Plus, are you prepared for the Zombie Apocalypse?
In our February issue of SIMformation we look at the continuing threat from ransomware and other malware. Statistics show 81% of businesses have suffered some form of a cyberattack, so we want everyone to be vigilant and know the most prevalent malware vectors and how to defend against attacks. We have covered this before, but a refresher is helpful as we kick off this year. We follow up on last month's news of the Intel chip flaw – Meltdown and Spectre – and what are the latest steps from the hardware makers to counter this flaw. The early rush to "fix" this resulted in a "whoa" moment as the fix was called back by several companies, so here is the latest news on actions taken and still to come.
Speaking of malware, we look at how YouTube videos were infected with malware that permitted PCs to mine digital currency on the sly. Your PC's processor, memory and your electricity was consumed generating a digital coin, Monero, if infected. We present some basic information on what data Windows 10 collects. When first released, there was major privacy concerns about what data this operating system was collecting and returning to Microsoft. A new app helps shed light on what diagnostic data is collected – no personal data is ever shared. Finally, we hope you are prepared for the Zombie Apocalypse – or any disaster, fire, theft or flood that could disrupt your work. Every company should have a Business continuity and recovery plan and we offer tips of what your plan should encompass.
Video over same network as PCs
In our November issue, we look at Internet-Protocol (IP) based video systems. The convergence of video over the same networks as PCs means companies no longer have to string coax cable for video as the video signal can now piggy-back on the same network as computers. Companies are installing video for security, safety and as a crime deterrent, and SIM2K can specify, install, configure and support these video systems. We also take a look at two of the popular note-taking programs, Microsoft's OneNote and Evernote, and compare the pros and cons of both. Users of Google Chrome browsers will see some improvements with the new update that also fixes lots of security issues. Microsoft is rolling out a new authorization policy for Windows 10 Enterprise which may foreshadow where the company will go with all Windows licensing in the future. And, we re-cap Cybersecurity Month with a look at the "Bad Rabbit" ransomware released at the end of October and cover our tips for securing your network from malware.
National Cybersecurity Month
In our October SIMformation we start with breaking news of a vulnerability in the WPA Wi-Fi security protocol. The "KRACK Attack" is a potential chink in protected Wi-Fi traffic, so this is an important update with steps to take for your PCs and router firmware. We also look at "Simming" – creating a synthetic identity from various "real" elements like names, addresses and social security numbers. This is why the Equifax data breach last month is a concern, as it gives the bad guys the way to construct a new identity – but if they happen to pick your SSN or name, your credit profile is at risk. And, since this was Cybersecurity Month, we follow up on the WannaCry ransomware attack this past summer, and what IT experts believe was behind this attack. We discuss how Windows 10 users can pick a different Internet browser as their default rather than using Edge, and also how Microsoft plans to release Office 2019 for those companies that do not wish to subscribe to Office 365. Finally, in an "oops" moment, a major accounting firm that markets cyber risk protection, found their Cloud-based e-mail system was hacked, exposing financial information and tax returns for clients.
Risks from Ransomware, breaches, disasters and more
Data breaches, ransomware, data theft and more can bring a business to its knees while the damage is overcome. A business owner's insurance policy probably isn't sufficient to cover claims from a cyber incident, That's why we sat down with Todd Carbrey of NSB Insurance to discuss what a business owner needs to consider for good coverage in a cyberinsurance policy. Likewise, with the two hurricanes that hit Texas and Florida, do you have a business continuity and disaster recovery plan for your business? Both topics are discussed in this month's issue. The Equifax data breach is a major concern, and we have some information on what you should do to try to protect your personal data that may be at risk. Ransomware continues to be problematic, as estimates now say costs for infections will exceed $5 billion in 2017, and we look at how CylancePROTECT® helps bolster your defense against malware. And, we have a more in-depth look at two-factor authentication and how this provides more protection against unauthorized logins to your network. Our partnership with Duo lets us easily put two-factor authentication to work for you.
All employees must be aware of malware dangers
In our July SIMformation we give you 10 tips for cybersecurity training for companies. Best practices should start from the first day of a new hire and be a continuous process - no "one class and done" for all employees. As new threats emerge, companies need to keep employees informed and we give you some guidelines on how to address this. We also look at how our security partner, Cylance, and their CylancePROTECT® product blocked the release of the latest ransomware attack, dubbed "Petya/Not Petya". This was a new twist on ransomware as the malware forced a re-boot of the PC that effectively locked it up, rendering it useless to evey try to de-crypt files if the ransom was to be paid.
Our Unified Communications provider, Zultys, has released their MX Meeting web conferencing tool as part of their Cloud-based Hosted Service, making this available to all Zultys users. And, Microsoft has released a schedule for updates to their Windows Server software, now standardizing on twice-annual updates so companies can plan for these releases. We look too at Google's attempt to remove the "phone" part of the smartphone, relying on the "computer" side for data and now voice through VoIP rather than using cellular voice services. Finally, we discuss past successful hack attempts on devices connected to the Internet of Things (IoT) and how security needs to be in place for any device connected to the Internet.