Archive for May, 2017

WannaCry – How can I protect my business against the next attack?

May 18th, 2017

Consider these facts:

  • Ransomware attacks doubled in 2015.
  • The FBI estimated that ransomware would net criminals $1 billion in 2016.
  • And it may be worse in 2017.

The latest Ransomware is called WannaCry, and more than 230,000 computers in 150 countries have been affected, locking people out of their data and demanding they pay a ransom or lose everything. Victims include hospitals, banks, telecommunications companies, and warehouses.

How do I protect my machine?

If you’re running a Windows PC, make sure all your software is up-to-date. Also, don’t open suspicious emails, click on links or open any files you weren’t expecting.

How can I protect my business against the next attack?

  1. Apply Windows Patches when they come out. For example, in March, Microsoft released a security update which addressed the vulnerability from
  2. Make sure your business uses a good Antivirus that is kept up-to-date.
  3. Those who have Windows Update enabled are usually protected against most attacks.
  4. Update your Windows Operating System to the latest Windows 10
  5. Have backups for all your business files. (off-site backups are even better)
  6. Secure your business by moving to a Data Center with a plan to get updates and backups automatically done for you.

Connecticut Sees Few Data Centers

May 10th, 2017

As the digital age gives way to more and more users demanding fast, powerful and reliable computing, the business of commercial data centers is benefiting from that surge.

The facilities are the backbone of data-driven industries like finance, technology and government. More recently, they have become known for being the underlying apparatuses behind high-frequency trading, the focus of the latest book by journalist Michael Lewis and the talk of Wall Street last week. By strategically placing their servers in the same data centers used by exchanges like the New York Stock Exchange, high-frequency traders receive market information milliseconds faster than average investors. Known as co-location, the practice more broadly (and benignly) refers to businesses renting space under a shared roof for servers and other hardware.

All told, there are 2,651 colocation centers in the United States, according to Datacenters.com, a website that tracks the growth of data centers across the globe. About 20 percent, or 555, can be found in the Northeast. Within the region, New York leads the way with 188 data centers, followed by New Jersey with 100. Further north, Massachusetts has 96.

Connecticut trails behind with only 17 colocation data centers, a surprisingly small number given Fairfield County’s position in the financial services industry, and the number of mid-sized companies that would rather co-locate than build their own data centers.

The Computer Company’s Data Center is unique.

The Computer Company’s data center with a SSAE16 Type II, stands out from other data centers. (Formerly called SAS 70 Type II Certification)

SSAE16 Type II, (formerly SAS 70 Type II Certification) is a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA).  By obtaining a SSAE16 Type II, (formerly SAS 70 Type II Certification) an auditor is attesting that an organization underwent a thorough examination process which audited their control objectives (the IT functions that protect the confidentiality, integrity and availability of data).

How can you be sure the data center that is storing your critical information is providing the necessary controls to safeguard that data? We live in a global economy with fierce competition. A SSAE16 Type II, (formerly SAS 70 Type II Certification) is one method of ensuring best practices are implemented to comply with industry standards.

A consistent supply of power is critical to Data Center operations. We provide this power to independently control uninterruptible power supplies that provide conditioned power to individual racks. The main power is backed up by a natural gas generator fed from a multi-million gallon storage facility located within 1 mile of our facility. In essence, the generator can provide power to the Data Center indefinitely.

  • The Computer Company’s Data Center is protected by video surveillance which provides 24×7 monitoring of both the interior and exterior of the facility.
  • Includes a security-vestibule (man-trap) prevents unauthorized access to the Data Center floor, and card-key and biometrics provide authorization and authentication.
  • The facility also employs modern environmental controls and FM 200 fire suppression system.
  • The Computer Company’s top-of-the-line Data Center facility guarantees the power infrastructure that will keep your business up and running with high speed internet access that can handle any bandwidth.

Our Data Center customers consistently cite our hosting reliability, flexibility and responsiveness, and staff expertise as the reasons they prefer The Computer Company’s Data Center services.

Call us to find out more about how this service can benefit your business.

800.418.2358

Cromwell Location
15 Commerce Drive
Cromwell, CT 06416
860.635.0500

http://www.computercompany.net/DataCenter.htm

Email Attack Hits Google: What to Do if You Clicked

May 4th, 2017
Re-posted: This article is in the New York Times today.
By Nicole Perlroth, MAY 3, 2017

Google said it was investigating an email scam winding its way through inboxes across the country and had disabled the accounts responsible for the spam.

The scheme emerged Wednesday afternoon, when spammers dispatched malicious email, appearing to come from people the recipients knew, beckoning them to click on what appeared to be a shared Google document.

Recipients who clicked on the links were prompted to give the sender access to their Google contact lists and Google Drive. In the process, victims allowed spammers to raid their contact lists and send even more email.

“We are investigating a phishing email that appears as Google Docs,” Google said statement posted on Twitter. “We encourage you to not click through and report as phishing within Gmail.”

It is not clear who created the spam email or how many people it has affected.

In a second statement, on Wednesday evening, Google said that it had disabled the accounts responsible for the spam, updated its systems to block it and was working on ways to prevent such an attack from recurring.

A screen shot of an email received by a New York Times reporter on Wednesday that included a link that appeared to be for a Google document. (Identifying information has been redacted.)

If you receive suspicious email, here are some tips:

1. Do not click, even when the email is from your mother.

Even when you receive links from trusted contacts, be careful what you click. Spammers, cybercriminals and, increasingly, nation-state spies are resorting to basic email attacks, known as spear phishing, which bait victims into clicking on links that download malicious software, or lure them into turning over their user names and passwords.

A quarter of phishing attacks studied last year by Verizon were found to be nation-state spies trying to gain entry into their target’s inboxes, up from the 9 percent of attacks reported in 2016.

In this case, the malicious emails all appeared to come from a contact, but were actually from the address “hhhhhhhhhhhhhhhh@mailinator.com” with recipients BCCed.

2. Turn on multifactor authentication.

Google and most other email, social media and banking services offer customers the ability to turn on multifactor authentication. Use it. When you log in from an unrecognized computer, the service will prompt you to enter a one-time code texted to your phone. It is the most basic way to prevent hackers from breaking into your accounts with a stolen password.

3. Shut it down.

If you accidentally clicked on the Google phishing attack and gave spammers third-party access to your Google account, you can revoke their access by following these steps:

Go to https://myaccount.google.com/permissions

Revoke access to “Google Docs” (the app will have access to contacts and drive).

4. Change your passwords … again.

If you’ve been phished, change your passwords to something you have never used before. Ideally, your passwords should be long and should not be words that could be found in a dictionary. The first things hackers do when breaking into a site is use computer programs that will try every word in the dictionary. Your email account is a ripe target for hackers because your inbox is the key to resetting the passwords of, and potentially breaking into, dozens of other accounts.

Make your password long and distinctive. Security specialists advise creating anagrams based on song lyrics, movie quotations or sayings. For example, “The Godfather” movie quotation “Leave the gun. Take the cannoli,” becomes LtG,tTcannol1.

5. Report it.

Report any phishing attacks to Google by clicking the downward arrow at the top right of your inbox and selecting “Report Phishing.” Companies count on those reports to investigate such scams and stop them.

If you need help or think you may have this Google Attack, call us immediately.