1. Tools to Prevent Ransomware

    Ransomware update from RTS (stemmed from an email to clients)

    Just a quick note on the current round of Ransomware making the news:

    I just wanted to drop everyone a personal note letting you know we are staying up to date and taking the WannaCry Ransomware/Virus threat seriously. We are making every possible effort to mitigate the impact on our customers. With that being said, the biggest thing we can’t control is the human factor. Be diligent out there guys and gals and don’t click on emails that contain links or attachments you aren’t expecting. This one is currently spread initially through email (and then once inside a network can potentially spread through other means) and that could mean your work email as well as any personal accounts so please be careful on those as well or just don’t check them at all from your work PC’s.

    So what have we got to protect you:

    1st: Spam/Email Virus Filtration-if you have our SPAM protection it has built in virus filtration as well. It’s our first line for keeping you from even getting that email with the evil link or attachment to begin with.

    2nd: Open DNS Content Filtration-If you do happen to get the email and you do open it, OpenDNS should keep it from talking back to its “creator” and generating the encryption key that is required to encrypt or “scramble” all your files rendering it impotent (sorry, that word seemed to fit).

    3rd: Antivirus and Anti-ransomware- If you haven’t kept up, antivirus isn’t enough these days, we need antivirus, anti-malware, and now anti-ransomware. Each of these classifications of threats has unique qualities so believe it or not, we need software tuned to each different kind of threat. We’ve got that. So (hopefully) if you click on the link or attachment and before the ransomware encrypts all your files, anti-ransomware or antivirus should kick in and stop it before it does anything. We’ve made sure all anti-virus has been updated with the latest virus definitions including the latest version of this threat available.

    4th: Microsoft Patches- This may seem like it should be higher up the list, but yes, Microsoft has released patches for all supported (and even a few unsupported) Operating Systems including Windows 7, 8, 10, Windows Server 2008, 2012, 2016 and they’ve even gone back and release patches for the versions of Windows they’ve stopped supporting in the last few years-Windows XP, Vista, and Server 2003. We’ve been working diligently to verify that this patch is applied to all of our client’s machines that have our R-Essential Apps in place.

    5th: Backups-If it just so happened that the virus was brand new (like newer than that day new) and it got through all of this AND you opened it! Well, that’s why we make sure and push everyone to have good backups that backup every few hours. The last line of defense is restoring your files from backup.

    So there you go, our suite of product working together to keep you safe…now if you have a friend who lives life on the edge and doesn’t have R-Essential Apps in place and they do happen to get this virus…we know of a bitcoin ATM and can help them pay the ransom because that may be the last option available to them. I have a blog up about this (link below) if you want to know more. We have seen that paying the ransom on this one may not be as effective as previous versions so no warranties on that.

    Now for my lawyer friends, we’re not necessarily guarantying anyone is safe from ever getting this or another virus or ransomware with our tools in place, we are simply highlighting the preventative measures we are taking to try to help keep you safe. As I listed above, the human factor still exists. We’ll try everything in our power, but we can’t anticipate every possibility either.

    Blog here…I promise this link is safe(ish)

    Musings on and Defining Ransomware and Cryptolocker…

     

    Richline Technical Services is a Managed IT Services Provider headquartered in Corpus Christi, TX. We provide helpdesk and network management to small and medium businesses as well as consulting and network design services to large companies, city and county governments as well as school districts.

    Josh Richline is one of the Owners of RTS and is certified by Microsoft, Citrix, ShoreTel, Sonicwall, Lifesize, Ruckus, US Sailing and others. He specializes in VoIP, large networking projects and sailing.

    Share
  2. Musings on and Defining Ransomware and Cryptolocker…

    Honor among thieves?

    The Cryptolocker Virus and its variants are awesome…from a design standpoint they really blow our minds. They suck, don’t get me wrong, but they are brilliantly designed, hyper anonymous and it seems fool proof and unstoppable. They’ve been tailored now to attack businesses because businesses have the capability and the need to pay their ransoms.

    What is a Cryptolocker? The Cryptolocker virus and its subsequent variations are viruses (or more accurately “ransomware”) that silently execute on a user’s workstation. While running, they search the machine for any open file shares on servers (and workstations) on the network. They then take every MS Office, Open Office, Adobe, and AutoCad file, and encrypt them so that they are unreadable to everyone. Once they are done, they prompt the user that “All of your files are now encrypted. If you want them back, pay us a ransom.” If you pay the ransom, you get your files back (in all cases we’ve seen so far). If you don’t, you better have good backups or you better not need any of your old files because they are gone!

    Here’s the funny part, and the part that even we have difficulty with. When you pay them, they actually follow through and give you back (decrypt) your files. Why? Well because if they didn’t, no one would pay the ransom and that would be bad business and believe me, this has become big business. Even the FBI recommends paying the ransom and, no, they haven’t been able localize these attacks contrary to what you might see on “CSI: Cyber”

    The Catch: So that seems pretty evil, but not that hard, right? You just “pay the man” and get your files back, right? The catch is you have to pay in bitcoins. How many of you have bitcoin wallets just lying around? How many of you have a clue what a bitcoin is? Yeh that’s what we thought. I can’t fully sit here and explain what a bitcoin is. It would just take too long and I wouldn’t do it justice, but I’ll try to give you an overview.

    Bitcoins: Essentially, a Bitcoin is a form of currency that only exists digitally (on and off the internet). No paper money, no country, just this unit of “money” that fluctuates in value and changes hands on the internet like a real currency only without the “paper trail” of banking. They are like cyber “cash”. You can purchase bitcoins with real money, but first you have to set up an online wallet (kinda like setting up a bank account), and then you have to transfer money to your wallet (usually via something like Western Union or a bitcoin ATM). The whole process is like setting up a stock market account or even purchasing a foreign currency as that’s pretty much what you are doing. You setup the wallet, and then you transfer or fund the wallet with cash.

    Why Bitcoins:  Ahh this is where it gets even more fun. Bitcoins are essentially anonymous. Once you transfer your hard earned American Dollars into Bitcoins in your wallet they exist digitally in your wallet, and even though you may have used a form of ID to create your wallet, many people have not. So you pay the ransom, bitcoins transfer from your wallet to Joe Anonymous Bad Guy’s wallet…and they’re gone. Kinda like cash, once you pay for your hot dog, that dollar could then go to the hot dog supplier, then to the trucking company, to the trucker, to the waitress at the all night café, etc…Who knows where it goes? The difference is that the bitcoin can be transferred instantly across continents, across the globe, through a few various bitcoin wallets, and eventually even back in to cash via a bitcoin ATM.

    So, Joe Bad Guy, encrypts your files, you pay him, he decrypts your files, he closes that wallet and cashes out and starts the whole process over again and again. It’s big business to the tune of $1 billion in 2016. So protect yourself and be safe out there.

    Call us if you need some help!

     

    Richline Technical Services is a Managed IT Services Provider headquartered in Corpus Christi, TX. We provide helpdesk and network management to small and medium businesses as well as consulting and network design services to large companies, city and county governments as well as school districts.

    Josh Richline is one of the Owners of RTS and is certified by Microsoft, Citrix, ShoreTel, Sonicwall, Lifesize, Ruckus, US Sailing and others. He specializes in VoIP, large networking projects and sailing.

    Share
blog

For our 17th year Anniversary, Richline Technical Services, decided to give a little something back…Read More»

Ransomware update from RTS (stemmed from an email to clients) Just a quick note on…Read More»

Time Warner (Spectrum) Business had some major issues yesterday with its voice services in Texas….Read More»

Recent Comments
facebook