HCP Computers and Business Solutions

A new threat to your computers can be contracted simply by visiting certain high-profile sites. Through a technique known as “malvertising,” banner ads are being used to spread a form of malware known as ransomware. In this case, CryptoWall 2.0, on such prominent Web sites as Yahoo, AOL, Match.com, The Atlantic, and MajorLeagueBaseball.com.

The websites themselves aren’t to blame. Rather these virulent ads are processed through advertising networks, including Rubicon Project, OpenX, and Right Media/Yahoo advertising, which have failed to carry out adequate checks for malicious content. CryptoWall  2.0 encrypts all the files on the hard drive on a victim’s computer and any attached network drives.

If the victim doesn’t pay a ransom by a deadline, those files are lost. Frequently the only way someone will know they have been infected will be telltale files in each directory titled “Decrypt_Instructions.” The latest version is memory resident, meaning it never installs on the hard drive but just runs in memory and disappears when the machine is shut down while the encrypted files remain.

An estimated 3 million people have been exposed to the malvertisements since the campaign was first detected in mid-September. The CryptoWall criminals earn an estimated $25,000 a day from this attack, using a complex bitcoin laundering method to hide their profits. An estimated one billion Android smartphones and tablets may be the next target as a version of the ransomware go on sale in underground web forums.

CryptoWall gets into the computer through a security vulnerability in Adobe Flash Player. Your options to protect your data are either to update to the latest version of Flash. Please see the directions in a recent blog entry or remove Flash from your computer altogether.

Firefox offers a plug-in called Ghostery that blocks third-party ads and trackers from loading when a site is launched. Chrome has a similar extension called AdRemover. Also, always back up your data on an external hard drive, either of your own that you disconnect after you back up, or it may get encrypted too, or a remote one (“the Cloud”).

If you are concerned that your system may be infected, please submit a request. We will be happy to help. Stay safe!

In the wild, this month is a new version of ongoing cryptography-based viruses. This new version calls itself Cryptowall 2.0. From research, there are a few key differences in this new version.

In the original Cryptolocker viruses, the payments were to be made by using Bitcoin. In the way that the virus author crafted the payment gateway, if they knew enough, people could “steal” or fake the payments made by others and use these stolen payments as their own. In this new version, this is “fixed.”

Each infected computer is tied to a unique bitcoin wallet ID that the virus generates. You can’t steal someone else’s payment or send a fake payment anymore. The original cryptolocker code upon encrypting files would delete the originals.

The deletion process was similar to a user putting a file into the recycling bin and hitting “empty recycling bin.” In this way, most files are easily recovered as long as not much data has been changed or written to the hard drive in question. With Cryptowall 2.0, this bypass is no longer available.

This version issues a hard drive secure delete command to every file it encrypts. This means recovery is impossible via this avenue. The third change is with how the author is masking the activity back to them. This will make it tough for the authorities to make a break in this case where they were able to with the original cryptolocker virus.

If you are concerned that your system may be infected, please submit a request. We will be happy to help. Stay safe!

What to Look for in a Router

Let’s start with the basics. What is a router? It’s a device that sits between the internet and your computers.

Its primary job is to take incoming information from the internet and route it to various computers within your network. But that’s just the initial role of the router. Most routers have built-in firewalls to provide security, keeping that which has been previously defined as suspect out of your business network.

Features present in business-class routers at all price points include stronger security features, more flexibility in access to your network from remote locations, and the ability to be improved as your business grows. Can you get by with a consumer-model router, or does your company require something more? Here are some factors to consider:

• Do you want the best security features?
• Do you have many employees who require frequent remote access to your network?
• Do you run your own email, Web, or RADIUS (the top security option) server?
• Do you need to set up advanced virtual local area networks?

Firms that use the internet or “Cloud” options as a big part of their business often have multiple internet providers. This requires load balancing or failover redundancy capabilities on the router to maintain and optimize their business’s internet connections. Choosing the right router should start with a thorough assessment of your business’ needs and projected future growth balanced against what you can afford as part of an integrated network. HCP can help you with this assessment, request a consultation today!

A simple concept has taken on a whole new meaning in this computerized era.

As the term suggests, a firewall has always been a wall meant to prevent fire from spreading and to protect important areas within a structure.

Today’s firewall technology serves much the same purpose – to protect business computer networks from threats inside and out.

Think of a firewall as a moat that shields against from those that want to storm the castle that is your business.

There are two main types of firewalls: hardware and software.

A hardware firewall serves as a first line of defense against attacks coming from the outside world, and is either installed in a broadband router or as a separate device.  It employs a technique called packet filtering.  The data being sent to your firewall is in the form of multiple packets, similar to an addressed envelopes with letters inside.  The firewall looks at the header of a packet (the address on our envelope) to figure out its source and destination addresses. By using  a set of predetermined criteria, the packet is either allowed to pass or thrown out.

The downside of a hardware firewall is that it’s built to keep the bad stuff out. Generally, it treats traffic coming out from the interior network as benign, which isn’t always the case. Viruses or malware which has gotten inside the network can attach itself to outgoing traffic and go on to infect destination computers, something that’s bad for business.

A software firewall is installed on a user’s machine and can analyze a program that is trying to access the Internet and either allow or block its ability to send and receive data. If the firewall isn’t sure about the program’s nature, the user gets prompted to confirm before the traffic is allowed to pass.

While a software firewall is easier to tailor for individual machines, it’s also the more expensive option, as it requires more configuration on each computer in your network.

The next factor to consider is the number of users in your network and the importance of your data. That will help you to decide whether you need a Small Office Home Office or the ”larger” enterprise-class firewall.  Each variation has different abilities as how far into the packet it goes to determine whether the information is benign or potentially hazardous to your machines or network, or how configurable the settings are for letting certain items through the firewall to your internal machines

The proper combination of hardware and software firewalls will give your business the greater security which it needs.

The techs at HCP are experts on setting up and configuring both types of firewall. For help visit http://www.hcp4biz.com/support-request/.

STAY SAFE!

Keep your Data Safe

Data security has once more been brought to the public consciousness in recent days with the revealing of the largest data breach in history.

A gang of Russian hackers, nicknamed CyberVor, stole 1.2 billion username and password combinations, along with more than 500 million email addresses, from 420,000 sites. They did this using botnets, computers that have been infected with and controlled by a virus.

What does this mean for the average internet user? Increased vigilance and prompt action, to keep accounts secure.

Here’s some steps to protect yourself:

• Change passwords, especially if you’ve been re-using them on multiple sites (even though you know you shouldn’t, as that makes life easier for hackers). Make them stronger and longer, a mix of upper and lower case letters, numbers and symbols. Avoid using personal information in your password words.  Security firm McAfee recommends blending unrelated words together with numbers and symbols (i.e. “Mutant2Cows!ontheloose). Don’t just stick numbers and symbols at the end, but mix them in.
• If remembering multiple passwords is too daunting a task, consider getting a password manager to store your passwords. Among the free ones are Lastpass (https://lastpass.com/), keepass (http://keepass.info/) and Norton Identity Safe (https://identitysafe.norton.com/).
• Enable two-factor identification on any sites that offer it. When you use a different computer, the site will issue a code via text or email that you must enter to access your account, another layer of security.
• Check your accounts for unauthorized activities. This doesn’t mean just your financial accounts. If hackers get into your email account, they can access any site you’ve visited via email. So check your sent folder for any emails you didn’t send. Always keep an eye on your social media for any status updates.

Don’t depend on sites to protect your security information. Take these simple steps to guard yourself.

For help with a computer problem or if you have questions about security, visit http://www.hcp4biz.com/support-request/.

STAY SAFE!

It’s beneficial for society when people share. Still, you shouldn’t be sharing your wireless network with others, especially the unscrupulous who you don’t know.

A wireless network consists of an internet “access point’’ – a cable or DSL modem – connected to a wireless router. This yields a signal sent through the air, as far as several hundred feet, which any computer with a wireless card within range can use to access the internet.

Without taking precautions, your network can be used with anyone nearby with a wireless-ready computer or mobile device. Such a person could “piggyback” on your network, or worse access vital personal and financial information on your computer. If your network is used to commit crime or send spam, that activity incorrectly could be traced back to you.

The most effective method to secure your network is encryption, which scrambles the information you send over the internet into a code so that others can’t access it.

All your system equipment must use the same encryption. The choices are Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP). WPA2 is the strongest, and you should use it if you have the choice, as it should protect against most hackers.

WEP encryption is sometimes found on older routers, and doesn’t protect against some common hacking programs. Consider upgrading to a new router with WPA2 capability.

Wireless routers often arrive with encryption turned off, so you must turn it on. Directions which come either with the router or from the manufacturer’s web site should tell you how to do so.

A few simple steps should help to keep your computer and router secure:

• Use anti-spyware and anti-virus software and a firewall, basic security practices that you would use for any computer connected to the internet.
• Change the name of your router. Switch from the service-set identifier (or SSID), the standard default ID assigned by the maker, to something unique that only you would know.
• Change the router’s pre-set password. These default passwords are often known by hackers, so change it to something only you would know, at least 8 characters, but the longer the better.
• Limit your wireless network to specific computers. Every computer on a network is assigned a unique Media Access Control address, and wireless routers usually have a mechanism to allow only machines with particular MAC addresses to access the network.

Also don’t assume that public wireless networks are secure. On such hotspots, log in or send personal information only to web sites you know are fully encrypted. Always log out when you’re finished using an account. Don’t use the same password on different sites. Pay attention to browser warnings, and keep your browser and security software up to date. Installing browser add-ons and plug-ins can help to encrypt sites as well.

If you need help with your wireless network configuration submit a request at http://www.hcp4biz.com/support-request/ and we’ll schedule a tech to work with you.

Stay safe!