Deidre Frith Deidre Frith

Konica Minolta hit by second huge ransomware attack

Japan-based business technology giant Konica Minolta was hit by a new ransomware strain, which brought its services down for almost a week.

1200px-Konica_Minolta.svg.png

Japan-based business technology giant Konica Minolta was hit by a new ransomware strain, which brought its services down for almost a week.

On July 30, customers reported not being able to access the company’s product supply and support site, met instead with a “service temporarily unavailable” message. Soon after, the company’s printers also started displaying a “Service Notification Failed” error.

The company itself remained quiet on the matter, to the extent that customers “could not get a straight answer as to what was causing the outage”, according to Bleeping Computer.

READ THE FULL ARTICLE NOW

Read More
I.T., Blog Deidre Frith I.T., Blog Deidre Frith

Technology Hurricane Preparedness Checklist

As Hurricane Michael makes its way towards Florida and the Southeast U.S., now is the time to take action and be prepared to protect your computers, printers, files and data.

As Hurricane Laura makes its way towards Florida and the Southeast U.S., now is the time to take action and be prepared to protect your computers, printers, files and data.

1. ENSURE YOU HAVE A BACKUP

  • Don't wait until the day before a hurricane to backup your files! It's good practice to frequently backup your data files. We recommend a hybrid-cloud image-based backup that can be used to restore data and applications even if your server is destroyed, and that can restore data from different points in time.

  • Print a copy of your important/emergency contacts and take them with you if you do not have access to them from your phone or computer, you'll have them available to use via a landline.

  • RealTime Clients: Everyone who is on our Business Continuity Service – Your servers are backed up and replicated offsite daily. If there is a problem, we correct that as part of the service. As hurricanes approach your physical location, we’ll be talking with you and confirm things are backed up and replicated prior to you shutting your operations down as part of your storm prep.

2. SECURE YOUR EQUIPMENT

  • COMPUTERS

    • Shutdown the operating system.

    • If connected to a surge protector or UPS - unplug from the wall outlet (or unplug power cables from the surge protector or UPS if wall outlet isn't accessible).

    • Unplug Ethernet cable from the back of computer or docking station.

  • PRINTERS

    • Power off the printer.

    • If connected to a surge protector - unplug as described above.

    • Unplug the Ethernet cable from the back of the printer.

    • Unplug the phone cable from the back of the printer (if a fax line is connected).

  • SERVERS AND NETWORK EQUIPMENT

    • Perform a normal shutdown of the servers. RealTime clients: Please coordinate with RealTime service desk. 

    • Unplug all connections - Take photos to document how things were prior to the event. 

    • Firewalls, Switches, Access Points - unplug them from power. Unplug the firewall from the internet connection as well. Ideally, unplug all the network connections (surges can travel through the network cabling).

    • Battery backups - power these off and then unplug them.

    • Phone systems - Check with your vendor to see what steps you can take to protect it.
       

3. PROTECT FROM WATER/WIND

When a major storm is predicted, elevate your CPUs, printers, servers, and other network devices, as well as other electrical appliances like space heaters, off of the floor.  For high winds, move computers away from windows.  If there is a possibility of water leakage, cover computer equipment with plastic.

4. CONTINUING OPERATIONS AFTER THE STORM

  •  If you are in the path, power and internet connectivity may be hard to come by for a few days. Generators can provide enough power to run your critical computer equipment – just be sure you are connecting up to something that can deal w/ the power fluctuations many generators have. Please ask RealTime before connecting things up to generators as they can damage sensitive equipment. Modern battery backups may have the capability to condition the power off of a generator – check with the manufacturer to confirm before trying this.

  • 4G USB modems or Mifi can get you connected in an emergency. Everything you do may not work, but basic web browsing.

  • Forward your phones – If the office is expected to be out a few days, most phone service providers have a way for you to forward calls to your business to a cell phone or alternate number. Get the steps now, before you need them.

5. BE PREPARED

Knowing what steps to take ahead of time will help you be prepared in the worst-case scenario. RealTime is committed to ensuring our clients are prepared with the proper technology to meet their current/future needs as well as advising them about safeguarding their business from weather-related, cyber and other disasters. 

If you would like further information about RealTime managing Information Technology for your business, contact us at info@realtime-it.com.

Read More
I.T., Blog Deidre Frith I.T., Blog Deidre Frith

HR's Role in Data Security

How should IT collaborate with HR to increase data security at your company? In this guest blog, our friends at PRemployer give us tips…

Image.png

GUEST BLOG POST BY OUR FRIENDS AT PRemployer

HR's Role in Data Security

A common misconception in many businesses seems to be that IT, whether in-house or managed, is the only department responsible for cybersecurity. After all, it ultimately falls on  IT to set the standard when it comes to cybersecurity, from setting policies that other employees throughout the company must follow to tracking and dealing with potential breaches and challenges. 

In reality, however, Human Resources and IT work hand in hand to implement the company’s cybersecurity programs - all while ensuring that each member of the team has the knowledge necessary to help protect the company as a whole. 

Ensuring Confidentiality

Over half of external attempts at infiltrating computer systems aim to uncover private customer or employee information. Hackers want access to that vital data to work their way deeper into your company or to take advantage of private information for their own purposes. In cases like these, HR and IT join forces to ensure confidentiality across the company. 

Setting Expectations

When it comes to data management, HR policy should reflect IT's cybersecurity best practices. When the HR team communicates clear policies in support of IT security measures, they’re much easier to implement company-wide. For example, regulations might include:

  • How often the company will make data backups and who is responsible for ensuring that those backups are made each day;

  • How often employees will change passwords and specific password regulations;

  • Encouraging and implementing regular employee training so that employees know how to maintain security across the organization;

  • Establishing which devices can connect to the company network; and

  • Creating an expectation of how to respond in the event that an employee notices a potential breach or comes into contact with a phishing scam directed at the company.

 

When IT and HR work together to set clear, reasonable expectations that are well-documented, you can increase cyber protection across your entire company.

 

Balancing Access and Security

Each individual and department within the company may have different information they need to be able to access. Some employees need full access to as much information as possible, while others may need relatively limited access. 

For example, the sales team might not need to have access to the same data as the team responsible for implementing contracts or checking compliance. Likewise, the average employee does not need to have access to other employees' records. 

Both HR and IT departments should work together to determine what information needs to be kept secure and who should have access to it. Ideally, your company should segment its access so that employees who do not need to access private or confidential information cannot simply pull that information up. This helps to ensure that if one employee's account is compromised, much of the data throughout your company will still remain protected.  

Conduct Training

Your employees are your most effective defense against many cybersecurity threats, especially phishing campaigns. By partnering with IT to identify cybersecurity best practices, the HR team can then train employees to provide a vital level of protection throughout the company. 

Anti-spearphishing training, for example, can provide employees with the information they need to recognize phone calls and emails from a hacker determined to piece together enough information to threaten the company. When they know how to recognize a scam, employees can help protect your company. 

Beyond training, HR helps to implement security awareness throughout the company by actively promoting IT best practices to employees. Cybersecurity should not be a one-time event for your company. Instead, it needs to be an ongoing campaign dedicated to keeping your company as secure as possible.

When HR and IT work together, you can set the tone throughout your business and provide employees with the security-minded tools and training they need to help decrease cybersecurity threats.

Read More
I.T., Blog Deidre Frith I.T., Blog Deidre Frith

Netflix phishing scam threat alert

Be vigilant when it comes to emails that you receive that are notifying you that your subscription will be cancelled, or your payment information needs confirmed or updated, or that your account needs verified – these are a few examples of common ploys to trick you into giving up personal information, credentials, or even credit card info.

493f5bba-81a4-11e9-bf79-066b49664af6_cm_1440w.png

Be vigilant when it comes to emails that you receive that are notifying you that your subscription will be cancelled, or your payment information needs confirmed or updated, or that your account needs verified – these are a few examples of common ploys to trick you into giving up personal information, credentials, or even credit card info.

Here is what the phishing email contains “Important: Cancellation of your Netflix subscription” as its subject line, the email stated that Netflix had failed to successfully process the recipient’s last membership payment. At that point, those responsible for creating the spam email made the following threat: “If you do not update your information within 72 hours we will limit what you can do with your account.” The email then directed the recipient to click on an embedded button called “My Account” so that they could continue to enjoy their Netflix membership.

 As always, when presented with emails like this, do not click on any of the links contained within the email. If you received such a message and you were concerned that it might be legit, instead of using their suspect links, just open a web browser and logon to your Netflix account that way – if payment info isn’t correct, you’ll be notified by the webpage.

If you are concerned with the risks that these phishing threats bring to your business and you’d like to do more to protect your business and employees, give RealTime a call.

 Full writeup by our email security partner Zix: https://zix.com/resources/blog/august-2020/fraudsters-abusing-legitimate-services-phish-netflix-users-credentials  

Read More
I.T., Blog, Social Media Deidre Frith I.T., Blog, Social Media Deidre Frith

IT Breaches for July 2020

This month, healthcare data breaches keep climbing, Twitter apologizes for its breach and more. Read some of the incidents in the articles below:

CYBERSECURITY NEWS

Social Media, Healthcare and Higher Education struggle in cybersecurity

This month, healthcare data breaches keep climbing, Twitter apologizes for its breach and more. Read some of the incidents in the articles below:


Twitter-615x445.jpg

Industry: Social Media

Exploit: Accidental Data Sharing

Twitter sent a notification to business clients last week acknowledging a data breach that exposed the personal and billing information of some users. The breach occurred due to an issue that led to some users’ sensitive information being stored in the browser’s cache. Twitter explained that it recently became aware of this issue. Business users were warned that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter your account’s billing information may be at risk.

Twitter did not release an estimate of the accounts affected, but it did specify that only business customers were at risk, and only a percentage of business customers had any details exposed. The leaked information potentially included email addresses, users’ contact numbers, and the last four digits of credit card numbers used for Ads accounts. Twitter business customers should monitor potentially affected payment accounts.


76ad-article-200624-amt-body-text.jpg
 

Industry: Healthcare

Exploit: Internal Email Account Compromise

AMT Healthcare revealed this week that it had experienced a data breach affecting a large pool of customers in December 2019 that was discovered through suspicious activity on an employee email account. The California-based company recently completed an investigation into the incident and contacted those who were affected. Potentially compromised data includes patient names, Social Security numbers, medical record numbers, diagnosis information, health insurance policy information, medical history information, and driver’s license/state identification numbers.

Anyone that may be at risk of compromise was informed this week. Extremely sensitive data was compromised in this breach, and those affected should beware of the potential for fraud, identity theft, and spear phishing attempts that this stolen data creates. A filing of the account posted to the breach portal at the U.S. Department of Health and Human Services noted that potentially affected patients are being offered free credit monitoring services. 

When clients choose to do sensitive business with a company, they’re also trusting that company to guard their information. This imperative is even stronger for companies that collect health information. Not only does a data breach cost healthcare organizations patient confidence, but it also costs a fortune in HIPPA-related fines. 


Screen Shot 2020-07-01 at 5.18.06 PM.png
 

Industry: Higher Education

Exploit: Ransomware

The University of California San Francisco (UCSF) confirmed this week that it paid cybercriminals $1.14 million to decrypt data following a ransomware attack. Although UCSF was able to detect the incident quickly, it was not fast enough to allow cybersecurity teams to quarantine the affected servers, and a significant portion of its medical school and research data was encrypted. The ransom was demanded to free essential COVID-19 research data that was captured in an intrusion on June 1. Reports indicate that UCSF was one of four academic institutions targeted in a single week by the Netwalker ransomware group.  

Ransomware is a growing menace to every organization, and it’s not just sensitive business or financial data that Dark Web criminals are after. Research data has become an increasingly hot commodity. Paying ransoms to cybercriminals to decrypt research data sets a dangerous precedent. Collecting large sums will embolden other groups that can take down big fish to score big paydays.  




Read More