Category: Uncategorized

The recent upswing in viruses called “ransom ware”, which encrypt your data for money (as opposed to just deleting it for fun), is alarming. I believe it’s just a matter of time before imitators by the dozens will be cloaked as legitimate messages, begging to be clicked on. At ClickIT, we’ve definitely a lot of customers coming into the store with Cryptolocker lately.  Most have said to just wipe and reformat their infected computer, but one in particular was negatively effected, with hours of time and expense. (See last week’s blog.)

It is time, therefore, for everyone to get serious about cyber security.  How you start is by first writing down and then implementing a plan.  I have gathered links to useful information about cyber security, to help you get started:

http://www.healthit.gov/providers-professionals/cybersecurity

http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/secure_my_business/protect_your_network/index.html

Since I wrote this draft above which was never published (back in 2013), there has been a lot of realization by all of us with regard to security and how to combat it. Several industries have published and are starting to enforce “best practices” with regard to how companies use, store and distribute electronic information. At Click IT, to better address these needs, we have formed a division called “Click IT Compliance Services”.

More will follow about this soon, but the idea is to have a group of IT professional with their complete focus on compliance of information security and privacy policy rules.

How many times has something stopped working like it should?  If you manage an office, have computer problems disrupted your business when something breaks?  How do you get computer problems resolved?

In the computer repair business, there are essentially two basic service models: 1) Break-fix and 2) Managed services.

At ClickIT, we have a third service model. It’s basically a “hybrid” of the two we call “Hybrid Services”.  This is something a small business can easily afford and it certainly is justifiable.  I’ll briefly explain the standard service models below first, and then explain Hybrid Services.

Break-fix:

Most organizations have the philosophy, “Don’t fix it if it ain’t broke”, as the saying goes.  So if you’re like most, you won’t fix something if it seems to be working just fine.  Therefore, when something does stop working, for many in businesses that depend on computers, it can feel like a fire drill and is often very disruptive.

So in desperation, you go to the phone book (if you can’t get online) or Google and search “computer repair”, unless you have a regular tech.  You then explore your options by calling whomever, or whatever pops up on the page or screen  — anyone you can speak with to help you decide what to do and how to get the problem fixed.

This is why we call this the “break-fix service model” in our business.  It breaks, you bring it in and we fix it.   The problem with this method of maintaining your IT is that it obviously can get very expensive, fast.  Unexpected expenses are the enemy of any budget.  The worst thing is when it happens, it affects your cash flow, as we’ve heard many times.  This is why having a managed services plan in place is a better choice of the two service models.  However, is it affordable?  It is the classic battle of, “Pay me now or pay me later.”

Managed Services:

Large organizations can’t operate under this break-fix service model.  The risks associated with it do not make good business sense.  Managing preventable disruptions to a business is a necessity when the fluctuation of cash flow isn’t an issue.  Large organizations typically have a dedicated staff maintaining their computerized systems so if they do break unexpectedly, there is a plan in place to deal with it.  Every scenario is covered.  Preventative maintenance of computer systems and networks is the foundation of what’s referred to as “Managed Services”.  There are all sorts of different ways an organization like ClickIT provides managed services to organizations as an MSP (Managed Services Provider), who “outsource” this function.  A lot depends on many factors, such as the age of the appliances monitored and maintained, the make-up of that equipment, and the software and hardware maintenance plans in place.  Without getting too deeply involved in describing too much in a blog, I’ll just say that every MS (managed services) plan is unique in how it is designed and implemented.  For us as a business at ClickIT, taking on this degree of responsibility for a business, where they have “outsourced” to us their managed services work, it is a matter of reserving our skilled labor and scheduling their time.

So, to summarize the difference between these two standard IT services models, what happens when a computer breaks is preventative through a maintenance plan called “Managed Services”.  However, most small businesses can’t justify the expense of having a managed services plan in place because the charge is fixed, and paid monthly.  So they typically have their computer systems fixed only when they break.

Hybrid Services:

Like the term “hybrid-cloud”, which you may have heard about in the news, “hybrid services” is a combination of the two service models described above.  To describe this third service model simply, we put monitoring software on your devices (computers, services, laptops) and then warn you of a pending problem we see indicated through our connection with this software.  We charge a very nominal fee for this type of monitoring, and then tell you of something we see that could go wrong, if the issue is not addressed.  We then propose a solution, and you can either have us do the work, or get a second opinion.  There is no obligation.  This type of service is affordable and sensible, and any business can justify the monthly expense.

Obviously, a critical component in a computer is the hard drive where all the data is stored.  Hard drives have a signature that, like a heart beating, indicate their health.  We monitor this to see if there is an impending failure possibly coming soon, and then suggest a replacement.  Operating systems and software, along with Internet browsers, for instance, are changing constantly, and this requires that you download updates.  Many updates have to do with the prevention of viruses and worms invading your network, called “security vulnerabilities”.  Under a managed services contract ClickIT would do these updates; testing them ahead of actually installing them, because updates can break things and actually do quite often.

Instigating Hybrid Services lets our administrators provide the critical information needed to make intelligent decisions about how to keep systems operating smoothly and efficiently.  Through the use of specialized software, ClickIT can turn on many additional service features for customers to benefit from.  including the following:

In this world of IT cyber-wars and the fact that we’re so dependent on electronic systems, just about anything can go wrong.  Luckily today, we can monitor and manage just about anything.  For instance, watching over what employees are doing on your network has become crucial today.  Below is a list of optional features ClickIT can provide when setting up Hybrid Services for customers:

• Controlled access to the configuration and monitoring interface
• Monitor or block a connection in real time
• Monitor or block applications’ hidden downloads
• Action-based alerts
• Search engine keyword monitoring
• Support for virtual environments
• Whitelist and blocklist
• Policy exceptions
• HTTPS scanning
• Proxy caching
• Anonymization of personal data
• Delegated role-based access to UI and reports
• Local agents apply policies to roaming laptops and notebooks.

For more information or to sign up for our “hybrid preventative-maintenance services”, visit www.clickitco.com or call us at (440) 247-4998.

Republished from a previous posting on 4/12/2009:

According to www.lifelock.com, there are 180 identity thefts happening every minute. Think about that! Every 1/3rd of a second, someone’s identity is stolen. But with some very basic knowledge, you can reduce your risks.

One way criminals are stealing identities is by using emails that try to fool recipients into giving away their personal information. This style of crime is more common than ever and the crooks are getting smarter, so you need to get smarter too. Below, I tell you how to spot these illegitimate emails very easily and quickly.

A common purpose of phishing emails is to steal your credit card information. Phishing emails have become more dangerous lately because they have developed better disguises hiding their true purpose. Because you’re more likely to think they’re legitimate, phishing emails typically appear to come from banks or insurance companies. These are the most dangerous. As a general rule, you should always be skeptical and proceed with caution when you receive an unsolicited message appearing as if it came from a company you do business with.

The Hover Check:
When you get one of these types of emails, try performing this one simple test I call the “Hover Check”. In the questionable email, hold your mouse over the link that is provided to “update records”, for instance, without clicking it. The actual URL address should appear in a pop up. Examine this address to determine where it is truly going to take you if you did click on it. Remember, DON’T click on it. Just let your mouse rest over the link until the address pops up and then examine it. If it’s not going to the website of the company they’re claiming to be, the link is most likely dangerous and at the very least, an attempt to get your personal information.

Pay Attention to Sub Domains. Now if you don’t know what I’m talking about and know nothing about URLs and what to look for, here’s a quick lesson. Web pages begin with “http://”. They are followed by the domain name, such as “google.com”. The “www” which precedes a domain name is really a “sub domain”. “www” simply stands for world wide web, but sub domains can really be anything and more and more often are. Google for instance uses sub domains frequently, to give one the ability to direct requests to other web services they provide. For instance, for maps the URL address ishttp://maps.google.com. To search news, it’s http://news.google.com, and so forth. One thing most people don’t know is that you can have as many layers of sub domains as you want. For instance, http://key.com.hujgf.eu is not a Key Bank link. The domain name is really “hujgf.eu”, and so whoever controls this domain name controls the pages that display when you click on their links. Instead of .com being used as the extension, “eu” is used, which means it’s a European domain name. There are actually hundreds of domain name extensions. You probably know only the most common ones like .com, .net, .edu, .org, .info, etc. But nearly every country in the world has its own domain designation.

Another simple test when examining whether or not you’re on a legitimate page asking for personal information, is to see if the URL address starts with “https”, where the “s” indicates that it’s a secure page. As a rule, do not provide any personal information unless the page is secure as indicated by the address beginning with https.

What should you do with the email when you determine that it’s illegitimate?Certainly, you should delete it, but only after defining the email as spam. However, with most basic spam filters, if you define an email as spam you will be preventing legitimate notices from this business from getting messages through to you. Most phishing emails are sent with a legitimate email address as a part of their disguise. Our Systems Administrators here at iNamics know how to stop these emails in better ways from getting through. They define certain rules at higher levels of our spam filtration system that stop these emails without specifically saying to stop all emails coming from any particular email address, as many basic spam filters do. I suggest you notify your email administrator so they can work to prevent any other similar emails, once discovered, from getting through to you.

For more posts about this subject matter, go to WordPress.com.

Yesterday was one of the most stressful days I can remember for us at ClickIT computer repair.

A long-time customer, a lawyer in Chagrin, came to us on Monday with the Cryptolocker virus on her laptop.  It is a really bad worm that gets into your system when you open up a deceptive attachment to an e-mail. It encrypts and locks your data, and then says the only way to get it unlocked is to pay them.

This malware is commonly known as “extortion-ware” or “Ransomware” and has been around for years, except that now they really DO hold you hostage.  It’s the first virus of this type that we’ve only run into once before, but that’s because this strand is new.  In this case, if she didn’t pay $300 in 72 hours, the encrypted data would be lost.

The first customer we saw this with didn’t care much about the data on that computer, so we just wiped out the virus, cleaned it up and restored it to working order – without the data which was wiped out by Cryptolocker.  Our lawyer friend however was in a much different situation – the data on this laptop runs her entire business — and as she explained to me, if it was not recoverable, she “might as well close” her doors.

As a recently introduced virus, I myself had no experience with Cryptolocker, so I needed to do some research.  Our technicians on the other hand, had already done research on Crytolocker when it came into the store that first time.  They said it was “real”.  They said it was a real threat and not a “fake” threat, like the FBI virus.  In that case, we just clean the computer and it’s gone.  Well, I dug up some articles and sure enough, it’s very real.  The problem was, by the time we got the computer on Monday, valuable time had already slipped away, and we had just until 5 PM on Tuesday to get it taken care of.

We had to pay Cryptolocker $300 either by using Bitcoins or GreenDot, a prepaid debit card.

I got the call from a technician at ClickIT saying that the GreenDot card needs to be paid in cash ($300) and suggested I myself go to CVS where they’re sold.  They require cash for the GreenDot debit card at the register.  So I went to the bank, took out the cash and walked over to CVS in the Village.  This was after I stopped by and saw the customer to personally assure her that I was taking this virus on as a personal mission.

Now getting to use a GreenDot card, after you’ve purchased it at the store, requires that you set up an account online, where you must give away all sorts of personal information, including your social security number.  (I have a rule – never put your social security number in the hands of an online service you don’t personally know for certain is secure.)  We found a volunteer who allowed us to use his personal information, because when we tried to give the GreenDot system fake information, this card’s website didn’t accept it.  To make a long story short, this exercise of getting this card purchased and then registered online, took a good hour or two.  It wasn’t pretty.  Finally, we did get the debit card registered so we could use it, but when we were ready to unlock Cryptolocker, the GreenDot website told us that what we had was a “temporary” card and the real one would be mailed in three days. The temporary card could not be used for online purchases.  We had spent $300 and all this time for nothing.  Lesson learned.

The next alternative was to use bitcoins.  Now if you don’t know about bitcoins you should.  It is a digital means of trade that is a method to pay for things on the Internet.  You trade bitcoins like any currency, online.  You can learn more by going to http://bitcoin.org/en/.

The problem was, we didn’t have any bitcoins.  We ended up spending the rest of the afternoon calling friends we knew who had them, while trying to register at sites that accepted credit cards for purchasing bitcoins.  On both these fronts we failed.  Anyone we knew who had bitcoins only had incremental amounts, not the $300 required.  We needed to purchase 2 bitcoins for approximately $420, which was the going rate that fluctuates by the minute, depending on demand and supply – over $200 a piece now.  All the while we were seeing the time tick down by Cryptolocker. The problem we found was that once we got registered at a new bitcoin marketplace site, which was an arduous task in itself, the site either wouldn’t allow us to use a credit card – only a bank account, and would not deposit any purchased bitcoins for 7 days.  Crazy!   The one site we did find which would let us purchase the bitcoins for use immediately didn’t have any bitcoins “in stock”, so that too was a dead-end.  We learned through this exercise that the price of bitcoins was being bid up because of this virus.

Bottom line: We failed to meet the deadline set by Cryptolocker. We had about two hours left when we decided to implement plan B.  Plan B was to wipe out the virus and recover what we could.  We believed this process of cleaning the computer would lose about 3 weeks of data, best case.

Well today, after running all our tools, I will find out if we were able to recover as much of our customer’s data as we had hoped.

At ClickIT, I decided we would have on hand either bitcoins or a prepaid credit card, so that we would be able to use it in times of a ransonware emergency like this one.  So if you are unfortunate and get this nasty, expensive virus, you can come to ClickIT in Chagrin Falls and if the data is as important as this customer’s was, then we would have the means to pay the ransom on your behalf.

The way you combat this particularly nasty (and potentially expensive) virus is to be sure you have a “detachable” back-up program in place.  At ClickIT, we provide a drive-swap back-up, pick-up and delivery program for many merchants in the Village.  I highly recommend this for every business. On-line back-up solutions will not prevent this virus from locking out your data because it’s “connected”.  The best solution is ClickIT’s drive-swap program.

Call (440) 247-4998 to schedule an installation.

We’re giving a special discount to merchants in the Village of Chagrin Falls.  (See http://bit.ly/1cptrR7.)

If you want to learn more about this malware Cryptolocker, I’ve listed some recent links below:

1. Recent NBC Newscast Video: http://www.bing.com/videos/browse?mkt=en-us&vid=bc0ccc6d-312a-4c12-9278-6866b212f539&from=sharepermalink&src=v5:share:sharepermalink
2. http://m.computerworld.com/s/article/9243537/Cryptolocker_How_to_avoid_getting_infected_and_what_to_do_if_you_are_?mm_ref=http%3A%2F%2Fen.m.wikipedia.org%2Fwiki%2FCryptoLocker
3. http://www.today.com/money/nasty-new-malware-locks-your-files-forever-unless-you-pay-8C11511655?ocid=ansmsnbc11 
4. http://www.snopes.com/computer/virus/cryptolocker.asp
5. http://en.wikipedia.org/wiki/CryptoLocker