Over the weekend you may have seen various news reports of a worldwide ransomware attack hitting thousands of networks.
Ransomware is a form of malware (bad software designed from some harmful or illegal purpose). It encrypts all of the files on your computer then notifies you that if you want the description key, you must send the author money in exchange for the key. Without that key, you will never be able to open any of the encrypted files again.
Most ransomware needs to be invited onto your computer. Hackers do this by tricking you into clicking on a link and agreeing to install it on your computer. This one was a little more dangerous since once it gets into a local network it can attack any computer that has not been updated with the most current Windows security updates.
All firm computers are configured to update themselves automatically. This is why you occasionally get notices from your computer that it will need to restart to install updates. It is very important that you don't disable this function, even if it is occasionally annoying.
If, at home, you are using an older XP computer, or a computer that does not have updates turned on, you are playing with fire. You are vulnerable not only to this but other attacks as well. It's a bit like leaving your front door unlocked when you leave for work each day. Nothing may happen, but do you really want to take that chance?
The firm's primary defense against ransomware is a good backup system. If our network gets hit with ransomware, we would have to delete all the current file and restore from backup. Longer term, we hope to put in place a document management system that will protect our files from such attacks, even if some computers on the network become compromised.
To read more about the latest attack, check out these articles from the BBC, NPR, and the Verge.
Margolis Edelstein Tech Blog
Showing posts with label network security. Show all posts
Showing posts with label network security. Show all posts
Monday, May 15, 2017
Wednesday, May 3, 2017
Security Issue
This afternoon, many in the firm received an email from someone we knew inviting you to view a shared Google Document.
This was, in fact, a sophisticated phishing attack that hit Google users worldwide. It took advantage of a security oversight in Google that allowed third parties to name a customized Google App that they created with a name that made it appear to be part of Google Docs. If you want to read more, check out this article.
If you clicked on the link to go to the document, you were sent to what looked like a login screen which then asked to go give rights to your contacts and your Gmail account. If you gave the app those rights, it would then send out a share to all of your contacts, inviting them to view a Google Doc that you were supposedly sharing with them.
The good news is that the App was pretty harmless. It did not do anything beyond sending out a share notice to your contacts. Google has also now shut down the app in question and removed any rights that you may have inadvertently given to your account.
Some people have requested password changes or that we scan your computer for malware as a result of this attack. We are happy to change your password if you like, but there is no evidence that this attack ever got access to any passwords, nor did it ever access your computer.
Going forward, if you ever see anything asking for rights to your account, that should be a big red flag that something is wrong. There are occasional apps that might require such rights. For example, if you connected MS Outlook to your Gmail, it would request such rights. But if you ever have any questions about rights being given, be sure to contact the Help Desk so we can take a closer look.
This was, in fact, a sophisticated phishing attack that hit Google users worldwide. It took advantage of a security oversight in Google that allowed third parties to name a customized Google App that they created with a name that made it appear to be part of Google Docs. If you want to read more, check out this article.
If you clicked on the link to go to the document, you were sent to what looked like a login screen which then asked to go give rights to your contacts and your Gmail account. If you gave the app those rights, it would then send out a share to all of your contacts, inviting them to view a Google Doc that you were supposedly sharing with them.
The good news is that the App was pretty harmless. It did not do anything beyond sending out a share notice to your contacts. Google has also now shut down the app in question and removed any rights that you may have inadvertently given to your account.
Some people have requested password changes or that we scan your computer for malware as a result of this attack. We are happy to change your password if you like, but there is no evidence that this attack ever got access to any passwords, nor did it ever access your computer.
Going forward, if you ever see anything asking for rights to your account, that should be a big red flag that something is wrong. There are occasional apps that might require such rights. For example, if you connected MS Outlook to your Gmail, it would request such rights. But if you ever have any questions about rights being given, be sure to contact the Help Desk so we can take a closer look.
Subscribe to:
Posts (Atom)