Coleman Technologies Blog

Ransomware is one of the more dangerous threats out there today, and since it is so prominent and dangerous, it is a popular choice amongst hackers. To combat this threat, a community has formed around the cause, encouraging users to not pay the ransom by providing free malware removal tools for the most popular ransomware threats.

Europol, a European Union law enforcement agency, is in charge of this initiative, called No More Ransom. The agency has helped over 1.5 million victims of ransomware overcome the attack and recover their files without paying the ransom. These victims have saved an estimated $1.5 billion dollars, which is a considerable amount of money to keep out of hackers’ coffers.

No More Ransom began in 2016 in collaboration with the Dutch National Police and other cybersecurity and IT companies. It began with only four ransomware decryption tools, but now, they provide 136 free decryption tools to take on 165 different ransomware variants.

Still, ransomware is a problem, and the fact that it requires this kind of special attention means that you need to take it seriously.

Why You Should Never Pay the Ransom

Hackers use ransomware because it makes people pay up simply because it’s the easiest way to solve the problem. Unfortunately, it is rarely that simple, and even those who do pay the ransom suffer from unforeseen consequences.

Further complicating this decision is the fact that those who pay the ransom are effectively funding further attacks and reinforcing the fact that ransomware works. Simply put, hackers will be more likely to attack with ransomware if they know people are scared enough to pay up, and with more resources at their disposal, they can expand their reach and infect even more victims.

This is why we advocate for not paying the ransom. In the heat of the moment, it’s not always so clear, but we urge anyone infected by ransomware, businesses included, to slow down and consider the repercussions of their actions. There are situations where you might feel like you have no choice but to pay, particularly in double-extortion situations where the threat of online leaks of your data is imminent, but we assure you that you always have a choice in the matter.

Instead, You Should Call Us!

If you become the target of ransomware, we suggest you call Coleman Technologies at (604) 513-9428. We can walk you through the appropriate next steps to address ransomware on your network.

Granted, it’s easier to prevent ransomware in the first place than to deal with an active threat, so we also recommend that you outfit your network with top-notch security solutions. Compound these with proper employee and end-user training to minimize the possibility of ransomware striking your company. While there is never a guarantee, the odds of it crippling your business will be significantly less with these steps in mind.

Get started today by calling us at (604) 513-9428.

2023 was definitely the year that AI became a household name. We’ve barely seen what artificial intelligence is capable of, and while industries are still coming up with more ways to use the technology, we’ve already seen countless examples of how people want to take advantage of AI for less savory purposes. 2024 is already shaping up to be the year that businesses need to protect themselves from AI-generated cybersecurity threats. Let’s take a look at everything you need to know as a business owner.

What’s the State of AI in 2024, and How Can It Be Used?

In case you haven’t been caught up, the tech world has been shifted by some new technology that uses vast amounts of information and complex algorithms to generate human-like text. In the simplest terms possible, engineers wrote a piece of software that was designed to “train” itself by reading a massive amount of text from the Internet. It read about 300 billion words from books, social media sites, news articles, and plenty of other types of content. Because it was able to absorb and index so much information, users can ask it questions and it can understand and respond to those questions in plain English (or Spanish, French, German, Italian, Portuguese, and more). 

This is called a Large Language Model, or LLM, and the most popular version of this right now is called ChatGPT. Most people commonly refer to this technology and other similar types of systems as artificial intelligence (AI).

These systems can do some pretty remarkable things. They can answer questions quickly, and generate large amounts of content on a topic very fast. You can “brainstorm” ideas with it, and then ask it to give you a task list for everything discussed. AI has been a great resource for software developers, as it can be used to quickly find security vulnerabilities in vast amounts of code before cybercriminals can exploit them.

And that’s where the problem lies.

Any Great Technology Can Be Used By Bad People

Paleontologists have determined that the earliest use of the bow and arrow happened about 60,000-70,000 years ago in South Africa. It’s suspected that this groundbreaking (at the time) device was used for hunting. Obviously we will never be able to pinpoint exactly when or how this happened, but at some point, the world experienced the first prehistoric person drawing a bow and arrow on a fellow prehistoric person. 

This has been the cycle for technology ever since, and when something new emerges, someone is going to figure out how to use it to cause trouble. Over the last several years, we’ve even seen the so-called troublemakers adopt modern technology even faster than the general population in some cases.

This is happening with AI. Cybercriminals are able to use AI to become much more effective. They can use AI to find vulnerabilities in software before developers are able to provide security patches. They can use AI to write phishing emails that are even more convincing and effective. They can use AI to write malware that is more devastating and infectious. 

Cybersecurity has always been a virtual arms race, and AI kicks things into overdrive. To stick with our theme, cybercriminals from 20 years ago were using the bow and arrow, and now with AI and other modern tactics, they have supersonic fighter jets. Businesses and individuals need to be even more vigilant about protecting their data.

Something That Most People Don’t Think About When It Comes to Cybersecurity

We all always talk about cybercriminals and hackers as if they are lone wolf anarchists sitting in a dark basement, drinking store-brand Mountain Dew, wearing a dirty hoodie, and staring into a bunch of screens with green matrix code.

The reality is that most cybercriminals treat their work like a business.

They are always working on getting the most profit for the least amount of effort; they follow and repeat successful campaigns and revamp things that don’t work.

But that’s not the worst part.

Over the last few years, it’s been uncovered that a lot of scammers and cybercriminals are actually trafficked people, forced to follow scam playbooks in order to pay off their captors and regain freedom. In some cases, when you get a scam phone call or text message or phishing email, it’s coming from a victim of human trafficking. 

There are entire compounds that house thousands of people, tricked away from their homes and families and essentially imprisoned to try to scam individuals and businesses. CNN recently did an incredibly eye-opening article that is worth checking out, but be warned, there is some disturbing content.

This gets us a little off topic when it comes to how AI is being used by cybercriminals, but we feel that it’s extremely important to raise awareness about these types of operations, and just how intense they are both in scale and misery. Cybersecurity is an industry all on its own, and every time an individual or organization gets scammed, it fuels something that is causing a lot more harm than simply forcing a business to its knees or stealing thousands of dollars. 

2024 Needs to be the Year We All Take Cybersecurity Extremely Seriously

Between AI, social engineering scams, and a growing industry of reprehensible cybercriminals, doing your part in protecting your business and yourself from cyberthreats will go a long way in ensuring that you can be successful. 

Coleman Technologies can help your business establish a culture of cybersecurity, and implement the tools you need to prevent threats. Get started with a cybersecurity audit—give us a call at (604) 513-9428 to get things kicked off.

Chances are your business has a social media presence in at least some capacity, as it’s a good way to drive traffic to your business. However, hackers want to leverage this benefit against you. A new malware specifically targets Facebook business accounts to launch malicious advertisement campaigns using your own money against you.

Budget Tracking Templates Gone Wrong

Imagine that you are presented with a free budgeting spreadsheet that you can open up in Microsoft Excel or Google Sheets. Sounds like a pretty good deal, right? Well, in most cases, it is going to be too good to be true, and most cases involving the aforementioned Facebook threat involve a tool just like this. The tool markets itself to business page admins through Facebook Messenger, and while it might seem like a good resource at first glance, it’s far from it.

Once the user opens the file, the malware called “NodeStealer” installs. It can sometimes come bundled with other threats that steal cryptocurrency, disable Microsoft Defender, and other issues. The primary threat, however, is the one that steals your social media credentials, specifically your Facebook business account. It will gain access to your accounts to deploy ads using your financial information to foot the bill. These ads are designed to spread more malware.

Have you ever tried to reclaim access to a Facebook account? If so, you know exactly the type of pain to expect, and hackers are taking advantage of the social media website’s lackluster support options to prolong your suffering.

Here’s How to Dodge This Threat

If you’re aware of the threat, you’ll be more likely to think twice before committing to the click. If someone starts to randomly offer you free resources, you should always do your research before indulging them with your trust. If it looks suspicious, chances are you should be careful around it.

Implementing multi-factor authentication is another effective tool to secure your Google, Facebook, Microsoft, LinkedIn, and Twitter/X accounts. In fact, if you can implement MFA for any account, you absolutely should. The additional layer of security might just save your bacon one of these days.

Finally, if you think that one of your systems has been breached or compromised, you need to take swift action. Change all of your passwords and notify the appropriate parties. There’s no good that can come from sweeping it under the rug.

Coleman Technologies can help you secure your business. Find out how by calling us at (604) 513-9428.

Numbers are still coming in as far as how widespread this issue is. As of Monday, cybersecurity firm Kaspersky Lab said potentially thousands of Asus computers were infected, but on Tuesday that number has potentially broken a million.

How Could My Asus Laptop Get Hacked?

This type of attack is called a Supply-Chain Compromise and is one of the most frightening kinds of cybersecurity threats out there. Asus’s software update system was compromised by hackers, putting a backdoor into consumer devices. The scariest part is that this backdoor was distributed last year and it’s just being noticed now.

The good news is this has given Asus plenty of time to plug up the security holes on their end, but if you own an Asus device there is still a chance that it is infected with malware from the initial attack.

What Do I Do Now?

First and foremost, no matter what brand of computer or laptop you have, you need to make sure you have antivirus, and that antivirus needs to be licensed and kept up-to-date.

If you have an Asus device, Asus has released an update in the latest version of their Live Update Software. They’ve also patched their internal systems to help prevent similar attacks from happening in the future. You’ll want to make sure you have Live Update 3.6.9 installed.

Asus has also released a security diagnostic tool that will check your system to see if it has been affected. Click here to download the tool.

We HIGHLY encourage you to reach out to Coleman Technologies if you are running any Asus hardware. It’s better to be safe than sorry.

Malware is everywhere on the Internet and you don’t want it. From spyware and adware to ransomware there is never anything good that comes from this malicious code. Today, we will outline a few ways you can tell that your computer, workstation, or mobile device has some form of malware on it.

Sluggish Performance

One of the first signs that your system may have malware is a noticeable drop in performance. If your computer or device suddenly starts running slowly, freezes frequently, or takes longer to execute simple tasks, it definitely could be infected. Malware often hogs system resources like CPU and memory, leaving fewer resources available for your normal activities. This is what makes the computer seem so slow. This sluggishness is particularly noticeable when you’re not running any demanding applications, yet the system lags or overheats for no apparent reason.

Unusual Pop-Ups and Ads

Another way you can tell that your system has a malware infection is the sudden appearance of pop-up ads, even when you’re not browsing the Internet. These ads may appear frequently, often pushing fake alerts or promotions. They may prompt you to download software or frequently appear as antivirus, but these are typically malicious themselves. This kind of adware can be difficult to close and may redirect you to unfamiliar websites. If you notice more ads than usual, or find your browser homepage or search engine has been changed without your permission, malware is a likely culprit.

Unexplained File or Program Changes

Malware can cause files to be deleted, corrupted, or moved without your consent. You might notice missing documents, new files you didn’t create, programs you didn’t download, or programs that launch automatically at startup. Additionally, malware can alter system settings, disable security software, or prevent you from gaining access to certain parts of your system. If files are behaving oddly—opening with the wrong applications or refusing to open at all—this could signal that malware has compromised your system’s integrity.

Excessive Internet Activity

Malware often communicates with external servers, sending and receiving data without your knowledge. This can result in unusual spikes in internet activity, even when you’re not using your device. You might notice your data usage increasing dramatically or experience slower Internet connectivity. Checking your network activity can reveal suspicious outgoing connections to unknown addresses. If your Internet connection is consistently slower or your data usage exceeds normal levels, it may be a sign that some strain of malware is operating in the background.

It goes without saying that malware is bad for productivity, and terrible for any business. If you want to talk about how the IT professionals at Coleman Technologies deal with malware, give us a call today at (604) 513-9428.

In today’s business, the more robust an IT network is the more risk there is of system failure. This comes down to what is known as Murphy’s Law, which states anything that can go wrong, will go wrong. That’s why when coming up with a defense strategy, you need to mix smart IT management decisions with overwhelming redundancy to have a chance. In this week’s blog, we will outline some of the most common reasons for system failure and why you need a data backup solution.

Reasons for System Failure

Before we start listing reasons that your information systems might see critical failure, we should state that by having a strategy to confront each of these possibilities, you are going a long way toward protecting your business against the costly downtime that these events can cause. Let’s start with outside threats first:

Malware Attack

Nowadays, the threat landscape is getting more and more concentrated with possible malware threats; some of which are really problematic. Malware can come in many different forms and can cause a vast array of different negative impacts to an organization. Some of the worst malware attacks are considered ransomware. This is not only a devastatingly thorough malware, but also an extortion plot aimed directly at your reliance on your IT. 

Ransomware can quickly encrypt and lock down entire computers or your whole network and presents the administrator with a choice: either pay the demanded ransom to get your data back or refuse and risk that information be deleted and/or shared. Most businesses hold a lot of sensitive information, whether it is business-related intellectual property or customer-related personal data, so they are frequent victims of these types of scams. A ransomware will take your whole system down and create a lot of confusion. Maintaining a comprehensive cybersecurity strategy with training, testing, and the deployment of various updated tools at its center is crucial to keep malware from being a problem for your business.

Ineffective Power Management

One frequent problem organizations face is weather; and, it can be a bigger problem for some organizations than others. You see, your technology needs power to run and if it isn’t sufficiently protected, a brownout or a surge can completely decimate your onsite IT. This can destroy critical components and cause data loss.

The best way to combat this is to use a device called an Uninterruptible Power Supply (UPS). This device is powered by batteries so when a power surge happens (typically when the power goes out), it doesn’t affect any of the internal components of your technology. It also has enough power to power down your technology, so that there aren’t any abrupt cuts of power that can render the power supply of your workstations and servers inoperable. 

Poor Policies and Training

In order to keep your business’ IT infrastructure secure, you need your staff to do a lot of the heavy lifting. You also need to put them in a position to succeed. The fact is that the majority of business-altering security problems come from end-user mistakes. It makes it extremely important that you have a workforce that is both cognizant that they will need to be aware of how attacks are levied and what to do to ensure they don’t become organizational problems. 

This can be greatly mitigated by having a comprehensive security training regime in place. You will want to train your people on the best practices of creating passwords, how multi-factor authentication works and why it is important, what variables to look for in their messages to be able to spot phishing attacks and other scams, and why complying with cybersecurity efforts can work to make it much easier for IT administrators to control the security of the information systems they manage. 

Why Data Backup is So Important

These three variables are essential to keeping threat actors at bay, but they are only part of the overall puzzle. One of the most important parts of a data security strategy is to have a comprehensive backup and recovery plan. Not only do you need to have a data backup that is updated regularly (and incrementally if possible), you also need it to thoroughly meet the wide variety of data restoration needs.

Consider for a minute the number of reasons a system can fail or data can be lost. There are quite literally dozens of different reasons why you would need to restore your data. You need a data redundancy plan that addresses the immediate needs of data restoration, longer term outages that could put your organization into flux, as well as the unlikely scenario that your hardware is compromised and destroyed and you need data redundancy that is able to restore from offsite. 

At Coleman Technologies, we offer our Backup and Disaster Recovery service that not only provides you with an incremental backup platform inside your business, it also uploads that data to the cloud to ensure that if something happens to your hardware that you still have access to your business’ crucial data. The fact is that disaster is usually not a situation that happens over time. Problems arise quickly and you need to have solutions to any problem at hand just as fast. 

If you would like to learn more about how our technicians can help you build the technology you need to be successful, or how we have a contingency for all types of business technology problems, give us a call today at (604) 513-9428.

Spoiler Alert: Macs Do, in Fact, Get Malware

Not to be juvenile about it, but duh. A computer produced by Apple can just as easily be infected by malware and ransomware, just as they can also experience any of the other problems that a PC user would. Hardware failure, slowing with age, crashes, data loss—these and so many other issues can be seen in a Mac.

So, where do we get the widespread opinion that Macs are somehow immune to the issues that Windows devices suffer from?

In short, advertising. Over the years, Apple has had some brilliant advertising campaigns behind it, from the classic “1984” ad that ran during Super Bowl XVIII to the brief clip of John Malkovich talking to Siri. One particular campaign, however, helped to really push the idea that Macs aren’t susceptible to computer viruses.

The “Hello, I’m a Mac” campaign starred John Hodgman as the beleaguered PC, constantly coming up short when compared to Justin Long’s Mac in a total of 66 spots. One of the most famous of these bits outlined how Macs didn’t have to worry about viruses—amongst many, many others over the four years that these ads ran.

In all fairness, these ads were truthful enough. Massive amounts of new viruses are created to attack the Windows system each year, many of them leaving Macs unimpacted. While in fairness, Macs do get viruses, there are far more variants out there that target PCs.

The question is, why?

There are Far More PCs Than Macs, for One

Back in 2018, there was only one Mac for every ten active PCs online. Therefore, if about 90 percent of computers run on Windows, it only makes sense that there would be more viruses focused on Windows.

PCs are the predominant choice for businesses and industries, schools and universities, and home users alike.

To be fair, there isn’t really anything inherently wrong with Macs. Apple’s laptops and desktops are very capable devices. The difference comes from third-party developers. Many business-oriented core applications just don’t have Mac versions, and Apple doesn’t have the low-tier hardware options that are available with the Windows platform. So, when your billing department and your video department have very different needs, there isn’t a reason for you to spend the amount that a high-end Mac costs when a mid-range PC would do the job.

At the end of the day, a Mac and a PC at the same price tier are going to be effectively the same. The big difference is your preference and what your business works best with. Of course, we also have to say that Macs can have some difficulty integrating with a network designed for the PC and the software that most businesses prefer to use.

Mac Users Aren’t Off the Hook

While the fewer number of viruses targeting them has made it seem as though a Mac is the more secure choice of computer, the environment is changing. Malwarebytes recently reported that Mac malware is outpacing PC malware for the first time. The report also states that, between 2018 and 2019, threats to Macs increased by 400 percent.

Of course, it should also go without saying that the type of computer one uses shouldn’t impact that person’s security awareness and hygiene. Macs and PCs alike need to have antivirus and other protections installed, secured by strong passwords by users who understand that risk has no brand loyalty.

At Coleman Technologies, we are very aware of the importance of your business’ security and can assist you in protecting your endpoints and educating your users. To learn more about what we can do, reach out to us by calling (604) 513-9428.

Ransomware is one of the more dangerous threats out there for businesses of all industries and sizes. To help emphasize just how dangerous it is, however, you have to look past the initial threat of having to pay a ransom and look at the other risks associated with it. We’re here to try to get the point across that ransomware is something your business should absolutely be taking seriously.

Ransomware Spreads Easily

There is a reason why ransomware is picking up in popularity, and it’s because it is a remarkably simple threat to spread. While it certainly spreads through the usual methods, like downloading infected files or clicking on suspicious links, ransomware is most effectively spread through the use of phishing attacks which trick users into falling for a trap. Whether it’s being fooled by a phony tech support email or being scammed through a social media message, you can bet that ransomware attacks will use phishing as one of their primary modes of distribution.

Restoring from a Backup is Not Enough

It never hurts to have data backups ready to go in the case of any security breach or attack, but it’s even more important in the case of ransomware as you often cannot get around the encryption on the system without them. Even if you do have a backup, however, there is always the threat that the hacker will steal your data or leak it online somewhere, creating additional problems. Simply put, restoring data from your backup might not be enough to solve all of your problems, and you should be aware of the fallout that could result from such a ransomware attack.

Ransomware Costs More Than Just the Ransom

Some individuals think that ransomware really only costs your business money in terms of the ransom, but the costs associated with ransomware are far more and far scarier than what you’ll pay the hackers for the safe return of your data. In reality, a ransomware attack is going to cause costly downtime—time that your business is not functioning as it should—and you could also be subject to compliance fines. Add in the cost of your data potentially being leaked online, and you have yourself a recipe for the downfall of your business, unless you play your cards right.

Obviously, ransomware is a scary thing to deal with, and not in the expected ways, but it’s fairly straightforward to protect against. And, thankfully, you don’t have to do it alone.

Don’t Let Ransomware Harm Your Business

If you want to ensure that ransomware doesn’t cause trouble for your company, then Coleman Technologies can help. We can equip your business with preventative security solutions, train your staff on how to identify potential threats, and back up your systems so that you’re not impacted drastically in the event of an attack. To learn more, reach out to us at (604) 513-9428.

Excessive Permissions

Data security is a priority for many people, but even amongst them, mobile applications often aren’t even considered a potential threat to their data. While you should ever only download applications from an official application store, some attacks can potentially slip through the vetting process to be distributed via these means. Therefore, it is important to carefully consider every application you have installed and the permissions that each one demands. If these permissions seem excessive for the application’s needs, reconsider if the app is necessary to use (chances are, it isn’t). This helps protect you against the tactic that many cybercriminals use: getting a harmless app to the store, and then turning it malicious with an update once it is downloaded.

Rapid Battery Loss

Buckle up, it’s time for a lesson in physics.

According to the first law of thermodynamics, there is a set amount of energy present in the universe. Energy isn’t created or destroyed; it is simply transferred in different forms from one thing to another. This is important to our point.

Have you ever set your fully charged phone down, not touching it or interacting with it at all, only to later pick it up and find a significantly lower charge? While the technology behind the battery isn’t perfect, the amount of energy lost should not be that extreme. Your phone may be infected with malware, which uses your phone’s battery as it operates in the background processes. Check your battery settings to see which applications are using more power than they should be.

Sudden Password Changes

Let’s say that you type in the password to one of your accounts, and it bounces back labeled as incorrect. Fair enough, everyone makes mistakes. However, if this keeps happening, and you know that you’ve entered it correctly, there’s a good chance that your account has been infiltrated and taken over.

To resolve this, you’re going to have to reach out to the company and reclaim your account, if possible. Whether or not your account can be retrieved, you need to change the passwords for all the others too, just to be safe. Keeping to password best practices and restoring your device from a recent backup to clear out any lurking malware, are solid practices.

From your on-site infrastructure, to the cloud environments you’ve deployed, to the mobile devices your employees use, Coleman Technologies can help you manage your IT. Learn more about our many managed services by calling (604) 513-9428.

Lock. Everything. Down.

Did you know there are entire websites out there, devoted to providing the default factory passwords for different devices? They aren’t on the Dark Web, either - this is on the visible, indexed Internet. Imagine if I were to come in with some idea of what brand of routers you had… if I had the right default credentials with me, I could easily access your router and wreak havoc in your business.

You need to consider every potential access point into your business and ensure it is properly secured. The same goes for any online accounts associated with your business, like cloud storage. Take the time to make sure that everything is secured with a password that meets best practices, and if memories are an issue, use a reputable password manager to simplify the task for your employees.

This also goes for your physical location. Many access control solutions exist that enable you to keep track of who accesses a certain area, and when, with the added benefit of keeping those without authorization out.

Keep Your Antivirus Updated

Many people may assume that, once they’ve installed an antivirus/antimalware solution, they are all set. The trouble is, more malware is being developed all the time, and there’s a good chance it is being developed to help the malicious software get past your antivirus. As it happens, the developers of the antivirus are aware of this, and frequently add new threat definitions to the software to make it more effective.

However, all the threat definitions in the world will do diddly-squat if your antivirus solution isn’t updated to include them. This is why it is important to keep an eye on your network’s health and take the time to check that you have the latest definitions included.

Keep a Backup

Finally, you have the nuclear option against malware… mutually assured destruction, that only you can recover from. That is, as long as you’ve been maintaining a proper backup.

If you should fall victim to a malware infection, completely wiping your devices and quite literally starting from scratch with them is your best hope of getting rid of it. However, in order to keep yourself from crippling your own business while doing so, you need to maintain an ace in the hole. By keeping a backup that passes best practices, you can be sure to have your data if you have to sacrifice your original copy.

Coleman Technologies can help you do all of this, and more. Reach out to us at (604) 513-9428 to learn more.

I hate to be the bearer of bad news, but when it comes to cybersecurity threats it’s kind of hard not to be. I used to look at it from two sides; one side is fascinated at the innovation and intensely brutal ways that high-end cyberattacks work, and the other side of me loses sleep at night worrying about these risks affecting our clients, prospects, and even my own business. This one particular classification of cyberattack, however, takes the cake for being especially frightening.

Introducing Killware, About as Bad As Cybercrime Gets

Imagine a computer virus or malware that is specifically designed for your organization. It knows the software and hardware you are using. It knows what settings and configurations can cause the most harm to your organization. It knows exactly how to slip in, infect the most vulnerable parts of your business, and do massive damage.

That implies a lot of things. It suggests that the cybercriminals targeting you are intimate with your organization and its inner workings. It suggests that the bad guys have an insider, or that you’ve already been compromised so severely that they may as well have an inside agent. Either way, at this point, the network is more their network than it is your own.

But it gets worse.

Not only can they dish out a threat to do harm to your business, but the goal of Killware is to cause as much public harm as possible. This is a frightening mixture of cybercrime and terrorism. It’s real, and it has real consequences.

A Cyberattack Almost Poisoned an Entire Community in Florida

In 2021, a water treatment plant in Oldsmar, Florida, a small city with a population of almost 15,000 people, suffered from a cyberattack. The attack seemed to have a singular goal; to raise the amount of sodium hydroxide in the water that Oldsmar residents were drinking. 

Sodium Hydroxide is used in water treatment to manage the pH level and reduce lead corrosion. In small amounts, it is considered safe. In larger quantities, it can cause severe burns and permanent tissue damage. The attack increased the amount of sodium hydroxide being added to the water by a factor of 100.

Fortunately, staff at the water treatment plant noticed the change immediately and nobody was hurt.

Cities and Local Government Systems are Often the Target

We’ve seen a few cases over the years where malware disrupted portions of city and town infrastructure. In 2018, Atlanta suffered from an attack that took down over a third of its systems, and it cost taxpayers over $17 million and over a year before things went back to normal.

In 2019, Baltimore suffered from a similar attack, which impacted the state's real estate market and dozens of other systems. The attack cost the city an estimated $18 million.

Healthcare, Nonprofit Organizations, Banks, and Others are at Risk Too

The U.S. Department of Homeland Security warns that other critical services like hospitals, police departments, utilities, and other highly networked industries are potential targets for this kind of attack.

In order to reduce the risk, organizations need to take cybersecurity seriously, and ensure that regular audits are happening throughout the year. Committing to industry compliance standards is a good first step, but depending on your industry, your business may want to raise the bar even more.

No matter what kind of organization you run, you have employees and customers to protect. Coleman Technologies can help secure your business so that your organization avoids doing harm to the community in the event of one of these devastating attacks. 

There is a lot made about ransomware, for good reason. It is quite simply one of the nastiest cyberattacks out there and it demands your attention. A lot of people understand what exactly ransomware sets out to do, but they don’t understand how it got that far and how to address the situation if they have the misfortune of being put in that position. 

How a Ransomware Attack Works

Basically, the ransomware attack can be deployed in any way that malware would get into a network. Most of the time it is deployed through phishing, which is a scam that uses fear to get people to make impulsive decisions and give network or system access to hackers. Once in, it is pretty simple for them to execute malware, including ransomware. 

Once run, the ransomware will encrypt and lock down all of the files on a device or even a network and then inform the user that they have been infected. File access is replaced with a notice with a ticking clock: Pay the ransom demanded or else. 

What Do You Mean “Or Else”?

Ransomware is one of those rare attacks that can hurt your organization in many different ways. Obviously, holding your files and data isn’t exactly targeted altruism, so that is the first sign that something terrible is happening. The ticking clock telling you that you have only a short amount of time before your files are lost forever isn’t great either. While we never recommend paying the ransom, it might seem like the only viable choice to get back in action following such an incident. This is especially true in more recent ransomware cases where hackers are also threatening to release encrypted data if the victim refuses to pay the ransom. This puts businesses in a difficult situation; do they risk the security of their data as well as the fines that come from the failure to properly protect it, or do they pay the ransom? It’s a lose-lose situation, and one that is entirely preventable with enough precautions.

What Can You Do to Stop Ransomware?

Let’s look at three strategies that you should have in place to help you ward off all types of cybercrime, including ransomware attacks:

Train Your Users to Detect Phishing Messages

Phishing is the #1 attack vector for ransomware and if you train your staff about the signs that they may be dealing with a potential phishing attack, the less likely your business will ever have to deal with ransomware. Some things your staff should be on the lookout for in their correspondence include:

• Messages that ask for sensitive information.
• Messages that use different domains from legitimate sources.
• Messages that contain unsolicited attachments and links.
• Messages that tend to have poor grammar and don’t typically have the elements of personalization that you would expect.
• Messages that try to elicit panic resulting in impulsive action.

A message having any or all of these variables doesn’t automatically make it a phishing message, but the illegitimacy of phishing messages can often be ascertained by the message itself. 

Keep Your Software Patched

You will want to make sure that firmware, antivirus software, operating systems and other applications you utilize are consistently patched. New ransomware versions come out of the blue and by the time anyone catches on, the hackers that perpetuated them are counting their Bitcoin. By patching software, you ensure that your software is current and has taken into account the threat definitions necessary to keep malware of any type out of your network. The knowledgeable professionals at Coleman Technologies have a patch management platform that can save you and your staff the time and effort needed to keep up on all new software updates. 

Backup Your Data

Finally, you will always want to back up your data; not only to combat ransomware, but because it could literally save your business. Having up-to-date backups can help you bypass the ransom demand and restore data and applications affected by the hacker’s encryption. Since most ransomware today is sophisticated enough to search for backup files, you will definitely want to keep a backup offsite, so that they aren’t corrupted.

If you would like to ensure that your business is set up to combat ransomware, give the IT experts at Coleman Technologies a call today at (604) 513-9428. 

WhatsApp is one of the world’s most popular messaging applications. With over 2 billion users, WhatsApp is known for its relative security, as it is one of the few messaging applications that offers end-to-end encryption. A modified version of WhatsApp, called YoWhatsApp, has been reportedly deploying malware.

What is YoWhatsApp?

YoWhatsApp is an unofficial version of WhatsApp that users can download and install on their smartphones. The developers claim it offers the ability for users to lock chats, send messages to unsaved numbers, and customize the look and feel of the application with various theme options. There are other unofficial WhatsApp versions out there with similar enhancements.

This sort of thing isn’t new. Ever since the early days of instant messaging software, developers have been building “enhanced” versions of popular messaging applications. Back in the early 2000s when AOL Instant Messenger was popular, there were several unofficial versions that offered additional features that removed ads, allowed more anonymity, and offered more features than the source material. However, using these third-party versions often came with some risk—sometimes they contained malware or made your account less secure.

This definitely appears to be the case with YoWhatsApp. 

What Are the Risks of Using an Unofficial Version of WhatsApp?

According to a recent Kaspersky Report, YoWhatsApp distributes Android malware known as the Triada Trojan. The same was discovered last year with FMWhatsApp, another modified unofficial version of the application.

Triada gains control over your SMS messages, and can enroll its victims in paid subscriptions without their knowledge and impersonate them, sending spam and malicious content to others from their phone number.

This, in turn, can then affect users who actually use the official versions of WhatsApp. 

While, as far as we know, WhatsApp is generally a safe application to use, the various third-party versions are not.

Understand What You Install

The concept of third-party developers creating unofficial “enhanced” versions of popular software isn’t anything new. It isn’t always a risk either, but you need to consider that unofficial versions aren’t usually as supported or secure as the official ones. If someone made a variation of Microsoft Outlook that offered some new features that the original didn’t have, and then Microsoft found and patched some vulnerabilities in their original version of Microsoft Outlook, it would be up to the third-party developer to also patch and update their version. You can’t really rely on that. You also need to consider that cybercriminals will go to great lengths to extort money from a wide set of users, and that includes building a “better” version of a popular app and paying to run ads to get users to download it and install their ransomware.

Whenever you install anything on your PC or smartphone, be sure to check to see if you are getting it from the official developer. If you aren’t sure, take some time to do a Google search, or reach out to Coleman Technologies to have us help you. It’s better to be safe than sorry.

The Internet is pretty great. You can watch videos of cats being weird, and then watch the London Philharmonic Orchestra perform Stravinsky’s Rite of Spring. Then you can go on Reddit and learn how to replace the drywall in your bathroom. Just another typical Sunday afternoon with the Internet, right? 

Unfortunately, the Internet isn’t always perfect. It can be pretty dangerous, and we’d like to share some surprising terms that can lead to dangerous websites and malware if you search for them on Google.

Quick disclaimer: None of these topics are necessarily dangerous on their own, and there is bound to be a lot of great, wholesome and family-friendly content about each of these terms out there on the Internet. That being said, we’re going to explore how these terms ended up being so dangerous to show you why you, your family, and your coworkers should be careful online.

Threats Lurk Beyond Innocent Family-Friendly Topics

A lot of the things that kids really enjoy are often targeted. Cybercriminals know that a child might not be as well-versed in cybersecurity as an adult, so if they can spread malware to kids doing innocent searches for shows and movies, they will.

According to Home Security Heroes, an organization dedicated to helping families stay safe online, over half of the search results for terms like “The Boss Baby,” “Sonic the Hedgehog,” and “Pokémon” could lead to malware or other online threats.

Video game-related search terms like “Animal Crossing: New Horizons” carries a pretty strong risk of malware as well, with 46 percent of the results containing malware-infected domains. This is a cute game where players move onto an island and make friends with talking dogs, frogs, and other adorable animals and give each other gifts. The content of the game itself is extremely kid-friendly, but websites offering guides or illegal downloads of the game could be dangerous.

The Most Dangerous Celebrities to Search For

Several years ago, long before the pandemic, Emma Watson was one of the most dangerous celebrities to Google search, with a shocking number of websites having links to malware or other potential threats. 

Today, the prom king and queen of dangerous search results go to the fabulous Chris Hemsworth and Anne Hathaway—so the mighty Thor and 2012’s Catwoman for the comic book nerds out there. Interestingly enough, Chris Hemsworth and Anne Hathaway were set to star in a movie together back in 2013 called Robopocalypse, but it doesn’t seem to have come to fruition.

To no fault of their own, these two celebrities suffer from a similar affliction to the family-friendly movies above, but an estimated 75 percent of the search results for their names potentially contain harmful content or malware.

Other actors and actresses like Kaley Cuoco, Olivia Rodrigo, Neil Patrick Harris, Chris Pine, Chris Evans, Chris Pratt, and Zendaya also have a ton of risky search results.

But We Can’t Ignore the Queen

She’s always having her best year ever, and is loved and adored by fans of all ages. Yes, we’re talking about the infamous Taylor Swift. Tay-tay, or T-Swizzle, or Queen America herself might be one of the greatest musical icons of our time, but a whopping 79 percent of her search results are potentially dangerous.

That doesn’t mean you can’t search for her and find safe content, but it does mean that there are thousands of websites out there that are trying to trick users into reading up on the brightest star in the music industry, only to infect your computer with malware or steal your personal information.

If you are a little more old school, the Backstreet Boys are right behind her with 76% of their results being sketchy and potentially dangerous.

The Huntsman Spider

What’s bigger than your hand, has eight legs, and eats mice?

You don’t really want to know, but it’s the huntsman spider.

We’re not sure what percentage of websites about this horrific monstrosity have malware; in fact, Googling it is probably a lot safer for your computer than searching for Chris Pratt. Still, these spiders are huge and anyone without ironclad constitutions should probably avoid giving themselves nightmares and not go down that rabbit hole.

All Joking Aside, the Internet Can Be a Dangerous Place

There is a lot of great information and opportunities on the Internet, but there are plenty of people trying to take advantage of everyone else as well. In order to protect yourself, you need to have the proper security measures in place, including antivirus and anti-malware. Your organization needs to be monitoring your endpoints and security, and equip your network with firewalls and security policies that keep your employees and customers safe.

If you want help securing your business, give us a call at (604) 513-9428.

Your Computer Can Make You Money?
Certainly you’ve heard of cryptocurrency, which is a type of currency that is “mined” from a computer. The most common cryptocurrency is Bitcoin. Bitcoin is generated by computers that crunch through numbers. Some organizations have warehouses full of high-end servers that are constantly mining for Bitcoin. The average computer can’t really handle this task, but with enough of them, hackers can start to receive a considerable sum.

Why Is This Dangerous?
Cryptomining is dangerous particularly because of how intensive the process is. It can take a toll on the average device if it’s left unchecked. As previously stated, it takes an exceptionally powerful machine to effectively mine cryptocurrency. This causes the device to experience an abnormal amount of wear and tear. Over time, you’ll notice that your device will start to decrease in efficiency and slow down.

Other ways that this might affect a business is through the immediate costs associated with cryptomining affecting your hardware. You might notice an abnormally high electricity bill from a server being influenced by cryptomining, or a cloud-based service working too slowly. Either way, the end result is a negative effect for either your employees or your customers.

How You Can Protect Your Business
If you’re looking for cryptomining on your network, be sure to keep an eye out for suspicious network activity. Since the malware will be sending information over a connection, you’ll be able to identify suspicious activity during times when there shouldn’t be as much activity on your network. In this particular case, the data being sent is small, making it difficult to detect for businesses that transmit a lot of data.

Security professionals are turning toward machine learning to detect and eliminate cryptomining troubles on networks. Machine learning can analyze a network’s traffic for the telltale signs of cryptomining software. Another method is to use a SIEM solution that gives network administrators the power to discover consistent or repetitive issues from potential malware.

To keep your business safe from the looming threat of cryptojacking, you should implement measures to ensure all common methods of attack are covered, including spam, antivirus, content filters, and firewalls. To learn more, reach out to us at (604) 513-9428.

Like many of the past few years, this year has witnessed a significant surge in high-profile ransomware attacks. If you haven't already strategized how to safeguard your business from these threats, now is the time to act. Fortunately, you can take several proactive measures to mitigate the impact of ransomware attacks, and it all starts with preparation.

Effective preparation begins with a deep understanding of your technology infrastructure. By comprehensively knowing the ins and outs of your network and the interconnections between various business units, you gain a crucial advantage over potential hackers. For example, creating segmented areas within your network can limit the damage hackers can inflict, confining their impact to specific business units rather than compromising the entire infrastructure.

Maintaining strong access controls is essential to prevent ransomware and other threats from causing widespread damage. Monitoring an entire network simultaneously can be challenging for IT departments, but designing systems that impede hackers' movement enhances your ability to isolate and address issues swiftly.

Information is extremely important in the battle against ransomware and other threats. Understanding and improving your pre-attack informational advantage when formulating your cybersecurity strategy is a critical action that every business has to take. While keeping hackers out entirely is ideal, recent attacks have shown this isn't always feasible. Preparation is key to staying ahead of threats.

It's important to note that these principles apply to ransomware and various other threats that may jeopardize your infrastructure. While ransomware garners significant attention, proactive measures such as multi-factor authentication, unified threat management, and robust access control solutions can mitigate various threats.

We're here to assist if your business wants to fortify its network infrastructure against ransomware and other threats. Our expertise in implementing preventive measures (like those above) can provide peace of mind. With us managing your cybersecurity strategy, you can confidently focus on your daily operations, knowing you're well-equipped to handle any potential infrastructure challenges.

To discover how Coleman Technologies can bolster your business' defenses, contact us today at (604) 513-9428.