Originally published: December 1, 2017

Lack of cybersecurity training ranked #1 as the cause of ransomware infections among small businesses in 2017.

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: October 25, 2017

This week we have learned of another version of Ransomware that has been found, this version called "Bad Rabbit" is in Europe now but could be here any day, or another version of it could jump over the ocean. It leads me to the question; what do you know about Ransomware? Not just the word that is in the news - do you know what it is, what it does, and how it happens? Worse yet what do you do when you do get it?

I can speak in depth on this subject as having been through and attack like this before. It is an ugly situation which evolves so quickly that you have already lost all of your data before you know what happened or that it is even happening. By the time you figure out that it is going on you have most likely lost most of your business data. I was lucky and I had prepared for such an incident, I knew that no matter how much training users had or how much security I put in place that there is always a gap that something can come through. I had backups - this was the savior and I want it to be for you as well.

How it works:

1. End user receives an email that appears to be from their boss, friend, family member, or another trusted person. The email contains a URL to an application such as Salesforce, Workday or ZenDesk, etc...

2. When you open the link it directs the user to a website which seems legitimate. The page is actually a landing page for an exploit kit.

3. Upon loading the page, the web server begins communicating with the victim machine, finding vulnerabilities and attempting to push malicious code.

4. Once execute, the program deletes existing shadow copies to limit recovery options.

5. The binary uses PowerShell to propagate copies of itself and begins encrypting files of specific extensions.

6. After encrypting the victim's files, the malware sends the encryption key back to the command-and-control server.

7. The server then sends a ransom message to the victim.

To amplify the victim's distress, ransomware often includes a countdown clock with a deadline for paying the ransom - or else the decrypt key will be destroyed.

So, what do you do next? If you have done proper preparations you can restore your servers or systems back to the state they were in right before the attack.

If you encounter this terrible situation Sparrowhawk can help you out, we specialize in affordable backup solutions for businesses, which can restore you back to a running state quickly.

Sparrowhawk - keeping your technology safe.

Originally published: October 8, 2017

If you have been paying attention to the news for the past couple weeks you know that yet another very large data breach has happened and billions more passwords and other personal data has been stolen. (Yahoo breach) This just another, in a long string, of examples of how much you may think your data is safe it truly is not. It is true that most companies have accepted that they will at one point lose important data either by hackers or virus in many circles it is not just a matter of if but when. This is something that you should also think about personally.

If you are like most people (myself included) you use a great password, you have put a lot of thought into it and know that you have followed all of the general guidelines to make a good password - long, capitalized and non-capitalized letters, special characters... and the list goes on. After all this work you know that your password is invincible to someone trying to break into your system. Here is the problem though - you use this password for everything. In fact, you find that this password is so good you use it for banking, your systems accounts, Amazon, etc... Well, what happens when one of those places you trust to guard your password has a data breach? Whoever enacted the breach now has access to all the other places you have used the password.

So the question is, what can I do as this seems to be a problem without a good solution? Well, there is a solution and it's not nearly as hard as you may think - Password Managers! The use of a password manager can help you to have many different various and complicated passwords which you can use without even having to remember them. This is one of the best solutions which you can employ to help protect your passwords. They rely on only one "master" password, this password will unlock an encrypted file which contains all your passwords that you can then access and use.

I personally use LastPass Who uses the slogan "Simplify your life". They integrate into all browsers and will even fill in your passwords into websites for you. All you need to do is remember your one password.

There are other options as well, for work I use a program called KeePass. This program does not rely on an internet connection and remains on your machine as an encrypted file which you unlock with the password. This is a great option for work where you need a lot of internal passwords for machines and systems.

I recommend if you have not done so already - change your password and get a good password manager so the next time a company loses your data it is only the data on their site and not access to your entire world.

Sparrowhawk - Keeping your technology safe.

Originally published: September 10, 2017

This week we learned of one of the nations three largest credit institutions having one of the largest most in-depth breaches of data security and loss of private information in U.S. History.

The way that hackers gained access to company data that potentially compromised sensitive information for 143 million American consumers, including names, addresses, birthdays, Social Security numbers and driver's license numbers has all come down to gaining access to files in the company's system. From somewhere in mid-May to July hackers exploited a US website application vulnerability to gain access to these files.

To further worsen the situation, just days after the company admitted that it detected a breach, three executives from the company sold a combined $1.8 million in stock. More suspicious than that is that it took over a month for the firm to disclose that there was a breach in the first place.

Unlike some of my other posts this post does not deal with much of the technical side of how to prevent a data breach but rather how to not conduct business with your customers if it does happen. Of course the best way to deal with this is to defend your data in every way you possibly can. Keep your infrastructure security up to date and make sure to always take time for security, it may take a bit longer but in the long run it is better.

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: September 3, 2017

I suspect that you may have heard about how scammers are starting to use the most recent events in Texas to garner money from people. In fact it has already reached a point where several US Government agencies are issuing warnings about it. Such as the US Computer Emergency Readiness Team (US-CERT) issued a reminder that malware purveyors frequently use natural disasters and other breaking news items of broad interest to trick people into clicking on malicious links or opening booby-trapped email attachments.

Terrible people have been using bad events to try to con people out of money for years, one would venture to call it one of the oldest tricks in the book. But now with the digital age we find that they are smarter than ever before – presenting very compelling information and pictures which makes one believe that you are truly going to help someone out.

In the sense of giving I believe that most of us want to do good and help each other out. It is part of our being that drives us to help. So, please keep in mind when you are compelled to do so that you should be careful in what you are looking at and what you are doing. Use only trusted sites which you know have been around and are doing good in the world. DO NOT click on links to donation pages from people you do not know or from sources which are not legitimate.

Anymore it takes more than Anti-virus to protect your system it takes careful steps in preventing others from attacking it in the first place.

Please think before you click and Keep Your Technology Safe.

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: August 27, 2017

According to Black Hat's 2017 survey, "Portrait of an Imminent Cyberthreat," phishing is one of the greatest and most time-consuming challenges security professionals face today.

Unfortunately this is due to the fact that phishing and social engineering have become the easiest way for people to breach company and personal IT security assets and/or cause damage from a distance.

Users tend to overlook basic security concerns in the favor of "getting the job done". This can be due to many factors such as lack of training or lack of concern. Unfortunately without a strong support for security practices from the senior levels of management with a re-enforcement from mid level management. Adherence to security policies which are given during training received by all employees there is no other true combat for phishing schemes and social engineering attacks.

Unfortunately even with the most advanced technical security controls on your machines, your security is still vulnerable to users who are not fully educated in social engineering and how to identify phishing messages.

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: August 25, 2017

Small businesses are being hacked and falling victim to malware and ransomware attacks at a high rate they just do not make the news. This is taking place because of many different reasons but most of them include the incorrect way that people think "we are too small for someone to care" or worse yet, we do not need a cyber-security policy – we have never had a problem before.

Unfortunately, the misguided way of believing that it can't happen to us is far from the truth. Worse yet for the small business is how quickly the attackers are turning to them as their targets. Large companies have entire departments dedicated to preventing and mitigating such things. Smaller businesses have possibly one IT person who is trying hard to keep operations smooth and does not focus on the security every day.

This is why I created Sparrowhawk Technology, I want to be that stop gap for your company. I can let you know where your blind spots are in security and help you fix them.

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: August 15, 2017

One of the newer phishing attacks is using PowerPoint slide decks to attack a known Windows vulnerability. The malicious PPT file triggers an exploit for the CVE-2017-0199 vulnerability, which starts the infection process and gets malicious code to run using the PowerPoint Show animations feature, which downloads a file logo document if successful.

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: August 14, 2017

Industry Robots to Windmills are all at risk to malicious intent hackers. In recent reports there are many vulnerabilities that exist in these systems making them susceptible to unauthorized activity to business extortion. Make sure to secure your whole infrastructure!

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: July 6, 2017

The Federal Trade Commission (FTC) has released an alert on regarding good digital security while traveling. Security recommendations include using caution while accessing free Wi-Fi hotspots, keeping all software updated, and using Virtual Private Networks (VPNs).

US-CERT encourages users to refer to the FTC Alert and the US-CERT Tip on Cybersecurity for Electronic Devices for more information.

Sparrowhawk Technology - Making your technology safe and easy to use.

Originally published: June 16, 2017

There is a website dedicated to serving people by harvesting the data released from security breaches and compiling a list of addresses which were included in the compromise.

Troy Hunt has created the project "Have I Been Pwned?", the free service that lets you know if you've been compromised in a data breach. Check it out – https://haveibeenpwned.com/

Sparrowhawk Technology - Making your technology safe and easy to use.