Blog

December 12th, 2014

productivity_Dec12_AEmail has become the main form of communication for many businesses. When first launched, many people treated email as simply an electronic version of company memos and letters and therefore created and styled them as such. Over time, email has become much more informal, and while this is great it can lead to problems in overall clarity of communication. However, there is one effective way you can ensure all of your messages are clear and understandable, by adopting PAR.

Better email structure for small businesses

In order for your emails to be clearer and to get the overall message across easily, you might want to implement a PAR structure. This three part framework has been used by many business owners and managers to improve overall communications, and consists of:

Problem

At the very top of the email, below the salutation, provide a brief yet clear overview of the problem which is the subject of the email or the reason you are making contact. When writing this overview don't assume anything, including shared knowledge or agreements, unless you have discussed these with all recipients beforehand. The key here is that you are looking to be able to summarize the main issue.

If you need more than two paragraphs, then you should probably create a longer form report that is attached in the email. The reason for this is because the vast majority of people will simply scan an email, and if it's too long, they will usually skip it, or possibly miss key points. If it is easy to scan and read, then there is a greater chance all parties will be on the same page.

Beyond this, if you are struggling to come up with a short explanation or can't clearly summarize the problem in writing, then email may not be the best medium to be using. Opt instead for a meeting or phone call to discuss the issue more fully.

Action

After stating what the problem is, clearly mark any proposed actions or recommendations using a relevant heading, then specifically lay them out in an easy to read format. You want to be as specific as possible here, ensuring that all parties understand what you want to happen and the actions they will need to take as a result.

For example, if you use vague language, such as: "I need this by the end of the month", people may only carry out what you are asking for on the very last day of the month. Instead, you might be better to give a specific delivery date, and possibly a set time, so that any deadlines are clearly defined. Bulleted and numbered lists can really help here, as long as they are clear and understandable and don't muddle the issue.

Results

Finally, identify the expected results based on the actions you want the recipients to take. This helps ensure that every recipient knows what they should be striving for, as well as serving as an indicator of whether the problem has been specifically solved or not.

If the results aren't met, you have a good opportunity to look back at the process and see if there is any room for improvement, or try to pinpoint exactly why something went wrong or didn't happen as you planned. This in turn, if leveraged correctly, can help improve overall productivity.

Looking to learn more about increasing productivity in your office? Contact us today to see how our systems can benefit your business.

Published with permission from TechAdvisory.org. Source.

Topic Productivity
December 3rd, 2014

Security_Dec01_ASpend even a small amount of time looking at the various massive malware threats out there and you will find that security experts are usually able to figure out who developed it, the intended targets, and where it is most prevalent. In early November, news broke about a mystery security threat called Regin that has been around for years, but which experts seem to know comparatively little about. Many business owners are worried about Regin, but should they be?

What exactly is Regin?

What is most interesting about Regin is that a number of security experts seem to not really fully understand it. They know that it exists, they know it is complex, and they know it is one of the most advanced pieces of malware ever created. But, they don't know what exactly it does, or where it comes from.

What we do know is that Internet security firm Symantec is credited with first bringing Regin to public attention, and that it has been around since at least 2008. So far, the company has said it is similar to the Stuxnet virus that was supposedly developed in (or by) the US and used to attack and subvert the Iranian nuclear program.

Regin is known to infect Windows-based computers and at its core is a backdoor trojan style of infection. From detected infections it is looks like the purpose of the malware is not to steal information but to gather intelligence and facilitate other types of attacks.

What makes this malware so powerful and disturbing is that it is much more advanced than other infections. Using various encryption methods it can hide itself extremely well, making it difficult to detect. It can also communicate with the hacker who deployed it in a number of different ways, thus making it a challenge to block or stop. As a result, it is far from easy to actually figure out what exactly this malware is doing and why.

Who has been infected?

According to various security experts we have been able to compile a list of companies and organizations that have been targeted to date. These include:
  • Telecommunications companies
  • Government institutions
  • Financial companies
  • Research companies
  • Individuals and companies involved in crypto-graphical and mathematical research
At the time of this article, no known attacks have been carried out against companies in the US, Canada, or the UK. The main countries targeted so far have been Russia and Saudi Arabia, along with a smaller number of infections in Malaysia, Indonesia, Ireland, and Iran. A total of 10-15 countries have been targeted since the malware was first discovered in 2008.

Is this a big deal for my company?

Just because your company is operating in a country that hasn't been affected thus far, doesn't mean that you aren't at risk of being attacked by this malware in the future. If you operate in any of the industries or sectors listed above, you could still be at risk, especially if you do business with clients in infected regions.

For now, however, it appears that Regin is only infecting larger government bodies and large companies outside of North America and much of Europe, so the chances of you being infected are relatively low. Although as with any threat, this can change at any moment.

What we recommend is that you ensure your antivirus and antimalware solutions are kept up to date and always switched on. You can rest assured that eventually experts will learn more and block this malware from infecting systems. Beyond this, working with an IT partner, like us, who can ensure that your valuable data and systems are secure, is also be a good idea. The same goes with watching what you download and any emails you open. If you don't know or trust the source, don't download any program, open an attachment, or read an email connected to it.

Looking to learn more about the security of your systems? Contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
December 3rd, 2014

GeneralHealthIT_Dec03_AYou may not want to rely on the Food & Drug Administration’s (FDA’s) app approval system: Roughly 90 percent of Android health-care apps have been hacked, and 22 percent of them were FDA-approved. That information comes from latest State of Mobile App Security report from Arxan Technologies, which attributed the high rate to a lack of information-security training and resources in the health-care field.

Of health-care apps, none that were Apple iOS-based have been hacked. But, looking at all apps, the risk is close between Android and iOS. Looking at the top 100 paid apps, 97 percent of those that are Android-based have been hacked, and 87 percent of those that are iOS-based have been hacked.

Because health-care apps tend to hold confidential patient information, these breaches present serious risk. “Make application self-protection a new investment priority, ahead of perimeter and infrastructure protection,” says Joseph Feiman in a Gartner Maverick Research report, “Stop Protecting Your Apps; It’s Time for Apps to Protect Themselves.”

Click here for an infographic that shows the state of app security, and contact us if you are looking to make sure that your apps are secure.

Published with permission from TechAdvisory.org. Source.

December 3rd, 2014

HealthGeneral_Dec03_AIDC Health Insights has issued its predictions for health-care in 2015, and just as one might expect, they revolve around cost, technology, and operational efficiency. Here are some of the key takeaways.

Cybersecurity. By 2020, 42% of digital health-care data will be unprotected. That creates a risk. By 2015, half of all health-care organizations will have experienced one to five cyberattacks in the previous 12 months—and one third of those attacks will have been successful.

Cloud computing. Hosted infrastructure will become key to data collection, aggregation and analysis, such as by 2020, 80% of health-related data will pass through the cloud at some point in its lifetime.

Mobility. Health-care organizations will seek to improve consumer experience, leading to 65% of transactions to happen on mobile devices by 2018. This will require health-care organizations to develop multi-channels that cater to various screen sizes.

Chronic-condition management. Around 70% of health-care organizations will invest in consumer-facing wearables, remote monitoring tools, and virtual care and the like in order to better manage patients with chronic conditions.

Big data. All of this will lead to more demand for big data. And, more than half of health-care organizations will manage it with routine operational IT by 2018.

Read more about IDC Health Insights’ predictions here. If you are looking to integrate better technology in your practice, please contact us today to see how we can help.

 

Published with permission from TechAdvisory.org. Source.

November 25th, 2014

Hardware_Nov25_AThere are many different pieces of technical equipment most businesses need in order to operate successfully, with one of the most essential being the wireless router. Routers allow one network connection to essentially be split into many and then shared by different users and devices, often over a Wi-Fi connection. If you are looking for a new Wi-Fi router for your office there are some important features you should be aware of.

Essential features

For the vast majority of users, there are five main features that all wireless routers must have in order to make them useful in the office. They are:
  • Network type - Look at any router and you will quickly see that there are a number of different networks available. The four most commonly found are 802.1b, 802.1g, 802.1n, and 802.11ac. These designations are for how fast the router can transfer wireless data, with 802.11ac being the fastest of these four. Most offices should be able to get by on n routers, but those who have users connecting via Wi-Fi and cable may do better with 802.11ac routers - which are backward compatible with other slower network versions.
  • Throughput - This is closely associated with the router's network type, and is usually one of the first things listed on router boxes and specifications. To spot the router's throughput, look for Mbps. This indicates the speed at which the router is supposed to transmit data from your connection to users. It is important to note here that if you have a 100Mbps Internet connection, but buy a router that is only say 80 Mbps, then the total speed will be the lower figure, 80Mbps. Therefore, it would be a good idea to get a router with a higher throughput, or a close throughput, to your main Internet connection.
  • Range - This is particularly important for users who will be connecting via Wi-Fi, as they will likely not be sitting right beside the router. Generally speaking, the further you are from your router, the slower and weaker your connection will be. As a rule of thumb: 802.11ac and n routers will offer the strongest connections and greatest range. But this will all depend on where the router is placed and any natural barriers like concrete walls, etc.
  • Bands - On every single router's box you will see numbers like 5Ghz and 2.4Ghz. These indicate the wireless radios on the router. A dual-band router will have both a 5Ghz and 2.4Ghz radio which allows devices to connect to different bands so as not to overload a connection. Those who connect to a 5Ghz band will generally have better performance, but the broadcast range will be much shorter than the 2.4Ghz radio.
  • QoS - Quality of Service is a newer feature that allows the router administrator to limit certain types of traffic. For example, you can use the QoS feature of a router to completely block all torrent traffic, or to limit it so that other users can have equal bandwidth. Not every router has this ability, but it is a highly beneficial feature for office routers.

Useful features

As well as the above features, which are essential for business Wi-Fi routers, there are also some useful features that may help improve overall speeds and usability. Here are three of the most useful, but not essential:
  • Beam-forming - This is a newer feature being introduced in many mid to high-end routers. It is a form of signal technology that allows for better throughput in dead areas of a business or home. In other words, it can help improve the connection quality with devices behind solid walls, or in rooms with high amounts of interference. By utilizing this technology, routers can see where connection is weak and act to improve it. While this is available on routers with many network types, it is really only useful with routers running 802.11ac, so if you have devices compatible with 802.11ac, then this feature could help.
  • MIMO - Multiple-Input, Multiple-Output is the use of multiple antennas to increase performance and overall throughput. Most modern routers don't actually use multiple antennas or extra antennas to increase performance, instead utilizing this concept to ensure that more devices can connect to one router with less interference and better performance.
  • Antennas - Some routers, especially those geared towards home use, don't have physical antennas, while other higher-end routers do. With many wireless routers, the idea behind antennas is that they allow the direction of the best connection to be configured. It can be easy to think that these antennas will help improve connection, but when it comes to real-world tests, there is often only a nominal improvement if the antennas are configured and aimed properly.
While these features can help improve the overall connectivity and speed of a wireless network, they are not necessary for most business users. If you are going to be tweaking networks however, then these may help. Beyond that, concepts like beam-forming only work well if you have a wealth of devices that are 802.11ac compatible and these are still less popular than devices that are say 802.1n compatible.

Features to watch out for

There are a number of router features that manufacturers often tout as essential, important, etc., when in reality these features are often more about marketing and will pose little use to the vast majority of users.
  • Routers with advertised processor speeds - With many pieces of equipment, the processor speed is an important indicator as to how fast it will run, and how well systems will run. With routers however, there is usually a small requirement for processing power. Sure, some features like firewalls require processing power, but the vast majority of routers have the power to run these. Therefore, advertised processor speeds with Wi-Fi routers offer no realizable benefit to the majority of users.
  • Tri-band - While many routers have dual broadcasting bands, some newer ones are now tri-band. The idea and marketing behind this is that with a third band, throughput can be dramatically increased and this is often reflected in the speeds manufacturers say these routers can offer. In reality however, this often isn't the case, as all this extra band really does is allow for more devices to connect. You will most likely not see an increase in overall connection speed.
  • Patented or trademarked features - Almost every router these days will have individual features (also known as proprietary technology) that the manufacturer includes with the idea that it makes the router that much better, or at least uniquely different, than any other. While many of these features can be useful to some users, they should not be the main reason to select a router.

How do I pick the best router?

Go to any hardware retailer and you will quickly find that the sheer number of wireless routers out there is overwhelming. Sure, they all do the same thing, but some will be better than others. One thing to try is to look at the user submitted reviews of different routers online. While the manufacturers may claim one thing, it is the real-world users who can shed the best insight into products. Try to find more business-oriented reviews rather than views based on domestic use.

What we recommend is to contact us. We can work with you to help you find and set up the best router for your business. Get in touch today to learn more.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
November 25th, 2014

Web_Nov25_AOn November 10, one of the world's most popular browsers celebrated its 10th birthday. It's hard to believe that Firefox is only 10, largely because it has become such an integral part of business life that it's difficult to imagine a time when it wasn't around. In order to celebrate the recent milestone, Mozilla has released a special Firefox update with two interesting new features.

Feature 1: DuckDuckGo is standard

While the vast majority of Internet users tend to gravitate towards Google Search whenever they need to find something, there are actually other search engines out there. One of the more popular is DuckDuckGo which bills itself as a search engine that is:
  • private
  • low on clutter
  • smarter
The reason this search engine has become so popular with users is that it does not track user data and activities like Google or Bing. Also, when you search using this engine, you get results with minimal clutter, which is preferred by some users.

With the Firefox 10 year anniversary update, DuckDuckGo is now the core search engine used by the browser when searching using the search bar beside the URL bar, at the top of the window. Of course, if you prefer Google or Bing's more advanced features and information then you can always set these engines to be used instead of DuckDuckGo. Privacy-focused users however are sure to find this change useful.

Feature 2: Firefox gets a little more forgetful

We often see being forgetful as a negative, but in the case of the new Forget feature introduced in the last update to Firefox, it's a good thing. This new feature allows users to quickly erase their search and user activity. When you update your browser, you should see a red circle with a backwards facing arrow at the top of the window. Clicking this will open the Forget menu which will allow you to:
  • Forget the last five minutes
  • Forget the last two hours
  • Forget the last 24 hours
Clicking one of the options will:
  1. Close all open tabs and windows.
  2. Delete recent cookies.
  3. Delete recent history.
  4. Open a new, blank Firefox window.
While this may not seem like the most useful of features for business users, there are some situations when this will come in handy. The first being if you are using a public computer with Firefox installed, or are connected to a public Wi-Fi network. Once you are done browsing, you can tell Firefox to forget all of your information. This in turn makes browsing a little safer.

Beyond this, you can also use it to 'forget' sensitive login information like bank accounts and systems that store private data etc. In other words, this feature makes sure that the chances of sensitive and private data being seen by other users or hackers is reduced.

If you use Firefox and would like to access the new features, all you have to do is update your browser - often just closing and restarting it should trigger the update. If you already use Firefox then you may have received the latest version and the features should be active. If you don't use Firefox and would like to utilize the latest features along with increased browsing security, you can download the browser from Mozilla's Firefox website.

If you have any questions regarding Firefox and how it can be used in your organization, please contact us.

Published with permission from TechAdvisory.org. Source.

Topic Web
November 21st, 2014

Security_Nov17_AIn many western countries we are blessed with a free and open Internet, but in the US there is a battle currently raging over the idea of Net Neutrality. Chances are high that you will have heard this term thrown around by various experts and media outlets. In November, President Obama took a stance on this issue. Here is an overview of Net Neutrality, the stance from The White House, and what this could mean for your company.

What is Net Neutrality?

In order to define Net Neutrality, we should first look at the main idea behind what the Internet is: a free and open medium where individuals can express and house thoughts, ideas, and more. It was founded on one principal, and one principal alone: All information and Internet traffic MUST be treated equally.

This free, open, and fair principle is what we call Net Neutrality. In practice, this idea prevents Internet providers, and even governments, from blocking legal sites with messages they disagree with, and restricting access to services and sites that don't meet their business needs.

What exactly is the issue?

At this time, major telecommunications companies providing Internet access are trying to push legislation through the US court systems that will essentially make it legal for them to throttle Internet speeds; asking other providers to pay fees in order to speed up access to sites and to even block some sites.

There are laws currently in place, set by the FCC (Federal Communications Commission), that prohibit providers from collecting, analyzing, and manipulating user traffic. In other words, according to the FCC, the role of the Internet providers should be to simply ensure traffic and data gets from one end of the network to the other.

Last year, it was uncovered that US telecommunications giant, and Internet Service Provider, Comcast demanded that Netflix pay them millions of dollars or they would limit the Internet speed of Comcast users trying to access the streaming service. Netflix tried to negotiate but the result was that Comcast did indeed cut user speeds. Netflix paid to avoid this from happening again. This act is an obvious breach of the main tenet of Net Neutrality: Equal access for everyone.

Combine this with the January 2014 ruling that the FCC had overstepped its bounds in regards to this topic and the increased lobbying by telecommunications giants against Net Neutrality, and you can quickly come to realize that the Internet as we know it is under threat.

How will this affect my business?

If nothing is done, there is a very high chance that you will be paying higher rates for Internet-based services (because the providers will be asking other companies to pay to guarantee speedy access which will then be passed along to you via higher rates). You may even be forced to use services you don't want to use because they offer better access speeds on your network.

Beyond this, because so many businesses rely on websites and the hosting companies that enable us to access them, there is a very real risk that these hosts may have access speeds cut. This in turn could mean that it will take more time for some users to access your website and services. Think of how you react when you can't access a website, you probably just search for another similar site which loads easily - now imagine this happening to your site. In other words, you could see a decrease in overall traffic and therefore profits.

What can I do about this?

First off, we highly recommend you visit The White House's site on Net Neutrality, and read the message that President Obama has recently posted there. To sum it up, he believes that Net Neutrality should be protected and the Internet should remain open and free. He has even laid out a plan with four rules that the FCC should enact and enforce:
  • No blocking - Internet providers are not to block access to any legal content.
  • No throttling - Internet providers cannot slow or speed up access speeds based on their preferences.
  • Increased transparency - The FCC is to be more transparent and push providers to follow the Net Neutrality rules.
  • No paid prioritization - There is to be a ban on providers insisting other companies pay to have equal access speeds.
You can bet that this plan will be met by stiff resistance both in government and by the telecommunications companies themselves. The FCC is an independent organization and it is up to them to select whether or not they want to enact President Obama's plan. One thing you can do is to publicly submit your comments to the FCC via this website. Any comments made will be seen by the FCC and are are publicly viewable. In the past, enough public pressure has been able to sway FCC decisions, so share this article and the links in it with everyone you know, asking them to take action as well.

What about other countries?

For now, the Net Neutrality battle is largely US based. The vast majority of Internet traffic starts or at least passes through the US. This means that if the telecommunications providers (many of whom own international subsidiary providers) can limit access to sites in the US it could very quickly become a world issue. Beyond this, other countries often follow laws that the US enacts, so it could only be a matter of time before we see similar bills passed in other countries.

In short, this is a major issue that could see the end of the Internet as we know it. If you would like to learn more about Net Neutrality and how you can help ensure the Internet remains free and open, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
November 20th, 2014

Windows_Nov18_AOne of the biggest IT expenses for many small businesses is software. Some companies require thousands of dollars of software, which can quickly compound when you hire new employees. Businesses who have purchased Microsoft software may soon be receiving a letter from the tech giant asking for a systems audit. Here is a quick overview of this letter and what you should do if you receive one.

The Microsoft Software Asset Management Review

Earlier this year, Microsoft announced that they will be sending out over 30,000 letters to small businesses who have purchased Microsoft software licenses. These letters or emails are focused on checking that you have the right number of licenses for your systems.

This program actually has three audit elements, or emails, that are being sent out to businesses.

  1. Internal self-audit email - This is the most common letter businesses have been receiving. It asks them to verify that they are compliant with Microsoft's licenses, which is usually done by sending Microsoft the software keys for each license or product purchased. They then compare this to their records.
  2. Software Asset Management (SAM) Engagement - This is a voluntary process where Microsoft sends a Software Asset Management partner to your business to audit your systems and see if you are over or under licensed. For companies who do agree to this, the audit is paid for by Microsoft. The downside is, if you are found to be non-compliant, you will likely face a fairly large bill.
  3. Legal Contract Compliance (LCC) audit email - This audit can be enacted by Microsoft if you put off a SAM or self-audit for an extended period of time. Essentially, this is a legal audit that you must comply with. If you are found to be non-compliant under this audit, you could face stiff legal penalties.

What happens if I receive one of these emails?

Should you receive one of these emails you will be asked to carry out the audit by a set date. Most of the emails contain a spreadsheet that you will need to put your license information into. This can take time because you will likely need to physically check every machine using Microsoft software for relevant information.

Auditors who come to your business will ask you for network and server access and any other form of information they think they can ask for.

Should you be found to be non-compliant or under-licensed, you will likely then be presented with a bill for the extra licenses. If you happen to be highly under-licensed, this bill could be quite large.

What should I do if I am worried about this audit?

An audit like this could be time consuming, costly, and above all is frustrating for any business owner. What we recommend is working with us. We can help ensure that your business is using appropriate licenses and, should you face a request to do an audit, we can help you through the process.

So, contact us today to ensure that your business is compliant.

Published with permission from TechAdvisory.org. Source.

November 19th, 2014

Windows_Nov17_AEarlier this year, the SSL (Secure Sockets Layer) bug Heartbleed caused quite a stir when it was discovered. While the majority of systems affected by this bug have been patched, and are now secure from it, news has recently broke of a similar bug affecting Microsoft Windows Servers. If you use Microsoft Servers in your office, this is something you need to be aware of.

The new security problem

On November 11, 2014 Microsoft released a patch for nearly all versions of Microsoft Server, along with patch notes that included the reason why the patch was released. In short, it was released to plug a security gap that the company calls Schannel Remote Code Execution Vulnerability.

This cryptically-named vulnerability essentially allows hackers remote code access by sending specific packets of data to a server. Data packets are made up of basic units of data communication combined in order to send data over a network.

Hackers can structure certain data into packets then breach a bug in Microsoft Server software, potentially allowing a hacker full remote access to that server and the ability to execute whatever code they so choose, including giving themselves full access to the systems and data hosted on your server.

This bug is particularly destructive because it affects the Schannel library on servers, which is responsible for encryption and authentication in Windows.

What versions of Windows server are affected by this bug?

This bug can potentially be found on nearly every version of Windows and Windows Server currently in use by companies, including:
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows 8/8.1
  • Windows Server 2012/2012 R2
  • Windows RT/RT 8.1
In other words, pretty much any business using Windows and Windows Server is at risk.

What should we do?

While this appears to be a big issue, and in truth it is, Microsoft has noted that they are unaware of anyone actually exploiting this bug as of the writing of this article. The company has also released a patch - MS14-066 that is supposed to fix the problem.

Therefore, the best action you can take is to update all of your systems running Windows. While it primarily affects servers, this could become a widespread issue if systems are not updated. What we recommend is contacting us as soon as possible. We can help ensure that all of your systems are updated and protected from this bug.

If you would like to learn more about Windows and how you can keep your systems secure, please do call us today.

Published with permission from TechAdvisory.org. Source.

November 13th, 2014

Security_Nov10_AIs your business secure from the latest malware and security threats? The truth of the matter is that there is always a chance that your business and systems can be attacked and breached by a variety of security threats. One of the more common threats of last year was a nasty piece of ransomware called Cryptolocker. While the first version has largely been dealt with, there is news that a new version of this - called CryptoWall - which has surfaced.

What is Crypto malware?

Crypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don't pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn't go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some "improvements" to the malware that make it more difficult to deal with for most users. These changes include:

  • Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
  • CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn't paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
  • Payment servers can't be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn't go after passwords or account names, so the usual changing of your passwords won't really help. The best ways to prevent this from getting onto your systems is:
  • Don't open any suspicious attachments - Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
  • Don't open emails from unknown sources - Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don't have an account with or bills from a utilities company you don't use. Chances are high that they contain some form of malware.
Should your files be attacked and encrypted by this malware, then the first thing you should do is to contact us. We can work with you to help find a solution that will not end up in you having to pay the ransom to recover your files.

If you are looking to learn more about CryptoWall malware and how to boost your security and protect your data and systems, then we could you your first line of tech defence.

Published with permission from TechAdvisory.org. Source.

Topic Security