Search the Community
Showing results for tags 'malware'.
Found 2 results
Technology has become so intertwined in our lives that it is hard to imagine life without it. It makes our lives simpler in many ways yet the complexity challenges even the most well informed. The news is full of technology stories that can be confusing, misleading and down right scary at times. Today there is news of more hacker activity and I want to pass along what you need to know in simplest terms. Equifax Data Breach The security breach of Equifax happened between May and July of 2017. We are several months since this happened. There is a lot of information available on this, so I am not going to repeat everything here. However, there is one important piece of information and recommendation that is important to examine. Many websites are recommending that you go to another website to check to see if you were affected by the data breach. Testing has shown that the website is giving false results as it wants people to signup for the free credit monitoring. Everything "free" comes with a price. The hidden part of this is that by signing up for the free credit monitoring, you also agree not to be part of any class action lawsuit that is sure to follow in the near future. I might also add that there is no reason to trust Equifax at this point in time, nor some free service they are trying to give away. Good information on this here: https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do CCleaner Hacked A very popular tool for cleaning PC's is software called CCleaner. I personally use it as one of many in my toolkit for cleaning computers of malware and other nasty things. Today it was learned that the latest versions of the software between 5.33.6162 and 5.34 were infected with a multi-stage malware payload. Luckily this was discovered quickly and it appears to only affect 32 bit versions of the software, not the more common 64 bit versions. More details on the hack here: https://www.howtogeek.com/326742/ccleaner-was-hacked-what-you-need-to-know/ The point here is to be aware that any software installed on your computer could potentially contain malware. Even legitimate software can be compromised. The best things to do are: Backing up of your data regularly and keep it in multiple locations (Be sure your backup does not remain connected to your computer) Regular malware scans and cleanup - this is different than just a simple virus scan Have a computer tech that knows your system before disaster happens. You do not need to be a pro yourself but you will need a pro at some point in time. Technology is simply too complex these days and we are all vulnerable. My advice is to plan ahead, just as you would look for a doctor before you need one, you should do the same for a technology pro.
I have received several questions regarding the recent news story about Hollywood Presbyterian Medical Center in L.A. whose computers were infected with "ransomware". For those unaware of the news story, here is a link to it. http://www.reuters.com/article/us-california-hospital-cyberattack-idUSKCN0VS05M Ransomware is malware (malicious software) that infects a computer and encrypts all of the user's files making them unusable until they are decrypted with a unique key. Once the files are encrypted, a ransom demand is made. This type of malware has been around since 1989 but gained popularity around 2013 with the popularity of BitCoin, an untraceable way to make payment to the extortionist. So the question becomes how do you protect yourself from this type of attack. I have a client that was attacked this way in 2014 and several lessons were learned. First, you should know that this type of attack is not isolated to just Windows computers. All computers that connect to the Internet use data encryption to protect your activity. Whether you are logging into your bank account or shopping online, your computer is using encryption to keep your data safe. In this case the data encryption is not use to protect you but rather to make your own files inaccessible. Second, both Malware and Anti-virus protections programs, while helpful, do not give you 100% protection. In the case of my client, he was using both an Anti-virus program and a Malware scanner. Part of the problem here is that encrypting files is a completely normal activity for a computer and unless some unique attribute can be found, this malware appears as normal activity. Another part of the problem that is until someone is infected and the Anti-virus/Malware software companies have time to figure out a detection, everyone remains at risk. There is always a window of opportunity to be infected regardless of what software programs you use for protection. In the case of the hospital in this news story, they paid the ransom of $17,000 and got lucky that the extortionist actually sent them the decrytion key after making payment. It is just as likely the extortionist would demand more money or simply disappear leaving the files encrypted. The only real solution is your backups. I am not one to preach at people, nor use fear to motivate people. What I offer here is my own person experience with a client that suffered this same attack. My client, a mortgage broker in California, contacted me once he got the ransom demand of $300 and was unable to get to any of his files because they were encrypted. His business came to a complete stop. He was told the ransom demand would double every day he failed to pay. Going to the backup seems like a simple solution but in this case it was not. The problem is that the backup files were on an external hard drive that was connected to the computer at the time the infection took place. All of the backup files were also encrypted, making them equally useless. Both business files and years of family photos were lost. A few things were recovered from a backup I had made personally when working on his computer the year before but that was little consolation. Important Lesson Learned - If you backup your files to a device, such as a flash drive or external hard drive, YOU MUST DISCONNECT THE BACKUP DEVICE when you are not making the backup. Your backup is the only safe when it is disconnected and separated from the computer. My personal advice to my clients regarding backups is this: You need to have multiple backups, I recommend 3. 1. Have one near the computer but disconnected unless actually making a backup. This is your convenient backup. Used quickly and done often. Understand that this backup is at risk of being stolen, damaged or destroyed in the event of a break-in, or local disaster such as a fire. It is also at risk when it is connected to the computer. 2. Have one outside of the home/office. This protects you against anything that might happen to the backup that is near the computer or damaged while in use. It needs to be in a separate physical location such as with a trusted friend. It should not be in the same building or location as the computer except when making a backup copy. 3. Have one online using a service such as Dropbox or a cloud based storage. This backup is your final line of defense. A physical device in your possession is always superior but a copy online gives you the advantage of being accessible from any place. A backup online provides protection if the physical backup devices get damaged or stolen. Due to the generally slow Internet speeds in our area, it can be difficult to keep large files stored online and slow to retrieve them. One last bit of advice regarding backups. If you use a software program to do your backups, realize you will likely need that particular software program installed on another computer to recover your backup if your computer is lost or stolen. I recommend not using a software program that creates a single backup file, rather one that copies all of the files individually so they can be read on any computer without installing the same backup software program to retrieve them. This ransomware type malware is on the rise and often is it not talked about due to embarrassment. Heed the advice and check to be sure your backups will save you should you suffer the same fate as my client or the hospital in this news story. All my best - Dan Porter