Louis Lopez
MILE Technologies, Inc.
2825 Wilcrest Dr. #670
Houston, TX 77042
Topic: 10 Cyber Security Risks for Small Businesses - Not just the risks but the advice to clean it up
It is important to know what cyber-threats are, but how they work, and how to prevent or clean them up in the event you stumble across one. There are two types of computer systems that have been compromised. There are the ones that know they have been compromised and the other ones that are not aware of it yet.
1. Cryptoware viruses
These are viruses that touch important documents on your network server and render them unusable without restoring from backup or paying a ransom. They can infiltrate your company in many ways including the following: USB memory stick/flashdrive, email attachment, infected websites using vulnerabilities on your computer, remote access to your server through RDP from compromised passwords, vulnerabilities from a website hosted on your server through program injections to crack passwords on the server. Once infected a ransom note is left on the user’s desktop instructing the user to go to a website to pay the ransom. They either mention an amount or don’t even mention an amount. There are even technical support options to help you pay the ransom. Only hire experienced IT professionals for this job. NOT any software.
A. The typical infection starts at the workstation. The user opens the attachment, it infected the local computer hard drive and every file on that computer and every network drive mapped to the server. The infected computer can then search other computers nearby that have public shares and those computers are infected as well. Other users on the network open the network drive shared by this user and open the infected files and the cycle continues on that other person’s computer. Eventually all users computers are infected. Antivirus is mostly useless in this scenario because it isn’t aware of this software written minutes ago by a clever hacker. To stop this there are too many scenarios to cover all of them. Quick answer, don’t open that email attachment.
B. The complex infection starts at the server and came in through the internet. The server was setup for remote access. The hacker injected software to crack the administrator password that takes two months to crack. That password once found is sent back to the hacker. The hacker either has automation to do the job or manually comes in and lays the egg of destruction (software to encrypt everything). The ransom note is left on the computer for the user to pay up.
C. Infections also have jumped onto the backup system and infected your backups also. It is important to know if your backup is susceptible to infection. If your USB hard drive was attached to your server or computer during the infection, then it is likely infected too.
There is not a simple solution for this. It requires real IT professionals that have dealt with this scenario, not your typical computer repair guy can handle this alone. If the bug is cleaned up and it was not discovered how the virus got into the system, then plan for infection after infection and paying for ransom after ransom. After a generic loser computer person cleans up your infection and all of your data is gone, he then may tell you “okay you can go back to work now” and that’s when you ask the question “well, what about my data?” Guess what, too late. Your data is gone because you didn’t ask the question up front and didn’t know what all of the options were. You may have wanted to pay the ransom and that computer guy decided for you because his views are not to pay the ransom. If you don't have a backup, there are some options if the hacker was an amateur or an idiot. BACKUPS ARE EXTREMELY IMPORTANT BUT NOT THE LAST OPTION IF YOU DONT HAVE ONE.
2. Other Non-cryptoware viruses/malware
These are generally not viruses at all. Viruses spread to other computers. These are more like pain-in-the-ass time-wasters. They only affect your computer. They cause it to repeat an incessant phrase like your computer is infected over and over again. Perhaps they offer to tell you that your computer is infected and click here to clean it for $50 bucks. This is a double-edged sword. On side of the sword, you pay the $50 bucks and likely you get charged more than $50 or you have a mystery identity theft of that card in the future. On the other side of the sword, you pay your IT guys even more than that to clean the bug off your computer. You are more likely to take the cheaper route and the cycle continues. An easy solution is to use a virus cleaner and it will clean up this infection. Don’t pay the infection to clean the infection. If you reboot and it is still there, you are definitely infected. If you reboot and it looks like it is not there, clean the computer anyway. Clean up the computer using an antimalware, antivirus product to clean it up. Malwarebytes is a good program for this.
3. Website redirectors
This is the same class as the last section you just read. These infections are designed to take you anywhere but the site you are trying to get to. The bad guys are getting paid referral fees from yahoo, google, and supporters where you try to go to a website and your computer is re-engineered to take you to a site or list of sites created by this referrer. Same approach is to clean it up off the computer using an antimalware, antivirus product to clean it up. Malwarebytes is a good program for this.
4. Phone calls
This may seem easy and clear not to take this call seriously. Many, many, millennials and elderly fall victim to this call. First, Windows does not call you. Windows is a product, Microsoft is a company. Microsoft is not going to call you. The IRS is not going to call you. Logic should work here, but it doesn’t for some. If the caller ID is unknown, New York or New Jersey it’s not the only clue. If they have an Indian accent or even if they didn’t. It’s a scam. This may not seem like a cyberthreat, but it soon turns into one when the user is tricked into getting the bad guys to remote into the computer to fix it. It’s all free until cleanup time, then it’s a plan to charge you $299.00-599.00 for a one year or 5 year plan. Once they get into your computer, they lock it down until you pay and they keep calling until you do. You have just been cyber-slapped upside the head. Only an IT professional can likely undo this. NOT software.
5. Free screen savers
This seems harmless but it is often bundled with bad stuff. It’s like someone knocked on your front door to give you a piece of candy wrapped with a grenade. The screen saver is usually awesome. The price is paid when you decide to browse the internet. What you missed was in the agreement to agree to turn your computer into a complete advertising campaign to overlay videos and audio and pop-ups while you look for things on the internet. Malwarebytes can likely clean this up.
6. Free software
This seems like a repeat of the screen saver and it is. It required its own section because people overlook it. Almost nothing is free. There is some free software out there without a hitch. If you are unsure about this free software you can check it before installing it or research it first. Download your free software and save it. Do not run it and do not open it. Then go to http://www.virustotal.com Upload that software. It will tell you if it has already been scanned and you can check the last analysis. It will scan it now if it has never been scanned. In either case, you will get a score for this file. An example would be 0/57. This means that it is most likely not a virus. It does not mean it isn’t. It means that as of right now out of 57 antivirus software programs on the market, that none of them has reported it as a virus. If your score is even 1/57 or more, then treat it as a virus and do not run it, do not open it, delete it. It is likely a virus. If your score is high, like 40/57, that means almost everyone and their monkey’s uncle knows it is a virus. Not only can this website tell you that the file is infected, but it can tell you what antivirus software would have caught this virus and could have stopped it. Definitely delete that file you downloaded. If you did not run it, you are likely okay. Scan for viruses/malware just in case.
7. Email attachments
This is an interesting and stoppable cyberthreat with a high probability to prevent. Most email attachments are less than 50MB. Save the attachment to a location you can remember. Go to the website http://virustotal.com upload the file you downloaded and it will scan it for a virus/malware. Refer to the section above to know how to read the results.
8. Computer software and operating system updates
What! How is this even considered a cyber-threat? A cyber-threat is any form of electronic means of causing downtime to your business or monetary change in the econo-sphere. This threat is a necessary threat. Most updates are directly associated with closing security gaps to prevent malicious cyber-threats. There are times where the update is the cyber-threat itself. You could play Russian roulette with your data. That is where you could wait two days to see how the world responds to an update. The problem is that your computer could be compromised because you chose to delay the update. Then again, you could perform the update and cause your computer to malfunction because of the update. It happens quite often, and there is not much you can do about it. It has become an acceptable risk.
9. Phishing websites (pronounced fishing)
What if you spelled the website you intended to visit incorrectly. What if the website you searched on had a paid advertisement website at the top of the search list to take you into an identity theft nightmare. It happens quite often. You know you are on a phishing website when the questions seem excessive or odd. Pay close attention to the address bar if you have one. You may think you are on website http://capitalone.com and actually you are sent to a website http://capitalone.com-account.ru You may not be aware of it, but you are sending Russia your information. This is a preventable cyber-threat but is missed by intelligent, fast-typing individuals that mistyped one character. After you give the bad guys your information, you are usually redirected to the real site and try again, not knowing that you just gave your credentials away.
10. Compromised websites
A compromised nfl.com website may not affect you. A compromised electric, internet, amazon, phone, or credit card company can definitely affect you. Especially if they store your social security number, credit card information, bank checking account information, etc. There are two types of compromises. A. The institution is compromised. This means if you stored your credit card information on their website, that information could be compromised and used. B. The account is compromised. This means just your account was compromised because you used a wimpy password or it was found out. To prevent the institution, you only have control to not store your credit card or bank account information on that site. To prevent the individual account from being compromised, you would have to not store your password anywhere and use a complex password. If you save your password in a password saver software and it gets compromised on a local level or an institutional level, your goose is cooked and all passwords are out there. You can always use a password padding to help reduce the threat of a wimpy password and still maintain a good password security. Example: If your password was Chicken5! Your password would take a 200,000 years to figure out in some cases and locally directly on your computer it could take 2 hours. Pad your password with 5 characters and it drastically changes the hack time from 200,000 years to trillions of centuries and locally to 1000s of centuries. Example: Chicken5!..... Five periods were added to the password. Such a simple padding can drastically change weak passwords to ultra complex passwords.
There are so many cyber-threats out there. Here are a few more things that have been hacked to scare the bejesus out of you: Your car, your refrigerator, all android phones, unpatched iphones, kindles, MAC computers, Bluetooth mice and keyboards, WiFi routers, TVs, DVD players, BluRay players, Radios, Home security systems, WiFi cameras, government agencies, camera systems at your kids schools, nanny cams, baby monitors, credit cards in your pocket or purse, pace makers, heart control systems, insulin pumps, gas pumps, credit card machines in stores, unspeakable personal devices, electrical outlets, electric and gas smart meters, printers, light bulbs, thermostats, and many more.