Grammy Nona Gave Me a Virus: A Ransomware Story

It might be easier and more prevalent to be infected by ransomware than you think. And it doesn’t just impact big companies. Learn what you can do to protect yourself.

Not all people who deliver ransomware are evil doers in dark corners of the world working in Batman villain-like hideouts. And they don’t all live in their mom’s basement huddled around an LCD screen in a dimly lit corner eating cheese puffs and slamming energy drinks. Sometimes they’re the people who gave you hot chocolate on a cold winter’s day while making fresh hot pizzelles and watching their “stories,” aka soap operas, on TV. That’s right, Grammy Nona just infected you with RANSOMWARE.

Well, she didn’t, it was really some dude that got her email from the time she signed up for something that she thought was something else and it looked “so real” in her email. It never occurred to her that it wasn’t really a pizzelle-of-the-month recipe swapping message board with a CompuServe email address. It also never occurred to her that Password1 or 123456 is not really a secure password—it was just easier for her to remember so she never got around to changing it.

Education is the best protection

You might think the best way to help protect yourself and your company from getting hit in the first place would be to buy the latest high-tech device and big-time protection software. While it is vital to have a good solid end-point security to prevent malware infections, as well as security that protects web browsing, controls outbound traffic, protects system settings, and proactively stops phishing attacks and continuously monitors individual end points, remember that the guys doing this are always a step ahead of us. That is all they do is try and find ways around what we deploy, ways around the technology. What they can’t program for are … educated users.

That’s right. Our best protection is to educate users and the weakest link is uneducated users. No matter what tech is in place, the user that clicks on that link from Grammy Nona who doesn’t have the latest whiz bang firewall and whose password is 123456 can give you ransomware. Have a bi-monthly, or at least monthly, training and information update meeting on the latest phishing and spam threats that are out there. Show them how to protect themselves and they will protect you. Also make sure this training is included in new hire orientation.

Put your Computer on lockdown

Creating strong Windows policies is another must, including such actions as:

  • Blocking executables in temp or temp+appdata (this just means not letting programs run in certain directories);
  • blocking access to VSS copy service (This is a program that has to do with making a quick backup copy of your data that Windows uses for security. When used properly it is a very useful tool); and
  • Putting .SCR, .PIF and .CPL files in the user’s temp, Program Data or desktop (These are file types that hackers use to trick the system into locking down your files).

In some programs you can automate frequently used tasks by creating and running macros. A macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. Disabling macros and autorun is another area to lock down. Lots of Crypto Ransomware use macros. Macros can easily be disabled in the Trust Center in Office. You can selectively turn on ones you know and trust if you use them in your business.

While autorun is a nice feature, it is also used as a back door to get access to your data by malware. Here’s an example: Say you get a nifty promotion USB drive in the mail. You plug it in to take some files home for the night and as soon as you plug it in, autorun looks there and runs any .exe file. Suddenly, your screen starts flashing and you can’t stop it and before you know it, your files are all changed to .enc files and there is a countdown clock on your screen telling you to send $300 to a bank in some third-world country along with a bag of cheese curls and some Red Bull.

Better have a backup

Make sure you not only have a backup, but also a business continuity plan in place. If you have a USB drive attached to your PC, that’s not a business continuity plan. That is not even really a backup because it’s connected to your PC and all you’re really doing is copying files from time to time, so it will also be encrypted. Your data needs to be “Air Gapped,” meaning not directly connected to the source of the infection.

Now, I know some of the things I wrote here sound complex, but really, they are not. Believe it or not, this article is not aimed at big companies with IT departments the size of Texas. I wrote this for the small- and medium-sized businesses of the North Coast. The things I mentioned here are not out of your reach nor should they be. Frankly, I get more phone calls from people I have contacted in the past who said, “No, we don’t need any of that stuff,” than you might think. It is that exact line of thinking that these bad guys depend on.

Ransomware is a $325 billion a year business. You only hear about it when the big guys get hit but the bulk of that $325 billion comes from companies just like yours. Companies that thought, “I have Google Drive and I backup my things there” or “I have Office 365, so my data is safe in the cloud.” Neither of those things will protect you. Just because your data is in “the cloud” doesn’t mean it can’t get infected. There are reasons people say, “I got hit by a virus.” A virus spreads and without prior immunization or a proven cure, you will get sick just like these malicious programs will spread to “the cloud” from your desktop.

Vic Manfredi is president of Affordable-IT, which provides an array of technical helpdesk support, computer support, cloud computing services and consulting services. Affordable-IT has been serving businesses in the Northeast Ohio area since 2006. You can contact Vic via email at vic@affordable-it.com.

Share
  • Email
  • Next up: Green Leasing
  • More in Operations
  • Green Leasing

    COSE and the Institute for Market Transformation are currently working together and collaborating with the Cleveland 2030 District throughout the greater Cleveland area to help commercial buildings save money and energy by connecting landlords and tenants around energy efficiency—particularly when it comes to the lease. Watch to learn how a green lease can be a competitive advantage to your business.


    Share
  • Email
  • Next up: Green Leasing: 4 Ways It Can Help Your Business Save
  • More in Operations
  • Green Leasing: 4 Ways It Can Help Your Business Save

    Learn how a green lease could be just the thing your business needs to take a chunk out of its energy bills.

    With the demand for more energy-efficient “green” buildings on the rise comes an increased interest in green lease arrangements between landlord and tenant. Green leases refer to agreements in which buildings are to be operated, occupied and managed in an efficient manner.

    In fact, The Department of Energy Better Buildings Initiative has made a bold statement calling 2018 the “Year of the Lease.”

    And for good reason. According to the Institute for Market Transformation, a Washington, DC-based nonprofit organization promoting energy efficiency, green building and environmental protection such green leases could potentially save U.S. office buildings $3.3 billion annually while cutting energy consumption by 22%.

    Four of the benefits of a green lease include:

    • improved environmental performance of the leased space;
    • better alignment of incentives between landlord and tenant, meaning each side benefits from the adoption of a green lease;
    • better environmental data reporting transparency, making it easy for landlords and tenants to track success against the agreed-upon goals of a green lease; and
    • enhanced goodwill for each of the sides that comes with being more transparent and environmentally conscious.

    Green leases illustrate just how powerful a collaboration can be between tenant and landlord. By sharing in the costs, rewards and value of using less energy, together they have the power to achieve significant savings. In fact, if the green leasing approach were to be utilized in leased office buildings across the United States, more than $3 billion in annual cost savings would be achieved.

    Technical assistance from the COSE/GCP Energy Team

    Businesses don’t have to feel like it’s all on them to come up with green lease solutions. Through the Small Business Energy Initiative (SBEI), funded by the U.S. Department of Energy and led by COSE/GCP and the IMT, the initiative is designed to provide free, energy-saving guidance to members. Click here to learn more about the resources available to small and medium size businesses through the initiative.

    Contact the COSE/GCP Energy Team today via phone at 216-592-2205 or email the Team at energy@gcpartnership.com for a free assessment of your facility and to begin designing a plan to help you save on your energy costs.

    Share
  • Email
  • Next up: Growing the SMB in the Wake of Big Data and Social Media
  • More in Operations
  • Growing the SMB in the Wake of Big Data and Social Media

    As technology continues to take over our everyday lives and create efficiencies and complexities, it leaves the small to medium sized business (SMB) with a myriad of options to reach their audience and manage ever-growing data volumes across every department of an organization. So what can you do as a SMB to keep up with technology and marketing trends in order to support growth in the wake of big data?

    As technology continues to take over our everyday lives and create efficiencies and complexities, it leaves the small to medium sized business (SMB) with a myriad of options to reach their audience and manage ever-growing data volumes across every department of an organization. So what can you do as a SMB to keep up with technology and marketing trends in order to support growth in the wake of big data?

    Start by creating a plan around the privacy, security and compliance of Social, Mobile, Analytics and Cloud (SMAC). In 2015, Forrester predicts that 60% of enterprises will discover a breach of sensitive data. You need to think like the big guys even if you are a three-person shop. If you plan to host an e-shop, take payments via your website or simply collect data via an online form, do your research and align yourself with vendors that exhibit cyber best practices. Remember, your security practices are only as strong as the vendors you choose.

    Take the time to establish an ongoing incident management program. An incident response plan, like a business continuity or IT disaster recovery plan, is your immediate response to a specific threat. To be effective, you need to establish an ongoing incident management program that lets you identify the potential risks so that you can create appropriate response plans, test those plans and keep them current. The plan should include the privacy, security, and compliance around SMAC.  

    Next, get your message out. Experiment with budget-friendly ways to build your customer and prospect list. Social media can be a great tool when you find the right outlet or mix. Creating and pushing out content that showcases your organization as a thought leader can really move the meter, but using social media to help build your audience can be your biggest ally. Test various sites and make sure the mix of your posts are equal parts about your organization, its messaging and products/services, as well as equal parts about your friend/connection and what matters to them. While people are always thankful to gain important nuggets from a pertinent blog post or article, they may also enjoy seeing your organization in a less formal setting like in photos from a team building event. Engage with them to see what is resonating; remember to keep it light. Offer life hacks that make their work experience even the tiniest bit easier.

    Letting your customer know that they matter, showing your cyber responsibility, especially with their personal data, can go a long way in building trust and fostering a lasting customer relationship. They need to have confidence in your organization beyond products and services. Make them aware that you are doing everything possible to keep them safe from a cyber attack.

    Nicole Ponstingle is the Director of Client Services and Marketing at BlueBridge Networks in Cleveland.

    This article originally appeared in the May 25, 2015, edition of Small Business Matters.

    Share
  • Email
  • Next up: Here's to Tech in the CLE: 2015
  • More in Operations
  • Here's to Tech in the CLE: 2015

    What do we want next year for local tech?

    I think we’ve had a pretty good year for tech, here in the CLE:

    • our quarterly survey results show strong performance;
    • hiring was on a torrid pace pretty much for the entire year;
    • local media provided significantly more coverage of the industry in 2014;
    • Tech Week grew by another 23% and has quadrupled in just four years;
    • we had a big exit with Oracle’s acquisition of TOA Technologies;
    • and more.

    So, what do we want next year for local tech?

    • Even more publicity for the industry, not just locally, but nationally too.
      • We’re poised for explosive growth, we need national recognition.
    • Breakout companies from local tech accelerators, Bizdom, FlashStarts, and The Bit Factory
      • Some are on their second and third classes, we’d love to see traction leading to growth and hiring
    • An in-migration of talent to the region
      • The CLE is a great place to start or grow a tech career, let’s get some folks in from elsewhere to help propel our growth even faster
    • And selfishly, we want to see Tech Week grow even more strongly in 2015
      • Let’s double it and get 4000+ to connect, engage, support, and celebrate local tech next year

    Tech in the CLE…let’s rock it in 2015!


    Share
  • Email
  • Next up: High Impact Tech Initiatives Take the Spotlight in Northeast Ohio
  • More in Operations
  • High Impact Tech Initiatives Take the Spotlight in Northeast Ohio

    On the heels of an excellent article from Freshwater Cleveland, I wanted to share news on some of the cool things happening with tech talent here in the CLE.

    On the heels of an excellent article from Freshwater Cleveland, I wanted to share news on some of the cool things happening with tech talent here in the CLE.

    Talent NEO/Skills Based Hiring
    Towards Employment
    and Regional IT Engagement (RITE) are spearheading a great effort to deepen and broaden the talent pool. The initiative is called “Skills Based Hiring,” a methodology to identify potential candidates using non-traditional means. Details on the effort are here.

    RITE (Regional IT Engagement)
    RITE
    offers high school engagements, internship programs, coding camps, and the annual Get IT Here Summit to attract students to IT majors in college.

    CoolTech Challenge
    The CoolTech Challenge
    has awarded more than $77,000 in scholarships and other prizes over the last eight years. Sixteen schools and more than 100 students participated in 2015.

    Tech Week Efforts
    During Tech Week 2015, more than 400 IT students attended Tech Talent talks at seven different NE Ohio college campuses to get connected, learn about enterprise and entrepreneurial IT and stay in NEO post-graduation. Plus, 33 companies connected with more than 250 attendees at Linking IT Talent, an event to match employers with tech job-seekers.

    TechHire
    TechHire consists of a $100M federal grant program that several partners, including OHTec, are collaborating on to address the challenge.

    And there’s a lot more going on than noted here. 

    As talent demands continue to grow in this region, it’s important to note that some great, cool and high impact initiatives are underway right now. More can be done, to be sure, but we’re excited about the results these efforts are yielding and will yield in the future.

    So stay tuned and buckle up, NE Ohio is becoming a destination for great tech careers!


    Share
  • Email
  • More in Operations