT'S EVERY MORNING!!!!!!!!!!!! YOU SPEND MORE ON A MCDONALS MEAL!!!!!!!!!!!!!!!!! AHHHHHHH!!!!!!!! (this was all internal, none of this made it to the customer's ear)
I really enjoy doing data recovery. It's amazing to see the relief people experience when we are able to give them their data back. But I would love nothing more than to NEVER recover a hard drive again, and only ever help people restore backups.
This time was okay. The data was still there. But we get many calls from people asking about this or that, viruses, computer stolen, fire, etc, and it's disheartening how many people have to accept the fact that their family photos, tax documents, children's school assignments, and more are gone. And it's aggravating when businesses tank because of lack of backups.
Another side note: Google Drive, One Drive, Dropbox, etc. are NOT BACKUPS. They are a storage medium just like a thumb drive, hard drive, CD, etc. Yes, they are much safer than physical devices, but they are still vulnerable to many of the most likely problems like user error.
Does this look familiar? Maybe, and if you were like millions of others, you clicked on the above link to sign in and, well, got hacked.
But how? And what is Phishing? How did they get your email? What happened?
First and foremost, this was an email hack. Except in a few circumstances, this only affected your email. The spam setup rules in your email that sent a spam message to anyone in your contacts list, hid the emails it sent, and disabled a few other things as well as making itself look legitimate by sending a link to a valid one drive document. However, once you opened the document, it prompted you to sign in once again, and the website then stole the credentials you provided and hacked your account. This spam message has been going around for a while, but recently a large number of users in the law community in Tucson were hit. If you have not yet been hit yet, be aware. It is still making the rounds. If you see a page like the one below, STOP, and talk to your IT guy, and DO NOT sign in.
The email you got (or may get) is called a phishing email. It is a malicious email designed to look legitimate while attempting to steal credentials. You have gotten these before. Remember the "There is a problem with your bank account, click here to fix it" emails? Same thing. Why is this one successful? Many professional services regularly send files using one drive or another service, so getting an email that talks about opening a file is expected. Many users actually emailed back (after entering their credentials) asking where the file was because the link "didn't work". This scam asked users to sign in to access the shared file, and in the process stole the credentials entered by the user, setup rules in the users account, and sent out thousands, continuing the spread. The source of the email is unknown, but everyone who signs in sends a new wave to their existing contacts.
At the moment this page is down (we may or may not have had something to do with this) so your users should be OK, but we need to use this time for training. It is true, the most successful hacks do not come from the Russians, but from security problems that exist inside a business, and most of the time those security risks are your users.
I don't want to point fingers, we all make mistakes. People are often the easiest way to hack a business. We regularly perform various tests to make sure our users are staying vigilant and keeping an eye out for threats. Unfortunately, we often succeed in the fake hacks. We use these moments to train and assist, so when the real hack comes around they are prepared.
A couple months ago we had someone call us and cancel their service with us. This isn’t anything unusual as I am sure any businesses owner will understand, and we processed their request. There was nothing special about this occurrence, and we continued as usual. A few weeks later we got an email from them saying something had broken and they couldn’t access their files. I offered remote service which they declined, instead preferring us to come onsite to fix the issue. The problem was solved (it was simple) and we sent them an invoice for the work. There is nothing special about this occurrence, but it made me think, and I wanted to share a few thoughts with everyone.
As a managed service provider, we offer our customers a flat monthly fee to keep everything they have in working order, and discount rates for projects. It’s the same sales pitch we have used, not too different to the pitches used in various other businesses, and I always thought of it as a pitch. After this occurrence though, my thoughts have changed. This isn’t a sales pitch. This is only a definition of our service and what we offer. And what we do offer is worth more than what we charge.
This business lost access to their files for 3 days. I don’t know exactly what they do from day to day, but I assume the employees were, for lack of a better word, bored for those 3 days. And these aren’t $15/hr employees. Let’s assume their salary is $60,000 a year. That’s $250 per day. Times 3 employees, times 3 days, that amounts to $2,250. I’m sure they weren’t doing nothing, so let’s say having no access to their files meant they were 50% productive. That is still a loss of $1,125. A loss of $1000 to save $100 a month.
Now, managed services are not perfect. Even with management, problems arise, and time can get lost. But most problems we deal with are preventable and quickly fixable. The problem this business had was 100% preventable and we would have caught it long before it caused any problems. Not only that, but since we would have noticed it, we would have fixed it remotely, made a note, and moved on. The business would never have known we did anything unless they looked at their account and saw the note, and they would never have lost over $1000.
But this is only one example. We have had customers come to us, after canceling months ago, and ask us for the backups because someone deleted something. Unfortunately, when someone cancels, their backups get canceled too. We do our very best to let them know and even facilitate moving the backups to another provider or service if they don’t want to stay with us, and we keep their old backups for a while just to be safe. So, we had to let them know that we didn’t have any recent backups from them and referred them to the many emails we sent them months back. Of course, they were not happy, and we gave them what we had (which was missing a bunch since nothing had been backed in months) and helped in any way we could to get their stuff back. After doing data recovery, we were able to bring back the things they had deleted, and we set them up with a backup service of their choice. Data recovery cost them $3500, but we were able to get it all. But not all stories end like this. Sometimes data is not recoverable. Sometimes data is there, but corrupt. Sometimes the backups are there, but they are corrupt. Sometimes a virus encrypts everything, including backups. And sometimes theft, fire, or other disasters wipe out everything they have.
On a better note, another business recently had an issue with a specific and very old billing software. A data error meant they couldn’t send out ANY bills. We spent approximately 10 hours working to solve the issue with the assistance of the software company, and ultimately were able to fix everything up. This business is covered under management, so their labor fee from us was $0. The software company did charge them for the couple hours we needed their help, but all together what would have been a repair well over $1000 only cost them a couple hundred bucks, for a monthly fee of around $300. Throughout that month they had other small issues that were taken care of under management, and everything for them kept going smoothly.
I’m speaking about every service-based business when I say, we are out to help you guys. We are all in business to make money, but most of us (including us) truly want to help our customers in any way we can. Managed IT Providers can offer an enormous value to you and your business. Managed IT Providers truly are superheroes, and often their work goes unnoticed, unappreciated, and undervalued. If you have a service provider, send them an email thanking them. If you don’t have one, get one. Do your due diligence and find one you click with (of course we would love it if it were us!) and thank them for the work they do. And please, before you do anything else, make sure you have backups.