One of our more technically aware customers, Alison Turnock of David Turnock Architects, alerted us to a story yesterday relating to ransomware and Lincolnshire Council; whose system was shut down for “several days” as a result of a single employee opening an infected email. While the impact may be shocking for many, this is an all too familiar story for those of us involved in IT security. If even Lincolnshire Council, no doubt with a permanent team of IT staff and barriers that far exceed anything most SME’s can justify can be bitten; it goes to prove that the staff education and training is an essential supplement to any technical measures that can be put in place.
To assist you in this education, EasylifeIT™ has produced an A4 Cybersecurity – Tips for your end users, which is available from our website here: http://www.easylifeit.com/images/pdf/PrintandProtectIT.pdf
Click here for more information on the Lincolnshire story: http://www.infosecurity-magazine.com/news/ransomware-shuts-down-lincolnshire/
Many tend to imagine that Cybersecurity is all about having an antivirus and a firewall. Whilst these are important, they aren't a silver bullet. Indeed, some argue that an antivirus instils a false sense of security, and we have often heard “it looked dodgy but I thought my antivirus would protect me.” This is a dangerous and incorrect assumption and one frequently exploited.
A little education goes a long way, so we have listed a few tips below to try and prevent that education coming through bitter experience. We have also included a link at the end of this page so you can easily download and print the full document for your office
- Stop and think before you click on email links or attachments. Are you expecting it? Do you really need it?
- Be especially alert and smart when surfing the internet. Resist the temptation to click through on adverts or to see what a celebrity has done this week.
- Avoid freebies on the internet; they often come with a sting in the tail. Free file, video or music sharing sites are also dangerous.
- Be alert for warnings from your antivirus and don’t cancel a scan just because it is slowing you down. If it is trying to tell you something this should not be ignored.
- Allow updates for Microsoft, Java, Flash and Reader to install. A system without updates is a vulnerable one.
- If you do think you have caught a bug, then you don’t want to infect your network or damage your company files. Unplug your PC immediately and call IT support
- Be aware that an antivirus alone cannot protect you against infection. You have a responsibility too!
Print it and protect IT! - Download without registration - PDF Documennt - 371kb
2 finance departments in our customer base have received emails in recent days purporting to be from the company's Managing Director requesting a wire transfer to be made. These fraud attempts have demonstrated a knowledge of the company targeted and obvious research has gone into identifying the names and email address of the Managing Director and Finance Officer concerned. The format of the email was also credible at first glance.
Both attempts resulted in queries of a procedural nature that flagged the issue and upon investigation the emails originated not from the clients email system but a server in the Netherlands.
We would recommend you alert your finance team to this issue.
Microsoft kicks Windows XP when it’s down
Although Windows XP has been “out of support” since April 2014, Microsoft have continued supporting its own anti-malware product with updates until this week. If you have any Windows XP PC’s running Microsoft Security Essentials then we recommend that you consider your options at this point; the 2 obvious options being either to change your antivirus protection to a third party product that still supports XP, or more sensibly; consider updating the PC to Windows 7 or better
Click here for more information
This week Windows Server 2003 also fell off the update cliff
With every server vendor seemingly emailing about Windows 2003 server going end of life and trying to sell new servers, I would be surprised if you were unaware of the fact. What in practice does this mean though? Does it mean Windows 2003 will stop working? No …. It doesn’t mean that. What it means is Microsoft will no longer issue security updates for their venerable product. It has been described as the “biggest security threat of 2015”, but it that hyperbole? Perhaps, but it certainly has security and for some; compliancy consequences.
A good article laying out the risks and compliance issues is available here
Antivirus for Macs
During our TechTalks on Cybersecurity, it is always apparent that the “Macs don’t get viruses” myth is still alive and well. Apple in fact dropped this claim in 2012 in light of 650,000 users acquiring a Trojan that was unchallenged. It is true that Apple device are far less afflicted by threats but as they become more popular this is changing. Several vendors offer free antivirus for Macs used at home (non-commercial use), the best in our experience being the one from Sophos. If you have Macs in the workplace, we would recommend you speak with your IT support provider regarding your options. No protection though is a folly and is a chink in your IT security armour.
Click here for more information on the Sophos free antivirus for non-commercial use