EasylifeIT™ IT Security

Security Advisories and Advice

“Today, 680,000 people joined the Internet. Today, 125,000 new viruses will have been discovered. Today, 9500 websites will have been infected and are already infecting their visitors; 80% of those sites owned by SME’s. Just having an antivirus these days simply isn't enough; education, diligence and vigilance are absolutely key.”

Lindsey Hall, MD of EasylifeIT for FSB Lincolnshire AGB

Security advisory: US and Canadian governments issue cyber alert for ransom-ware

Written by Lindsey Hall. Posted in EasylifeIT™ IT Security

Every week seems to bring news of high profile cases of new ransom-ware attacks. Its nasty stuff; nasty enough that the US and Canadian authorities yesterday issued a rare joint cyber alert warning about the upsurge in attacks.

The plague doesn't seem to be going away anytime soon. Enabling the ransom-ware plague is the fact that many businesses and individuals seem to be casual in their habits and unaware of the risks; sometimes over reliant on technical measures to provide safety.

I may be labouring the point (and please forgive me for this), but the advice remains the same:

 

  • Ensure your antivirus is running. Be alert for warnings. Don't cancel scans just because it is inconvenient or slowing you down
  • If Windows is prompting to restart to apply updates; don't delay
  • If you suspect something odd is happening; report it
  • Be VERY wary of email attachments, links in emails, websites you don't know and software offered for free
  • Educate your team on the risks; any system is only as strong as its weakest link
  • If you havent got regular backups; get some. In the event of a ransomeware attack this may be your only route out of trouble

 

For those who haven't already downloaded it, we have a free information sheet for staff available for download here (irony alert ... but I can assure you it is safe)

 

Lindsey Hall

Lincolnshire Council shut down for "several days" by ransomware

Written by Lindsey Hall. Posted in EasylifeIT™ IT Security

One of our more technically aware customers, Alison Turnock of David Turnock Architects, alerted us to a story yesterday relating to ransomware and Lincolnshire Council; whose system was shut down for “several days” as a result of a single employee opening an infected email. While the impact may be shocking for many, this is an all too familiar story for those of us involved in IT security. If even Lincolnshire Council, no doubt with a permanent team of IT staff and barriers that far exceed anything most SME’s can justify can be bitten; it goes to prove that the staff education and training is an essential supplement to any technical measures that can be put in place.

To assist you in this education, EasylifeIT™ has produced an A4 Cybersecurity – Tips for your end users, which is available from our website here: http://www.easylifeit.com/images/pdf/PrintandProtectIT.pdf

Click here for more information on the Lincolnshire story: http://www.infosecurity-magazine.com/news/ransomware-shuts-down-lincolnshire/

Cybersecurity tips for end users

Written by Lindsey Hall. Posted in EasylifeIT™ IT Security

Many tend to imagine that Cybersecurity is all about having an antivirus and a firewall. Whilst these are important, they aren't a silver bullet. Indeed, some argue that an antivirus instils a false sense of security, and we have often heard “it looked dodgy but I thought my antivirus would protect me.” This is a dangerous and incorrect assumption and one frequently exploited.

A little education goes a long way, so we have listed a few tips below to try and prevent that education coming through bitter experience. We have also included a link at the end of this page so you can easily download and print the full document for your office

  • Stop and think before you click on email links or attachments. Are you expecting it? Do you really need it?
  • Be especially alert and smart when surfing the internet. Resist the temptation to click through on adverts or to see what a celebrity has done this week.
  • Avoid freebies on the internet; they often come with a sting in the tail. Free file, video or music sharing sites are also dangerous.
  • Be alert for warnings from your antivirus and don’t cancel a scan just because it is slowing you down. If it is trying to tell you something this should not be ignored.
  • Allow updates for Microsoft, Java, Flash and Reader to install. A system without updates is a vulnerable one.
  • If you do think you have caught a bug, then you don’t want to infect your network or damage your company files. Unplug your PC immediately and call IT support
  • Be aware that an antivirus alone cannot protect you against infection. You have a responsibility too!

Print it and protect IT! - Download without registration - PDF Documennt - 371kb

Fraud / Security advisory: Wire Transfer Request

Written by Lindsey Hall. Posted in EasylifeIT™ IT Security

2 finance departments in our customer base have received emails in recent days purporting to be from the company's Managing Director requesting a wire transfer to be made. These fraud attempts have demonstrated a knowledge of the company targeted and obvious research has gone into identifying the names and email address of the Managing Director and Finance Officer concerned. The format of the email was also credible at first glance.

 

Both attempts resulted in queries of a procedural nature that flagged the issue and upon investigation the emails originated not from the clients email system but a server in the Netherlands.

We would recommend you alert your finance team to this issue.

 

 

Lindsey Hall

Microsoft kicks XP while its down, 2003 end of life this week and why you should have anitirus on your iMacs

Written by Lindsey Hall. Posted in EasylifeIT™ IT Security

Microsoft kicks Windows XP when it’s down

Although Windows XP has been “out of support” since April 2014, Microsoft have continued supporting its own anti-malware product with updates until this week. If you have any Windows XP PC’s running Microsoft Security Essentials then we recommend that you consider your options at this point; the 2 obvious options being either to change your antivirus protection to a third party product that still supports XP, or more sensibly; consider updating the PC to Windows 7 or better

Click here for more information

This week Windows Server 2003 also fell off the update cliff

With every server vendor seemingly emailing about Windows 2003 server going end of life and trying to sell new servers, I would be surprised if you were unaware of the fact. What in practice does this mean though? Does it mean Windows 2003 will stop working? No …. It doesn’t mean that. What it means is Microsoft will no longer issue security updates for their venerable product. It has been described as the “biggest security threat of 2015”, but it that hyperbole? Perhaps, but it certainly has security and for some; compliancy consequences.

A good article laying out the risks and compliance issues is available here

Antivirus for Macs

During our TechTalks on Cybersecurity, it is always apparent that the “Macs don’t get viruses” myth is still alive and well. Apple in fact dropped this claim in 2012 in light of 650,000 users acquiring a Trojan that was unchallenged. It is true that Apple device are far less afflicted by threats but as they become more popular this is changing. Several vendors offer free antivirus for Macs used at home (non-commercial use), the best in our experience being the one from Sophos. If you have Macs in the workplace, we would recommend you speak with your IT support provider regarding your options. No protection though is a folly and is a chink in your IT security armour.

Click here for more information on the Sophos free antivirus for non-commercial use

Related Articles

EasylifeIT™ Business Technology Support in the UK

Operating in throughout East Anglia, the Midlands and Yorkshire, EasylifeIT™ provides expert business IT support when you most need it. A trusted partner of many exciting and innovative small and medium businesses, we employ rigorous and robust customer service principles to deliver a unique and exceptional IT support experience.