Ransomware Doesn’t Stop with a Payment

If you think paying off a ransom demand to get back files is the end of your experience, you’re wrong. Getting to cough up a few bucks…well, Bitcoin…is just the start. Ransomware pirates are finding ways besides email to get access to your computer and all of your data – and they’re looking for long-term relationships, too. One tech columnist has sardonically suggested they need good customer service plans. You need a good protection plan.

Let’s start with some basics, which we’ve discussed many times before:

  • Be extremely careful about clicking on links in an email, even if it looks like it comes from someone or an organization you know and trust.
    • Personal email addresses get stolen and spoofed all the time.
    • It’s very easy for someone to recreate a corporate look – such as for your bank – that looks realistic at first glance. (Seriously, does your bank use a Hotmail account?)
  • Install and use anti-virus and anti-malware protection. Make sure update it, and make sure you update it from a legitimate site (see above).
  • Install all updates from application software provider (but make sure it’s legit). Most patches and updates cover security issues.
  • Back up your data files to an off-site server or, better yet, store them in the cloud. For an extra precaution, you can store files to portable hard drives, and keep them disconnected when you’re not backing up data.

One of the problems with storing data on a laptop computer, which many people do, is that when it’s stolen, your data can be accessed before any kind of Internet-based program kicks in to wipe your drive clean. All somebody needs to do it remove your hard drive and hook it up to a computer to see what’s on there.

If you have covered all the basics, you now face some new concerns, especially if you store confidential personal, financial or medical information as part of your business. You face additional risks because there is no way for you to control the security steps your customers or clients take. If they leave vulnerabilities, a hacker can use one person’s log-in credentials to see a lot more data than would ever care to expose.

You can protect your business and data in a number of ways – in addition to the steps listed above:

  • Insist visitors to your website use newer versions of all browsers. As browsers age, publishers stop supporting them. You don’t want to expose yourself to their vulnerabilities.
  • Encrypt your data and your emails. If you do a lot of email marketing or communicate confidential information, this is a no-brainer. Email services, such as Constant Contact, which we use, build in a number of security measures. Spend the money to take advantage of them; it’s cheaper than taking a financial hit (see below).
  • Check with your insurance agent or carrier to see if E&O covers you for cybersecurity breaches. It may be an extra cost, but remember that insurance companies like to collect premiums, not pay claims. They are motivated to minimize your risk and should work with you.

The back story on these tips starts with a client who has two offices. In the “main” office, nobody uses the Internet. But in the other office, people used a remote desktop to access the system in the main office, and the security was weak. The link was not secure, and the passwords were simple. I was able to hack in using an iPad that still had a SIM card from another country, and the client could not detect that I was in there.

That should be a wake-up call for every small business to install and maintain security systems throughout their information management system. Ransomware pirates are getting more sophisticated in ways they can get into your systems and stay there – which brings up the “customer service” observation from Glenn Fleishman in PC World. Our point is not to scare anyone away from technology. Every advance – from the bicycle to space travel – has a risk-reward component, and we all know the rewards are great when we follow the proper precautions.

We’d like to leave you with three steps to take right now:

  1. Encrypt all data
  2. Never send passwords in an open email
  3. Look before you click – disguises are getting better and more numerous

Sterling Rose can help you design, install and maintain a cybersecurity program. Contact us by phone – 973-433-6676 – or email us to make an appointment to discuss your needs.

Keep Your Pictures in Multi-Device World

With mobile-phone cameras getting better and better, it’s easy to click away and then download your pictures to a computer. And when you max out your phone’s storage, it’s easy to delete them from your phone and click away some more. Just one problem: if your phone and computer are synched, you could delete the files from your computer, too.

The problem came up when an employee of one of our clients told about her daughter losing pictures she thought she had saved on her Mac. The daughter had been in Europe for a study-abroad program, and she traveled after school ended. Lots of kids do it, and lots of kids have iPhones and computers.

Naturally, as her phone’s storage filled up with photos, our traveler decided to download them onto her Mac. Just about all of us who travel with a computer do the same thing so that we can keep on clicking away. You never know when you’ll get back to a travel destination, and you want to collect all the memories you can; you can sort them out later.

That’s what our young traveler was told to do. With the magic of wireless connections, she was able to sync her phone and computer so she could save her pictures to her hard drive. With pictures safely stored on the computer’s hard drive, it was a simple matter to delete the photos from the phone and free up space for new pictures.

However, there was a catch. The way her sync was set up, deleting from one device deleted from the other. So, when she came home and sat down to share her pictures, they weren’t there. But they were somewhere. Using Mac’s time machine, we were able to find previous back up files, and we were able to send the computer to Apple. Their technicians were able to recover the pictures, but it took a while for them to get all the pictures, and it was a very stressful time for our student.

Here are some steps you can take to avoid the problem:

  • If you have an iPhone, you can set your phone to store photos in an iCloud photo library and keep them there when you delete files from the phone. If your phone senses a Wi-Fi network, it will upload the photos automatically.
  • You can optimize your storage so that you can leave a thumbnail of your photo on your phone. Then, you can use the thumbnail to identify photos you want to retrieve.
  • If you are traveling with your computer, download the photos manually and turn off any synchronization that deletes files from your phone and computer at the same time.

I download photos all the time from my SLR camera, but it uses SD cards. I can get some redundancy by downloading the pictures to the computer and keeping all the images on the SD cards. I can also upload them to the cloud. When you add up all the costs of a vacation, this is a relatively small expense.

More and more point-and-shoot cameras have SD cards, too. But if you’re using your cell phone or an older camera with fewer features, you’ll have limited options. If you or any family members are getting ready to travel, we can help you make sure your gear is all set up to keep your photo and video memories safe and secure. Call us – 973-433-6676 – or email us to get set up.

Travel: To Disconnect or Not Disconnect?

A trip is a great time to disconnect from the connected world and all of its stressful situations. However, there may be times when being disconnected can be extremely stressful. Fortunately, you can customize technology to fit your level of need and comfort.

Although I consider myself a very connected person, there are times when I like to disconnect, such as when I’m on an airplane or traveling in a country with a huge time difference from New Jersey. And, let’s face it, we all need to really take time off from everyday life – and that’s the purpose of getting away.

However, there are times when being connected can keep your travels on schedule and give you peace of mind. Using a Wi-Fi connection on an airplane, for example, can help you make, change or cancel reservations for hotels, rental cars or ground transportation if you run into unexpected delays, especially if you have a flight that makes stops – and requires plane changes – before you reach your destination.

A phone or tablet with Wi-Fi capability makes it really easy to stay connected, and VOIP – voice over internet protocol – which we all use if we have internet telephone service. You can talk through a variety of applications, such as Skype and Viber, to name two, and Facetime on iPhones. Using voice and video through a Wi-Fi network requires a fast internet connection, so make sure you have one before you try. There are many remote locations (we were in one of them on our last trip) that just have slow internet, and their cellular networks may not be all that strong, either.

If you want to be reached by telephone and don’t want to maintain a cellular connection, a Google phone number can give you a variety of options. You can give the number to people who may need to reach you or with whom you want to maintain contact. You can link that number to your cell phone number, but if you are traveling abroad, you’ll need to have a Wi-Fi connection to pick up voicemail or answer a call. If you have a cellular connection abroad, you can be reached directly. Because a Google number is a US number, people calling you will not have to pay international calling rates.

You can keep a cellular connection in a number of ways while abroad:

  • Arrange with your carrier to provide cellular service without roaming charges in the countries you plan to visit. These plans can be costly, and they can have severely limited numbers of phone calls and text messages available as well as highly restricted data use. If you are going to be in several countries on your trip and don’t need to use data-intensive applications such as Waze or Google Maps for driving and walking directions, this may be good for you. The phone can be really good for making or confirming reservations.
  • Get a SIM card for your phone when you arrive in the country you are visiting. As long as your phone is “unlocked,” as most are today, you can turn your phone into a local phone that will give you either an unlimited or large number of phone calls and text messages – including international calls (such as to the US) – and enough data to get directions to a hotel, restaurant or tourist attraction and use Waze or Google Maps to get there. The major carriers in each country usually have kiosks at the airport, and their agents can install and test the SIM card before you go on your merry way. In most cases, the card is good for 30 days. If you are in a major city, you can find stores for most carriers, just as you do in the US, and the carrier store may be better if you need something other than a standard arrangement. When you get home, you can reinstall your US carrier’s SIM card.
  • Rent a local phone. This is really simple, and it doesn’t require any changes to your existing phone. The cost and your allowances for phone calls, texts and data may vary, but you should have all the capabilities you’ll need.

Having cellular service abroad gives you all the conveniences and peace of mind you take for granted at home. If you are not part of a tour, you can make reservations or ask questions on the fly for hotels, restaurants, attractions and other needs. If you are going to be delayed in getting to a destination, you can call ahead. Even with the best navigation applications, you sometimes need someone to “talk you in” to a hotel or restaurant. All you need to do is call – and you can access the internet to get the phone number.

Even if you are on a guided tour, the tour operators sometimes strongly recommend you have a cell phone with local capability. If you become separated from your group at an attraction, for example, you can call and agree on a meeting place, or they can call you to make sure you get to where you’re supposed to be.

And, of course, there’s the peace-of-mind that comes with knowing you can reach somebody. On our last trip, we were part of an English-speaking group on a bus headed to the airport to leave our location. Nobody spoke the local language, and the driver did not speak English. We were caught in horrendous traffic, and we feared not making our flight. In our case, we had to catch a flight that operates once a week, and we were not in a place where we wanted to spend a whole week.

Nobody had a cell phone for the country, so there was no way to call the airline and let them know of our problem. While it had been very relaxing to be disconnected from the rest of the world, we were a busload of stressed people while on our re-entry path. We made our flight, so now it’s just another travel story to tell.

Traveling always has its surprises, but you shouldn’t feel unduly stressed or unsafe. If you are planning to travel abroad, we can help you determine the technology you’ll need to maintain your desired or required level of connection. Call us – 973-433-6676 – or email us to talk about it.