Monthly Archives

March 2021

Microsoft Exchange Server cyberattacks: who is behind it and why are they attacking?

By | Uncategorized | No Comments

A wave of data breaches and cyberattacks began in early 2021 when four zero-day vulnerabilities were found in Microsoft Exchange on-premises servers. These vulnerabilities meant that hackers had access to user credentials connected to network devices. As well as, admin privileges on servers affected by the zero-day exploits.

Typically, attackers install something called a ‘backdoor’, which is a covert way of bypassing encryption or authentication. With a ‘backdoor’, attackers can access impacted servers after updates to fix the exploits.

Why Microsoft Exchange?

Microsoft Exchange is seen as a good target for attackers who want to get into business networks. Microsoft says that their email server software is unique in its environment as hackers can carry out a multitude of tasks using the same scripts or tools that admin use for maintenance. “Credential stuffing” is the assumption numerous users will recycle passwords and usernames across an array of services.

Once attackers log in as a user; they perform actions that allow them to remotely connect to the server, assume the role of administrators with said privileges. With administrator rights, hackers can upload code to create a ‘backdoor’ so that they will have continued access. Even if patches are downloaded to protect Exchange servers, they won’t retroactively remove any installed ‘backdoors’. This means hackers can still access the server until these, and any additional user accounts are removed.

 Who are the hackers?

Microsoft says that the original attackers were Hafnium, a group they say operates out of China. It is a cyber-espionage hacking group, often referred to as an APT (an advanced persistent threat). This type of group is often a state-sponsored, stealthy actor that goes undetected for a long time. Hafnium has alleged ties with the Chinese government, but they have denied all responsibility for this recent Microsoft Exchange breach. Microsoft has described this group as “highly skilled and sophisticated.”

Although Hafnium was the first hacking group to exploit the vulnerabilities, there are now thought to be over 10 different groups with each using a different style and procedures.

Who is vulnerable to attack?

Microsoft confirmed that their Exchange Server versions for 2010, 2013, 2016, and 2019 are susceptible. All cloud-based services like Office 365 and Microsoft Exchange Online are not affected.

So far, estimates suggest 250,000 servers have been attacked; including small or medium businesses, local governments and local institutions across the globe. These are the main victims of the attacks because they don’t have the necessary expertise to resolve cyberattacks.

Tom Burt of Microsoft wrote in a blog post that victims had included law offices, defense contractors, disease researchers, non-governmental organizations, think tanks, and universities. Other known victims include local governments and schools.

Latest developments

On March 12th Microsoft Security Intelligence announced that a ransomware called ‘DearCry’ was being used on the first servers infected. This made the servers unusable unless a payment was made to recover the files. Microsoft has said, however, that paying such a ransom won’t guarantee you access to the files.

What businesses and organizations should do?

There are several steps that can secure your Exchange server; a list of which is detailed in this blog post. Essentially, organizations at risk need to take the necessary precautions, ie downloading Microsoft patches.  But they should also scan all networks for any threats and potential compromises. The most targeted countries currently are German, the UK and the US. Contact us for your cybersecurity concerns.

Meet AI: Your Newest Co-Worker

By | Uncategorized | No Comments

When it comes to hiring new staff, it’s important that you choose the right person for the job. But what if the right person for the job isn’t a person at all, but instead, an IT solution? Artificial intelligence offers many benefits for businesses, now, and into the future. Just one of these benefits is bypassing the hiring process. Before purchasing your AI solution, it’s important that all businesses consider the benefits and drawbacks of artificial intelligence. When looking to optimize your IT management, a quick Google search for the best “automated small business solutions” will lead you in the right direction. Then you can focus the search to your specific industry.

Let’s take a look at what Artificial Intelligence is and how it might benefit us.

Artificial Intelligence: A Brief History

Artificial intelligence is a recent development with only the first two stages widely rolled out for business support: narrow and general AI, which provide a highly specialized and broader range of support respectively. The final stage of artificial intelligence is super-intelligence, which is characterized by AI programs developed to be capable of self-thought. This level of AI is still a long way off, though, and modern AI systems are a little simpler. With that being said, the simpler nature of modern AI is a benefit in and of itself. It means that small and large businesses alike may be able to implement AI into their existing business networks easily and efficiently. And that means that better control of your budget, and profit growth should be the end result.

How did AI originate? During the 1990s, toy manufacturers were one the first industries to use AI. Popular AI toys were early versions of robots, with the Furby being arguably the most well-known. Sony also created their own artificial intelligence robotic dog that was capable of memorizing up to one hundred commands. These creations would pave the way for future AI developments in the decades to follow.

How AI Can be Used by Businesses

There are many ways in which businesses can make use of the benefits of artificial intelligence solutions. Research AI developments in your field. It’s important that your business knows how to make use of AI to the best effect.

During the Hiring Process

Artificial intelligence can be a huge benefit for small businesses wanting to make the process of hiring new staff easier. During the hiring cycle, Artificial Intelligence can be used in many different ways to streamline the task because of its ability to learn your company’s processes.

AI is an effective tool to enhance the application process for new employees. Particularly in terms of automatic chats that can provide applicants with immediate help and support.

It can also help with screening applicants. AI can categorize applicants based on their skills, experience, qualifications, and whatever parameters you set. Automatically screening applicants is beneficial for small businesses who are overwhelmed with applications for a specific job posting. Then, the business can quickly find applicants who are a good fit for the job. That translates into saving a great deal of time, and money.

It’s worth noting that artificial intelligence can be useful even after candidates have been selected. You can use AI to contact applicants and arrange interview times with them. It also provides them with answers that they may have to questions about your company. Some advanced AI software can even analyze facial expressions, tone of voice, and the like for participants which can help to provide a clear view of the applicant’s suitability for the job role.

To Support Your Employees

Artificial intelligence is a highly diverse and useful IT solution for businesses to consider investing in. More and more people are looking for business IT support companies near them to help with installing AI. Employees can utilize this new technology to support their day-to-day activities.  Additionally, employees can use AI to streamline automated processes to improve work productivity and affordability.

For Your Customers

Finally, artificial intelligence can provide an affordable option for your small business in terms of supporting customers. This is particularly the case for chatbox. You can use Artificial Intelligence to engage your clients and provide them with instant responses to their queries, without the huge expense of hiring a 24/7 in-house team. This can represent massive savings for your business and help boost customer satisfaction.

Don’t Rely Solely on AI!

Artificial intelligence options are some of the fastest evolving IT solutions for business networks, however, they are not perfect and need a team of human workers behind them to keep them working effectively. Always make sure that you check your AI is providing the results that you want; in doing so, you’ll be able to balance the cost-saving nature of artificial intelligence with the personal touch that human staff can provide.

In turn, your customers will be able to enjoy an incomparable service overall, making AI solutions potentially a great investment for your small business. To learn more, contact us to see if AI could be right for you.

Microsoft Exchange Server Vulnerabilities

By | Uncategorized | No Comments

As business owners, we are all keenly aware of how integral technology is in every industry these days. We have heard countless times how technology helps drive innovation and growth, improves communication in the organization, and increases your advantage over the competition. As a warning, new technology still has vulnerabilities. Recently, new security flaws were discovered on Microsoft Exchange Servers. That’s why we are running this blog: as a warning to anyone running Microsoft Exchange Servers. 

Your Microsoft Exchange Server may be Vulnerable to Attack 

We’re acutely aware of how many small businesses rely on these servers to augment their IT departments. And this means many small businesses are at risk. More than 60,000 companies and organizations have been compromised. This is a world-wide threat. Chinese hackers are confirmed at attacking and exploiting vulnerabilities in on-premise servers. Something to pay attention to is, if you’re running Microsoft Exchange ’13, ’16, or ’19 on-site, these were the servers that were vulnerable to attack. 

Attacks and Hacks 

In January, Microsoft was made aware of what were labeled ‘zero-day’ bugs. These bugs are flaws that we are aware of, but have not yet been addressed. As these weak spots are uncovered, there is a high probability of attacks and breaches. This means they’re highly dangerous for organizations and businesses that hold sensitive data. On March 2nd, Microsoft released updates to repair the zero-day bugs and said that there had only been a limited number of targeted attacks. Despite these fixes and patches, there is still a huge potential for attacks on individual Exchange Servers. This threat is due to the awareness and speed of the patch installation. This means the number of victims grows as more and more hackers continue to target un-patched systems. 

Who is behind these Hacks? 

Microsoft initially reported that their zero-day vulnerabilities were exploited by Hafnium, a Chinese APT group that is state-sponsored. The group achieved the hacks by using zero-day vulnerabilities to gain access to Exchange servers. As a result, hackers can access email accounts and install malware. These attacks create long-term access for future breaches. 

Hafnium has a reputation for targeting US entities in different sectors. Some of these attacks included NGOs, policy think tanks, defense contractors, higher education institutions, law firms, and infectious disease research facilities. Previously, the group compromised victims through the exploitation of internet-facing server vulnerabilities. Hafnium has used open-source frameworks such as Covenant, a legitimate piece of software, for control of the servers. After gaining access to the victim’s network, the group usually uploads the stolen data to a file-sharing site. 

Currently, Hafnium is often unsuccessful in its attempts to compromise customers’ accounts. Unfortunately, this doesn’t make the problem any less serious. You have to be aware that they are trying new attacks every day. Usually, if hackers want to find a way in, they will. 

Other Group Threats  

Since the initial hacking by Hafnium, other groups have exploited the flaws in MS Exchange Servers. A report was published declaring at least 10 groups that are hunting down un-patched servers. 

When Will we be Safe? 

According to DIVD (the Dutch Institute for Vulnerability Disclosure), there are thought to be at least 46,000 un-patched servers still running that are at risk of being heavily exploited. Current estimates are that up to 40% of Exchange servers in the Netherlands are still open to attack. 

Protect Your Business! 

Check to see if your business uses Microsoft Exchange Servers. If you do, or if you’re not sure, keep reading. If you know you haven’t updated your Exchange Server recently, there are some things you should do immediately. First of all, passwords that are sitting in memory could be vulnerable. You should immediately reset all passwords. Next, run the latest patch for your system. As a safety measure, you might want to change your passwords after you run the patch. What this means is, when breaches like this occur, you can’t be too safe. 

Steps to Secure Your Server 

There are several things you can do to enhance your protection: 

  1. Patch your system with Microsoft updates. 
  1. Reset all passwords and change all credentials. 
  1. Double-check your backup device. Is the repository ok? Have you tested it? 
  1. Verify your router. You should also check your security with your vendor. Ask them when they last updated their signatures. 
  1. Scan for and investigate any malicious activities on your Exchange servers. 
  1. And finally, if you are unsure about your network’s safety, restore your Exchange server to a time before the compromises occurred. 

 

If you are not sure what kind of servers you are using, or you need help running the update patch, that’s what we’re here for. We are happy to help you figure out if you’re at risk from this threat. To help you ease your mind, contact us today! 

 

Cloud Workforce Security

By | Uncategorized | No Comments

When it comes to working remotely, making use of the most up-to-date and high-quality cloud infrastructure and cloud computing services is very important. Cloud computing offers a number of options for business profitability, and a huge improvement for the ability to work remotely. However, you must have the right cybersecurity protocols and software in place to keep your network secure from hackers.

Let’s take a look at some of the security measures you should be aware of.

What is SASE?

First of all, you must know what the SASE cybersecurity software is. SASE is short for “secure access service edge”. It serves to help enhance business computer security when using cloud technology. By implementing SASE for your office network, you can safely access enhanced cybersecurity for your business data against hackers.

It is expected that, by 2040, as many as 40% of businesses – large and small alike – will have either integrated SASE with their current network cybersecurity approach or will be planning to. This is a drastic increase from the 1% of businesses that used SASE in 2018 upon its creation. This also highlights the fact that SASE will be a highly important form of computer security software in the coming years. Start asking about it now.

Why is SASE Important?

You might be wondering why additional cloud technology solutions are needed to protect your business data. There are a few different reasons as to why you might want to implement SASE technology for your servers, but the most obvious and important reason is for the enhanced security it offers.

Unfortunately, there are a few cloud computing companies and services that don’t offer the level of protection your business needs. Don’t be afraid to ask them questions you’re concerned about. Also, remember that we are here to help insure you make the best decisions for your needs. We research and check cloud providers to be sure the solutions they recommend are the most secure available.

It’s important to highlight that cloud computing services are highly reliable solutions and offer additional levels of protection against hackers for most businesses. However, hackers have been able to get around some security features installed by cloud companies. This warning highlights the need for extra IT security, such as that provided by SASE.

How SASE Works

SASE works by merging traditional wide-area networking (WAN) security solutions with other local network services. By using the best of different security approaches and configuring them into a single, cloud-delivered cybersecurity model, SASE allows business networks to benefit from the highest level of cybersecurity. This can be applied across all business devices, from office computers, desktops, and laptops to tablets used for on-the-go projects.

Tech solutions such as SASE are rapidly becoming more and more important. They are necessary to ensure that your business remain protected against the danger hackers can pose to data security. And, by enhancing your business’ cybersecurity while also integrating revolutionary cloud technology and architecture, you’ll be able to enjoy the best protection modern IT services have to offer.

Why Is Cyber Security So Important for my Small Business?

If you’ve ever found yourself searching for “small business IT services near me,” then it is highly likely that your business could also benefit from additional cybersecurity measures. Ensuring the safety of your servers is essential to have a good reputation with your customers and staff.

There are many different reasons why cybersecurity is so important for small and large businesses. Indeed, sometimes it can seem like information technology is changing and evolving at a rate faster than any of us can keep up with – so you must have the best protection in place to make sure your business network is safe.

  • Protect your customers’ and suppliers’ data: If your business falls victim to hackers, then your suppliers’ and customers’ data could be compromised. If hackers get access to this data, then you could find yourself with large lawsuits and fines. Which as a result are massively costly.
  • Customer confidence: Customer confidence is of the utmost importance in the modern trading environment. If your cybersecurity protocols are not up to scratch then you may lose customers out of fear of data loss. Therefore, having good cybersecurity is paramount if your business is to have loyal, trusting customers.
  • Business reputation: To follow up from the last point, if your business has poor cybersecurity solutions in place then you will possibly have a poor business reputation as well. This, in turn, may negatively impact your business in numerous ways, including lost sales and lost revenue. Certainly, this is something that no business wants to experience. The slight cost of investing in good cybersecurity for your business network will be more than paid for by the increased revenue from loyal, trusting customers.

Find the Right IT Consultants Today!

If you aren’t sure how SASE can benefit your business, our team of professional IT consultants are here to help! We can help with all aspects of your managed IT services and IT solutions.

After all, you have a business to run. Let us handle the information technology solutions while you do what you do best! For more information on how our team can help your business grow and thrive, contact us today to learn more!

Computing in the Cloud

By | Uncategorized | No Comments

Keeping your business network safe and secure is essential. Virtual offices and cloud services can be smart ways to keep your data safe. However, many people do not understand the benefits that investing in virtual offices can have. Today we will be looking at what confidential computing is and how investing in the right computing strategies – with help from your managed service provider – can help your business network achieve safe cybersecurity thanks to cloud solutions.

Why Confidential Computing is So Important

When it comes to protecting your business network from hackers, you must have the right cybersecurity software in place. Information technology is an integral part of our lives these days. Still, a few businesses operate without some influence from IT service providers. That can put them at risk of getting hacked.

Confidential computing helps to prevent this from happening. In turn, this can help your business protect your, and your customer’s valuable data. Currently, more and more people are turning to managed IT services and cloud infrastructure and their solutions. Let’s take a look at some of the benefits of migrating to the cloud.

Benefits of Cloud Infrastructure for Business IT Solutions

There are many potential benefits for your business when choosing a virtual office or cloud solution services. As such, you must consider these cloud architecture benefits carefully before deciding whether or not to make the switch. However, changing to a cloud-based network could be a smart move for your business.

Some of the key benefits to moving to the cloud are:

  1. Scalability
  2. Enhanced Security
  3. Lower Hardware Costs
  4. Greater Flexibility for Employees
  5. Easier Remote Access
  6. Automatic Data Back-up
  7. Lower Maintenance Costs

If you decide to switch over, we highly recommend that you do so with the support of a cloud computing company that can provide you with the best security possible. By doing so, you can be confident that appropriate firewalls, virus protection, and back-up disaster recovery steps are taken to protect your data. Let’s take a deeper look at five things that add value to moving to the cloud.

Cost-Effective Solution

Cloud infrastructure can offer a highly cost-effective solution for many businesses. These savings are obtained by not having to purchase any high-tech office equipment yourself. Rather, you can “hire” cloud servers, thereby cutting the costs of hosting your business’ IT network. There are many cloud storage providers on the market now, giving small businesses plenty of choices when looking for an affordable cloud storage plan.

Data Back-up Disaster Recovery

Another key benefit of most cloud computing services is that they offer data back-up disaster recovery, or BDR, services. That means you can rest easy knowing that your data is secure and backed-up if it should be compromised. That can be a highly time-consuming activity to do with non-cloud business networks.

Practicality

An important benefit of choosing cloud computing services is that the cloud offering is very practical for most businesses. But why is this?

When you choose cloud solutions for your business’ computing needs, you can enjoy having access to company files and data from wherever you might happen to be. That means you can easily access information and files while out working in the field. This feature can also make it easier for your employees to access the system when they need to. As your managed service provider, we’d have access to carry out the necessary work on your network to keep it working effectively and securely.

Fast Speed

It is accepted that most cloud computing companies offer services that provide fast and efficient services. That is in comparison to some physical systems that can take a lot longer to load. It seems like a good business move. After all, time is money!

Unlimited Storage Capacity!

That is arguably the biggest (and most obvious) benefit of choosing cloud computing services and cloud storage providers. Having access to the cloud gives your business the potential to enjoy unlimited storage capacity – which, in turn, can allow you to keep more records with greater amounts of detail. All while saving money on expensive physical storage options.

Is Cloud Computing Secure?

Understandably, many people are unsure about the cloud infrastructure and cloud solutions being safe and reliable. However, it’s important to remember that cloud technologies are highly advanced and provide a high level of support and protection for your data. After all, with many corporations and even governmental bodies using these cloud networks, it’s of the utmost importance that cloud computing services are secure.

That is why you must choose the right Cloud provider for your business technology needs.

Get Professional Managed IT Services Today!

If your business can benefit from joining the cloud, then you must have professional support while making the change. Fortunately, our team of information technology experts understands cloud computing. As such, we are here to help you switch your business servers to cloud solutions, giving you the chance to enjoy all the benefits listed above (and more!)

To learn more about cloud computing services and how cloud solutions could benefit your business, don’t delay, contact our IT management team today to find out more! We’re here to help you find the perfect IT solutions that help your business grow.

 

Password Theft – How Protected Is Your Business?

By | Uncategorized | No Comments

Security has been a concern with the internet since its inception. Anyone who remembers the early days of the internet will remember how easy it was to cause fairly significant trouble. Employees left passwords in plain sight. There wasn’t anything in the way of certificates, computer identification, or anything else to ensure password safety. With these vulnerabilities, it inevitably results in password theft.

Back then, there was no such thing as a secure connection. Even the banking systems were incredibly vulnerable. Luckily, these cracks in the system didn’t result in many newsworthy meltdowns because there weren’t enough tech-savvy criminals to take advantage of them. Modern-day hackers could have done a lot of damage back then.

Since then, we’ve seen some significant cases of password and identity theft. The PSN fiasco with Sony is a recent example. Thousands upon thousands of users had their credit card numbers, passwords, and personal information stolen and sold off by Chinese hackers. Yet this could have been entirely avoidable. Had Sony prioritized two-step authentication (2FA), and better security protocols it wouldn’t have happened.

That was an attack on servers, which is hard to pull off when the servers are set-up properly. It usually involves either a brute force attack into the servers or finding an unknown exploit in the back door. In other words, it requires either bashing the front door open or finding an unlocked window. Smart businesses make sure their front doors are strong and their windows are locked!

Most password and identity theft won’t happen through this sort of invasion. Like a large city, the internet has its safer and more questionable neighborhoods. There are also neighborhoods nobody in their right mind should be going anywhere near. Let’s take a walk around these neighborhoods and point out some of the risks.

How Hackers Steal Passwords and Personal Information

To steal passwords and other valuable information, Phishing is one of the most common types of cyberattacks. Hackers will send out emails containing malicious links to as many users as possible. That link takes users to a bogus, or spoofed site, and tricks them into giving out their private information.

Once hackers acquire this information, they will attempt to break into as many business and personal accounts as possible. And if they gain access to those accounts, it’s only a matter of time before data is stolen or access to those accounts is lost.

SSL and HTTPS are security measures that provide certificate management to ensure foreign devices are not connecting to your account. They provide strong ciphers that prevent intercepted packets from being dismantled. It’s the equivalent of only allowing certain phones to dial into yours, and scrambling the voice on both ends so wiretaps can’t understand the conversation.

Unfortunately, people have the bad habit of accessing sensitive information over public Wi-Fi. Even with SSL enabled, public Wi-Fi can be very dangerous. Shady people can access your Wi-Fi transmissions without you knowing it. With enough hard work, they can collect your passwords, your personal information and even gain access to your devices. Once they’re in, you are in a lot of trouble.

Another culprit is a lack of strong security on your computer or laptop. Without Windows defender or a third-party equivalent running in strict mode, you may allow sneaky executables to run in the background. These can log keystrokes, spy on your browser, go through your cache, and much more.

 

Knowing the Neighborhood is Important

Your first line of defense as a user against password and identity theft is to ensure that you only enter passwords and personal information into websites with the proper security in place. 2FA logins are currently the safest way to log in. And second, never enter private information over public Wi-Fi. This warning goes for your phone too.

When using a business device, you should avoid lesser-known sites, such as aggregate sites, fan-based websites, and other nonprofessional web sites. If you want to purchase something on noncommercial websites, make sure the exchange is through a safe, insured, and secure environment.

Finally, while at work, stay off the dark web entirely.

What If I am Compromised?

If you are compromised, report it to your IT department or Managed Service Provider immediately. If possible, back-up your hard drives. Report your credit cards as stolen, and talk to your bank. Later on, if you see fraudulent transactions on your account, debit, or credit cards, contest them immediately,

Once you have your system backed up and running, go through all of your old accounts and change every password. You may also want to change your mobile phone number. Hackers can sell that information too.

In the end, identity theft and password theft are usually the user’s error in judgment. Most employees don’t learn proper security measures, and they’re too trusting. It is important to teach everyone in your office proper password hygiene and basic security protocol. They need to know the rules of safety on the internet, and not be trusting of unknown people they come in contact with.

Sadly, because of these threats, we do have to worry about security and privacy. Like any other innovation, the internet was a dangerous place upon arrival. It’s a game between hackers and our security forces. If you’re smart, however, you can avoid these traps. Contact us today to ensure your data, passwords, and privacy are protected.