Beware of .DOCM File Attachments

In a blog post dated August 17, FireEye is reporting a huge increase in “Locky” ransomware distribution via maliciously-crafted .DOCM email file attachments (macro-enabled Word files). The health care industry seems to be the hardest-hit in this campaign, and the U.S. and Japan top the list of affected countries.

The takeaway here is to be extra careful about opening email attachments. And, if you still have the “hide extensions for known file types” option enabled on your Windows systems, for heaven’s sake, disable it! Then, if someone sends you a .DOCM file attachment, at least you’ll recognize it!

Finally, consider the OpenDNS service we wrote about in our recent blog post entitled "Beating Malware by Disrupting Command & Control."

ESET Introduces Hardware-Encrypted USB Drive

Encrypted Drive

It seems that data security is a never-ending battle, and it has become obvious that we need multiple layers of protection to deal with the proliferation and constant evolution of security threats. Today’s security topic is the ubiquitous USB “thumb drive.”

USB drives are a really convenient way to transport and share data. Unfortunately, they also represent a really easy way to lose sensitive data, and can act as an infection vector to spread malware from one computer to another. Now, ESET® and Kingston® have teamed up to address this security hole.

Introducing the Kingston DataTraveler® Vault Privacy 3.0 with DriveSecurityTM anti-virus powered by ESET. It’s a USB 3.0 drive with built-in 256-bit AES hardware-based encryption to safeguard your data, plus a pre-paid 5-year subscription to ESET’s DriveSecurity anti-virus protection, which is pre-installed and pre-activated to ensure that malware doesn’t infect the drive. It’s available in capacities of 4 Gb, 8 Gb, 16 Gb, 32 Gb, and 64 Gb, with prices as low as $39.99 for a single, 4 Gb drive.

The drives are customizable to meet specific corporate requirements, such as minimum password length and the number of incorrect password attempts allowed before the drive locks down and reformats itself. They can also be co-branded and serialized for businesses who purchase multiple drives.

Contact us today for more information.

Beating Malware by Disrupting Command and Control

DNS-graphic

One of the key strategies in modern warfare is disrupting the enemy’s command & control infrastructure. It can also be an effective strategy in the ongoing war against malware. One of the first things that usually happens when a PC is infected with malware is that the malware “phones home” to a command & control server to check in and get further instructions – which may be to take some specific action such as downloading additional malware or encrypting all the files on your computer, or to simply go to sleep until further notice. If we can prevent that communication from taking place, we have a shot at stopping the infection in its tracks. But how can we do that?

Nearly every communication transaction that takes place across the Internet involves, at some point, a DNS query. For the non-technical in the audience, DNS, which stands for “Domain Name System,” is the naming system that matches names, like “www.virtualqube.com,” to IP addresses, like 216.9.9.213, which the routers in the Internet need to know in order to properly route the traffic. Part of the network configuration of your computer, and every other computer that’s connected to the Internet, is a setting that tells the computer where it should send its DNS queries. Corporate networks will generally have one or more DNS servers as part of the network. Individual home users, in most cases, simply use a DNS server provided by their Internet Service Provider. When you, dear reader, typed “www.virtualqube.com” into your browser, or clicked on some other link that brought you here, your computer sent a DNS query to a DNS server. If that DNS server didn’t know what IP address corresponded to this Web site, it forwarded the request on to another server in the hierarchy of DNS servers, until ultimately, several fractions of a second later, the answer came back that if you want to talk to www.virtualqube.com, you need to send your data packets to 216.9.9.213.

The communication between a piece of malware and a command & control server also, nearly always, involves a DNS query. Moreover, if one of your employees clicks on a link in a “phishing” email message that leads to a malicious destination, it will nearly always generate a DNS query. And if someone is tricked into clicking on a “malvertising” link (which have now, believe it or not, surpassed porn sites as a malware infection vector), it will nearly always generate a DNS query.

You’re probably way ahead of me by now, and thinking, “Wait a minute, if we can block those DNS queries, we can prevent the infections from taking place, or, if the initial infection has already taken place, we have a chance of stopping it in its tracks.” And that’s exactly what the OpenDNS service is all about.

OpenDNS, which is now a part of Cisco, maintains a global network of DNS servers that process over 80 billion DNS queries every day. Using a variety of innovative techniques, they maintain a database of malicious destinations. By simply directing DNS queries to OpenDNS, we can block as much as 70% – 80% of the attempts to contact malicious destinations. And while we’re at it, we can create policies that will also block traffic to sites with objectionable content (e.g., porn, violence, racism, etc.), and give businesses a dashboard that will reveal exactly where their users are going (or attempting to go) on the Internet. There is also a roaming client for Windows, Mac OS X devices, and iOS mobile devices that will protect them when they’re not attached to the corporate network.

The OpenDNS subscription service is surprisingly affordable – particularly when you compare it to the cost of recovering from a malware attack. Contact VirtualQube for more information on putting this tool to work as part of your security strategy.

b

Are you safe and secure in the cloud?

Six Ways Cloud Can Increase Your Risk

Every day, more businesses are looking to the cloud because it delivers cost-effective productivity, collaboration, efficiency and more. But, even as its popularity continues to grow, the Cloud Security Alliance warns that businesses that embrace the cloud without fully understanding the environment and its associated risks are more likely to encounter a myriad of commercial, financial, technical, legal and compliance risks.

Read more

b

Do You Have Peace of Mind That Your IT is Safe & Sound?

Imagine a world where your technology didn’t cause headaches, required updates didn’t interrupt your business, and downtime was a word you’ve never heard of, let alone experienced. This may sound like a fantasy but a reliable managed service provider can make it a reality.

Read more

B

Safeguard Your Business with a Disaster Recovery & Business Continuity Plan this World Backup Day

World Backup Day occurs annually on March 31. This day is a simple reminder that our critical data is simply not safe. All important business files and information can disappear in the blink of an eye due to bad weather, a hacker or even human error.

However, according to surveys conducted by the American Red Cross, more than two-thirds of small businesses fail to implement basic continuity measures. The primary reason being, most of them just don’t believe a disaster will strike them.

Read more

businssman drawing business concept on white wall

Is It Time to Move on? Get More Responsiveness & Improved Results from Your MSP

Sometimes, there comes a point when it’s simply time to move on. Things are just not like they once were. Your business has matured, and you now have new business needs that must be met.

Change never comes easy. But if switching to another Managed Service Provider (MSP) will benefit your business, then maybe that’s a great option and the new direction you must take.

Read more

7 Security Risks of Consumer-Grade File Sync Services

Cloud Security

Consumer-grade file sync solutions (referred to as CGFS solutions) pose many challenges to businesses that care about control and visibility over company data. Below are seven of the biggest risks that these solutions pose in a business environment.

  1. Data theftMost of the problems with CGFS solutions emanate from a lack of oversight. Business owners are not privy to when an instance is installed, and are unable to control which employee devices can or cannot sync with a corporate PC. Use of CFGS solutions can open the door to company data being synced (without approval) across personal devices. These personal devices, which accompany employees on public transit, at coffee shops, and with friends, exponentially increase the chance of data being stolen or shared with the wrong parties.
  2. Data lossLacking visibility over the movement of files or file versions across end-points, CFGS solutions improperly backup (or do not backup at all) files that were modified on an employee device. If an end-points is compromised or lost, this lack of visibility can result in the inability to restore the most current version of a file or any version for that matter.
  3. Corrupted dataIn a study by CERN, silent data corruption was observed in 1 out of every 1500 files. While many businesses trust their cloud solution providers to make sure that stored data maintains its integrity year after year, most CGFS solutions don’t implement data integrity assurance systems to ensure that any bit-rot or corrupted data is replaced with a redundant copy of the original.
  4. LawsuitsCGFS solutions give carte blanche power to end-users over the ability to permanently delete and share files. This can result in the permanent loss of critical business documents as well as the sharing of confidential information that can break privacy agreements in place with clients and third parties.
  5. Compliance violationsSince CGFS solutions have loose (or non-existent) file retention and file access controls, you could be setting yourself up for a compliance violation. Many compliance policies require that files be held for a specific duration and only be accessed by certain people; in these cases, it is imperative to employ strict controls over how long files are kept and who can access them.
  6. Loss of accountabilityWithout detailed reports and alerts over system-level activity, CGFS solutions can result in loss of accountability over changes to user accounts, organizations, passwords, and other entities. If a malicious admin gains access to the system, hundreds of hours of configuration time can be undone if no alerting system is in place to notify other admins of these changes.
  7. Loss of file accessConsumer-grade solutions don’t track which users and machines touched a file and at which times. This can be a big problem if you’re trying to determine the events leading up to a file’s creation, modification, or deletion. Additionally, many solutions track and associate a small set of file events which can result in a broken access trail if a file is renamed, for example.

Consumer-grade file sync solutions pose many challenges to businesses that care about control and visibility over company data. Allowing employees to utilize CFGS solutions can lead to massive data leaks and security breaches.

Many companies have formal policies or discourage employees from using their own accounts. But while blacklisting common CFGS solutions may curtail the security risks in the short term, employees will ultimately find ways to get around company firewalls.

The best way for business to handle this is to deploy a company-approved application that will allow IT to control the data, yet grants employees the access and functionality they feel they need to be productive.

The True Cost of Using End of Life Software

In this recorded Webinar, VirtualQube discusses the true cost to organizations of using software that is past its “End of Life” date, and is no longer supported by the software manufacturer.

blog

Don’t Play Roulette with Your Tech!

The dangers of gambling with unsupported & unsecure software
When it comes to continued use of outdated software, are you putting your business in danger of losing vital data and information? Is your business a ticking time bomb ready to explode into a potential abyss of bankruptcy and going “out of business”?
If your business’s operating system software is well known for being out-of-date and unsecure, the answer is unequivocally yes. That circumstance for many has already come and gone in regard to Windows XP (retired April 8, 2014) and Windows Server 2003 (expired July 14, 2015).
Read more