Archive Monthly Archives: December 2018

Threat Advisory: SamSam Ransomware

Threat Advisory: SamSam Ransomware

Parkway tech


SamSam Ransomware is becoming a massive problem for multiple industries across the United States. In fact, the problem is so big that The Department of Homeland Security, (DHS), National Cybersecurity and Communications Integration Center, (NCCIC), and the Federal Bureau of Investigation, (FBI), have all recently issued a US-CERT alert due to the SamSam ransomware. Like other types of ransomware, files and networks are infected. In exchange for uninfected the system, hackers want a ransom, that typically costs thousands upon thousands of dollars. Every company that runs a network needs to be aware of SamSam ransomware. Here is what you need to know about this topic.


What is SamSam Ransomware? 

SamSam ransomware is a type of ransomware that is designed to exploit Windows servers to gain access to your network. Once it is in the network, it uses the JexBoss Exploit Kit to access your JBoss applications. This type of ransomware is also able to use Remote Desktop Protocol to access your network. The virus is difficult to detect, due to the path it takes to access your system. Once the virus has made its way inside, hackers are able to get administrators rights, putting their malware on your server and basically hijacking your network. They do not release their hold on their network until you pay them the ransom they are asking.

What Can You Do to Decrease Your Chances of Getting SamSam Ransomware?

It is extremely important that you take the correct precautions to decrease your chances of getting infected with SamSam ransomware.

One of the steps you can take is to enable strong passwords and an account lockout policy. If you have strong passwords and a good lockout policy in place, it makes it much harder for the software to hack into your system and infect it. Enabling multi-factor authentication can also help. Before any new software can be installed, before software can be wiped or before changes can be made to your network, authentication is needed. The more authentication levels you have, the harder it will be for any ransomware to infect your system.

Unfortunately, while you can decrease your chances of getting infected with SamSam ransomware, there is no way to prevent infection altogether. As such, it is essential that you regularly install system and software updates and maintain a great backup system for all of your data and systems. This way, if you do get infected, you have a recent back-up for all of your system and data. You can wipe your current, infected system and start fresh from your backup point, without losing much at all.

How Can You Learn More About SamSam Ransomware?

If you are looking to learn more about SamSam ransomware, including the technical details surrounding it. It is highly recommended that you read through the SamSam Malware Analysis Reports that have been released by the US-CERT. A list of the reports, including links, are included here:

SamSam Ransomware is infecting computer systems and networks in multiple industries all across America. It is important that you learn what this ransomware is and how to protect yourself against it. Taking the right action can help to minimize the chances of your network being held ransom by SamSam ransomware.

law_ebook

Can Your Legal IT Services Firm
Keep Law & Order With Your
Practice's Technology?

Learn how Parkway's Legal IT Services helps firms across North Carolina achieve better results.

Click Here
Download Our Free Report

If You Don’t Think Cybersecurity Is Crucial – Listen To This

If You Don’t Think Cybersecurity Is Crucial – Listen To This

Parkway tech


Small and mid-sized companies have a tendency to operate under the assumption that hackers target only more extensive operations. There’s a simple logic to that misconception that these criminals instigate cyber breaches that reap the highest possible reward. Nothing could be further from the truth.

Check out what Robert Herjavec and Scott Schober have to say on Cybersecurity. Click Here


While hacks into the Democratic National Committee and Equifax make big headlines, the majority of cyber attacks are carried out on smaller, vulnerable systems. Most hackers merely look for the low hanging fruit. If your small or mid-sized company has modestly valuable data and lacks top-tier cybersecurity, you are that low hanging fruit.

By 2020, upwards of 6 billion people globally and 283 million Americans are expected to utilize the Internet. That means businesses of every level will be fully engaged and it only takes two miscreants on another continent to breach your security.

Cybercrime has already reportedly outpaced the combined profits of all the major drug cartels in the world at $6 trillion annually. Unlike vast criminal organizations, two computer whizzes with laptops thousands of miles away can extract sensitive information without a company even knowing until it’s too late.

These days, stealing credit card info is not among the highest priorities. Cybercriminals have discovered that personal and personnel information can yield significant paydays. If you still don’t think cybersecurity ranks among the highest priorities for small and mid-sized companies, just listen to this.

Hacks Are Often Inside Jobs

It may seem counterintuitive, but a company’s most significant cyber threat can be found among the most valued employees. Staff members are not generally acting in a nefarious fashion. In fact, loyal employees are often just that, loyal. But a pervasive attitude exists in workplaces that checking in on personal social media, using various non-work related apps and platforms is both allowable and safe.

According to cyber security experts, upwards of 93 of all breaches that are investigated thoroughly trail back to an employee. Although that person is generally not the so-called “inside man” or “inside woman” regarding criminal intent, their nonchalant attitude about checking personal sites exposed the small or mid-sized organization to a massive data breach. 

Many are merely duped by phishing scams or inadvertently infest a business system with malware. This could occur by synching an unsecured device, moving data on a USB drive back and forth between home and work, or surfing the Internet among other security missteps. While many business decision-makers believe their data is not at risk, it takes a cybersecurity professional to build a company-specific “human firewall” that reduces internal threats through actionable policies and training.

Small And Mid-Sized Organizations Held Hostage Everyday

No Third World drug cartel can compare to the volume of theft leveled by small-time hackers. Ransomware remains the top malicious software and ranks among the most lucrative type of cyberattack. This variety of malware targets business systems by penetrating them through a camouflage method of encryption. Once inside a business’ network, it quickly encrypts critical data and makes everything inaccessible to the organization.

The name “ransomware” was earned by what comes after. A defiled organization will likely get a notice to pay a certain amount — often in bitcoin — to get an encryption code allowing you to restore access to your own files. This hostage situation often proves fruitful for the cybercriminal because paying them off appears to be in the company’s best financial interest. Sadly, too many business leaders only move forward with advanced cybersecurity after suffering a feeling of helplessness and humiliation.

Underachieving Cybersecurity Protocols Prove Costly

A Verizon Data Breach Report reportedly concluded that upwards of 60 percent of all incursions during 2016 could be attributed to outside forces. These data breaches were considered instances of “hacking” by a third party’s intent to circumvent existing security measures. Hackers tend to seek out a company’s weakest cyber defense points to gain access.

In essence, this follows the adage that a chain is only as strong as its weakest link. Among the more notable instances of a weak-link failure was JP Morgan’s massive breach in 2014. Despite having a top-tier cybersecurity team in place, a single server was missed during a password update. That single under-protected server resulted in what was ranked among the top 10 worst cyber thefts in history. Approximately 83 million household and business accounts were reportedly impacted at a whopping $100 million. 

While this level of cyber theft makes mainstream media headlines, hackers tend to have greater success penetrating smaller companies with far less sophisticated cyber security systems. The basic criminal business model relies on volume not occasional massive paydays. Think about it this way. The Brinks Job made bank-robbing history in 1950, but stick-up men knock off liquor stores every day.

Unpatched Security Bugs Attract Cybercrime Infestations

One of the more prevalent methods used by a hacker is to infiltrate your system in plain sight. Cyber thieves often use well-known software deficiencies commonly called bugs as a type of cracked door.

When software companies send out routine fixes such as patches, users have the option of making this repair. But when a system appears to be functioning appropriately, a small or mid-sized business may discard the effort as more of a nuisance than anything else. That could prove to be a fatal data breach mistake.

When systems linger unpatched, hackers may be quick to seize on specific vulnerabilities and infiltrate a company’s network. It’s important to understand that cybersecurity only seems like another time-consuming task that detracts from company goals. Anyone who uses computers, devices, software or accesses the Internet is inherently in the cybersecurity business. Without adequate cybersecurity systems, policies and protocols in place, the entire organization remains at risk.

Data Breaches Threats Represent A Clear And Present Danger

If you remain unconvinced about how crucial cybersecurity is to your business’ integrity, consider these telling facts. The U.S. government has placed the most significant emphasis on increasing only two areas of the military budget — special ops and cybersecurity.

Today, a person’s electronic medical records are more valuable than credit card information on the dark web. And, electronic ransoms are the fastest growing cybercrime and are expected to occur every 14 seconds by 2020. The question is no longer if a sub-par system will be hacked, it’s when

law_ebook

Can Your Legal IT Services Firm
Keep Law & Order With Your
Practice's Technology?

Learn how Parkway's Legal IT Services helps firms across North Carolina achieve better results.

Click Here
Download Our Free Report

How Long Does It Take Your Law Firm IT Services Provider To Respond?

How Long Does It Take Your Law Firm IT Services Provider To Respond?

One complaint we get all the time at Parkway Tech is about slow response times—not ours, but that of other managed law firm IT service providers. Each week we get calls from firm administrators and attorneys who say their managed IT service provider just shows up when he feels like it. They want to know how fast we can get there when their servers and computers break down.

Parkway tech


One complaint we get all the time at Parkway Tech is about slow response times—not ours, but that of other managed law firm IT service providers. Each week we get calls from firm administrators and attorneys who say their managed IT service provider just shows up when he feels like it. They want to know how fast we can get there when their servers and computers break down.

Since they’re paying good money for these technology services, it’s no wonder they’re upset. Would you pay for a service that you really didn’t get? Or that didn’t arrive as promised? Lots of managed IT service companies promise quick response times but few deliver on their promises.

In addition, “fast” is a relative term. Some companies might think that fast means responding within a few days, while at Parkway, we believe fast means responding within one hour.

Our standard response time is a 1-hour guarantee. However, according to my handy dashboard, we are averaging about 3.7 minutes for a first response to a ticket. Anything under 10 minutes is definitely fast in our business. But we don’t do this to show off; we do it because we understand that our customers have firms to run. Every moment they’re without their technology resources, they’re losing money.

Succeeding These Days Requires More

I believe that’s one of the reasons for our 10 years of success. We partner with our customers to ensure that they have IT support and services that will make it possible for them to excel in their industry.

If you’re looking for a computer repair company, we’re not the right choice for you. Our team approaches IT services with the idea that if we can keep your technology functioning optimally, then you can focus on growing your firm.

In the past, larger firms would hire a couple of in-house IT techs and they would fix computers and servers that broke down. Smaller firms would find someone, probably a single individual, to handle their computer problems and bill them by the hour. But there’s a whole lot more than that to managing your IT infrastructure. You need IT professionals who can monitor and manage your technology. They should be familiar with your industry and business.

That’s what you get when you work with Parkway Tech. If we see that you might benefit from some new type of hardware or software, we’ll recommend that you look into it. We’ll help you find the best technology to handle your firm’s processes. Our team does a lot more than just fix computers. We can help with everything from training employees to recommending new software applications.

Operate at Maximum Efficiency

When you have a proactive team on the job, you’ll notice that your technology won’t break down as much. It will operate at maximum efficiency and your employees will get more done in a day’s time. You’ll avoid costly break-downs that slow or stop your forward progress. Yes, this type of IT support does cost a bit more, but you benefit in many ways that you don’t see right away.

Stay on the Cutting Edge of Technology

The days are gone when attorneys can scrape by with bottom-of-the-barrel computer support that’s cheap. With technology playing such a big role in today’s modern law firms, your firm will profit if you’re on the cutting edge of new discoveries like Artificial Intelligence and Machine Learning.

Inexperienced technicians may seem like the least expensive way to go but their lack of experience will cost you in the long run. Plus, of course, if you have employees sitting around for two days waiting on the break/fix company to come out and fix a server, then there’s no way to calculate how much that actually costs you.

With Parkway Tech on the job, you’ll get a team of real IT professionals who respond within one hour.

If you need help with the purchase of new software and hardware, we’ll save you some time and money. We have lots of experience with all types of technology products and that experience will save you some stress as well.

You need the best solutions for your business, and we’ve done our homework to ensure that you get the right IT solutions to support your goals and your growth.

90 Day Guarantee

Our 90 Day Guarantee is simple: You have 90 days to try our IT support services. If we aren’t worth every penny that you’re investing, we’ll refund your money – all of it. You’re not going to get that kind of guarantee from a fly-by-night computer repair “guru” or your brother’s cousin who tinkers with computers.

Fast and Furious!

In this day and time, the world does seem to move a lot faster than ever. And if you can’t keep up, then you might be left behind in the dust. But with Parkway Tech handling all your IT infrastructure, you can compete with the best of them.

Parkway Technology Solutions will get there fast and we’ll do the job right. You can’t ask for more than that.

In the meantime, it’s important for you and your employees to stay up-to-date on technology. We’ve provided some articles on our Law Blog that you should find interesting. Here are a few to get you started:

URGENT! Google Chrome “HTTPS by Default D-Day” Is Today (July 24, 2018) 

How Can I Extend My iPhone’s Battery Life? 

4 Tips For Working Securely On Wi-Fi

law_ebook

Can Your Legal IT Services Firm
Keep Law & Order With Your
Practice's Technology?

Learn how Parkway's Legal IT Services helps firms across North Carolina achieve better results.

Click Here
Download Our Free Report