Monday, 15 May 2017

What is the WannaCry RansomWare virus?

You may have read about the disruption caused to many computers across the world last week, that was caused by the WannaCry RansomWare virus. The NHS were amongst the organisations most badly affected. Here we try to explain what it is, how so many people were infected and how you can protect yourself.

What is WannaCry?
It is a “RansomWare” virus that almost certainly arrives as an email attachment, which a user is persuaded to open. They may believe the email to have come from a friend or colleague. Or the email may be suggesting that the attachment is an expected invoice, a problem with your bank, or an unexpected demand for payment. However it is presented, it would appear to have been crafted in such a way that many people have opened the attachment.

What is RansomWare?
“RansomWare” is the name given to a type of virus which infects your computer, encrypts most of your data and then demands a payment, or ransom, to provide a “Decryption Key”. Only with that key would you be able to recover your encrypted data back to a useable form.

Why didn’t Anti-Virus software stop it?
No anti-virus (AV) software is 100% effective. The way most AV works is by knowing each virus that exists. Any software that tries to install itself to your computer has a specific signature. That signature is matched against a database of known viruses and the AV blocks any malicious software.

However, whatever AV is in use by the NHS clearly wasn’t effective in this instance – in a big failure!

In the case of a new virus, most AV databases need to be updated with the new signature, and every computer then needs to download the updated database. This process is speedy, but inevitable time delays allow the virus to spread.

Some AV, such as WebRoot, (http://www.the-it-dept.uk/antivirus.php), works in a slightly different way by trying to spot the way viruses infect computers, as well as having a cloud based database of known viruses. WebRoot also sends back to base information on software that computers are installing, so any malicious virus can be spotted quickly, allowing the WebRoot database to be updated very fast, to block further infections.


Which computers are at risk?
The WannaCry virus exploited a vulnerability in older versions of Microsoft Windows. A “vulnerability” is, effectively, a mistake in the coding of Windows, which allows a malicious virus writer to exploit the poor coding. There are very many vulnerabilities within Windows, which is why Microsoft releases “Windows Updates” every month. These Updates are used to patch the holes in the software to make it more secure.

There is a governmental organisation in the USA, called the National Security Agency (NSA), which is tasked with keeping the computers of the USA, and presumably other friendly nations, as secure as possible. The NSA discovered a new vulnerability within Windows some time ago. But, they kept this information to themselves, in the hope of using the security flaw in an attack on their enemies.

Instead of this happening, the NSA themselves were hacked and the information that they held on the vulnerability was stolen. This meant that nefarious elements now had some very dangerous knowledge.

At this point the NSA had to fess up to Microsoft, who soon released a patch against the vulnerability. So, any computers which were running Windows Updates automatically, or whose users were installing such patches manually, were secure.

There are, of course, questions about the ethics of the NSA. “NSA's mission is to help protect national security” (from https://www.nsa.gov/news-features/press-room/statements/2013-08-09-the-nsa-story.shtml). Quite how the best interests of national security are addressed by keeping quiet about such a major flaw in Microsoft Windows is debatable.

But, surely the NHS were patching their computers?
Not necessarily. Many IT staff do not allow automatic updating of Windows. Historically this could cause more problems than it was worth, as some of the patches would create more serious issues than they fixed. (This hasn’t been the case for many years now. We recommend users run Windows Updates automatically on PCs, but not on Servers.)

In addition, Microsoft only publicly releases patches for what they call “supported” versions of Windows. This only includes newer versions, such as Windows 7 or Windows 10. It does not include Windows XP.

Many government departments, and particularly the NHS, operate annual budgets which mitigate against longer term investment. They therefore do not see the cost benefit of upgrading older computers. Or they have certain devices attached to a computer which will not work on newer versions of Windows. The NHS has many computers running Windows XP.

For some time the UK government was paying Microsoft to continue providing patches for Windows XP. Last year the government decided that this was a false economy and stopped paying this money from central funds. The NHS chose not to make a new agreement with Microsoft, and so their Windows XP computers have not had the benefit of any patches. I also suspect that many of their newer computers are not set to automatically update.

Why was WannaCry able to infect so many computers?
WannaCry is different to most other RansomWare as the exploit that the NSA had discovered allowed malicious software to spread from computer to computer, over the network. Previously most viruses would only infect the one computer that they had been installed to. So, if one user in an office opened a malicious email attachment, only their computer was infected. WannaCry infects all of the other computers that it can find on the same network.

Why can’t I decrypt the data myself?
The encryption methods used by this type of virus are extremely powerful. Without the Decryption Key it is almost impossible to recover your data. 

The virus writers wish to be paid in “Bit Coins”, which are an untraceable, electronic currency. The WannaCry virus demands payment within 3 days, or the price doubles. Don’t pay within a week and your data is gone forever. But, setting up a Bit Coin account is neither straightforward nor fast. And, once you have paid the ransom, what guarantee do you have that the Decryption Key, if sent to you at all, will work?

Law enforcement agencies cannot, in this case “follow the money”. Bit Coin accounts have been designed to be untraceable and anonymous.

So, what can I do to protect myself?
There are several steps we can take to protect against viruses.

Use a backup system where most copies of the backed up data are not held on your network.
Cloud, or online, based backup is ideal. RansomWare viruses cannot infect the data in the cloud, so you can clean the virus and recover the data from backup very quickly.

Tape based backup, or backup to more than one external hard drive, allows the backed up data to be removed from site each night, offering some protection.

Backup. Backup. Backup

Keep Windows Updates running automatically and check that they are installing occasionally.

Install a good anti-virus system and keep it updated.

Install CryptoPrevent and pay the $15 annual fee to keep it updated. This is a small piece of software aimed only at preventing RansomWare style viruses (https://www.foolishit.com/cryptoprevent-malware-prevention/)

Don’t visit websites that your mother wouldn’t approve of. And don’t click links in emails to websites. Especially if an email consists only of a link.

But, most importantly, be wary of any email attachments.   
Do you know the person who just sent an email to you with an attachment?

Do you really know them? Anyone can fake an email address, so does the email read correctly, as if your friend or work colleague that appears to have sent it actually did so?

Were you expecting the email attachment? Not just, were you expecting an email attachment. Were you expecting this specific one?

Is the attachment a Zip file? No-one sends Zip files very much, apart from virus writers!


Have a regular IT Support visit to report on the health of your computers. You may wish to have a monthly contract, or just the occasional one-off visit. 

Just as you service your car to keep it running smoothly, so you should service your computers.


Please get in touch if you have any questions or concerns. Or if you'd like further advice.



Call us now on 01257 42 92 16 
or see our website at https://the-it-dept.uk

Keeping IT Simple!

____________________________________________________
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2017

Saturday, 13 May 2017

Have you been affected by the WannaCry Ransomware virus?

If you have been affected by the Ransomware virus get in touch for advice. 
01257 42 92 16 
https://www.the-it-dept.uk

To protect yourself from this or future attacks there are 4 simple steps:

1. Train all computer users to be very wary of email attachments or links in emails that you are not absolutely convinced have come from a trusted source. This doesn't just mean knowing the email address that the message appears to have come from, but does the email read as if that person actually sent it to you?

Are you expecting that email attachment?

Does the email only contain one link to a website?


2. A decent anti-virus programme. Yes, you do need to pay for this, but it is invaluable. (Most of the free programmes aren't licensed for business use anyway.) Whatever anti-virus software the NHS or Nissan have been using clearly isn't up to the job!

3. Update Windows. Most systems are set to automatically update, but even then many will still wait for your input before actually installing the updates. Learn how to check that Windows has been updated. It's very simple to do.

4. Backup. Backup. Backup.
Backing up your data is by far the most important thing you have to do on a computer. If you're not backing up the computer then you may as well switch it off and not bother switching it on again!

These Ransomware viruses attack not just the data on the computer, but will also search for any data on the network. So, if you use some form of backup which remains attached to the network that will also be affected and rendered pointless.

You need a backup system whereby a tape or drive is removed from site each night, (to protect against fire, flood or theft as well as Ransomware.) Or, use cloud based backup.

Online, cloud based backup is not as vulnerable to Ransomware attack as it is held remotely and you can generally rescue any data from any day up to 30 days old.

Backup. Backup. Backup.
Please :)


Call us now on 01257 42 92 16 
or see our website at https://the-it-dept.uk

Keeping IT Simple!

____________________________________________________
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2017

Thursday, 4 May 2017

It's World Password Day!

Secure, Complex, but Easy Passwords

4th May is World Password Day!

There are many different ideas on passwords; whether you should change them regularly; that you should have a different password for every website you visit and every app you use; how difficult to guess your password should be, (and therefore how hard to remember it is?)


One of the most sensible approaches to security is to use "complex" passwords of at least 8 characters, and to have a different password for each situation. A complex password is built up with at least 3 of the 4 elements of CAPITAL letters, lower-case letters, numb3rs and pun&tuat!on marks - such as P4ssw0rD!  Some websites like some punctuation, some don't. They will all accept the other 3 elements.

But, how can you easily create dozens of acceptable passwords, that are difficult to guess, and how would you ever remember several such passwords?

Here's a simple solution. 


Decide on a random word which will form the basis of all of your passwords. But that word shouldn't be a real word or name which is associated with you in any way, or able to be guessed. So, let's put that into practice.

At school I really liked a girl called Carol, (although I never dared tell her so!) So the basis of my randomly generated passwords shall be "arol". This isn't a real word and who would be able to guess it?

I'll now add 2 numbers, to the front and end of the base  - 1arol9

To make it unique, to each and every website or app that I use, I shall add the first 2 letters of the name of the company operating that website or app to the end of my new password in Capital Letters.

So, if I am dealing with Amazon, I would create the unique password of 1arol9AM
Ebay is given 1arol9EB
Marks and Spencer gets 1arol9MA
The IT Dept = 1arol9TH

I have quickly and simply created an infinite number of exceptionally strong passwords which are extremely memorable.



(4th May is also Star War's Day. May the Fourth be with you!)


Call us now on 01257 42 92 16 
or see our website at https://the-it-dept.uk

Keeping IT Simple!

____________________________________________________
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2017

Sunday, 9 August 2015

Should I upgrade to Windows 10?

UPDATE: This blog no longer applies. Windows 10 has improved immeasurably since this blog was first written and we do now recommend upgrading to Windows 10. Call us for advice on 01257 429216

Windows 10 has been flagged up for a while as an upgrade for legitimately licensed users of Windows 7 or 8.1. Some time ago Microsoft started adding a small flag to the System Tray of such PCs with the title, "Get Windows 10".


As this is a free upgrade to the operating system, why not? It is free for the first year for Windows 7 users, (from 29th July 2015), and for all time for Windows 8.1 users.

You won't have the option to upgrade if you have Windows XP or Vista. Microsoft isn't keen for people to still be using such old operating systems, and hasn't provided an upgrade path for them. Also, if your PC is old enough to have XP or Vista, it is very unlikely that it would work with Windows 10 anyway.

If you have Windows 7 you almost certainly don't wish to upgrade. It is quite possible that Windows 10 would work on the PC, but why change from the excellent Windows 7 to a much clunkier user experience with 10?

If you have Windows 8 then you will have to upgrade to Windows 8.1 before you can try to install 10. And, if you have Windows 8.1 then you may as well upgrade to 10. The user experience is very similar, but marginally less difficult to navigate than 8.1.

Having said that, you may be unlucky enough to find that some components may not work, such as sound, graphics or network cards. The correct drivers, (which tell the hardware how to integrate with the operating system), should be available from your PC manufacturer but it may be best to check first.

Windows 10, in common with Windows 8.1, is clunky to use. Finding the programmes that you use most can be time consuming and frustrating. There has been lots of talk about the Start Menu coming back, after Microsoft received so many complaints at the loss of this most useful feature of Windows 7.

The Start Menu is back, after a fashion, but it can be confusing to find what you need. If you realise that you can quite easily remove items that have been added to the Start Screen by default (by right-clicking and choosing "Unpin from Start" or "Remove from this list") then you can clean this up. You then need to find the programmes (or Apps as they are now called) that you wish to add to the Start Menu. (Right click and choose "Pin to Start".)

Under the hood Windows 10 is much more secure and even faster than Windows 7, but just as awkard and clunky to use as Windows 8.1, negating the enhanced speed of the operating system, which is lost in the overall speed of use.

The default installation of Windows 10 will send a huge amount of information about you, your contacts, and the way that you use the computer and the internet, to Microsoft and to many of their advertisers. To avoid this you need to be careful when installing to avoid "Express Settings" and to look for the small link to "Customise settings". Choose "No" to all of the default settings to secure your own computer.

Once you have installed Windows 10 you should then look for "Privacy Settings" by typing this into the large Search box on the task bar. You'll need to wade through these to turn off any settings that you are uncomfortable with. Very few of them are for your benefit.

Our strong recommendation, should you choose to upgrade, is to wait at least 6 months, until early 2016, while the bugs are ironed out and the PC manufacturers get up to speed and release updated drivers.

Otherwise, if you have Windows 7 stick with it. If you have Windows 8.1 then upgrade to 10.




Call us now on 01257 42 92 16 
or see our website at http://the-it-dept.uk

Keeping IT Simple!

____________________________________________________
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2015

Tuesday, 16 June 2015

Windows SBS 2011 is denying users access to shared folders and services are stopping

Last week we installed the May 2015 Windows Updates to a Small Business Server 2011 for a client. We usually wait 2 or 3 weeks from release before installing such patches, to see if anyone else has problems when doing so.

The day after the patches were installed the users reported that they were being refused access to their Shared Drives. We logged on to the Server to find that the User Profile wouldn't load and it was very, very slow in operation, eventually hanging and requiring a forced reboot.

It would boot to Safe Mode, suggesting that the problem was less likely to be hardware related. The Windows patches of the day before were the most likely culprit, but once it had rebooted it would work well for anywhere from 1 to 4 hours.

We saw a lot of SharePoint errors in the Event Logs, and we discovered that the SharePoint  2010 VSS Writer service was being stopped and set to "Disabled", rather than "Automatic". There had been a number of SharePoint updates installed the day before, but these didn't have an uninstall option. This led us down a blind alley for some time and we discovered that running psconfig.exe made no difference.

No issues were reported by a Best Practices Analyser scan. Running the "Fix My Network" wizard suggested minor errors in IPv6 and DNS settings, but resolving these saw no change. Updating the network card drivers didn't do anything either.

The problem appeared to be getting worse as reboots now led to the Server waiting a long time after entering a password on “Applying Group Policy Drive Maps Policy”. 

A slow process of fault finding made us realise that the following services were among those being stopped:

a.    Group Policy Client
b.    IKE and AuthIP IPsec Keying Modules
c.    IP Helper
d.    Server
e.    Shell Hardware Detection
f.     System Event Notification Service
g.    Task Scheduler

All of these would allow themselves to be restarted, with the exception of the Group Policy Client service.

Cutting a very long story short, the problems were eventually tracked to the Windows Updates service and the WSUS Role on the Server, which controls how Windows Updates are rolled out to client PCs. Disabled the "Update Service" service and the "Windows Update" service, as well as removing the WSUS role from the Server has made everything stable again.

Removing the WSUS role and stopping the Updates services means that the client PCs needed to be reset to go direct to Microsoft for their own Windows Updates. This is achieved through tweaking the relevant Group Policy.


We adjusted the GPO  "Update Services Common Settings" - Computer Configuration – Policies - Administrative Templates - Windows Components - Windows Update:

“Specify intranet Microsoft update service location” - Set this to disabled

The SharePoint issues seem to be a completely separate red herring and we are willing to ignore them as we don't use SharePoint anyway and these failures are having no impact on the users or the Server.

____________________________________________________
Sign up for our Monthly Newsletter
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2015

Tuesday, 23 September 2014

Has my email address been stolen?

We hear about email addresses and passwords being lost all of the time. Quite often they are stolen by hackers who have managed to breach the lax security of some of the larger, and possibly more trusted, companies in the online world.

Personal and financial details, such as names, addresses, dates of birth and credit card information, are often lost along with website usernames and passwords.

One of the more infamous such breaches was of the Sony PlayStation databases, back in April 2011, in which 77 million user accounts were stolen, (http://en.wikipedia.org/wiki/PlayStation_Network_outage)

In a more recent hack the huge software company Adobe are reported to have lost data on 150 million accounts! To discover if your email address was one of those lost by Adobe go to the website https://lastpass.com/adobe/ and enter your email address(es).

Even if your email address hasn't ended up in the hands of the hackers you should take the opportunity to change all of your passwords for more secure and complex pa$3-WOrd!

There is another website at https://haveibeenpwned.com/ which can check against a lot of other hacked databases to see if your email address may have been compromised.

But, you should also ensure that you use different passwords on each and every website where you open an account, so if one is hacked you do not risk having all of your website accounts hacked. Not so easy though! Or is it?


Ideally you need to use "complex" passwords of about 8 characters, and have a different password for each website that you deal with. A complex password is built up with CAPITAL letters, lower-case letters, numb3rs and pun&tuat!on marks, such as P4s$w0rD!  But, how would you ever remember several such passwords?

Here's a simple solution. Decide on a random word which will form the basis of all of your passwords. But that word shouldn't be a real word or name which is associated with you in any way, or able to be guessed. So, let's put that into practise.

At school I really liked a girl called Carol, (although I never dared to tell her so!) So the basis of my randomly generated passwords shall be "arol".

I'll now add both punctuation and a number  - arol9!

To make it unique, to each and every web site that I use, I shall add the first 2 letters of the name of the company operating that web site to the front of my new password in Capital Letters.

So, if I am dealing with Amazon, I would create the unique password of AMarol9!
Ebay is given EBarol9!
Marks and Spencer gets MAarol9!
The IT Dept = THarol9!

I have quickly and simply created an infinite number of exceptionally strong passwords which are extremely memorable.


____________________________________________________
Sign up for our Monthly Newsletter
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2014

Friday, 5 September 2014

Cost - Quality - Time - A Business Challenge

This Blog isn't about IT, or computers, which may make it more palatable to most folks! (Although we try to write our IT Blogs in English, we do realise that we don't always fully succeed.)

I had a 1-2-1 meeting with Amanda Jackson of TigerFish PR earlier today. They're a great PR company for the logistics market. If you make it or move it, let TigerFish PR it!

During a wide ranging and fun discussion Amanda mentioned an issue that many businesses will come across, based on a triangle of often competing business staples. 

Here at The IT Dept we are always striving to offer a quality service, within a declared time frame, at a known cost. As Amanda put it, a client can have any 2 of the 3, but achieving all 3 can be impossible.




We regularly have competing factors at play, especially when scoping work within the IT sector for clients. We often don't know exactly how long a job will take, but we do know that the client will expect a high quality job, and we need to charge for the work. 

The client, of course, wants to know how much the job is likely to cost, as well as how long it will take. They may well assume that a high quality service is to be taken for granted.

We try very hard not to skimp on the quality of our services. Which can lead to us taking longer to carry out work than some of our competitors. Obviously this may clash with the budget that a client has set for the work.

Fortunately, my meeting with Amanda followed directly on from a seminar run by Michael Finnigan, of i2i (Impossible to Inevitable).

Michael is great at explaining to his clients how they must believe that they can achieve the impossible. With such beliefs the dream becomes inevitable.

We shall endeavour to marry all three of the factors above into our proposals for clients in the future: To spend sufficient time on the work; To offer the highest quality; At a cost acceptable to both parties. The results should be inevitable.

And, on the subject of marriage - Congratulations and Good Luck to Andy and Ruth of Eat My Logo on todays nuptials! 


____________________________________________________
Sign up for our Monthly Newsletter
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2014

Wednesday, 3 September 2014

Is your iCloud data safe?

Following the recent revelations that a number of celebrities have had nude photos of themselves hacked, seemingly from within their iCloud accounts, what does this mean for you?


Do you have an iCloud account?

Probably. If you have ever bought music from the iTunes Store, or if you have ever owned an iPhone or iPad, then the chances are very high that you have set up an iCloud account.

What is an iCloud account?

It is storage for your data provided to you, for free, by Apple on the internet (i.e. in the "Cloud"). Ostensibly this allows much easier use of your Apple devices as all stored data can be shared by all of your devices. So, if you have iTunes on one device you can listen to the same music on your other Apple devices. Photos you take on an iPhone can also be viewed on your iPad.

Why is this free?

Clearly the supply and maintenance of iCloud Servers costs Apple quite a lot of money. It could be argued that they are simply giving something back, given the very high price of iPhones and iPads compared to equivalent devices from other manufacturers. But, it could also be useful for Apple to know how and why people use their phones and tablets, for market research purposes.

But I don't need that functionality

Maybe not. But your Apple device may be set to store backups of your data in the iCloud. Useful, of course, if you ever lose your iPhone with all of the precious photos on it.

Nobody wants my photos!

Obviously not, but that won't stop them looking around. You may think there isn't much in your house worth stealing, but you lock the door every time you leave.

How do they get into my account?

Apple's iCloud service is protected by email address, password and the answers to 2 out of 3 security questions. 

Your email address is, of course, public knowledge. 

These hackers seem to have used a "Dictionary" attack on the passwords, whereby software is set up to simply scroll through every word in the dictionary until it finds a match. (It will also substitute letters for numbers to try common pa55w0rd5.)

The security questions can be fairly easy to guess if you can access sufficient information about someone. For celebs this comes from Hello magazine interviews. For you and I, Facebook, Twitter or Linked In are the main sources of personal information.

But, I use 2-Step Verification

Good! 2-Step Verification sends a one-off code to your mobile phone when you try to access an online account. So, to access the account you have to know the username, the password, the answers to security questions and the one-off code. This makes life much more secure and you should use it whenever possible.

But! Apple's iCloud data is not protected in this way. Only the actual account is, to prevent hackers changing your password or answers to your security questions. If they are able to guess these then they have access to the data anyway.

What can I do to protect myself?

Even though you don't believe that you have anything worth stealing, people feel very vulnerable after suffering an intrusion into their personal space.

1. Just as you use a different key for every lock, so you should use a different, and complex, password for every website. Using a one word password, (such as password), is simply inviting trouble. Make your pa$5-WOrd£ hard to crack. See our Blog at goo.gl/occvS to learn how to do this very easily.

2. Remove or mask all personal data from Facebook, Linked In, Google+, etc.
  • Set up a free email address and use that for logging in to Social Media. (You only need to use the email address occasionally, to verify that you have access to it the first time you use it for each site.)
  • Change your date of birth (not just the year.) Your real friends know your real birthday anyway.
  • Don't be tempted by the "Find Your Friends" features of such sites. This is simply a way for them to collect your address book, so they can target your friends.
3. Set up 2-Step Verification whenever you can.

4. Use obscure answers to security questions, such as "Fantastic" for Mother's Maiden Name, or "Keyboard" for First Car, etc.

5. Don't trust companies to keep your data secure, no matter who they are or how big they are. The bigger they are, the less control they have over all of their Servers.

6. Delete your iCloud account. On your iOS device’s Home screen, go to Settings > iCloud, then at the bottom of the screen, tap Delete Account.


____________________________________________________
Sign up for our Monthly Newsletter
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2014

Tuesday, 3 June 2014

Viruses in the news again. What to do about CryptoLocker, GameOverZeus etc?

You may well have seen the recent news articles about the work of international law enforcement agencies in taking down the networks of computers that run some exceptionally malicious viruses, with names such as CryptoLocker, P2PZeuS, GameOverZeus, etc.

What does it all mean for you and what should you now do?

Here in the UK the National Crime Agency (NCA) have warned users that they have 2 weeks to protect themselves (see http://goo.gl/sPf39B). They don't seem to have made it very clear why you only have two weeks and they seem to only be suggesting that you should run good anti-virus software and to install any waiting Windows Updates. This is, of course, solid advice at any time and not just now.

It appears that the damage the NCA, along with the FBI, Interpol etc, have managed to inflict upon the main servers running these viruses is what has given us a "2 week window". The suggestion is that the "Command and Control" Servers which run these global virus operations are expected to be back up and running soon, i.e. within 2 weeks.

These Servers rely on millions of innocent computers doing the majority of their work, whilst also allowing the virus writers to hide behind many smokescreens.

Your computer may be one of those infected and running as part of this "BotNet" without you knowing about it. The point of updating anti-virus software and keeping Windows up to date is to reduce the chances of your own computer remaining infected in this way.

Internet Service Providers can spot when PCs are participating in a malicious BotNet, by the amount and type of internet traffic that is passed. To date, in the UK, they have never warned anyone that they may be infected, but there are suggestions that they may do so now.

CryptoLocker is a very effective virus which will encrypt and lock all of the data on your computer. You will then see a message on-screen, telling you that this has happened and explaining how to pay a ransom in order to buy a key that will decrypt the data. That ransom apparently varies between £250 and £400. There is no other way to decrypt the locked data.

Any data which can be seen on your network will become locked, once the virus has successfully infected any one computer on the network. This includes data held on Servers and backups held on external hard drives, which are left connected to the PC.

There are several steps that you should take to avoid infection:
1. Use off-site or online backup. This is very unlikely to become encrypted even if you do contract the virus. You simply clean the virus, restore the data from backup and continue.

2. Use a solid anti-virus. We recommend and resell WebRoot. Others are available, but some are less effective than others. Most of the "free" products are not licensed for business use.

3. Run "Windows Updates" regularly, and preferably automatically.

4. Ask us about our "CryptoPrevent" software, which attempts to stop or to disrupt such viruses from running in the first place. This is free to our own clients.

5. Most importantly. Use your own common sense! The vast majority of viruses come through Zip attachments in emails. Does anyone ever send you a Zip attachment? Probably not. If not then do not be tempted to open such an attachment, no matter who it appears to have come from.

Call us for free advice on avoiding virus infections. If you are based in Lancashire and you believe that your computer may be infected, switch it off and ask us to visit as soon as possible.


____________________________________________________
Sign up for our Monthly Newsletter
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2014