iQmedia Technology Group

Thriving with a Remote Workforce

Marc Peritore

So I’ve been hit with Ransomware…now what?

· ·

It is inevitable that one day you will be a victim of a breach, virus, or fraud. Cyber Security Professionals understand that “100% protection” is a false construct. 

Cyber Security specialists attempt to reduce the risk of an incident and devise a strategy to recover from a cyber event. Yes, you can implement a security system, Antivirus/Malware software, lock down security with policies and still fall victim to a bad actor. 

Why is that? The simple answer is we are all human. Most of us can’t help but to click. We know we shouldn’t, yet we do. 

There are a couple of questions I get asked all the time “How can we recover from a virus”? and “Why do I need backup if I sync my data with an online service or multiple servers? 

Well, let’s start with the premise that file synching and file backup is not equal, not even close. When you setup file syncing with an online service or multiple servers, the files will synchronize whether they are legitimate files or infected files.  

For example, if you have had the misfortune of launching a Ransomware virus at home or at work it will encrypt all the files on the local machine…then the file sync will infect every file on every device. Not a good situation.

Let’s talk Backup. Not just any Backup, I’m speaking about a daily offsite secure backup with multiple versions also referred to as “incremental daily backups.”   The best way to safely recover data from Ransomware or any other virus that infects data is to have a good daily offsite backup to restore all your data.  

Just because your data is recovered you still need to be able to access it.  Be sure your operating system is salvaged by enabling a good image 

of your operating system. For windows desktops be sure to enable windows restore points and on servers use shadow copy to restore your operating system. 

This is known as a two-pronged approach to Data Integrity and Data Accessibility.  Data integrity is the ability (Data Backup) to recover your data in its original accurate format and Data Accessibility (Operating System Recovery) is the ability to access that data when needed. 

In this Data Backup scenario when Ransomware infects all the files, we can simply delete all the infected files and restore them to the previous days’ version. Yes, we may have to clean up the virus and other technical items, but recovery is quicker and less expensive.  

Even if the infection happens after hours and the server’s latest backup contains infected files it won’t matter. The infected backup is isolated and encrypted in a separate dataset. In this case, we can just delete the infected backup and restore from a good backup version. 

At most you may lose one day of work. That’s safer than paying Bitcoin to get your data back. Paying to get your data will most likely go unrestored and may make you an easier target in the future. 

The best way to recover from Ransomware is to have a well thought out data recovery plan, offsite daily data backup and recovery of your operating system with a good image to revert to. 

So, when it comes to data integrity never look for the low-cost solution. Your data is your business without it you may never recover! How long can you survive if you lose all your contacts, accounting history, word docs, marketing material and anything else you can imagine? Not to mention if you had personal items that you may never recover. Keeping your data and business safe is worth it. 

If you’re not sure what or how to approach your Data Integrity Plan contact a data specialist. 

Always, consider a solution that provides offsite storage, encrypted security, daily schedules, utilize Anti-Virus/Malware powered by Artificial Intelligence and have an updated recovery plan. 

The Reality of War in the Twenty-first Century

· ·

As we watch the war unfolding in the Ukraine, we would like to think it is a far-off war happening in a far-off land.  The reality is there is a new front that is fought every day that transcends borders to reach anyone anywhere in the world.  

Cyber warfare has been churning in the shadows for decades.  It is a war that is never noticed in the news for its daily victories but always makes the front page with its occasional failures.  

Unfortunately, cyber-attacks are the new front in a 21st century war.  The primary target of a cyber-attack is to disrupt infrastructure, power, transportation, financial institutions, and economies.  This allows the conventional war to be met with limited resistance. 

President Biden is expected to implement additional severe sanctions on Russia this afternoon.  It is believed that Russia will retaliate with a series of cyber-attacks on the United States and its Allies.   

If you are not convinced of this, just remember, the Ukraine has been attacked by cyber security denial of Service and Malware prior to military action and cyber-attacks are still ongoing.  

It is expected that some of the targets will be the power grid, banking, airports, and Internet Service Providers.  We suspect a Denial-of-Service Attack will focus on Internet Service Providers to disrupt as many services as possible.  

How can you ensure every measure is taken to protect yourself and your organization?  Simple, verify you have a good offsite backup of your data, install the latest security patches, update your security software.  

After all is said and done…you are an integral part of security.  It only takes one click, one email, or one lost password to create a breach.

We are imploring everyone to stay vigilant on the cloud, internet, phones, personal devices, and home computers. 

What to look for. 

  • Fake emails asking you to reset passwords- Do not reset passwords through an email
  • Fake Zoom meeting requests.  Unless it is scheduled by you or someone you know in advanced…do not accept it
  • Phone calls from “Support” stating that you have a virus, and you need to let someone on the system.  Just hang up.
  • Do not open any unknown emails, just delete it
  • Do not go to any “Free” websites for Coupons or Deals
  • Do not download from any “Torrent” Sites
  • Do not click on any pop ups that claim you “Have a virus! Click here to clean!”
  • Do not use any Free Wi-Fi or try and use your neighbors
  • Avoid Bank or financial Emails that request you reset your password
  • Do not fall for the “Gift Card” scam

Remember- If the message is urgent, time sensitive, free, or asking for personal information…. It is fake!

If you are unsure…don’t click!