Malware Targets Consumer Devices

Last month, a strain of malware was found to be infecting the devices that provide people with internet service, known as routers. It targeted mostly consumer devices made by companies like Cisco Linksys, Netgear, and TP-Link. Researchers found that it had the ability to spy on data passing through these devices, as well as the ability to render the device useless (known as “bricking”). Unfortunately, these devices usually don’t have any protection such as an anti-virus program and are not updated frequently, if at all. Additionally, most devices are left with the default usernames and passwords, so exploitation of the device is simple. There was a big push last month to have users reboot these devices to try to counter this malware, but that did not completely clear it out. Researchers now say that the only way to clear a device of the malware is to reset it to its factory defaults. This article by Cisco’s Talos security team describes in detail the malware and its potential effects: http://bit.ly/2K6mCLc.

This type of security incident, which is still ongoing, highlights the lack of security focus on the part of consumer device manufacturers. Security features are typically low on the list of priorities for these devices, and updates to fix flaws are few and far between. Most devices are preconfigured to be plug and play out of the box, with little to no customization on the consumer’s part; this means that default settings are left in place and, since the manufacturers are often international companies, are well known worldwide. PCMag recently posted an article listing the devices affected, along with instructions on how to update them: http://bit.ly/2tgUHSo.

Do you snap?

Did you know that Windows has a feature called Snap? It allows you to easily open two windows side by side on a single monitor. For example, if you are trying to compare two documents, rather than flipping back and forth between them you can use the Snap feature to open them side by side. It’s very easy to use. Simply open a file (document, picture, folder, etc), then click and drag it to either the left or right side of the screen. You will see the pointer icon display a circle around it which will then change to a rectangle that encompasses half of the screen; releasing the mouse button will cause the file to open to exactly half of the screen. You can then open another file and repeat the process to the empty side of the screen. If using the mouse to drag the windows to either side isn’t your cup of tea, you can use a few keyboard shortcuts to accomplish this.

Open a file, the hold the Windows logo key (Windows-key-3)while pressing either the left arrow key (for the left side of the screen) or the right arrow key (for the right side of the screen). keyboard-arrows7Open another file and repeat the process (using the opposite arrow) to fill the empty half of the screen. Voila! You are now a Snap expert!

Business Results

If you’re reading this, the odds are very high that your business relies on technology. The odds are even higher that technology allows you to be more productive and efficient than if your business didn’t use it. But are you getting the results that you want? Your business has a plan and goals, and technology should help your business reach those goals. If your technology is helping you reach your business goals, that’s awesome! We’re always looking to learn more about business, and would love to sit down with you and learn about your business. If you are unsure of your results, or they are not what you want, that’s OK too. We’d love to sit down and see if we can help. Ultimately, our goal is to learn about businesses and to see if the results our clients get are something that you would like to see in your business. Give us a call today at (732) 640-8563 or fill out our contact form here.

Is your head in the cloud? Your data certainly should be.

What is the cloud? The cloud is a marketing term to represent data or services that exist outside of your office. Think of a website, or email, or pictures you have stored in dropbox, Google Drive, OneDrive, etc. All of this information is stored on the internet and accessible from anywhere. It makes it easy to have that information available no matter where you are.

In the old days, remote users needed a direct/secure connection back to the office requiring expensive tools and infrastructure. As time went by, more and more data/information moved to the cloud. This made remote users more effective because they were able to seamlessly have access to data on the road with no need to have a connection back to the office. As this became more popular, business owners decided not to invest capital in expensive onsite equipment but instead invest in Cloud services.

CBTech Support evaluates its clients business and develops a strategy based on business goals to get the most out of the Cloud. Whether it’s moving a part of the business process to the Cloud or moving the entire technology operation to the Cloud. Our clients benefit in the following ways:

– better uptime on technology services

– higher business continuity rates

– better efficiency for mobile users

– revised accounting of technology expendure

 

Contact us to learn more about how we can help get your business in the Cloud.

Can’t find what you’re looking for in Window 10?

Do you spend too much time trying to find photos, programs, documents etc in Windows 10? Where’s that setting? Where’s that app?

In Windows 10 the search capabilities are much improved from previous versions of Windows. Simply click the start button (WindowsLogo) and start typing. Type what you’re looking for in the search box on the taskbar. You’ll get suggestions and answers to your questions, and search results from your PC and the web. To find more results of a certain type, select the “Find results in” icon above the search box for apps, settings, documents, folders, photos, videos, music, email, calendar, people, or the web.

You can also customize the start menu to have easy access to your most recent apps and files. The Start Menu, or simply Start, gives you access to your User Documents, Oft-used and pinned software and apps, File Explorer and so on. Also new is that Start now includes Live Tiles. Live Tiles display real time content from applications such as email, photos, calendar, weather, etc. Read more about Live Tiles here: http://bit.ly/2BFkXL4

In addition to being able to search for what you are looking for and customize the start menu, there are many other tips and tricks for Windows 10. Some examples are:

  • Edge browser tips and tricks
  • Using Internet Explorer in Windows 10
  • Make File Explorer open to This PC instead of Quick Access

You can find detailed information about these and other tips/tricks here: http://bit.ly/2FhZesr

Technology is not set it and forget it!

Is your business plan the same now as it was 1 a year ago? 3 years ago? 5 years ago? Chances are, it has changed since then. That means the technology that you initially set up to support that business plan is no longer supporting your current business plan.

Just like business plans change to reflect your business and personal situation, your technology should also change to support that new plan. What if there was a process to continuously align your technology with your business goals? A process that:

– Learns the ins and outs of your business

– Evaluates your current business plan

– Evaluates your current technology

– Develops a strategy to support your business plan through technology

– Executes the strategy to keep technology in alignment with the business plan

Just like technology is not set it and forget it, this process is not a one-time task. Because technology and business plans are constantly changing, the process is never complete. CBTech Support applies this process throughout the life of a business relationship with our clients.

If you feel your technology is not aligned with your business plan, then give us a call at (732) 640-8563 or fill out our contact us form here

CBTech Tips: Common misconceptions

Many people use the same password for all accounts and think that’s ok. Whether it’s logging into their computer, a banking website, or simply signing up for something, there’s a high risk when using the same password for each. A banking website will have all the necessary security measure in place to minimize the risk of your password being listed on the dark web. However, the simple account you created to sign up for something may not implement all the tools and because of this your password is now on the dark web. Now, bad actors will use this password to attempt logging into that secure banking website and guess what? Because it’s the same password they now have access to your bank account. If you are reading this, stop and go make those passwords different. At the very least to the important websites like your bank account and all your online shopping sites.

CBTech Support implements standards to help protect and monitor your passwords. We offer dark web monitoring and password management system to help identify:

– Passwords in use for a long period of time
– Weak passwords
– Exposed passwords

Many small businesses feel their company is too small to be target by hackers. Smaller companies are a target because they tend to have weaker security measures in place. To a hacker, that means data is behind your door which is easy to unlock/bypass. Maybe it’s not your company data they are after but the data you store about your customers/clients. Here are some recent statistics which always surprise small business owners:

– Almost two-thirds of all cyberattacks are now directed at small businesses
– 61% of breaches actually hit smaller businesses last year
– 60% of small businesses go out of business within six months of an attack
*According to USA Today (https://www.usatoday.com/story/money/columnist/strauss/2017/10/20/cyber-threat-huge-small-businesses/782716001/)

CBTech Support implements 3 layers of security to reduce the risk of any business, no matter the size. The security technology we put into place protects our clients at the perimeter, at the workstations and servers, and on the network.

Fill out our contact us form here to learn more about how we can help you stay secure.

Catching a Phish: What is phishing?

Phishing is an email scam designed to trick the recipient in to giving valuable information to a hacker. Have you ever received invoices claiming money owed, unsolicited UPS or FedEx shipping notifications, or emails claiming your online bank password needs to be reset? These are phishing emails trying to reel you in by imitating legitimate businesses and their communications; once you click the link or open the attachment the hacker has set the hook. Here are some Google Image examples of phishing emails: http://bit.ly/2qkHAOU.

Business-grade email systems that have a decent anti-spam filter will catch most phishing emails these days, and anti-virus programs are able to detect and prevent most malicious attachments and phishing websites. To get around these advanced prevention technologies, hackers have become more sophisticated in their approach and have developed a technique called spear-phishing. Spear-phishing is a very targeted attack on a small number of individuals, possibly even a single user. This differs from phishing where the hackers send out thousands upon thousands of emails knowing that only a tiny percentage will ever make it to a user’s inbox, with an even tinier percentage being opened and the bait taken. Spear-phishing is usually supported by social engineering, a practice where the hacker gathers enough information about the target to accurately represent themselves as someone the target interacts with on a regular basis. Common examples of spear-phishing emails are a note from the CEO/Owner to the CFO/Controller asking them to move money to a certain account or an email from “IT” asking a user for their password to resolve an issue. Spear-phishing emails are much more difficult to detect as they usually do not include any links or attachments initially, while the hacker probes his target to see if they will fall for the trick.

How can you protect yourself? The best way to stay protected is through education. Knowing what to look for in an email to determine if it is legitimate, being suspicious of any communication that seems out of the ordinary, and verifying the authenticity of an email through another means like phone or text are all ways to avoid getting caught on the hook. Take our phishing quiz to test your knowledge: http://bit.ly/2zw0wiC. There are also many technologies available to assist in protecting you. Email systems with anti-spam, security software with anti-phishing link tracking, and spear-phishing pattern detection and testing systems are all available to help keep you safe. This article from one of our partners has some great tips on what to look for in an email to determine if it is legitimate or not: http://bit.ly/2yr77Yx.

October is Cybersecurity Month

Pumpkin

What is cybersecurity? Google defines cybersecurity as “the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this”. The technology industry uses it as an umbrella term to cover anything from the anti-virus protection on your home computer to corporate policies that define how to respond to a data breach (think Equifax).

So why is cybersecurity important? It’s very easy to be affected by any number of threats these days. Some of the more recent threats involve companies like Equifax and Yahoo, where just having an account means you were affected. Then there is the most recent revelation that all wireless devices have a security flaw that can allow malicious access to anything connected to a wireless device.

Education Concept.

So what can you do? Education is key. The most common way to be affected is through email based scams called phishing attacks. Here are a few examples of these fake emails: http://bit.ly/2qkHAOU. You can also take advantage of local educational events, like the Westfield, NJ chamber’s cybersecurity panel event (details here: http://www.gwaccnj.com/events/cybersecurity/). Making sure you are backing up your data, and using multiple layers of security, like firewalls and anti-virus software, are other ways to minimize your risk. You should also make sure all your software is up to date; this includes Microsoft Windows, Microsoft Office, and any Adobe products.

 

Want to learn more? CBTech Support’s Marc Pickard will be part of a free online cybersecurity panel hosted by Barracuda MSP on October 31 at 2:00pm EST. Use our contact us form to request your free virtual seat.

What Is Ransomware?

ransomware

Sure, you’ve heard the phrase “ransomware”, and some of its specific variants like Locky, Crypto, or WannaCry, since they’ve made headlines, but what exactly is “ransomware”? Google defines the term “ransomware” as “a type of malicious software designed to block access to a computer system until a sum of money is paid”. That’s straightforward and concise, but how exactly does it “block access”? In laymen’s terms, it changes the contents of files it thinks are important, like documents, spreadsheets, pictures, so that you cannot open the file. If you want to open the file, you first need to change the contents back to normal. Of course, you can’t change the contents back to normal without paying money to get a password to do so and that’s why it’s called “ransomware”.

So what can you do to combat “ransomware”? First, have a good backup system in place. Make sure you’re backing up important data, if not entire computers/servers, and that you’re testing those backups to make sure they are able to be restored. Second, employ a multi-layered approach to security. Having multiple layers like anti-virus software, firewalls, file permissions, etc helps ensure that even if a malicious actor gets past one layer they won’t necessarily gain access to your data. Third, make sure all your software is up to date. This includes Windows, Office, Adobe products, and anything else that you have installed.

Want to learn more? CBTech Support is hosting a webinar in conjunction with SCORE of Northwest New Jersey at 12:00pm on Wednesday, October 4. To register, follow this link: http://conta.cc/2hjGDkm