Recent Posts

Hackers Love Small Business – Protect yourself!

Hacker Sitting at LaptopYou’re a small business.  It may be easy to make the assumption that you are less of a target than much bigger companies.

“I’m too small to be a target!”

Hackers often use automated exploit tools and delivery them on a mass scale.  The unfortunate scenario is that most small businesses are less prepared to deal with these attacks, which simply leaves them more exposed than larger businesses that have dedicated technology experts on staff.

 

The “I’m too small” mentality

In a recent survey by Towergate, a U.K. based insurance company, 82 percent of small business owners believe they are safe from hackers and cyber-crime because they didn’t have anything worth stealing.

22 percent of those same small business owners believed that they simply “don’t know where to start” with improving their IT and cyber security profile.

We specialize in helping Small Businesses protect themselves and their data.

Contact us to see how we can help.

Easier Targets & Supply Chain

The smaller the business, the less likely they will have the resources to design and implement a strong and secure business network.  Often very small businesses started from the home and slowly evolved, often using the same residential computers, software and equipment they started with.

While this makes sense from a cost saving perspective, an investment in computer systems and security is now considered a business essential.  Failing to do some can cause actual harm to your clients and contacts or irreparable harm to your reputation.

One often neglected area of concern is looking at your customers.  Do you deliver them with critical parts of their business?  If you were to be hacked, would it be detrimental to the companies you work with?

One example recently is Target, the large retailer.  Data thieves hacked a heating and cooling contractor – which in turn gave them access to Target’s systems and caused one of the largest breaches in the past few years (over 70 million customer records stolen).

Do you think Target kept them as a contractor after that fiasco?

How does a small business protect themselves?

The truth is a handful of things that can be done that reduce your risk profile immensely and that by implementing these programs and systems you can limit your exposure.  No one can promise you won’t get a virus or that you will never get hacked.  All you can do is follow best practices and put in the systems in place to deal with any issues as they arise.

Some of the most important factors for protecting yourself are simple and common sense.  Here is our list of the most basic ways to help protect your small business from hackers.

The List

1 – Install a quality antivirus and firewall software and make sure it is maintained and monitored.

2 – Install a good Hardware Firewall / Router for your business.

3 – Keep your operating systems and software updated and patched pro-actively.

4 – Use a modern e-mail service provider that includes an e-mail filtering system.

5 – Educate your staff on Internet and Email safety

6 – Have a quality system put in place to backup your critical information and data.

7 – Partner with KDTS today!

Fujitsu ScanSnap ix500 Scanner

In all honesty, this is one of my favourite pieces of technology that I’ve used in years.

If there is was only one product that I was to select for my desktop, it would probably be this scanner.  The Fujitsu ScanSnap ix500, it’s fast, easy to use and can be configured in many different ways.

Why I like the Fujitsu ScanSnap ix500

Obviously the world has come a long way since flatbed scanners, and every type of scanner has it’s place.  The Fujitsu ScanSnap ix500 is a workhorse of a scanner, it’s super fast, dual sided scanning both in colour and black and white makes scanning large documents literally a Snap!

I started to use ScanSnap’s with the smaller portable Fujitsu ScanSnap S1100 – Which is great for Salesmen and Road Sales — but Fujitsu really produced the work horse with the ix500 Desktop Model.

The Quick Specs on the ix500

  • 25 pages per minute (ppm) of colour scanning dual sided (50 page doc in 1 minute!)
  • It can be used over the network or USB
  • It works on Windows or Mac systems
  • Can be configured for easy 1 touch scanning to network
  • Can be used to scan directly to e-mail or other applications

 

What is the best use for the ScanSnap ix500?

While the ScanSnap ix500 can be used as a shared network based scanner, it really comes in to the zone when it is used on a per-desk basis.

If you are trying to be a paperless office, you need to make sure that it is easy to use, available, and fast and this scanner really meets all of those requirements.

Our company is an on-site support IT Services company and we have roughly 75-100 of these scanners deployed amongst all of our clients and have worked exceptionally well for:

  • Legal Firms
  • Accounting Firms
  • Book Keepers
  • Receptionist
  • Warehouses

 

Really we recommend them for anyone who has a high paper volume or is pushing towards a fully paper-less archiving system.  Many Canadian companies are starting to go fully digital in regards to their receipts and documentation for the CRA, using services like HubDoc to store and sort their receipts.  This device is really complementary in this type of situation.

Where does the ScanSnap ix500 not a great fit?

If you need to scan high resolution graphics, photographs and things of that nature, there are certainly other products that are better suited to your needs.  Generally, any feeding type scanner won’t produce a really exceptional result for anything particularly high resolution.

This scanner is definitely geared towards documentation and receipts, with a page width of 8.5″ (though the length can certainly be flexible).

Paperless Offices and the ScanSnap ix500?

Many companies, especially paper heavy ones end up with massive filing rooms or pay large monthly fees to document storage facilities. Scanning all your documentation provides a few benefits that are worth noting.

  1. Free up storage rooms full of boxes and reclaim expensive office space
  2. Searching for documents in digital format can be fast and efficient, if setup and planned correctly.
  3. Reduced expenses from storage facilities and document retrieval fees.

 

Now truth be told, going to a fully electronic documentation system does have its trade-offs as well.  With an increase in data, you need to an increase in server storage capacity as well as ensuring your backups are exceptionally protected — both of these things come at an added expense.  Though most of the time these trade-offs cost less than the storage costs associated with physical archiving.

How long does the ScanSnap ix500 Last?

Just as a sample of the ones we manage for our clients (about 75-100 at any given time), we see extremely low failure rates.

On average they exceed a 4+ year life span and we haven’t had any out of the box failures to date.

One issue we did see was if the USB Cable needed was excessively long it sometimes impeded the scanner for working perfectly, but a shorter USB Cable or higher quality cable typically resolved those type of issues.

Out of all the ones that have broken on us, there was an underlying reason for the failure — The person ran wet ink, staples, paper clips, tape or something through the device which ended up messing up the imaging surface, we’ve actually never had one die on us purely from “wear and tear”, which says a lot about the quality of units produced.

Multi-Functioning Printer (MFP) or a ScanSnap ix500?

It’s fairly standard in offices to have a few shared multi-function printers that take care of printing, scanning, faxing and so forth.  Personally I’m a fan of not having to leave my desk to scan documents, and like to have them instantly available to me.  I think the ScanSnaps aren’t exactly an apple to apple comparison because the nature of this device is at the individual desktop level – scan quality and speed would likely been comparable, but for me it comes down to productivity and I think the desktop scanners win hands down.

From a cost perspective, these ix500’s run about 600-700$, so there is certainly a higher cost to deploy them at the desk, but depending on the nature of your business and how many staff you have you may see enough of a productivity gain to warrant the costs.

Order one now from Amazon: 
Fujitsu ScanSnap iX500 Scanner for PC and Mac (PA03656-B005)

 

GoldCorp in Major Databreach (Vancouver)

goldcorp Vancouver databreach

Vancouver based GoldCorp Inc. has had a MAJOR data breach according to the DailyDot Website.  GoldCorp Inc has CONFIRMED the databreach.

The information first came to light on DataBreaches.net.  Where hackers reached out to report the breach.

A SAMPLE of the data was released by hackers, which was over 14GB in size alone, so the scope of this hack could be major.

The dailydot website says the sample data contains:

  • Correspondence to some employees about performance,
  • compensation rates,
  • proprietary information,
  • banking details and
  • 2016 budget information

 

“According to the hackers, the information in the current data dump includes, but is no limited to:

  • T4’s, W2’s, other payroll information
  • Contract agreements with other companies
  • Bank accounts, wire transfers, marketable securities
  • Budget documents from 2012 – 2016
  • Employee network information, logins/passwords
  • International contact list
  • IT Procedures, Disaster Recover, VMWare recovery procedures
  • Employee passport scans.
  • Progress reports
  • SAP Data
  • Treasury reports

 

[S]everal more data dumps are being prepared, the hackers wrote in the paste. [T]he next dump will include 14 months of company wide emails, emails containing some good old fashion corporate racism, sexism, and greed.

For the full article and on-going details, please follow:

 

Encrypted Messaging – Protect Your Privacy

Viber and WhatsApp

In the past few weeks several companies have implemented full end-to-end encryption systems on their platforms, WhatsApp and Viber.

WhatsApp, owned by Facebook, is used by over a billion people around the world and the addition of end-to-end encryption is a massive leap forward for the protection of your personal privacy.

Viber, a popular mobile messaging app, which includes video, voice and text chat has over 700 million registered users.

End-to-End Encryption is a big leap forward in protecting your communications because it removes the ability of the company to comply with any court order that demands access to the content of your messages on its service.

Recently in the news we all watched as the FBI and Apple duke it out in court about bypassing or unlocking a phone used by a terrorist in the US –  This type of move removes the ability of the company to compile with such requests because the encryption happens from device to device, not storing a “plaintext” version of your message in the hands of the company.

As more and more companies start to implement strong encryption in their applications and platforms we are seeing an increase in the rhetoric from government officials coming out against encryption, under the guise of national security.  The governments want backdoors or the ability to unlock the encryption for the purposes of surveillance and monitoring, but of course the introduction of any backdoor for one country would ultimately lead gaping security holes as other nations break the backdoor security.

We are definitely living in interesting times, government and media put so much spin and scare in to the population over IT Security, Hacking and Exploits that there has been people likening the current state to cold war era warmongering.

Simple Definition of End-to-End Encryption

End-to-End encryption is a method of communicating where by only the parties directly involved can read the messages.

This means no eavesdroppers can access read the messages while it is in transit, because only the sender and recipient have the security keys. So while the message may pass through your wireless plan provider, ISP, the company that made the software, and other services en-route, it can actually only be opened by the final recipient.

Your ISP can Spy on You

Buy VPNHow much personal information do you put on the Internet?

How would you feel about your Internet Service Provider (ISP) knowing everything that you do on the Internet?

Your ISP probably has logs of every single thing you have accessed on the internet, from websites visited to music and movies you may have watched.

While this all seems very innocent, are you comfortable with them knowing who you do business with, websites you order from or the private multi-media you may access?

Can you surf the web anonymously?

You can absolutely surf the web anonymously!  The most common method is by using a VPN or Virtual Private Network.

A VPN in its most simple explanation encrypts all information between your computer and the VPN server you are connected to.  When you request a website, the VPN server gets your request and then relays it to your computer securely (encrypted).  This means information between you and the VPN server cannot be read by other people, such as your ISP.

Because the VPN server is what requests information from the Internet, it is your “public facing” IP address — so any downloading appears to be have done by someone other than your personal ISP and connection.

Why should I use an Anonymous VPN?

Many people are simply concerned about their general privacy, big companies scooping up public and private information about you in order to target you for advertising.  Some people get concerned of the “big brother” situation that all their information is being watched or reviewed by the authorities, and with so many recent revelations around National Security issues it seems like a legitimate concern.

An Anonymous VPN software just makes sense to protect your privacy.  You can view any website and products you want without them being linked to you in real life (of course you still need to be cautious about giving your real name, credit card or personally identifiable details).

Anonymous VPN’s also allow you to pick from many different locations around the globe.  This allows you to view a website or advertisement as if you were physically located in a different place.  This can be extremely handy for both Market Research as well as testing Advertisings you many be running.

We strongly recommend an Anonymous VPN be used for your home web surfing as well as installed on your mobile devices.  Encrypting your connection with a VPN on your phone will stop the mobile phone company from tracking your website usages as well.

Our company recommends “Private Internet Access” or “PIA” as it’s primary public VPN.  Their servers are fast to facilitate video or music streaming as well as peer-to-peer file sharing sites like BitTorrent.  PIA has a strong public record of protecting its users privacy and is considered one of the top tier Anonymous VPN Services at the time of writing this article.

Trump Hotel Credit Card Breach 2

Trump Hotel Las VegasSecurity News Reporter Brian Krebs is reporting today that the Trump Hotel Collection may have been breached a second time within one year.

The Trump Hotel Collection is a group of 12 hotels owned by Presidential hopeful Donald Trump.

According to Krebs, the Banking industry insiders have “noticed a pattern of fraud on customer credit cards which suggests that hackers have breached credit card systems at some – if not all – of the Trump Hotel Collection properties.”

Trump has been outspoken about the lack of cybersecurity used by the United States Government saying it is “obsolete” and they are being “toyed with” by adversaries from China, Russia and elsewhere.

While it may be true the US Government could be more advanced in its cybersecurity, you would think he would have hired the best experts possible to protect his business interests.  But given how divisive his politics are, it is not particularly surprising his private business is under attack, he’s upset so many he no doubt has a giant target on his back.

While Trump may currently be the lightning rod in this case, the hospitality industry in general has been hit extensively by breaches in the past few years.  Major chains just as Hilton, Hyatt and Starwood have been hit by card thieves as well, often hitting retailers in the hotels and restaurants.

With Vancouver Trump Towers opening, one might consider paying cash!

3rd Significant Ransomware Hack on Hospital

Locky Crypto Virus HospitalIn a story reported by Brian Krebs we have yet another mainstream ransomware virus outbreak affecting a large medical facility.

It just goes to show how vulnerable both large and small organizations can be if they are unprepared for such an emergency.  So far it sounds like only 1 of the 3 victims was fully prepared to deal with the outbreak (Ottawa), which means they probably has a good Backup and Disaster Recovery Plan (DR).

In the past few months there have been three notable outbreaks in hospitals:

  • California Hospital ($17,000 Ransom)
  • Ottawa Canada Hospital (Restored from Backup)
  • Kentucky Hospital ($1,600 Ransom)

 

What is the Locky Ransomware Virus?

The Kentucky Methodist Hospital declared an “internal state of emergency” in order to deal with the infection caused by the “Locky Crypto-Ransomware Virus” (Symantec: Trojan.Cryptolocker.AF).

Locky “has been spreading quickly since it first appeared on Tuesday (February 16).  The attackers behind Locky have pushed the malware aggressively, using massive spam campaigns and compromised websites.

One of the main routes of infection has been through spam email campaigns, many of which are disguised as invoices.  Word documents containing a malicious macro are attached to these emails.”

“If this macro is allowed to run, it will install Locky onto the victim’s computer”

How can I protect my Small Business from Ransomware?

  1. Install, Configure and Maintain a quality Antivirus and Monitoring System
  2. Employ an Anti-spam / Content Filter on your E-Mail Servers
  3. Properly Maintain and Patch Windows and Software Programs
  4. Limit End-user Access to Mapped Drives
  5. Deploy and Maintain a Quality Backup System
  6. Restrict users from running macro’s in applications by default
  7. User Education – What to look for and avoid
  8. Sign-up for our newsletter to keep learning!

 

 Check out the full article: 7 Tips to Save your ass from Ransomware Viruses!

refs:
  • Symantec: http://www.symantec.com/connect/blogs/locky-ransomware-aggressive-hunt-victims
  • Brian Krebs: http://krebsonsecurity.com/2016/03/hospital-declares-internet-state-of-emergency-after-ransomware-infection/

Canadian Hospital had Ransomware Flushot. Do you have yours?

Ransomware Keyboard Lock Icon“A Canadian Hospital in Ottawa as confirmed that its network of 9,800 devices was hit with ransomware last week which encrypted the information on those machines making it unaccessible to hospital administrators.”

Thankfully this hospital had the correct safeguards in place to protect patient data and be able to fully address the virus by wiping the network and restoring from backup.  I like to call this their “flu shot”, they anticipated and protected themselves and put their plan into place!

This is the second recent story about a hospital getting infected with Ransomware, the last one (Hollywood Presbyterian Medical Centre in LA) wasn’t as prepared and ended up paying nearly $20,000 ransom to get access to its data, as well as having a lot of negative PR.

Is your network properly backed up so you could do the same?

With ransomware, cleaning the infection from the computers and servers essentially means wiping the computer or server and reloading it again from a good backup.  This means that your backups need to be bulletproof so you can walk away without any data loss.

Our company specializes in Data Protection, Call us at 604-285-0117.

We implement some of the best backup solutions on the market today for small and medium sized business.  Our backup solutions can backup your system as often as every 15 minutes, so you are constantly protected.  We expertly install our backup systems and monitor them to ensure that they are working correctly and will successfully restore your data in the event of an emergency.

Ransomware is one of the biggest security threats of 2015 and 2016 to date.  Cybercrimminals are moving in droves to create new malicious programs and according to a McAfee researcher there were more than four million samples of Ransomware in the last year.

Do you know how to stop viruses in the first place?

Most dangerous viruses recently transmit over e-mail, often referring you to a website or some content related to your business, or a fake invoice as an attachment.

When the user opens the attachment or website the ransomware starts to encrypt the data on your computer and then posts a message to pay a ransom to re-access your data.

Generally, they ask you to pay this ransom in BitCoin, which once sent is untraceable.  There is no guarantee the criminal will actually unlock your files after you send the money, so your best case scenario is always ensure that your backups are working perfectly so they will protect you in the event of an infection.

We will help you secure your workstations, pre-filter your e-mail and ensure you have a monitored antivirus and monitored backup system in place and running all the time.

If you are worried about where your network is today, call us now: 604-285-0117

Source: http://www.ottawasun.com/2016/03/13/ottawa-hospital-hit-with-ransomware-information-on-four-computers-locked-down

Hackers almost steal 1 billion from the Fed-but… your safe …right?

hacking the bankThe Bangladesh Central Bank nearly lost $1 billion US dollars due to hackers. The hackers managed to breach Bangladesh Bank’s computer networks and initiate transfers worth nearly $1 billion dollars directly from the Federal Reserve Bank of New York!

Hackers bombarded the Federal Reserve Bank with 3 dozen transfer requests, $80 million of which were processed!

What stopped the hackers? A Simple typo in the name of one of the wire transfers!

What have you done to protect yourself? What if it was your money?

It is a falsehood to believe that you can 100% stop hackers, especially large nation-state sponsored attacks and large criminal enterprises, but by implementing simple due diligence and reviewing your current protection regularly, you can at least mitigate the risk dramatically.

I’m too small to be targeted! Or am I?

You may not be directly targeted, but most modern hacks come from spam, fraudulent e-mails and infected websites and programs. While a billion dollar hack might be the holy grail for hackers, they are equally content to extort or steal $10,000 or $100,000 from you.

Email us right now and we can put in a simple but effective plan in to place that will help to monitor and protect your network within a week. It will mitigate the vast majority of your attack surface and give you piece of mind that you are protected.

Our systems automatically update your antivirus, notify our data centre of infections, routine software maintenance and over-all monitoring that will help to identify potential issues. Couple that with our exceptional backup system and you can sleep soundly knowing that you are not only protected, but you have us watching your back.

Email us today and we can have you protected in just a few days time!

It’s that easy. Email now.

Source Article – CBC: http://www.cbc.ca/news/technology/bangladesh-bank-typo-hack-new-york-fed-1.3485125

Your Internet is Wiretapped

Buy VPNYes, your Internet is Wiretapped!

Your Internet traffic to and from your computer and mobile devices is being analysed, processed and stolen.

This information can be used to steal your passwords, conduct identity fraud, compromise your banking and e-mail accounts and really ruin your day!

Hotels, Internet Cafes, and Public wireless spots are about the most dangerous places you use the Internet.

But there is an easy solution

Using a VPN (Virtual Private Network) encrypts the data between your computer or device and the site you intended on visiting.  That means the information is secure and safe as it travels over the Internet and isn’t susceptible to snooping or wiretapping.

In addition to the criminal element that tries to snoop your data, many global government spy agencies are always monitoring.  Using a VPN helps to anonymize your connection and keep even “legal” (government spying) data monitoring systems at bay.

For general, residential or travelling use, we strongly recommend a service such as PIA (Private Internet Access), out of all the services we’ve reviewed we found their servers always performed the best in terms of speed and were extremely user friendly.

Protect your identity from fraud and snooping today.

Note:  This article is in regards to personal internet use, business VPN solutions are similar in nature, but directly tied to your corporate network.