What You Need to Know about the Latest WannaCrypt Ranswomware Attack

WannaCrypt (also known as WannaCry) is the latest in ransomware that not only encrypts data but replicates to other unpatched systems. Its main code was built on the leaked NSA exploits named EternalBlue and DoublePulsar, which make it extremely good at replication and infection. The malware has spread to over a hundred countries in a week, and the malware’s author has made over $70,000 in its first week of propagation.

How Does It Work?

WannaCrypt takes advantage of an exploit available in a protocol called Windows Server Message Block (SMB). System administrators for Linux servers have also reported successful attacks, so all servers that offer file sharing should be patched.

If a machine responds to an SMB request, WannaCrypt replicates to the share. This feature is why the ransomware spread so quickly across the Internet. After infection, the malware sends requests to other machines, and several servers were vulnerable since they had not been patched.

WannaCrypt requests access to common drive letters including C and D drives, but it also infects removable drive shares. If you have a removable drive connected to your machine, the malware copies to it and even encrypts its files.

Once your PC is infected, the malware scans your system for specific file extensions. The files are then encrypted using 2048-bit RSA. Because the malware uses SMB, even PCs behind a firewall are not protected. The ransomware starts the ransom at $300, but if you take too long to pay the ransom is doubled to $600.

The malware contains code that researchers believe is a kill switch. It attempts to contact the domain iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com. If unsuccessful, the malware would proceed to encrypt data and ask for a ransom.

One researcher as MalwareTech was able to stop the malware from spreading by registering the domain. Domain names can contain up to 255 characters, so this name was used to avoid the possibility of the domain being accidentally registered. It’s believed that the long domain name was intended to stop the malware should the authors determine that they need to stop it from working.

How Do You Protect Your Files?

If you haven’t already patched your system, it’s time to update your Windows software. The malware has spread so severely that Microsoft even released patches for Windows 2003, Windows 8, and Windows XP. Microsoft no longer supports patches for these systems, but it was necessary to stop the ransomware from spreading.

Servers are the most susceptible, because they are accessible on the Internet. You can use the Windows Update service to update your computer. Microsoft also released signatures for its Windows Defender software, so you should be protected from the current version of WannaCrypt.

The only operating system unaffected by WannaCrypt is Windows 10, but you should still ensure that your system is patched. Malware writers create new versions of ransomware to overcome the hurdles created by patching and antivirus systems. The next version could target Windows 10 machines.

You can’t stop malware writers, but you can keep your machine protected. Always keep your operating system updated with the latest patch. Keep antivirus software updated, and avoid downloading executable files from emails or unknown sources.

10 Cyber Security Tips

No matter what the size of the business, cyber security is a critical issue. A single breach could reveal the personal information of millions of customers, breaking the trust of those individuals and possibly doing irreparable damage to the company and its brand image.

The potential damage can be even worse for small business owners, who may not have the resources or the marketing budget to recover their reputation and rebuild trust with their customers. To make matters even worse, those small businesses probably do not have the money to hire a dedicated IT professional, and that can make data breaches far more likely.

Luckily, there are things small business owners can do to enhance their cyber security and protect the privacy of their customers. Those small business owners may not have the resources to hire an IT team, but they can take some smart steps on their own. Here are some smart cyber security tips every small business owner can use.

1. Choose computer terminals without USB drives or use software to disable their use. This will prevent workers from copying confidential files to thumb drives and portable hard drives.
2.  Block access to public email sites like Yahoo!, Hotmail, Gmail and the like. Even the inadvertent emailing of company files could put your business at risk.
3. Establish a clear cyber security policy and reinforce it daily. Training is an essential part of cyber security and keeping records safe.
4. Follow a policy of granting the least possible amount of file access. Workers in each department should have access to their departmental files, and only those files.
5. Have your cyber security audited by an outside organization at least once a year. Having a second set of eyes is always helpful.
6. Consider outsourcing your IT operations. If your business is very small and you are reasonably tech savvy, you may be able to handle the network resources on your own. But as you grow, hiring an expert to manage your network and secure your files makes a lot of sense
7. Make sure that all of your file transfers, including data backups, are fully encrypted. End to end encryption is an essential part of good cyber security
8. Establish and enforce a social media policy for your employees. Make sure your employees know that the posting of confidential or proprietary information could have repercussions for their employment and for the company as a whole.
9. Keep company software updated and install security patches as they become available. Hiring an IT management firm can make the installation of updates easier and give you one less thing to do.
10. Make sure that every network-connected device is protected from spyware, viruses and other forms of malware. Set those protections to update automatically and perform regular threat assessments and scans.

Cyber security has never been more important than it is today. The threats are coming from everywhere, putting unwary companies and their customer data at risk. From organized gangs of criminals and foreign governments to individual hackers, there are lots of bad guys out there. If you own a small business, protecting your firm, your customers and your reputation is your responsibility, and that means taking cyber security seriously.

Understanding Cloud Computing

Unless you’ve been living under a rock, you’ve been hearing a lot about cloud computing. In fact, you might already be using some services or applications that utilize cloud technology without even knowing it. Let’s take a look at what the cloud is and why you should be migrating.

What Is Cloud Computing?

Cloud technology and services can come across complicated to the uninitiated. A home and small business owner can think of the cloud as an online facility to access data and even use some applications. The cloud is actually a fancy name for a large set of servers that take over tasks normally reserved for your local computer. Unlike a local network, the cloud can be accessed from anywhere, using almost any device, as long as you have an internet connection. These server farms can scale to whatever size is needed and offer excellent redundancy, meaning you won’t be offline if your computer develops a fault.

How Can My Business Benefit From The Cloud?

Okay, so now you know what it is, but why do you need it? Even if your small business can be run from a single computer, you can benefit from the cloud. The first major benefit is the ability to access and work on your data from anywhere, using a variety of devices. Just because you’re stuck on the train doesn’t mean you can’t log in and attach a file to an email or update a piece of vital customer information. Simple cloud-based programs such as Dropbox and Google Drive offer you the ability to access your data on the go. More and more businesses rely on some form of remote access and this is one of the areas that the cloud really shines.

But the cloud isn’t just about data access; a lot of companies that provide software aimed at small business now offer those same applications on a subscription basis through the cloud. Accounting, payroll, and even traditional office applications can be used without having to purchase them outright, which leads into one of the biggest benefits for any home or small business: cost. Utilizing cloud-based technologies offers a scalable solution without having to spend large amounts of money on hardware and software upfront. Because the grunt of your computing is done within the cloud, you now have the freedom to purchase almost any kind of computer you want, without worrying that you will need to upgrade at the next big software update.

As internet connectivity becomes faster and more stable, the advantages of utilizing the cloud for some, or all aspects of your business can be a cost-effective method to limit spending on your own hardware and software.

Security And Cloud Storage

Security is one of the big concerns for most people when they think about storing their data in the cloud, but you can put your mind to rest. Cloud-based services are run from high-security data centers that contain inbuilt backup and redundancy measures. The servers themselves can only be accessed by the appropriate people after passing on-site security approval.

In contrast, data kept on a local computer in the office can be accessed by anyone in the room, and it’s a lot easier for a thief to steal a home computer than it is to cart away a server rack.

Most, if not all, cloud-based providers offer strong, 128-bit encryption alongside strong password policies to ensure your data is not only safe but also only accessed by you. This is not only good for you but reassuring for any customers who are sensitive to any data of theirs.

You only really know how good your disaster recovery plan is when you really need it. Using the cloud can take the headache out of recovery and restoring data. Dropped laptop? No problem, your new one will have access to everything the old one did using cloud storage and backups.

What Are The Drawbacks?

While there are a number of possible drawbacks to using the cloud, the greatest comes in the form of your internet connection. If all your data is online, but you don’t have steady, quality access to the internet, you’re in trouble. If you need to work from remote locations or have spotty wireless internet, you’ll have to consider the impact carefully before taking the plunge into the cloud. Cloud providers themselves can also suffer from downtime. While it is rare, it is possible you might be without access to your data and applications for a period of time, so make sure you understand what kind of SLA the provider offers.

Like any decision you make, moving to a new technology requires forethought and planning if it’s going to be successful.

Not everyone in home and small businesses has the time to be an IT expert. Using the cloud to store your data or provide access to your payroll and accounting anywhere, anytime, can take a lot of the stress out of an important part of your business, leaving you time to be more productive. While you might not need to go fully cloud, the services on offer are worth looking into for any home or small business.

Business Automation – Reducing Costs

Automating certain day-to-day business tasks is a smart decision because it can save your organization both time and money. It can free up more time for you and your employees to focus on other, more important activities and projects. Focusing the most on these activities that add the most value will allow you to have a better competitive advantage and to improve your bottom line. Completing projects that are creative and strategic will help set you apart in your specific industry and get you noticed by more potential customers. Since there are only 24 hours in each day, business automation will free up more time for you to accomplish this.

Some tasks that can be easily automated include collecting customer data, updating orders, scheduling shipping times, and processing submitted payments. Most routine tasks related to inventory ordering and tracking can also be automated in many cases. Any of these groups of business activities don’t generate revenue, and it’s a smart business decision to automate them. Automation technology is additionally available for booking and scheduling repeat customer appointments.

Automating Booking and Scheduling

By switching to automated appointment-setting, you create valuable time-savers for both your customers and your business. Automatic booking and scheduling software allow your customers to set up their appointments and receive reminders with any back-and-forth emailing or phone calls. Automatic reminders can eliminate as much as 70% of these communications, and they can cut the time your employees need to spend on the phone or answering emails by up to 40%. Self-service appointment setting tools allow your customers to set their own appointments, make any needed payments up front, and receive confirmations by email or text message.

Automated scheduling software can also include lists of fees and services, as well as scheduling options. This available information is convenient for your customers, eliminating the need for them to ask your employees questions about it over the phone. Many of these tools can be added to your website and are also available as mobile apps where your customers can receive reminder alerts and update their appointment times from anywhere. On your business’s end, this will free up time for your employees to work on other value-adding tasks. Automation also allows you to customize the scheduling process for each client, and reminders can reduce the numbers of no-shows by a significant percentage. It also makes your service available 24 hours a day, and it can cut down on wasted time or customers frustrated waiting for a returned phone call or email. Automated scheduling frees you to generate more promising leads and find further business opportunities.

Tools for Automation

Business process automation software will free you and your employees up from three activities that don’t earn you more money, namely manual appointment-setting, follow-up phone calls, and answering emails related to rescheduled appointments or no-shows. Business automation software will get rid of these time-wasting processes, and it will also make the appointment process run smoother for your repeat customers. Many of these software programs can send scheduled emails or follow-up texts. Some even allow you to schedule messages to your customers asking them to rate and review your business based on their latest appointment.

Adding business automation processes can even help your marketing efforts, by giving you more time during the workday to create more meaningful, effective promotional campaigns. Some types of automation software even include tools that let you schedule email newsletters, drip campaigns, and posts to your social media pages. Automating these tasks whenever you can will ensure your message reaches your target customers when they’re most likely to be online to see it. Business automation can help a great deal with managing the data you gather about your customers, so you’re able to create meaningful connections with more of them within a shorter time frame. The effective and efficient use of these technologies will both help increase your bottom line and cut unnecessary costs.

Using an Automation SAAS

Some automation software suites are known as SAAS programs, which stands for “software as service.” This type of program can be set to launch specific tasks at certain times, dates, or intervals. Reminders can be set out to all customers all at once at designated time of the day, or they can be spaced out at different times throughout the workday. Tasks in one of these software programs can also launch in response to specified events, such as a customer scheduling a future appointment. Automation software works well with any number of calendar programs, such a Outlook or Gmail. When new information about repeat customers is added, automation programs can detect and update these new entries before the next reminders are sent out. Many automation programs can also integrate with your business website, launching a chat window each time a customer clicks on a certain page. This feature provides a convenient way for new and returning customers to ask questions without the need to search for an email address or phone number for your company. The initial cost of automation software largely depends on the brand and features. Some programs may also come with a small monthly subscription fee as well. Before selecting one, it’s important to make sure it fits all your organization’s needs and objectives.

Automation software allows you to set up a customer reminder schedule based on your unique business needs. You can set up reminders to be sent to your customers at times you decide, whether it’s a couple of days or a couple of hours before their next scheduled appointment. You can also select whether your customers receive their reminders via email or text message. Once you set up your account, integration with your business website is a quick and easy process. You can even customize your online calendar to with your own color and font choices that match your company logo.