What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Bolingbrook, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
How A Third-Party Data Breach Impacts Cybersecurity At Your Business Aug 05, 2019
With the average American adult maintaining over 130 different accounts online, the risk of a data breach or data being stolen continues to grow. Between social media, financials, productivity applications, email, business applications, online shopping and countless other accounts online, your “online life” becomes more and more a part of your day to day physical life as time passes.
As more of our lives and data are shared online, criminals are focused on breaking into these databases to steal the valuable info they hold:
- Personal Info such as name, address, dates of birth, social security numbers etc.
- Financial information such as bank info, credit cards etc.
- Social Information on social media accounts
This is a real problem facing consumers globally but the impacts span beyond individual damages and stolen identities (though, those damages are bad enough).
When a criminal steals your password, or the password of a coworker, chances are – they’ve gained access to many pieces of your “online life”.
Here’s an example to illustrate how a third party data breach can lead a criminal back to your business.
Your HR manager helps book travel for employees at the business. He set up a business account at a national hotel chain to book rooms for whatever the business travel needs are. The hotel chain’s database suffers a breach and cybercriminals steal thousands of email/password combos including your HR manager’s credentials.
Your HR manager used the same password he uses for all kinds of sites online when he created the login at the hotel company site. This means that the criminals who have this breached data, now have access to your payroll software, servers and all the other things your HR manager interacts with.
The criminals either use this data themselves or take it to the Dark Web to sell for a few dollars (password/email combinations go for $3-$5 on average on the Dark Web).
Breaches like these happen daily and criminals use the information they steal to do as much damage as they can.
This creates a unique problem for business owners and managers because what can you possibly do to protect yourself from a data breach happening at a hotel chain or some other account online?
Things get even trickier when the average span of time between a data breach and disclosure to the public reaches 15 months. Meaning, criminals have a 15-month head start to get to your business and do damage before your are notified on the 5 o’clock news or your social media feed.
So, how can you defend against this kind of thing?
First, implement a password policy at your business:
- Strong Passwords Required
- Change Passwords Regularly (90 days minimum)
- Dual Authentication
- Lockout Procedures
Second, roll out a password management tool across your organization.
As mentioned earlier, the average adult in America manages over 130 accounts online. It is no wonder that we have a hard time creating strong and unique passwords for each of those accounts. It would be nearly impossible to remember all of that without writing things down – which isn’t secure.
To bridge the gap between security and memory, implement a password management tool. Look for something that is encrypted, secure and be sure to consider mobile capabilities. We recommend LastPass as a great option to start.
Third, invest in Dark Web Monitoring
Dark Web Monitoring is still a newer service offered to businesses and professionals. This is a monitoring solution designed to scrub different areas of the Dark Web (chatrooms, discussion boards etc.) for data connected to your domain.
If we apply Dark Web Monitoring to the example above with the HR Manager for instance – when the criminals stole data from the hotel chain and went to sell/share it on the Dark Web, the monitoring tool would identify your IT company to have the HR manager change passwords. That way, the criminals have useless data and you are protected well before you learn about the breach 15 months later.
The post How A Third-Party Data Breach Impacts Cybersecurity At Your Business appeared first on Andromeda Technology Solutions.3 Critical Steps You MUST Take To Avoid Ransomware Feb 28, 2020
Ransomware usually takes advantage of outdated patches and software licenses. Infected computers and business owners risked losing critical data if they didn’t pay the ransom.
While the specifics of future cyber security attacks are uncertain, we know some things for sure. Proper protocol is CRITICAL for data security and the safety of your business.
Ransomware: The Numbers **
- Almost 50% of Small Businesses have experienced some form of cyber attack
- MORE than 70% of attacks target Small Business
- As many as 60% of small businesses that experience a data breach go out of business within 6 months.
These numbers are scary. Cyber security demands the attention of business owners globally and the efforts of hackers/cyber criminals are only increasing. These criminals want your money and they don’t care about the damage left behind.
That being said, there is hope and there are measures you can take to prevent your business from becoming a victim of ransomware.
3 Security Protocols You MUST Implement Immediately For The Safety Of Your Data, Your Business AND Your Wallet . . .
- Update ALL Microsoft Licenses & Maintain Up To Date Security Patching –Cyber criminals are no dummies. WannaCry and other viruses like it take advantage of out of date licenses. Too often, business owners sacrifice the security of their network because they don’t want to go through the grief of updating to the latest Microsoft License. Andromeda recommends updating ALL PC’s to Windows 10 and, more importantly, make sure you perform regular patch and security updates.
- Test & Verify ALL Data Backups – When is the last time you tested and verified your backups? Are you backing up your data at all? How long would it take your current IT provider to get you back up in running in the event of a disaster (virtualization time)? It is a FACT . . . you will be hit by some form of ransomware, malware or virus. The real question becomes, do you have the protocols in place to defend and beat the attack? One of the most important things you can do to safeguard yourself is perform regular backups. (We recommend daily at a minimum). A cybercriminal can’t hold your data hostage if you follow this simple practice. AND – don’t accept a verbal confirmation your data continuously remains backed up as proof. Your IT partner should provide you regular, real time, proof that your data is backed up securely and that it can be visualized in an agreed upon length of time. If your IT provider can’t give these stats and proofs to you, time to find a new partner.
- Educate Your Team On How These Attacks Work And Where They Come From – Every office has that one employee that will click on ANYTHING (hopefully it isn’t you). Continued education is one of the first lines of defense against these attacks. Employees should know:
- What to look out for
- What phishing scams look like
- What to do when they suspect an email or link is suspect
- NEVER to check personal email at work
Proper spam filters set by your IT group should prevent the majority of these emails from getting to your inbox. However, it only takes ONE CLICK and an entire network is infected before you know what happened.
Ransomware Prevention constantly changing, be sure to stay on top of newest trends
When all is said and done, cyber security is an everyday battle. Hackers and criminals will keep attacking until you don’t have something they want. These 3 Security protocols are only the tip of the iceberg and should be part of a multiphase approach implemented by your internal staff and your IT partner. If you have any questions, please reach out to a representative at Andromeda today.
**Statistics sourced from the National Cyber Security Alliance
The post 3 Critical Steps You MUST Take To Avoid Ransomware appeared first on Andromeda Technology Solutions.New Powerful Malware Is Targeting Windows-Based Machines Jul 07, 2020
Researchers have discovered a devilishly clever new stain of malware currently in use by hackers around the world. The new strain is appropriately called "Lucifer," and has been making life quite difficult for IT professionals managing Windows environments.
The malware exploits critical vulnerabilities in Windows-based systems to launch DDoS attacks and install cryptojacking code.
The latest version (2.0) of the code was discovered by researchers Durgesh Sangvikar, Zhibin Zhang, Chris Navarrete, and Ken Hsu, on May 29, 2020. They discovered it while investigating the exploit of CVE-2019-9081, which is a deserialization bug in Laravel Framework that can be used to conduct RCE (Remote Code Execution) attacks.
Their research revealed that CVE-2019-9081 is just one of many critical security flaws Lucifer exploits, including:
Few malware strains incorporate code designed to exploit so many different security flaws, which makes Lucifer a serious threat indeed.
If there's a silver lining to be found, it is in the fact that all of these flaws have already been addressed via patches. So it comes down to making sure your software is up to date and running the latest and greatest security patches. The researchers who discovered it say that there are ongoing campaigns that are currently wreaking havoc on un-patched systems and urge all system admins to make sure the software they're running is patched as soon as possible.
In practice, Lucifer 2.0 works by scanning for open TCP ports 135 (RPC) and 1433 (MSSQL). When it finds a potential target, it will use credential-stuffing attacks to gain access to the targeted system. Once it gains a foothold, it installs XMRig, which is a program used to covertly mine Monero (XMR) cryptocurrency. Additionally, the malware connects to a command and control server where it can receive additional instructions.
As we said, it's a serious piece of work and not to be taken lightly.