“Ransomware is malware that locks your computer and mobile devices or encrypts your electronic files. When this happens, you can’t get to the data unless you pay a ransom. However, this is not guaranteed and you should never pay!” – NoMoreRansome.org
I recently saw @Raj_Samani from McAfee speak at RSA about the NoMoreRansom project (https://www.nomoreransom.org). I had heard a little about this initiative when it launched but never truly understand the function or the goal.
“While natural disasters capture headlines and national attention short-term, the work of recovery and rebuilding is long-term.”
-Sylvia Mathews Burwell
It doesn’t take a natural disaster to bring down the systems your business relies on. It could be something very simple and it could happen at any time. The cloud has made it easy for anyone to protect themselves from disaster. The bigger question is, how long will it take to recover when disaster strikes?
Recovery time and acceptable data loss are often overlooked. How long will it take you to recover business critical systems? How much data are you willing to lose? Restoring data can be tedious and in a lot of situations, takes far too long.
In early March, we were invited to speak at the newly minted BluWave Forum in Washington, D.C. The meeting was held at the Army/Navy club and it was similar to presenting at a museum. The topic was cybersecurity and I was just coming back from the RSA conference in San Francisco. I had quite a bit to communicate with those outside of the security bubble. The meeting which included 10-15 CEOs and leaders from throughout the country covered three recent cybersecurity stories. The presentation went very well but I may have frightened a few of the folks in the room with the threats that are coming from various bad actors across the globe.
Disclaimer: We are not attempting to place blame or accuse any government organization. This post mentions The Equation Group. This group is supposedly associated with the NSA, but we have no way of verifying this information.
The Shadow Brokers is a well-known hacking group. They released another bundle of exploits that it offered to sell back in January of this year. The offered it anyone willing to meet their bid. These exploits said to be from the Equation Group that has been noted in other releases in the last couple years. The vast majority of the 12 updates were already patched in previous Microsoft updates.
Protecting data, whether in a database system such as Microsoft SQL Server, or in a file system, is becoming an ever more critical and complex endeavor. From high-profile data breaches, to the all too common experience of losing a hard drive, we are all aware that data can be suddenly and catastrophically lost. But many, even with information technology responsibilities in their jobs, lack the time, expertise, and budget to adequately protect their most critical data.
Today marks the end of the road for 2 old friends at Microsoft, Windows Vista and Exchange 2007. Both have reached end of support with Microsoft and you should be off of them long before now.
For those of you that may be unaware, Microsoft defines “end of support” as: End of support refers to the date when Microsoft no longer provides automatic fixes, updates, or online technical assistance. This is the time to make sure you have the latest available update or service pack installed. Without Microsoft support, you will no longer receive security updates that can help protect your PC from harmful viruses, spyware, and other malicious software that can steal your personal information. For more information go to Microsoft Support Lifecycle.
There is nothing any business fears more than a complete collapse of its IT systems. The financial cost of such an outage can be great, and additionally retrieving the data and rebuilding the system into its former state is often an extremely time consuming and logistically complex proposition. Businesses have literally gone under due to such IT issues, and although this is something that many companies dread, often small and mid-market firms don’t have sufficient provisions in place to provide effective disaster recovery.
It is a basic facet of human psychology that we often assume that the best case scenario will occur, and nothing fundamentally will go wrong. This tendency is amplified in the case of disaster recovery, where providing satisfactory backup for a business can involve a certain financial outlay.
We’re excited to announce and showcase our new branding and our new, refreshed website. Our goal with this new website is to provide you, our visitors, a more user-friendly way to learn about Thrive’s services, whether you’re using a computer, a tablet, or your mobile device. We also thrived to allow the visitor to browse information based on their own choice. There’s also a whole host, pun intended, of smaller but impactful changes, all to make your experience of the new website that much better for you.
Amongst the new features the site contains integrated social media buttons for LinkedIn, Twitter, Google+ and Facebook, to foster improved communication with the Thrive community. We will be constantly updating our content with helpful information, blogs, newsletters, company announcements and customer testimonials in the Resources and About Us sections.
Gone are the days of simple passwords. I remember the days (yes I am showing my age here), where everyone had the same password for everything. If you were security conscious you had a different password for the “less secure” account and had another password for all the other accounts. If you are still doing that then I officially name you the Gambler. You would be surprised by how innocuous accounts lead hackers to other accounts until the eventually get into something that causes you real pain. But the question is how to stop this. Well, there are a couple of ways.
As spammers have graduated from simple Nigerian Prince SPAM emails to sophisticated Spear Phishing attacks, there hasn’t been as big a corresponding technology shift to stop this new attack. SPAM filtering continues to stop hundreds of emails a day to each user’s inbox, but the more sophisticated attacks will continue to get through. This is where the Human Firewall comes in.
In the past people have always relied on technology to stop malware and virus from coming into their network. This was great prior to laptop computers and when everyone worked in the same office. Now people work from home, the coffee shop, and a myriad of other places all connecting to their data in the cloud. The attacks have changed from trying to get past the corporate firewall to getting past the user and onto their machine.