Have any question?

Blog

MSPNetworks Blog

MSPNetworks has been serving the Farmingdale area since 2010, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Keep an Eye Out for the Hallmarks of Malware

Keep an Eye Out for the Hallmarks of Malware

Malware is everywhere on the Internet and you don’t want it. From spyware and adware to ransomware there is never anything good that comes from this malicious code. Today, we will outline a few ways you can tell that your computer, workstation, or mobile device has some form of malware on it.

0 Comments
Continue reading

Rise Up Against Ransomware

ransomware_434492636_400-1

Like many of the past few years, this year has witnessed a significant surge in high-profile ransomware attacks. If you haven't already strategized how to safeguard your business from these threats, now is the time to act. Fortunately, you can take several proactive measures to mitigate the impact of ransomware attacks, and it all starts with preparation.

0 Comments
Continue reading

AI Was the Hot Tech of 2023, But in 2024 It’s the Next Big Security Threat

2023 was definitely the year that AI became a household name. We’ve barely seen what artificial intelligence is capable of, and while industries are still coming up with more ways to use the technology, we’ve already seen countless examples of how people want to take advantage of AI for less savory purposes. 2024 is already shaping up to be the year that businesses need to protect themselves from AI-generated cybersecurity threats. Let’s take a look at everything you need to know as a business owner.


What’s the State of AI in 2024, and How Can It Be Used?

In case you haven’t been caught up, the tech world has been shifted by some new technology that uses vast amounts of information and complex algorithms to generate human-like text. In the simplest terms possible, engineers wrote a piece of software that was designed to “train” itself by reading a massive amount of text from the Internet. It read about 300 billion words from books, social media sites, news articles, and plenty of other types of content. Because it was able to absorb and index so much information, users can ask it questions and it can understand and respond to those questions in plain English (or Spanish, French, German, Italian, Portuguese, and more). 

This is called a Large Language Model, or LLM, and the most popular version of this right now is called ChatGPT. Most people commonly refer to this technology and other similar types of systems as artificial intelligence (AI).

These systems can do some pretty remarkable things. They can answer questions quickly, and generate large amounts of content on a topic very fast. You can “brainstorm” ideas with it, and then ask it to give you a task list for everything discussed. AI has been a great resource for software developers, as it can be used to quickly find security vulnerabilities in vast amounts of code before cybercriminals can exploit them.

And that’s where the problem lies.

Any Great Technology Can Be Used By Bad People

Paleontologists have determined that the earliest use of the bow and arrow happened about 60,000-70,000 years ago in South Africa. It’s suspected that this groundbreaking (at the time) device was used for hunting. Obviously we will never be able to pinpoint exactly when or how this happened, but at some point, the world experienced the first prehistoric person drawing a bow and arrow on a fellow prehistoric person. 

This has been the cycle for technology ever since, and when something new emerges, someone is going to figure out how to use it to cause trouble. Over the last several years, we’ve even seen the so-called troublemakers adopt modern technology even faster than the general population in some cases.

This is happening with AI. Cybercriminals are able to use AI to become much more effective. They can use AI to find vulnerabilities in software before developers are able to provide security patches. They can use AI to write phishing emails that are even more convincing and effective. They can use AI to write malware that is more devastating and infectious. 

Cybersecurity has always been a virtual arms race, and AI kicks things into overdrive. To stick with our theme, cybercriminals from 20 years ago were using the bow and arrow, and now with AI and other modern tactics, they have supersonic fighter jets. Businesses and individuals need to be even more vigilant about protecting their data.

Something That Most People Don’t Think About When It Comes to Cybersecurity

We all always talk about cybercriminals and hackers as if they are lone wolf anarchists sitting in a dark basement, drinking store-brand Mountain Dew, wearing a dirty hoodie, and staring into a bunch of screens with green matrix code.

The reality is that most cybercriminals treat their work like a business.

They are always working on getting the most profit for the least amount of effort; they follow and repeat successful campaigns and revamp things that don’t work.

But that’s not the worst part.

Over the last few years, it’s been uncovered that a lot of scammers and cybercriminals are actually trafficked people, forced to follow scam playbooks in order to pay off their captors and regain freedom. In some cases, when you get a scam phone call or text message or phishing email, it’s coming from a victim of human trafficking. 

There are entire compounds that house thousands of people, tricked away from their homes and families and essentially imprisoned to try to scam individuals and businesses. CNN recently did an incredibly eye-opening article that is worth checking out, but be warned, there is some disturbing content.

This gets us a little off topic when it comes to how AI is being used by cybercriminals, but we feel that it’s extremely important to raise awareness about these types of operations, and just how intense they are both in scale and misery. Cybersecurity is an industry all on its own, and every time an individual or organization gets scammed, it fuels something that is causing a lot more harm than simply forcing a business to its knees or stealing thousands of dollars. 

2024 Needs to be the Year We All Take Cybersecurity Extremely Seriously

Between AI, social engineering scams, and a growing industry of reprehensible cybercriminals, doing your part in protecting your business and yourself from cyberthreats will go a long way in ensuring that you can be successful. 

MSPNetworks can help your business establish a culture of cybersecurity, and implement the tools you need to prevent threats. Get started with a cybersecurity audit—give us a call at (516) 403-9001 to get things kicked off.

0 Comments
Continue reading

As if We All Didn’t Have Enough to Worry About: Let’s Look At Killware

I hate to be the bearer of bad news, but when it comes to cybersecurity threats it’s kind of hard not to be. I used to look at it from two sides; one side is fascinated at the innovation and intensely brutal ways that high-end cyberattacks work, and the other side of me loses sleep at night worrying about these risks affecting our clients, prospects, and even my own business. This one particular classification of cyberattack, however, takes the cake for being especially frightening.


Introducing Killware, About as Bad As Cybercrime Gets

Imagine a computer virus or malware that is specifically designed for your organization. It knows the software and hardware you are using. It knows what settings and configurations can cause the most harm to your organization. It knows exactly how to slip in, infect the most vulnerable parts of your business, and do massive damage.

That implies a lot of things. It suggests that the cybercriminals targeting you are intimate with your organization and its inner workings. It suggests that the bad guys have an insider, or that you’ve already been compromised so severely that they may as well have an inside agent. Either way, at this point, the network is more their network than it is your own.

But it gets worse.

Not only can they dish out a threat to do harm to your business, but the goal of Killware is to cause as much public harm as possible. This is a frightening mixture of cybercrime and terrorism. It’s real, and it has real consequences.

A Cyberattack Almost Poisoned an Entire Community in Florida

In 2021, a water treatment plant in Oldsmar, Florida, a small city with a population of almost 15,000 people, suffered from a cyberattack. The attack seemed to have a singular goal; to raise the amount of sodium hydroxide in the water that Oldsmar residents were drinking. 

Sodium Hydroxide is used in water treatment to manage the pH level and reduce lead corrosion. In small amounts, it is considered safe. In larger quantities, it can cause severe burns and permanent tissue damage. The attack increased the amount of sodium hydroxide being added to the water by a factor of 100.

Fortunately, staff at the water treatment plant noticed the change immediately and nobody was hurt.

Cities and Local Government Systems are Often the Target

We’ve seen a few cases over the years where malware disrupted portions of city and town infrastructure. In 2018, Atlanta suffered from an attack that took down over a third of its systems, and it cost taxpayers over $17 million and over a year before things went back to normal.

In 2019, Baltimore suffered from a similar attack, which impacted the state's real estate market and dozens of other systems. The attack cost the city an estimated $18 million.

Healthcare, Nonprofit Organizations, Banks, and Others are at Risk Too

The U.S. Department of Homeland Security warns that other critical services like hospitals, police departments, utilities, and other highly networked industries are potential targets for this kind of attack.

In order to reduce the risk, organizations need to take cybersecurity seriously, and ensure that regular audits are happening throughout the year. Committing to industry compliance standards is a good first step, but depending on your industry, your business may want to raise the bar even more.

No matter what kind of organization you run, you have employees and customers to protect. MSPNetworks can help secure your business so that your organization avoids doing harm to the community in the event of one of these devastating attacks. 

0 Comments
Continue reading

The Most Dangerous Things to Search for on Google

The Internet is pretty great. You can watch videos of cats being weird, and then watch the London Philharmonic Orchestra perform Stravinsky’s Rite of Spring. Then you can go on Reddit and learn how to replace the drywall in your bathroom. Just another typical Sunday afternoon with the Internet, right? 

Unfortunately, the Internet isn’t always perfect. It can be pretty dangerous, and we’d like to share some surprising terms that can lead to dangerous websites and malware if you search for them on Google.


Quick disclaimer: None of these topics are necessarily dangerous on their own, and there is bound to be a lot of great, wholesome and family-friendly content about each of these terms out there on the Internet. That being said, we’re going to explore how these terms ended up being so dangerous to show you why you, your family, and your coworkers should be careful online.

Threats Lurk Beyond Innocent Family-Friendly Topics

A lot of the things that kids really enjoy are often targeted. Cybercriminals know that a child might not be as well-versed in cybersecurity as an adult, so if they can spread malware to kids doing innocent searches for shows and movies, they will.

According to Home Security Heroes, an organization dedicated to helping families stay safe online, over half of the search results for terms like “The Boss Baby,” “Sonic the Hedgehog,” and “Pokémon” could lead to malware or other online threats.

Video game-related search terms like “Animal Crossing: New Horizons” carries a pretty strong risk of malware as well, with 46 percent of the results containing malware-infected domains. This is a cute game where players move onto an island and make friends with talking dogs, frogs, and other adorable animals and give each other gifts. The content of the game itself is extremely kid-friendly, but websites offering guides or illegal downloads of the game could be dangerous.

The Most Dangerous Celebrities to Search For

Several years ago, long before the pandemic, Emma Watson was one of the most dangerous celebrities to Google search, with a shocking number of websites having links to malware or other potential threats. 

Today, the prom king and queen of dangerous search results go to the fabulous Chris Hemsworth and Anne Hathaway—so the mighty Thor and 2012’s Catwoman for the comic book nerds out there. Interestingly enough, Chris Hemsworth and Anne Hathaway were set to star in a movie together back in 2013 called Robopocalypse, but it doesn’t seem to have come to fruition.

To no fault of their own, these two celebrities suffer from a similar affliction to the family-friendly movies above, but an estimated 75 percent of the search results for their names potentially contain harmful content or malware.

Other actors and actresses like Kaley Cuoco, Olivia Rodrigo, Neil Patrick Harris, Chris Pine, Chris Evans, Chris Pratt, and Zendaya also have a ton of risky search results.

But We Can’t Ignore the Queen

She’s always having her best year ever, and is loved and adored by fans of all ages. Yes, we’re talking about the infamous Taylor Swift. Tay-tay, or T-Swizzle, or Queen America herself might be one of the greatest musical icons of our time, but a whopping 79 percent of her search results are potentially dangerous.

That doesn’t mean you can’t search for her and find safe content, but it does mean that there are thousands of websites out there that are trying to trick users into reading up on the brightest star in the music industry, only to infect your computer with malware or steal your personal information.

If you are a little more old school, the Backstreet Boys are right behind her with 76% of their results being sketchy and potentially dangerous.

The Huntsman Spider

What’s bigger than your hand, has eight legs, and eats mice?

You don’t really want to know, but it’s the huntsman spider.

We’re not sure what percentage of websites about this horrific monstrosity have malware; in fact, Googling it is probably a lot safer for your computer than searching for Chris Pratt. Still, these spiders are huge and anyone without ironclad constitutions should probably avoid giving themselves nightmares and not go down that rabbit hole.

All Joking Aside, the Internet Can Be a Dangerous Place

There is a lot of great information and opportunities on the Internet, but there are plenty of people trying to take advantage of everyone else as well. In order to protect yourself, you need to have the proper security measures in place, including antivirus and anti-malware. Your organization needs to be monitoring your endpoints and security, and equip your network with firewalls and security policies that keep your employees and customers safe.

If you want help securing your business, give us a call at (516) 403-9001.

0 Comments
Continue reading

This Malware Targets Your Facebook Business Accounts

Chances are your business has a social media presence in at least some capacity, as it’s a good way to drive traffic to your business. However, hackers want to leverage this benefit against you. A new malware specifically targets Facebook business accounts to launch malicious advertisement campaigns using your own money against you.


Budget Tracking Templates Gone Wrong

Imagine that you are presented with a free budgeting spreadsheet that you can open up in Microsoft Excel or Google Sheets. Sounds like a pretty good deal, right? Well, in most cases, it is going to be too good to be true, and most cases involving the aforementioned Facebook threat involve a tool just like this. The tool markets itself to business page admins through Facebook Messenger, and while it might seem like a good resource at first glance, it’s far from it.

Once the user opens the file, the malware called “NodeStealer” installs. It can sometimes come bundled with other threats that steal cryptocurrency, disable Microsoft Defender, and other issues. The primary threat, however, is the one that steals your social media credentials, specifically your Facebook business account. It will gain access to your accounts to deploy ads using your financial information to foot the bill. These ads are designed to spread more malware.

Have you ever tried to reclaim access to a Facebook account? If so, you know exactly the type of pain to expect, and hackers are taking advantage of the social media website’s lackluster support options to prolong your suffering.

Here’s How to Dodge This Threat

If you’re aware of the threat, you’ll be more likely to think twice before committing to the click. If someone starts to randomly offer you free resources, you should always do your research before indulging them with your trust. If it looks suspicious, chances are you should be careful around it.

Implementing multi-factor authentication is another effective tool to secure your Google, Facebook, Microsoft, LinkedIn, and Twitter/X accounts. In fact, if you can implement MFA for any account, you absolutely should. The additional layer of security might just save your bacon one of these days.

Finally, if you think that one of your systems has been breached or compromised, you need to take swift action. Change all of your passwords and notify the appropriate parties. There’s no good that can come from sweeping it under the rug.

MSPNetworks can help you secure your business. Find out how by calling us at (516) 403-9001.

0 Comments
Continue reading

Ask a Tech: All Your Questions About Ransomware, Decrypted

Ransomware is such a common occurrence these days that it has entered the public discourse, but we also want to note that it’s such an important topic to discuss with your team that you can never talk about it enough. We want to address some of the most common questions we get asked about ransomware and what can be done about it.


How Does Ransomware Affect Your Business? Why Should You Be Concerned?

Ransomware is malware that encrypts, or locks down, data on a device or system, rendering it useless until the decryption key is provided by the attacker. The criminal attacking your device essentially holds your data for ransom until you pay a price of some sort, usually through Bitcoin or other cryptocurrencies, but hackers can also steal your data and sell it to the highest bidder if you don’t pay up.

This is obviously bad, but it gets worse when the hackers threaten to delete data after a time period has passed—usually represented by some sort of countdown clock. There is pressure to pay the ransom coming from multiple fronts, and it can be very difficult to manage if you’re inexperienced with threats like these.

Does Antivirus Help Against Ransomware?

Ransomware enters a network in all of the usual ways, but it’s often through social engineering that it makes its way to your network. In other words, the hacker skirts around your security solutions by using your users as a means to enter the network through phishing attacks. If hackers can get the requisite amount of information and access through the use of malicious links or email attachments, and if the user provides permission, then your antivirus software is not going to help prevent it.

What Do I Do if I’ve Been Infected?

Rather than react to ransomware as it occurs, you should be preparing to prevent ransomware attacks in the first place through maintaining a comprehensive, off-site, isolated data backup. This allows you to effectively restore your infrastructure without having to pay the ransom, which can be a powerful option if there are no others present.

Should I Pay the Ransom?

It can be tempting to just pay the ransom in exchange for the decryption key, but we urge you not to do so. There is no way to guarantee that the hackers will give you what you need, and worse, you’re providing financial support to those who are wronging you and will likely harm others.

What Do I Do After a Ransomware Attack?

It might be tempting to rest on your laurels after a ransomware attack, but the work is only beginning. There is a chance that your data has been stolen or compromised as a result of the breach, meaning you could have regulatory issues from noncompliance and legal concerns stemming from the attack. Furthermore, you’ll need to address the root cause of the issue—how you were attacked in the first place—and shore up the vulnerability as quickly as possible.

You might also experience some loss of trust and customer confidence as a result of the attack. Indeed, the prolonged impacts of ransomware could last for much longer and be much more devastating than you might expect.

How Can You Protect Against Ransomware?

If you want to keep your business safe from ransomware, you’ll want to focus on protecting your data by teaching your team about ransomware, phishing, and how it could affect the business. Additionally, you’ll want to ensure that your backup is prepared, tested, and ready to go at a moment’s notice. This will help you respond quickly should the need arise. There’s also the plethora of cybersecurity solutions we always recommend, as well, as you can never be too careful.

To best prepare your business for ransomware attacks and other cybersecurity threats, reach out to MSPNetworks at (516) 403-9001.

0 Comments
Continue reading

3 Scary Things About Ransomware That You Should be Wary Of

Ransomware is one of the more dangerous threats out there for businesses of all industries and sizes. To help emphasize just how dangerous it is, however, you have to look past the initial threat of having to pay a ransom and look at the other risks associated with it. We’re here to try to get the point across that ransomware is something your business should absolutely be taking seriously.


Ransomware Spreads Easily

There is a reason why ransomware is picking up in popularity, and it’s because it is a remarkably simple threat to spread. While it certainly spreads through the usual methods, like downloading infected files or clicking on suspicious links, ransomware is most effectively spread through the use of phishing attacks which trick users into falling for a trap. Whether it’s being fooled by a phony tech support email or being scammed through a social media message, you can bet that ransomware attacks will use phishing as one of their primary modes of distribution.

Restoring from a Backup is Not Enough

It never hurts to have data backups ready to go in the case of any security breach or attack, but it’s even more important in the case of ransomware as you often cannot get around the encryption on the system without them. Even if you do have a backup, however, there is always the threat that the hacker will steal your data or leak it online somewhere, creating additional problems. Simply put, restoring data from your backup might not be enough to solve all of your problems, and you should be aware of the fallout that could result from such a ransomware attack.

Ransomware Costs More Than Just the Ransom

Some individuals think that ransomware really only costs your business money in terms of the ransom, but the costs associated with ransomware are far more and far scarier than what you’ll pay the hackers for the safe return of your data. In reality, a ransomware attack is going to cause costly downtime—time that your business is not functioning as it should—and you could also be subject to compliance fines. Add in the cost of your data potentially being leaked online, and you have yourself a recipe for the downfall of your business, unless you play your cards right.

Obviously, ransomware is a scary thing to deal with, and not in the expected ways, but it’s fairly straightforward to protect against. And, thankfully, you don’t have to do it alone.

Don’t Let Ransomware Harm Your Business

If you want to ensure that ransomware doesn’t cause trouble for your company, then MSPNetworks can help. We can equip your business with preventative security solutions, train your staff on how to identify potential threats, and back up your systems so that you’re not impacted drastically in the event of an attack. To learn more, reach out to us at (516) 403-9001.

0 Comments
Continue reading

System Failure Is a Big Risk that Every Business Takes On

In today’s business, the more robust an IT network is the more risk there is of system failure. This comes down to what is known as Murphy’s Law, which states anything that can go wrong, will go wrong. That’s why when coming up with a defense strategy, you need to mix smart IT management decisions with overwhelming redundancy to have a chance. In this week’s blog, we will outline some of the most common reasons for system failure and why you need a data backup solution.


Reasons for System Failure

Before we start listing reasons that your information systems might see critical failure, we should state that by having a strategy to confront each of these possibilities, you are going a long way toward protecting your business against the costly downtime that these events can cause. Let’s start with outside threats first:

Malware Attack

Nowadays, the threat landscape is getting more and more concentrated with possible malware threats; some of which are really problematic. Malware can come in many different forms and can cause a vast array of different negative impacts to an organization. Some of the worst malware attacks are considered ransomware. This is not only a devastatingly thorough malware, but also an extortion plot aimed directly at your reliance on your IT. 

Ransomware can quickly encrypt and lock down entire computers or your whole network and presents the administrator with a choice: either pay the demanded ransom to get your data back or refuse and risk that information be deleted and/or shared. Most businesses hold a lot of sensitive information, whether it is business-related intellectual property or customer-related personal data, so they are frequent victims of these types of scams. A ransomware will take your whole system down and create a lot of confusion. Maintaining a comprehensive cybersecurity strategy with training, testing, and the deployment of various updated tools at its center is crucial to keep malware from being a problem for your business.

Ineffective Power Management

One frequent problem organizations face is weather; and, it can be a bigger problem for some organizations than others. You see, your technology needs power to run and if it isn’t sufficiently protected, a brownout or a surge can completely decimate your onsite IT. This can destroy critical components and cause data loss.

The best way to combat this is to use a device called an Uninterruptible Power Supply (UPS). This device is powered by batteries so when a power surge happens (typically when the power goes out), it doesn’t affect any of the internal components of your technology. It also has enough power to power down your technology, so that there aren’t any abrupt cuts of power that can render the power supply of your workstations and servers inoperable. 

Poor Policies and Training

In order to keep your business’ IT infrastructure secure, you need your staff to do a lot of the heavy lifting. You also need to put them in a position to succeed. The fact is that the majority of business-altering security problems come from end-user mistakes. It makes it extremely important that you have a workforce that is both cognizant that they will need to be aware of how attacks are levied and what to do to ensure they don’t become organizational problems. 

This can be greatly mitigated by having a comprehensive security training regime in place. You will want to train your people on the best practices of creating passwords, how multi-factor authentication works and why it is important, what variables to look for in their messages to be able to spot phishing attacks and other scams, and why complying with cybersecurity efforts can work to make it much easier for IT administrators to control the security of the information systems they manage. 

Why Data Backup is So Important

These three variables are essential to keeping threat actors at bay, but they are only part of the overall puzzle. One of the most important parts of a data security strategy is to have a comprehensive backup and recovery plan. Not only do you need to have a data backup that is updated regularly (and incrementally if possible), you also need it to thoroughly meet the wide variety of data restoration needs.

Consider for a minute the number of reasons a system can fail or data can be lost. There are quite literally dozens of different reasons why you would need to restore your data. You need a data redundancy plan that addresses the immediate needs of data restoration, longer term outages that could put your organization into flux, as well as the unlikely scenario that your hardware is compromised and destroyed and you need data redundancy that is able to restore from offsite. 

At MSPNetworks, we offer our Backup and Disaster Recovery service that not only provides you with an incremental backup platform inside your business, it also uploads that data to the cloud to ensure that if something happens to your hardware that you still have access to your business’ crucial data. The fact is that disaster is usually not a situation that happens over time. Problems arise quickly and you need to have solutions to any problem at hand just as fast. 

If you would like to learn more about how our technicians can help you build the technology you need to be successful, or how we have a contingency for all types of business technology problems, give us a call today at (516) 403-9001.

0 Comments
Continue reading

A Look at Ransomware and What to Do About It

There is a lot made about ransomware, for good reason. It is quite simply one of the nastiest cyberattacks out there and it demands your attention. A lot of people understand what exactly ransomware sets out to do, but they don’t understand how it got that far and how to address the situation if they have the misfortune of being put in that position. 


How a Ransomware Attack Works

Basically, the ransomware attack can be deployed in any way that malware would get into a network. Most of the time it is deployed through phishing, which is a scam that uses fear to get people to make impulsive decisions and give network or system access to hackers. Once in, it is pretty simple for them to execute malware, including ransomware. 

Once run, the ransomware will encrypt and lock down all of the files on a device or even a network and then inform the user that they have been infected. File access is replaced with a notice with a ticking clock: Pay the ransom demanded or else. 

What Do You Mean “Or Else”?

Ransomware is one of those rare attacks that can hurt your organization in many different ways. Obviously, holding your files and data isn’t exactly targeted altruism, so that is the first sign that something terrible is happening. The ticking clock telling you that you have only a short amount of time before your files are lost forever isn’t great either. While we never recommend paying the ransom, it might seem like the only viable choice to get back in action following such an incident. This is especially true in more recent ransomware cases where hackers are also threatening to release encrypted data if the victim refuses to pay the ransom. This puts businesses in a difficult situation; do they risk the security of their data as well as the fines that come from the failure to properly protect it, or do they pay the ransom? It’s a lose-lose situation, and one that is entirely preventable with enough precautions.

What Can You Do to Stop Ransomware?

Let’s look at three strategies that you should have in place to help you ward off all types of cybercrime, including ransomware attacks:

Train Your Users to Detect Phishing Messages

Phishing is the #1 attack vector for ransomware and if you train your staff about the signs that they may be dealing with a potential phishing attack, the less likely your business will ever have to deal with ransomware. Some things your staff should be on the lookout for in their correspondence include:

  • Messages that ask for sensitive information.
  • Messages that use different domains from legitimate sources.
  • Messages that contain unsolicited attachments and links.
  • Messages that tend to have poor grammar and don’t typically have the elements of personalization that you would expect.
  • Messages that try to elicit panic resulting in impulsive action.

A message having any or all of these variables doesn’t automatically make it a phishing message, but the illegitimacy of phishing messages can often be ascertained by the message itself. 

Keep Your Software Patched

You will want to make sure that firmware, antivirus software, operating systems and other applications you utilize are consistently patched. New ransomware versions come out of the blue and by the time anyone catches on, the hackers that perpetuated them are counting their Bitcoin. By patching software, you ensure that your software is current and has taken into account the threat definitions necessary to keep malware of any type out of your network. The knowledgeable professionals at MSPNetworks have a patch management platform that can save you and your staff the time and effort needed to keep up on all new software updates. 

Backup Your Data

Finally, you will always want to back up your data; not only to combat ransomware, but because it could literally save your business. Having up-to-date backups can help you bypass the ransom demand and restore data and applications affected by the hacker’s encryption. Since most ransomware today is sophisticated enough to search for backup files, you will definitely want to keep a backup offsite, so that they aren’t corrupted.

If you would like to ensure that your business is set up to combat ransomware, give the IT experts at MSPNetworks a call today at (516) 403-9001. 

0 Comments
Continue reading

Careful! There’s an Infected Version of WhatsApp Out There

WhatsApp is one of the world’s most popular messaging applications. With over 2 billion users, WhatsApp is known for its relative security, as it is one of the few messaging applications that offers end-to-end encryption. A modified version of WhatsApp, called YoWhatsApp, has been reportedly deploying malware.


What is YoWhatsApp?

YoWhatsApp is an unofficial version of WhatsApp that users can download and install on their smartphones. The developers claim it offers the ability for users to lock chats, send messages to unsaved numbers, and customize the look and feel of the application with various theme options. There are other unofficial WhatsApp versions out there with similar enhancements.

This sort of thing isn’t new. Ever since the early days of instant messaging software, developers have been building “enhanced” versions of popular messaging applications. Back in the early 2000s when AOL Instant Messenger was popular, there were several unofficial versions that offered additional features that removed ads, allowed more anonymity, and offered more features than the source material. However, using these third-party versions often came with some risk—sometimes they contained malware or made your account less secure.

This definitely appears to be the case with YoWhatsApp. 

What Are the Risks of Using an Unofficial Version of WhatsApp?

According to a recent Kaspersky Report, YoWhatsApp distributes Android malware known as the Triada Trojan. The same was discovered last year with FMWhatsApp, another modified unofficial version of the application.

Triada gains control over your SMS messages, and can enroll its victims in paid subscriptions without their knowledge and impersonate them, sending spam and malicious content to others from their phone number.

This, in turn, can then affect users who actually use the official versions of WhatsApp. 

While, as far as we know, WhatsApp is generally a safe application to use, the various third-party versions are not.

Understand What You Install

The concept of third-party developers creating unofficial “enhanced” versions of popular software isn’t anything new. It isn’t always a risk either, but you need to consider that unofficial versions aren’t usually as supported or secure as the official ones. If someone made a variation of Microsoft Outlook that offered some new features that the original didn’t have, and then Microsoft found and patched some vulnerabilities in their original version of Microsoft Outlook, it would be up to the third-party developer to also patch and update their version. You can’t really rely on that. You also need to consider that cybercriminals will go to great lengths to extort money from a wide set of users, and that includes building a “better” version of a popular app and paying to run ads to get users to download it and install their ransomware.

Whenever you install anything on your PC or smartphone, be sure to check to see if you are getting it from the official developer. If you aren’t sure, take some time to do a Google search, or reach out to MSPNetworks to have us help you. It’s better to be safe than sorry.

0 Comments
Continue reading

It’s Time to Fight Malware with AI

This past year saw a dangerous 86% increase in the most dangerous types of malware out there, so we want to ask you an important question: are you ready to protect your business from the different types of threats you might encounter? We know a technology solution that might help this mission along, and we want to share it with you today: artificial intelligence.


Let’s discuss some ways that AI can assist your organization’s cybersecurity efforts.

Malware is Growing More Dangerous

The biggest notable trend in cybersecurity is the increase in dangerous types of malware, as it has increased by a whopping 86% over the past year alone. These threats are not easy for the average user to spot, either, thanks to phishing, malicious websites, downloads, and other types of attack mediums. They can be difficult to identify and respond to, and businesses that don’t have a plan of action will be in a difficult position.

AI Helps Solve This Problem

AI-powered security tools give businesses the upper hand in identifying threats and protecting their assets.

If you can leverage artificial intelligence and machine learning to your advantage, you’ll be more likely to uncover and stop attacks like ransomware before they occur.

Now, ransomware is pretty scary stuff, we won’t lie to you, and since it is spread primarily through phishing attacks, you need a solution in place that can help to stop these attacks before they have a chance to succeed. These attacks specifically target your users, and they can fool even the most seasoned employee into making a decision that they will come to regret. Naturally, this leads to cybercriminals making phishing attacks difficult to identify and making them as convincing as possible.

You can train employees to identify these attacks, but there will always be a chance that someone slips up. Artificial intelligence can pick up where they fall short, though.

How Does AI Help Your Business?

AI can use predictive tools and analysis to identify threats your organization might face. This has led to many companies adopting it as a security measure, and it can help in several ways. Here are some reasons why businesses might implement AI:

  • Spam and phishing protection
  • Analyzing DNS data to detect threats
  • Identifying problematic data
  • Tracking advanced malware

AI has become more accessible than it has ever been, so we think it is worth exploring the concept further.

Let Us Help You Protect Your Business

MSPNetworks can help your business manage its technology and cybersecurity. To learn more, reach out to us at (516) 403-9001.

0 Comments
Continue reading

“No More Ransom” is Leading the Fight Against Ransomware Abroad

Ransomware is one of the more dangerous threats out there today, and since it is so prominent and dangerous, it is a popular choice amongst hackers. To combat this threat, a community has formed around the cause, encouraging users to not pay the ransom by providing free malware removal tools for the most popular ransomware threats.


Europol, a European Union law enforcement agency, is in charge of this initiative, called No More Ransom. The agency has helped over 1.5 million victims of ransomware overcome the attack and recover their files without paying the ransom. These victims have saved an estimated $1.5 billion dollars, which is a considerable amount of money to keep out of hackers’ coffers.

No More Ransom began in 2016 in collaboration with the Dutch National Police and other cybersecurity and IT companies. It began with only four ransomware decryption tools, but now, they provide 136 free decryption tools to take on 165 different ransomware variants.

Still, ransomware is a problem, and the fact that it requires this kind of special attention means that you need to take it seriously.

Why You Should Never Pay the Ransom

Hackers use ransomware because it makes people pay up simply because it’s the easiest way to solve the problem. Unfortunately, it is rarely that simple, and even those who do pay the ransom suffer from unforeseen consequences.

Further complicating this decision is the fact that those who pay the ransom are effectively funding further attacks and reinforcing the fact that ransomware works. Simply put, hackers will be more likely to attack with ransomware if they know people are scared enough to pay up, and with more resources at their disposal, they can expand their reach and infect even more victims.

This is why we advocate for not paying the ransom. In the heat of the moment, it’s not always so clear, but we urge anyone infected by ransomware, businesses included, to slow down and consider the repercussions of their actions. There are situations where you might feel like you have no choice but to pay, particularly in double-extortion situations where the threat of online leaks of your data is imminent, but we assure you that you always have a choice in the matter.

Instead, You Should Call Us!

If you become the target of ransomware, we suggest you call MSPNetworks at (516) 403-9001. We can walk you through the appropriate next steps to address ransomware on your network.

Granted, it’s easier to prevent ransomware in the first place than to deal with an active threat, so we also recommend that you outfit your network with top-notch security solutions. Compound these with proper employee and end-user training to minimize the possibility of ransomware striking your company. While there is never a guarantee, the odds of it crippling your business will be significantly less with these steps in mind.

Get started today by calling us at (516) 403-9001.

0 Comments
Continue reading

Cybercriminals Are Among Your Biggest Competition

When we think about cybersecurity, we usually think about protecting our computers from viruses, right?

I’d imagine a few of our older readers remember a time when you would go to the store and buy antivirus software that came in a big brightly-colored box with a CD in it each year.

As you probably already know, things aren’t as simple anymore.


Cybersecurity is a Huge Problem, Because It’s a Lucrative Business

Maybe the idea of going to the store to purchase the latest version of Norton Antivirus for my home PC makes me wax nostalgic a little, but things have become much more complicated over the last couple of decades when it comes to cybersecurity.

Gone are the days where computer malware simply exists to spread and annoy users. Well, that stuff still exists, but most users are pretty well protected from it, thanks to free antivirus software and built-in protections that are baked right into the various operating systems we’ve come to depend on.

Unfortunately, cybercriminals started to figure out the value of their skills and have been able to turn their talents into careers. I won’t dive too deep into the history of this, as it’s not even necessarily new, but it has been a major factor behind the majority of attacks against personal users and businesses.

It’s estimated that over one percent of the entire global economy is lost to cybercrime each year, and that rate has been increasing quickly over the years. A single percentage might not seem like much, but it’s monetary worth at least $600 billion, and it’s also likely that percentage is a bit higher as many crimes go unreported. As a comparison, the US film industry is about 3.2% of the GDP, and the US professional sports industry is about 1% of the GDP.

That’s not nothing.

Cybercriminals Treat It Like a Business

It’s pretty rare to come across a business that doesn’t have some form of antivirus these days (thank goodness). That’s good. All businesses need to have centrally-managed, carefully monitored, and thoroughly maintained antivirus.

Let that sink in, though. Most businesses have this base-level of protection, but cybercrime is booming.

You need to look at cybercriminals and realize there are very clever, hard-working entrepreneurs within this group, and that they are always looking for ways to grow and expand. You need to compare cybercriminals to other businesses you see today. They are constantly trying to disrupt in the same way that Uber and Lyft disrupted the taxi industry… while also disrupting the course of business for everybody else involved.

It’s a business about making the most money with minimal effort, using tactics that can easily be repeated and have a high success rate.

Look at them as your competitors in sort of a weird sense. They are ruthlessly vying for your revenue.

It’s Time to Take Cybersecurity Seriously

For many businesses, complying with certain levels of cybersecurity protections is the law, but it’s more than that too. Even if you are a healthcare practice that is strictly following HIPAA and every other compliance regulation, you need to review and push that envelope a little harder to stay ahead of those who are working just as hard to get a piece of your business.

It’s terrible, it really is. Like I said, I miss the days when it was as simple as installing new antivirus every year.

That said, we are here to help. At MSPNetworks, we take a security-first approach to everything we do, and we can help your business protect itself. It’s not worth waiting. Even if you just want a second set of eyes to evaluate your network, don’t hesitate to give us a call today at (516) 403-9001.

0 Comments
Continue reading

Turns Out There is a Trend for Cyberattacks Over Holiday Breaks and Weekends

There are countless cybersecurity threats out there, many of which wait until very unfortunate times to strike. One such time is over extended weekends or holiday breaks, when many companies shut down operations longer than the usual two-day weekend. In fact, this is such an issue that the Federal Bureau of Investigation and CISA have issued warnings in response to them.


The FBI and CISA issued an advisory in September warning companies to take preemptive actions to ferret out threats on their networks ahead of the Labor Day weekend. This is presumably because threat actors are aware that IT staff will have limited availability when offices are closed for long weekends, but the issue extends not just three-day weekends but also into holiday weekends in general. 

The advisory specifically cited ransomware attacks as potential problems, and looking at the trends from this year, it’s no wonder. A quick look at some of the high-profile hacking attacks over the past year shows a clear trend in these attacks being instigated against companies over holiday weekends. For example, the Colonial Pipeline attack occurred over Mother’s Day weekend, and the attack on JBS took place over Memorial Day weekend. The massive ransomware attack against Kaseya took place over the July 4th weekend.

If you think about it, escalated numbers of cyberattacks over holidays or long weekends make a lot of sense. Many organizations and businesses close their doors and shut down operations for the weekend, meaning that there are fewer people on staff to keep an eye on things. When there are fewer people working, there are more opportunities to sneak in and do some damage. It’s safe to say that while the rest of us are on break or holiday, a hacker’s job is never done, and they do not care for festivities as much as they care about ruining your business.

Therefore, we recommend that you consider the following: remote monitoring services, enhanced security protections, and regular audits of security logs so that you are never caught unawares, even over holiday breaks or long weekends. Through a combination of proactive measures and continuous review of your systems, you should be able to not only identify the potential for threats on your network, but prevent them entirely.

So, how does a business with limited resources still give their employees the time off they deserve while also protecting their network from the myriad of threats found in today’s connected world? We have a solution for you; MSPNetworks wants to help your business successfully navigate the dangerous world of cybersecurity without compromising on quality of protection. If your company struggles with technology management and there is a significant knowledge gap within your organization regarding cybersecurity, we would be happy to help fill that void.

Our systems can automatically monitor your network for suspicious activity and detect problems before they occur. This proactive monitoring can keep your organization from becoming a victim of cybersecurity threats like ransomware and other dangerous types of malware. Trust us when we say that the most effective way to protect your business is to take a hard stance on it before you get infected with some type of threat.

Don’t wait until something horrific happens to your business to take action against the ever-increasing number of cybersecurity threats. Contact us today at (516) 403-9001 and start your journey toward securing your company.

0 Comments
Continue reading

New Study Finds That Paying Off Your Ransomware Attackers Has Some Severe Consequences

We know, we know; you’re probably sick of seeing ransomware in headlines, and so are we, but we cannot stress enough how important having an awareness of it is for any business owner. A new study has found that businesses infected by ransomware who choose to pay up experience a different type of fallout--one that is a major cause for concern and a stark reminder that there are no guarantees with ransomware. Ever.


A Cybereason survey, conducted by Censuswide, polled 1,263 security professionals from all over the world and discovered some concerning results. Here are some of the major takeaways, specifically related to companies that paid their ransomware attackers:

  • 80% of organizations that paid their ransomware attackers the ransom experienced a second attack.
  • Of these organizations, 46% believe that the same hackers were responsible.
  • 46% of organizations that paid the ransom found that at least some of their data was corrupted.
  • 51% of organizations did not experience data loss or corruption.
  • 3% were not able to retrieve their data at all.

This study confirms something that we have been preaching for years. Why should you ever trust a hacker who has encrypted and stolen your data to return it to you? It just doesn’t make sense. Furthermore, when you pay hackers to decrypt your data, you are doing two things. For one, you are inadvertently funding future ransomware attacks by providing the funding hackers need to execute such attacks. You are also showing hackers, and everyone else watching the situation, that ransomware works, which is a far more dangerous idea to foster. If cybercriminals see that these attacks work, they continue to propagate them.

Granted, we understand that it’s not always so simple; the recent rise in “double-extortion” ransomware puts a lot of pressure on organizations to pay the ransom. Hackers threaten to release the encrypted data when the ransom is not paid, potentially subjecting the company to further data privacy fines. It’s just adding insult to injury and kicking organizations when they’re down. This particular approach is devastating because even the usual method of beating ransomware--restoring a data backup--won’t stop the hackers from releasing said data. It’s a tough spot to be in.

Our recommended course of action is simple: take proactive measures against ransomware before you get infected by it, as no matter what circumstances you find yourself in post-infection, it is sure to get messy and complicated.

MSPNetworks can equip your business with the proper security measures and tools to minimize the chance of ransomware infection. Furthermore, we can help you take appropriate action in the event that you do get infected. Don’t let hackers dictate the future of your business; give us a call at (516) 403-9001.

0 Comments
Continue reading

Your Guide to the Modern Varieties of Cybercriminal

There is an entire litany of stereotypes that are commonly linked to the term “hacker”… too many for us to dig into here, especially since they do little but form a caricature of just one form that today’s cybercriminal can take. Let’s go into the different varieties that are covered nowadays under the blanket term of “hacker,” and the threat that each pose to businesses today.


To give this list some semblance of sensible order, let’s go from the small fish up to the large players, ascending the ladder in terms of threats.

The Ethical Hacker

First and foremost, not all hackers are bad. Certified Ethical Hackers are high-profile cybersecurity experts that are designed to think like a cybercriminal. They can be employed to determine how secure your organization is. 

The Unintentional Hacker

We all make mistakes, and we can all get a little bit curious every now and then. Therefore, it stands to reason that this curiosity could get people into trouble if they were to find something—some mistake in its code or security—on a website. This is by no means uncommon, and the question of whether this kind of hacking should be prosecuted if the perpetrator reports their findings to the company has been raised by many security professionals.

Regardless, if someone can hack into a website without realizing what they are doing, what does that say about the security that is supposed to be protecting the website… or, by extension, a business’ network? Whether or not you take legal action, such events should never be glossed over and instead be addressed as growth opportunities for improving your security.

The Thrill Seeker

Each of the hackers we’ll cover here has their own motivation for hacking into a network. In this case, that motivation ties directly back to bragging rights (even if the hacker only ever brags about it to themselves). While these hackers were once far more common, the heightened accountability and legal consequences that such behaviors now bring have largely quashed the interest in such hacking. Many of those that would have once been interested in this kind of hacking are now focused on modifying hardware over software, turning to interest-based kits like the Raspberry Pi and others to scratch their “hacking” itch.

The Spammer

Adware—or a piece of software that hijacks your browser to redirect you to a website hoping to sell you something—is a real annoyance, as it wastes the user’s valuable time and energy. It also isn’t unheard of for otherwise well-known and legitimate companies to use it in their own marketing, despite the risk they run of having to pay regulatory fines due to these behaviors.

While the real damage that adware spamming can do may seem minimal, it is also important to put the nature of these efforts into perspective. An adware spammer will use the same tactics that other serious threats—things like ransomware and the like—are often spread through. If you’re finding your workstations suddenly inundated with adware, you are likely vulnerable to a much wider variety of threats than you might first assume.

The Botnet Recruiter

Some threats to your network aren’t even technically directed toward your business itself. Let me ask you this: would you see it as a threat to have your computing resources taken over and co-opted for another purpose? After all, the result is effectively the same as many more directly malicious attacks—greatly diminished productivity and efficiency.

This approach is quite literally how a botnet operates. Using specialized malware, huge numbers of otherwise unassociated machines can be taken under control and have their available resources directed toward some other means. A particularly famous example of a botnet’s power came just a few years ago, when a botnet was utilized to disrupt the services of Dyn, a DNS provider. This took popular websites like Twitter and Facebook down for several hours.

Missing or neglected patches are one of the simplest ways for a botnet to claim your resources as its own—particularly when login credentials haven’t been changed.

Hacktivists

While political activism can be a noble cause, the hacktivist goes about supporting their cause in a distinctly ignoble way. Operating in sabotage, blackmail, and otherwise underhanded tactics, a hacktivist that targets your company could do some serious damage—despite the good that most of these groups are truly attempting to do.

Of course, the law also doesn’t differentiate between different cybercrimes based on motive, making this form of protest particularly risk-laden for all involved.

The Miners

The recent cryptocurrency boom has seen a precipitous uprising in attacks that try to capitalize on the opportunity, using tactics that we have seen used for good and bad for many years now. Above, we discussed the concept of a botnet—where your computing resources were stolen to accomplish someone else’s goal. However, the practice of utilizing borrowed network resources is nothing new. The NASA-affiliated SETI (Search for Extraterrestrial Intelligence) Institute once distributed a screen saver that borrowed from the CPU of the computers it was installed on to help with their calculations.

Nowadays, cybercriminals will do a similar thing, for the express purpose of exploiting the systems they infect to assist them in hashing more cryptocurrency for themselves. The intensive hardware and utility costs associated with mining cryptocurrency often prohibit people from undertaking it on their own—so enterprising hackers will use their malware to find an alternative means of generating ill-gotten funds.

The Gamers

Despite the dismissive view that many have towards video games and their legitimacy, it is important to remember that the industry is worth billions (yes, with a “B”) of dollars, massive investments into hardware and hours poured into playing these games. With stakes that high, it is little wonder that there are some hackers that specifically target this industry. These hackers will steal in-game currency from their fellow players or launch their own distributed denial of service attacks to stifle the competition.

The Pros-for-Hire

The online gig economy has become well-established in recent years—where a quick online search can get you a professional to help you take care of your needs, whether that be for childcare or for car repairs or any other letter of the alphabet. Similar services exist for directed cybercrime efforts as well.

Using a combination of home-developed malware as well as examples that they’ve bought or stolen themselves, these professionals will license out their services for a fee. Whether it’s a governmental body seeking sensitive intel or a business seeking to undermine a competitor, these mercenaries can pose a significant threat against anyone who lands in their crosshairs.

The Thief

On a related note, a lot of modern cybercrime is simply a digitized version of crimes we have seen in years past. Without another stagecoach to hold up, highway robbery has simply been shifted to the information superhighway, the stick-‘em-up translated to ransomware, dating scams, or denial-of-service attacks. The overarching motivation behind most of these efforts is simple: illegitimate fiscal gain.

The Corporate Crook

Corporate spying is a decidedly more direct version of the pro-for-hire trend that we discussed above, where a hacker will target a business’ documents and resources to help their competition in any way they can. While there may not be honor among thieves, there can be amongst the businesses that these thieves will try to sell stolen data to, as some companies have reported the theft after being approached.

The Nation State

Finally, we come to perhaps the biggest threat out there to many: massive teams of professional, government-employed hackers working to undermine the operations and machinations of other nations—both in their governments and their industries. This is generally intended to put the other nation in a diminished position should hostilities ever erupt.

If you remember the 2014 satirical movie The Interview—and more pertinently, the hack that Sony Pictures suffered in retaliation for the film—you’re aware of a very recognizable example of this kind of threat actor.

Clearly, the idea of a hacker that so many have is far too minimalistic to be relied upon anymore… especially if you’re staking your company’s cybersecurity preparedness on it. That’s why MSPNetworks is here to help. Our professionals are well-versed enough in best practices to help prepare you to deal with a much more realistic cyberattack. You just have to reach out to us at (516) 403-9001 to get started.

0 Comments
Continue reading

Tip of the Week: Spotting Potential Mobile Malware

Chances are, you not only have a smartphone, but that smartphone is also currently within arm’s reach. With these devices playing an increasingly important role in our personal and professional lives, these devices have proven to be a lucrative target for hackers to pursue. This week, our tip is meant to help you spot the warning signs that an application is hiding an attack.


Too Many Permissions

As careful as so many are with their data security, mobile applications can be a glaring blind spot. While access to certain files on the phone is required for certain applications to function, other applications should have no need for the data they request. Each application you use should have its requested permissions evaluated, and should one ask for too much, you need to reconsider using that app. This is also one of the reasons it is important to only source your applications from an established applications store—these app stores are vetted and regularly reviewed to catch malicious apps.

Battery Loss

Time for a basic physics lesson: the first law of thermodynamics states that the amount of energy in the universe is a set amount. This means that energy cannot be created or destroyed, only converted to a different form. While the battery in your phone is an imperfect example of this, the theory stands: if you don’t use it much, the phone should remain charged. So, if your phone suddenly drops in battery life seemingly without explanation, that’s a bad sign.

Malware could be the explanation you’re looking for. Running in the background, some mobile malware will collect assorted data. To find out which applications are responsible, it helps to check how much power different applications consume in your battery settings.

Passwords Stop Working

So, you type in your password, just as you always do, and press the enter key. Incorrect password. Whoops, you must have hit two keys at once or something, so you type it again. Incorrect again. Again and again, you type your password, making sure it is perfect, only to have it kickback.

This is an almost sure sign that your account has been taken over and your credentials changed. Reclaim the account if you can and reset passwords for all your accounts using best practices. It may also be wise to restore your device entirely from a backup to wipe any malware that may have been lurking.

MSPNetworks can help your company manage its entire technology infrastructure, down to the mobile devices that we so commonly see. Learn more about what we can offer you by calling (516) 403-9001.

0 Comments
Continue reading

Hit Back Hard Against Malware

The threat landscape is filled with more types of malware than ever. To keep your business’ network running effectively, it’s important to have a strategy to keep malware out. Today, we’ll talk about a few basics you should know to keep your cybersecurity strategy working properly.


Under A Thumb

Are you aware that there are readily available websites that are strictly devoted to providing the default factory passwords for devices of all types? With these passwords, and a little bit of knowledge about what hardware you have, people could access your network easily?

To combat this, you need to think about every single access point your business has and lock them down. Once they are locked down, you will also need to secure your online accounts and your physical location’s access points. To do this you should take time to document all of your network’s possible entry ways and do what you need to do to secure them. You can do this by ensuring that every access point is secured with different passwords (and two-factor authentication where possible).

Keep Your Antivirus Updated

The antivirus solution you use keeps out unwanted entities. But what happens when malicious entities aren’t recognized by the antivirus solution? That’s right, it passes right by, infiltrating your network. To avoid this scenario, you will want to ensure that your antiviruses, antimalware, and firewalls are all updated with the latest threat definitions. 

Keep a Backup

Most importantly, you may think you are in control, but it only takes one thing to slip by your defenses to complicate things. That’s why you will want to keep routine and periodic backups to ensure that if something does happen that you can restore from backup quickly and get back in business fast. 

Remember all it takes is one. MSPNetworks staff's professional technicians versed in the best practices and protocols of comprehensive data and network security. To talk to one of our knowledgeable IT experts about securing your business, call us today at (516) 403-9001.

0 Comments
Continue reading

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.


What Happened to Brookside ENT?

Typical of a ransomware attack, the malware began by deleting and overwriting all of the practice’s data - every medical record, bill, and upcoming appointment. A duplicate of each file was left behind, locked behind a password that the person or persons responsible promised to provide in exchange for a $6,500 wire transfer.

Under the advisement of an “IT guy,” Dr. William Scalf and Michigan state senator Dr. John Bizon didn’t pay the ransom, as they couldn’t be sure that the password would even work, or that the ransomware wouldn’t return in the near future. As their IT resource determined that the attacker hadn’t actually viewed any of the records, this event technically didn’t need to be reported as a breach under the Health Insurance Portability and Accountability Act (HIPAA). Nevertheless, without access to this data, the physicians saw little choice than to retire early.

Well, kind of. As they had no means of knowing who had an appointment scheduled, the physicians had little choice than to wait around the office for a few weeks and see whomever showed up.

Why Throwing in the Towel May Not Be Enough

From a purely academic point of view, it only makes sense that the medical industry would be one targeted by ransomware. Not only do its establishments rely greatly on the data they have stored, there is an urgency to this reliance that cannot be denied. Think about the possible ramifications if a medical practitioner was unable to properly diagnose a patient and recommend treatment because of some unavailable data.

Of course, the strategy that Brookside ENT has adopted to close up shop doesn’t leave its owners off the hook, either. They could still find themselves in plenty of regulatory hot water.

For instance, a ransomware attack (paid or not) could be considered a reportable incident under HIPAA, or even an instigation of a negligence-based legal action. Any patient could invoke HIPAA rules if their data was in digital form and have an investigation started by the Department of Health and Human Services’ Office of Civil Rights, simply by leaving a complaint.

How You Can Protect Your Business from Ransomware

While the best way to keep your business safe is to be able to spot ransomware infection attempts before they successfully fool you into allowing them on your system, statistically, you aren’t going to be able to spot all of them… so what can you do?

One great resource you have available to you is your team. Each uneducated user offers ransomware another way in, but each educated user is another shield to help protect your business.

You should also develop and maintain a comprehensive backup plan to help protect your data from ransomware attacks and other attempts against it. While it would be ideal to not need to use this backup, it would be far less ideal to need one and not have it. Make sure that you keep your backup isolated from the rest of your network as well, so that your backup isn’t also encrypted by a ransomware attack.

At MSPNetworks, we have plenty of experience in mitigating the damage that ransomware can cause, as well as in solving various other IT issues. For assistance with any of your business’ IT needs, reach out to us at (516) 403-9001.

0 Comments
Continue reading

Customer Login

News & Updates

MSPNetworks is proud to announce the launch of our new website at www.mspnetworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact Us

Learn more about what MSPNetworks can do for your business.

MSPNetworks
1111 Broadhollow Rd Suite 202
Farmingdale, New York 11735