Archives

Malware and Ransomware

phishing

Phishing is an online scam whereby cyber criminals send out an email that appears to be from a legitimate company. It will usually ask the recipient to provide sensitive information. This usually takes the form of a link that supposedly takes you to a known website where you are asked for your personal information, passwords etc. However, the website is actually a fake and the information you input will go straight to the scammers.

phishing

The word ’phishing’ is based on the word fishing. It is so called because the criminals dangle a ’lure’ in the hope that people will ’bite’ and providing the information. It is used to steal credit card numbers, account numbers, passwords, usernames and much more.

Am I at risk from Phishing?

Yes, this is as relevant for your business email as your personal email. Massive companies such as Amazon, Facebook, Google and Microsoft have all been stung with large scale Phishing scams.

How Do I Stay Safe from Phishing Attacks?

  • If you are not expecting the email and you don’t know who it is from just delete it
  • Don’t reveal sensitive information if requested to do so via email
  • Don’t click on links in emails appearing to be from banks or other service providers. Where possible, open a new browser window and navigate to the site yourself.
  • If you do need to click a link in an email, check it before you click on it. You can do so by hovering over the link. The URL will usually show in the browser’s status bar.
  • If the email is from a bank, consider calling them to check. Use the fraud hotline number written on your card, not numbers provided in the email or from Google searches because the number in the email might be a fake.

If in doubt DO NOT CLICK ON LINKS IN EMAILS!

Digitalquill – Experts in Cyber Security

For more information or advice on keeping your Hull, East Yorkshire or Lincolnshire business safe from phishing, visit www.digitalquill.co.uk/ call us on 01482 424402 or email office@digitalquill.co.uk.

Ransomware CYber-Attack

Ransomware Cyber-AttackCompanies across the globe reported last week that they were struck by a major ransomware cyber-attack. The virus froze the user’s computers and demanded the payment of a ransom in the untraceable digital currency, Bitcoin. Experts have suggested that the malware was exploiting the same weaknesses as the WannaCry attack last month.

Experts suggest the malware is taking advantage of the same weaknesses used by the WannaCry attack last month.

Ukraine was hit particularly hard, with firms including the state power company, Kiev’s main airport, and even the Chernobyl nuclear power plant being affected. The anti-virus firm Kaspersky said there had been around 2,000 attacks – mostly concentrated in Ukraine, Poland and Russia.

Problems also affected companies including:

  • Aircraft manufacturer Antonov,
  • Russia’s oil producer, Rosneft
  • Danish shipping company Maersk
  • Shipping company TNT

How Can I Keep My Business Safe from a Ransomware Cyber-Attack?

  • The first and most important rule is to keep your systems updated. We have covered how to upgrade Windows 7, 8 and 10 in an earlier post. Click here to find out how to update Windows.
  • Always run a paid virus protection program and never skip its updates or ignore warnings. We can supply your business with a 24/7 monitored enterprise version of AVG antivirus. Click here to find out more about our antivirus software.
  • If you think you may be infected with ransomware or see a warning screen, unplug all internet cables, switch off your router and call us on 01482 424402 for advice. Do not pay any ransoms; there is no guarantee that your files will be recovered by the criminals behind the attack.

Digitalquill: Cyber Security Experts

When it comes to ransomware, prevention is better than cure. We can help you design a more secure system and conduct an audit of your IT security to make sure you have the policies and procedures as well as the software and hardware you need to protect against cyber-attack. If you run a small business and do not have board-level IT representation, then you might want to consider our Virtual IT Director service.

To find out more, call us today on 01482 424402, visit our website www.digitaquill.co.uk or email us at office@digitalquill.co.uk.

ransomware

Many businesses now offer free WiFi to their customers. In fact, it is now an almost essential offering for many service companies. Customers expect to be able to connect to the internet in cafes, coffee shops and public waiting areas. If you offer WiFi to your customers, you must be aware of some potential risks. Don’t think it won’t happen to you: half of all UK businesses were subjected to attempted cyber attacks last year.

Free Wifi Security
Using free tools, we could identify every device on the network
Free Wifi Security
A hacker could easily exploit these open ports and steal your data – or worse

Free Wi-Fi: The Risk for Businesses

 

Keep your free  WiFi connection separated from your Point of Sale or payment processing systems. Otherwise, you are in breach of PCI-DSS rules, and your customers’ credit card data is at risk. If you share a connection with business systems, you could also find your customers hogging all of your bandwidth. If this happens, your main business internet connection will run slowly and impact the business.

 

We recently visited a major UK tourist attraction whose open free WiFi allowed us to scan all devices on the network. As an illustration, we scanned a printer, so we did not invade anyone’s privacy, but a hacker could have searched these devices for open ports or other vulnerabilities. They could even connect to your router and install malware. You did change the default router password to a secure alternative password when it was installed, didn’t you…?

Digitalquill – Experts in Cyber Security

If your business has, or wants to offer, your customers free WiFi, call us.

  • We can help you achieve PCI DSS compliance. This is essential if you take credit card payments.
  • We can supply, install, configure and support PCI-DSS compliant routers. We will keep business and customer networks separate, and ensure that a cap is in place to provide sufficient business bandwidth.
  • You may want to consider a backup internet connection. That way, if your fixed line internet goes down, you can continue to trade.
  • Digitalquill are security experts. We can conduct an audit of your business and identify where and how you are vulnerable to cyber attack or ransomware. We can supply the software, hardware and know-how to get your IT security policies up to scratch.

For more information call us on 01482 424402 or email office@digitalquill.co.uk.

Ransomware

Yesterday we covered how NHS services in England and Scotland have been hit by a large-scale ransomware cyber-attack that disrupted hospital appointments. The malware, known as  “Wanna Decryptor” or “WannaCry”, demanded users pay £300 (£230) to unlock their files.

How to Update Windows to avoid Ransomware

Early indications are that this attack relates to a vulnerability in Microsoft Windows. Microsoft has released a patch for this vulnerability, but many users do not have this patch. It is tempting to ignore system requests to update your computer – but these updates are intended to keep you safe and should never, ever be ignored.

Here are instructions on how to update your Windows system to make sure you have all the latest security patches:

How to Update Windows 7

1: Click Start and then select control panel, select system and security

Ransomware

 

2: Click on Windows Update

Ransomware

 

3: The update status will be shown. Clicking “Check Updates” in the left-hand pane will force a check for the latest patches.

Ransomware

 

4: You can select the updates to install by putting a tick into the boxes by each line.

Ransomware

 

5: Finally, click “Install Updates” and follow the Wizard through to the end.

Ransomware

How to Update Windows 8

1: Make sure your PC is plugged in and connected to the Internet

2: Swipe in from the right edge of the screen, tap Settings, and then tap Change PC settings.
(If you’re using a mouse, point to the lower-right corner of the screen, move the mouse pointer up, click Settings, and then click Change PC settings.)

Ransomware

 

3: Tap or click “Update and recovery”, and then tap or click “Windows Update”. You can type a “w” to bring it to the top.

Ransomware

 

4: Tap or click “Check Now”.

Ransomware

 

5: If updates are found, tap or click “View Details”.

Ransomware

6: Don’t disconnect, unplug, or turn off your PC while the update is being installed.

How to Update Windows 10

1: Click Start (Windows Logo) and type “updates”.

Ransomware

2: Press the Enter key, and the updates window will open: in there it tells you when your machine was last updated.

Ransomware

 

3: Press “Check for Updates” to see if there are any new patches. If there are, you will be prompted to download them.

4: Leave the machine turned on and connected to power and the internet while it downloads the updates. When you next restart the machine, you will be asked if you want just to restart or to install updates and then restart. Select “Install updates and restart.”

Avoiding Ransomware

Remember some basic rules:

  • Do not open email attachments originating from people you don’t know or from people you do know, but are not expecting
  • Make sure you have an up-to-date virus guard (we can supply AVG for businesses)
  • Make sure your operating system is up-to-date with the latest security patches.

Digitalquill – Ransomware Protection for Hull, East Yorkshire and Lincolnshire

If you do not have paid virus protection on your business systems, contact us for a subscription price for AVG for business to keep your data safe from hackers.

If you are worried that you may have been affected by ransomware, remove your network cable and turn off your wifi to prevent it spreading to other computers on your network, then call us on 01482 424402 and we will help.

NHS Ransomware Cyber Attack

NHS services in England and Scotland were hit on Friday by a large-scale ransomware cyber-attack that disrupted hospital and GP appointments. The incident is believed to be part of a wider, untargeted attack that affected computers all over the world.

Worldwide Ransomware Cyber Attack

NHS Ransomware Cyber Attack
©-Paulo-Resende-Dreamstime-Stock-Photos

Some hospitals and GPs were left been unable to access their patient data after their computers were locked by a ransomware program. The malware – “Wanna Decryptor” or “WannaCry” – demanded a payment of £300 (£230) to unlock their files. About 40 NHS organisations and some GP practices were hit. Who is behind the attack is not yet known, but the hackers demanded payment in the virtual currency Bitcoin, which is very hard to trace. The National Cyber Security Centre (NCSC) is working closely with the NHS to identify the attackers and assist with recovering the data.

Why were computers affected?

Early indications seem to indicate that this relates to a vulnerability in Microsoft Windows. Microsoft has already released a patch for this vulnerability, but there are many users who for one reason or another do not have this patch. Computers that had not been updated were affected. We reported in December 2016 how the NHS is still running Windows XP in many hospitals, and the support contract ended over two years ago. It is tempting to ignore requests to update your system, but these updates are designed to keep you safe and should never be ignored.

What can I do about Ransomware?

If you do not have the time right now to read through our ten tips to avoid ransomware, our immediate advice is:

  • Do not open email attachments from people you don’t know or are not expecting
  • Make sure you have an up-to-date virus guard (we can supply AVG for businesses)
  • Make sure your operating system is updated with the latest security patches.

If you have any feeling, no matter how small that you have have been affected:

  • remove your network cable
  • turn off your wifi immediately

This will prevent it spreading to other computers on your network. Then call us on 01482 424402, and we will help.

If you are worried call us. Throughout the rest of this week, we will be providing details of how to make sure your system is up-to-date, for Windows 7, 8 and 10 users. If you need business IT support for your business then call us on 01482 424402 for more details on our cloud IT support service or our managed AVG Antivirus solution.

Google Hack IT Security

Once again a major IT security incident has been reported: this time it affects users of the popular online Office Suite, Google Docs.

Google Docs Phishing Scam

Google Hack IT SecurityGoogle claims to have stopped the offending “phishing” email within an hour. By then it seems like it had already reached a million of its users. The scam email appeared to come from Google Docs – the IT giant’s service for sharing and editing documents online.

If users clicked the link and followed the instructions, they would have given the hackers total access to their email accounts. Contact information was accessed and used, according to Google’s investigations. As a precaution, it is recommended to change your Google passwords.

The email consisted of an invitation to edit a Google Doc. The subject line said, “one of your contacts has shared a document on Google Docs with you”. The email address hhhhhhhhhhhhhhhh@mailinator[.]com was also copied into the message. The free email service Mailinator has denied any involvement.

If users clicked on the “Open in Docs” link in the email, they were then taken to a real Google-hosted page. That page asked them to allow an authentic-looking service called “Google Docs”, to access their email account data. If they granted permission, users were allowing the hackers to access to their email account and contacts. They also probably compromised all their documents hosted on the Google Docs platform. The malware e-mailed everyone in their contact list with a malicious link due to the breach.

Keeping your business safe from Malware

Malware attacks and phishing scams are becoming more common and more sophisticated. As a result, IT security is now essential for business. We wrote last week how half of British businesses have had an attempted hack. Keeping your business safe from IT Security threats is all about having the right combination of policy, hardware and software protection. Most of all, it relies on you being vigilant.

We can also provide you with AVG Cloudcare managed cloud virus protection; monitored IT support; online cloud storage; and document management systems so your data stays safe. It is not safe to use free services: recent hacks have hit major providers such as Dropbox. Probably the most noteworthy victim of recent cyberhacking was Yahoo – where 500 million accounts were compromised.

Digitalquill: IT Security Experts

To find out more how we can protect your East Yorkshire or North Lincolnshire business from malware, call Digitalquill today on 01482 424402, email support@digitalquill.co.uk or visit www.digitalquill.co.uk.

 

Cyber Security

According to the BBC, almost half (46%) of British businesses are aware of being subjected to at least one cyber security breach or attack in the last year. The government survey found that the proportion was as high as to two-thirds in medium and large sized companies.

Cyber SecurityMost of the breaches followed fraudulent emails being sent to staff. Security issues such as viruses, spyware or malware were also significant. A total of 1,500 UK businesses were examined, 30 in-depth. The government said a “sizeable proportion” of UK businesses still do not have basic protections in place. Some had rudimentary technical controls, but only a third had a formal policy covering risks to cyber security.

How to Keep your Business Safe

The survey shows how no business is safe, however large or small. If UK businesses do not start to take security seriously, then they are at risk of losing data or being unable to trade. Most data breaches are the result of simple human error – such as people having weak passwords or clicking on malicious links in unsolicited emails. A combination is needed: technical protection is a must have; but so is ongoing staff training and a solid set of policies. Cyber security is no joke, so you should treat it seriously.

Digitalquill – Experts in Cyber Security

Digitalquill can work with you to ensure your IT policies are up to date and fit for purpose. We can supply software solutions such as AVG Cloud Antivirus to help keep your systems safe. If you have already been attacked by a virus or ransomware, then we can clear up your system and design a  backup regime to protect your valuable data.

Don’t take risks with your business: By taking the right approach to information security you can keep your business safe from cyber threats.

Call Digitalquill today on 01482 424402, email support@digitalquill.co.uk or visit www.digitalquill.co.uk for more information.

 

Don't Pay for Ransomware

Don't Pay for RansomwareEven big businesses can succumb to ransomware – and small businesses can be at an even greater risk of disruption. One University has been hit 21 times in the last year, despite having their own cyber-security centre on campus! Over 20 universities and almost 30 NHS trusts have also become victims of ransomware recently, which highlights just how much of a security risk this malicious software can be. It is estimated that ransomware attacks have tripled in the last 12 months, with over 4,000 incidents being reported per day in the USA alone. Prevention is the best defence, as if a business succumbs to ransomware it could have devastating consequences.

What is ransomware?

We have covered ransomware in an earlier blog: it is malicious software, like a virus, except rather than destroying data it locks you out of your own computer and demands payment to restore your files. It can spread by email, or can be installed with applications and can be very difficult to remove without expert help. The payments demanded by the criminals behind the software can run into the thousands of pounds. Amazingly, only one of the Universities in the UK the had a ransomware attack reported it to the police, who have now set up a dedicated national team to investigate fraud and cyber-enabled crime.

Digitalquill Experts in Ransomware Prevention

Digitalquill can help you respond to a ransomware attack but – more importantly – we can put systems into place that make such an attack much less likely. The best approach involves a combination of antivirus software, a backup regime and security policies, and we can help you implement both. If you see a ransomware message, you should turn off the affected computer, disconnect it from your network, and immediately contact an expert for further advice.

 

Don’t let your business continuity be put at risk, and do not risk compromising your sensitive data: act today. Call Digitalquill on 01482 424402, email support@www.digitalquill.co.uk or visit www.digitalquill.co.uk for more information.

 

You may not have heard of Ransomware. It is a form of malware (malicious software) that acts in the same way as a virus – except instead of destroying the files on your computer, it locks your screen and presents you with a message telling you that you have to pay an amount of money to restore access to your own computer.

Help! What Do I Do Now?

It can be a terrifying experience to be presented with such a demand, and your first instinct may be that you should make the payment – particularly in the case of some malicious software that may allege you have visited websites or downloaded files onto your computer that could be embarrassing or even illegal. Some of the ransomware even imitates the Police, preventing you with an official looking logo – but be aware that no law enforcement agency ever operates in such a way and you should never, ever enter your credit card details following such a prompt.

What you should do as soon as you see the screen is stop using the computer, and call an expert. Here at Digitalquill we are familiar with many different types of ransomware and we are skilled in the removal and prevention of such attacks. Once we have restored access to your computer we can advise you on how to avoid becoming a victim again, and help you with a backup system that will protect your files in the future.

Ransomware removal and Ransomware prevention

Even if you have not suffered an attack from a piece of ransomware, we can check that your virus and malware prevention tools are up to date and working effectively. If you are not sure whether you have protection, then we can audit your system and make sure you have all the safety measures you need. Call us on 01482 424402 for advice.