Malware is worse than we thought: 3 things you need to do right now

In his article “The Untold Story of Notpetya, the Most Devastating Cyberattack in History,” Andy Greenberg shares how a single piece of code threw corporations and government agencies into utter chaos.

In 2017, Russia launched devastating malware as a form of cyberwarfare against Ukraine, affecting companies as far as A.P. Møller-Maersk in Copenhagen. The resulting technological disaster this shipping company experienced was a bad case of collateral damage.

To make things worse, Maersk had a number of problems in its I.T. security that did not help prevent this cyberattack. The company did not have the proper protection between the various offices and was using outdated and unpatched servers.

The worst mistake? Solely relying on online backups without having any offline protection for the servers.

When the malware hit, it wiped out all servers and their backups simultaneously.

As we can see, malware is more distressing than we thought. With governments behind some of the largest cyberattacks, no one is completely protected—not even big companies.

To avoid the chaos Maersk experienced, here are 3 things to do right now:

  • Make a backup of your most important data and store it on a hard drive that is not connected to anything. Having an offline backup is the most reliable solution for these worst-case scenarios.
  • Have your I.T. firm do a server “image backup” to get your server back and running after a security breach and cyberattack.
  • Get a security audit done on your company network to discover those issues that need to be fixed and patched.

Nonlinear Tech can help you check all of these things off your list, all while providing personalized services that satisfy your needs and build a close working relationship.

Let us help you do these 3 things, and you will be one step further in building a secure foundation around your servers.

Read Greenberg’s article at the following link: https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/

Remote Management

When analyzing your company’s I.T. needs, consider remote management. You may be thinking that this is a large investment that you’re unwilling to make. But here is why you should seriously consider implementing this type of I.T. support.

  • It’s just plain convenient. Resolving a problem becomes a speedier process. Remote sessions typically last 15 to 30 minutes, in comparison to an hour (or more) on-site visit. Plus, you don’t even have to be in the office to get the required tech support.
  • Remote management also means that your PC is monitoring for errors and problems. From hard drive errors to high CPU usage, malware issues to update installations, your PC will help alert you sooner rather than later. Unmanaged computers are often left without updates or security and will fail to notice problems, causing greater and more expensive issues in the future.
  • Microsoft is introducing Microsoft Managed Desktop. Microsoft continues to expand its services and will assist you with updating and monitoring Windows 10. This new offer may only be available to large companies, or it could be open to all businesses.
  • It will save you money in the long run. Businesses and organizations often choose to cut their tech expenses and buy cheaper products in order to save money. This may help you save in the immediate, but in the long run, it will cost you in the form of replacements or I.T. manual labor. By investing in remote management, you will replace the technology less often and, as discussed previously, reduce the time spent on onsite support.

As you can see, remote management provides the support necessary for businesses to operate. In reality, costs are typically small for issuing monitoring and antivirus updates.

Why not catch those larger, more expensive problems before they cost you your entire computer system?

Windows 10 Updates: Disaster or Success?

I don’t know about you, but I always hate opening my laptop to see that it updated on its own. You better hope that all your work has been saved! Or what about seeing the “Update and Shut Down” text when shutting the laptop down for the day? It’s time consuming and one more thing you have to wait on.

So the question is: how helpful are these updates?

Windows 10 has a whole new system in place for doing updates, but users cannot turn it off or defer it the way they could before.

For the most part, many updates have been successful. However, even within our client base, 1 PC in 15 failed on a major update and had to be installed from scratch, which is a large cost due to the manual work involved. Additionally, many software packages “break” after a major Windows 10 update.

Therefore, it is difficult to determine if the updates are just more bling and features or if they are actually making security better.

At the end of the day, we do not have a lot of choice in the matter. Microsoft wants us to update, so we do—and clean up the mess afterwards.

Does Your I.T. Firm Perform a Security Audit for You?

Do you know where your security holes are? Wouldn’t you like to know (and then fix) any huge vulnerabilities that might be in your business? Just remember that cleaning up after a security breach is at least five times more expensive than preventing it in the first place.

A security audit might cost a couple hundred dollars, and fixing security issues might cost about the same. But cleaning up after a virus or intrusion can cost thousands of dollars. A server infected with a “crypto” virus may take weeks to clean up, including recovering files from backups, checking each folder, comparing and testing documents, and more.

During this time, the company is in complete chaos–critical business files are unavailable, employees sit idle while their data is recovered, and everyone spends an enormous amount of time trying to remember or figure out which files are the most recent, which files are important, and which files will need to be recreated from scratch. Lost time and productivity costs the business thousands of dollars, in addition to the costs of I.T. services.

A simple security audit can prevent the possibility of an infection. It’s an easy decision to make that will save a great deal of money and make your network much more secure.

Does Your I.T. Firm Know What to Back Up?

I’ve found many misconceptions about backups. I often hear people say, “Sure I do backups; I copy everything to Dropbox.” Repeat after me: “Dropbox is not a backup system” If you make one copy of an important file and put it into Dropbox, that’s all you have—one copy of your document.

A backup system will duplicate important files, and then make them generally inaccessible to you (so that you can’t accidentally modify or delete them). By making multiple dated copies of those backups, you will have the ability to go back six months or a year to find a previous version of a file. Dropbox and similar cloud storage systems don’t do any of that.

Additionally, having some backups on-site and some backups stored off-site is critical. Off-site backups are for major disaster recovery, such as fire and natural disasters.

Backing up your shared files, images, X-rays, patient records, and accounting software is a bare minimum. But have you considered backing up your email?

Way back before electronic communication, many small businesses kept copies of every letter going in and out of the organization. Now, with most companies using Outlook, old emails get deleted, get copied to an archive file, or get lost. Even if your server is backed up, the task of restoring one email becomes a huge ordeal.

The best solution is a dedicated email backup device or service.

For example, one of my clients needed access to emails sent five years ago, and since we were using the Mailstore email archiver, we were able to access them. By using certain search criteria, we found what he was looking for: 50 grand. He was in a dispute with a vendor over who had to pay for an installation, and the email proved that the vendor was responsible. The mail archiver saved my client $50,000.

So, what else needs to be backed up? Is your server’s Operating System being backed up too? If the server crashes, can it be restored to the last backup in a matter of minutes? All modern backup systems have this capability. And don’t forget to store a copy of the OS backup off-site.

How about configurations for the router, switches, and phone system? Make sure those are on your list too.

Lastly, some firms go so far as to back up every workstation in the company. If you have the storage space for this, then do it. Backing up every workstation brings you very close to zero downtime.