Loss Prevention

Ransomware is Wreaking Havoc on Small Cities

Lake City Florida.jpg

After last month’s ransomware attack that crippled the city of Baltimore, another series of attacks has costed two Florida towns over one million dollars combined in ransoms to regain control of their municipal computer systems. This is the latest in a worldwide epidemic of hackers extorting cities, villages, and townships for ransom money.

The first town affected was Riviera Beach, a suburb just north of Palm Beach. A small town with a population just over 35,000 is not what many people think would be the target of a highly sophisticated online attack, however, small towns are an increasingly attractive target for hackers.

The hackers got in after an employee at the police department clicked an infected link in a phishing email and were then able to shut down most of the cities systems including email, online utility payment, village payroll, and payments to city vendors. The city was able to recover only after paying the $600,000 ransom (in the form of Bitcoin) and spending almost a million dollars on technology upgrades.

Shortly after the attack on Riviera Beach, Lake City fell victim to a similar attack where the virus was introduced to their computer system via phishing email as well. Along with shutting down the cities email, utility payment and payroll, this group of hackers, believed to be separate from the Riviera Beach attack, shut down the cities police dispatch system, leaving them struggling to allocate police resources.

I would’ve never dreamed this could’ve happened, especially in a small town like this
— Lake City Mayor, Stephen Witt to Action News Jax

Jason Rebholz, a principal for Moxfive, a technology service firm, who tracks ransomware payments and has helped victims of similar attacks said, “The complexity and severity of these ransomware attacks just continues to increase.” The amount of money asked by hackers has increased tremendously in the last few years and is a testament to hackers sophisticated ability to target government agencies.

Cities and towns are not the only victims to the recent tidal wave of hacker using ransomware. In 2018 a virus disrupted the flight information system, baggage displays and email at Cleveland Hopkins International Airport, and the same virus infected the Port of San Diego, costing millions. Hospitals are also a prime target for hackers due to the large amounts of personal data they store.

Three elements prevent organizations from falling victim to ransomware attacks.

  1. Trained Employees

    Training employees to spot hazardous emails and reporting them to their managers can prevent a majority of these types of cyber-attacks. It is important to have regular discussions with employees about good internet practices. Important practices include reporting spam emails, avoiding suspicious links and online ads, and regularly changing and strengthening passwords.

  2. Updated Technology & Protective Measures

    Many ransomware attacks that hit cities or businesses are allowed to occur due to outdated security technologies like firewalls or anti-virus software. In today’s day and age, hackers can scan thousands of organizations looking for specific vulnerabilities that only the latest software and hardware can prevent. This is why it is important to consult with your IT provider regularly to insure that your internet technologies are up to date and your data is kept safe.

  3. Offsite Data Backups

    If either city had been backing up their data to either the cloud, offsite servers, or a combination of both, they would have had a recent backup to fall back on and continue operations with the only data being lost was that since the last back up. Trusted IT partners like Current Technologies can help implement regularly scheduled offsite backups and help you restore your data in the event of a would be catastrophe.

Protecting your Data is what we do at Current Technologies!

Name *
Name

We Value Your Feedback

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal (1).jpg

Ransomware Attack costs Baltimore $18 Million

Bitcoin 2.jpg

On May 7th 2019, Baltimore city officials announced that a relatively new strain of ransomware labeled “Robbinhood” by The Baltimore Sun had encrypted important data including email, voice messaging, the city wide parking ticket database, and the cities utility and tax payment system. It has been determined that the hackers got in via a phishing email- a phony message tricking network users into giving hackers their credentials.

The Maryland city is still struggling to respond to hackers as over a month later as Baltimore city mayor Bernard Young has refused to pay the ransom of $100,000 in Bitcoin (an online currency that is hard to trace and has a wildly fluctuating value). Since refusing to pay the ransom the hackers have gone on twitter taunting Mayor Young posting faxes and other materials that the twitter account claims is evidence that they have been inside the cities network.

In a direct message to a Baltimore Sun reporter on Twitter, the account claiming to be the hackers said they have “ Financial documents and citizens personal information” and went as far as to release them on the dark web.

It is estimated that the total cost of the ransomware attack is going to cost the city of Baltimore over 18.2 million dollars- and that is assuming the hackers do not leak financial or citizen’s information onto the dark web.

How this could have been avoided

  1. Offsite Data Backup

    If the city of Baltimore had been backing up their data to either the cloud, offsite servers, or a combination of both, they would have had a recent backup to fall back on and continue operations with the only data being lost was that since the last back up. Trusted IT partners like Current Technologies can help implement regularly scheduled offsite backups and help you restore your data in the event of a would be catastrophe.

  2. Cyber-Security Protection

    Many ransomware attacks that hit cities or businesses occur due to outdated security technologies like firewalls or anti-virus software. In today’s day and age, hackers can scan thousands of organizations looking for specific vulnerabilities that only the latest software and hardware can prevent. This is why it is important to consult with your IT provider regularly to insure that your data is kept safe.

  3. Employee Training

    The entire Baltimore city hacking could have prevented had one employee not mistakenly given their credentials to a phishing email. It is important to have regular discussions with employees about good internet practices. Important practices include reporting spam emails, avoiding suspicious links and online ads, and regularly changing and strengthening passwords.

The threat of a cyber attack is never ending, and a majority of events like this occur to small businesses and cities and if it happened to a large city like Baltimore, it can definitely happen to you. No solution will be 100% effective, however the more security layers you have in place the safer you will be. If you are concerned that this could happen to your organization, contact the security experts at Current Technologies. Our IT team will help with data encryption, offsite backups, monitoring and disaster recovery. If you have your own IT team but are still worried, Current Technologies can bring you the latest versions of security software and hardware to make your IT team as effective as possible.

Reminder: There is a Hacking Attempt Every 39 Seconds

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal (1).jpg

Big clouds for small businesses

Big cloud small B.png

Choosing the right cloud service has become a major dilemma for the modern small business. At the forefront of cloud technology, Amazon, Google and Microsoft are aggressively competing against each other for a bigger slice of the cloud storage market. This fierce competition has resulted in three very diverse and very competent cloud services.

Small business owners are spoiled for choice as each service offers state-of-the-art technology, a unique array of features, distinct and tailored configurations, alternate interfaces, compatibilities and elite customer service, all with competitive pricing.

In light of this, here’s a quick overview of the three big cloud services to make finding the best-fit solution a little bit easier for small businesses, as well as a look at how suitable cloud technology is for contemporary small businesses.

What do cloud services offer small business?

“In the simplest terms, cloud computing means storing and accessing data and programs over the internet instead of your computer's hard drive,” says PCMag’s Eric Griffith.

Cloud services help small businesses avoid the stress associated with managing technology infrastructure, provisioning servers and configuring networks. They additionally feature tailored applications to augment everyday business activities, communication and data use.

Cloud services are highly scalable and multifaceted. They can host, share and analyze your data, with state-of-the-art analytics that provide business and customer insights. They can also host your website and provide e-commerce platforms while facilitating application creation, network management, system monitoring, data logging and web diagnostics.

What are the options?

Essentially there are three main options when it comes to cloud server use: Amazon Web ServicesGoogle Cloud Platform and Microsoft Azure. Each offers its own unique variation of the cloud, and they aggressively compete with each other across all aspects of cloud technology, covering customer service, quality, speed, availability, usability, reliability and even pricing.

Cost difference

The most significant difference between platforms is pricing, where Microsoft comes in last at an estimated $14,300 per year for a standard eight-server web app package, compared to Amazon at an estimated $6,415 and Google at an estimated $6,092 for the same standard package.

The pricing difference between Amazon/Google and Microsoft is massive, with Microsoft’s cloud platform sitting at just over double the price for essentially the same service. As a small business, you likely would not need or be able to utilize all the features on offer to warrant spending $14,300 on Microsoft’s cloud technology.

Service choices

Google offers almost everything a small business would need in regard to cloud services, with the most competitive price on the market (based on an eight-server web application package). Google Cloud Platform is additionally run off the same supporting infrastructure used by the ever-popular YouTube and Google Search. It even offers support to existing Amazon Web Services users.

Google effectively rivals Amazon and Microsoft in all aspects of cloud technology and most critically through competitive pricing. Amazon and Google offer the best cloud services available in the market today, but choosing between the two – as they offer comparable features, prices and functions – is difficult.

James Watters, vice president and general manager at Pivotal, suggests Amazon has a “first-to-market” advantage since it launched its cloud service earlier than its competitors. Google is seen as having an advantage with “at-scale infrastructure,” giving customers a highly advanced and stable option for running apps.

ROI for cloud

Calculating return on investment (ROI) for cloud services compared to in-house means knowing the cost of the required equipment, its projected life span and the cost of capital – in other words, the cost of the equipment plus interest costs over the projected life span. The next task is adding estimated operating costs like floor space, electricity and staff to run servers.

Other costs in moving to the cloud include the time and money spent on migrating applications, training staff and the cost of third-party cloud services. Use an online cloud cost calculator, such as the one provided by Amazon, to make an initial comparison.

While these three cloud services offer many similarities, they do significantly differ on price. Currently, Amazon and Google offer the best value, but choosing between them may come down to user experience and industry preferences. Current Technologies can help you find which system will be best for you and set up a turnkey cloud storage system that will help you the first day.

Make the Cloud work for you

Name *
Name

We value your feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

Safe Data Storage For SMB's Made Easy

Data Serversw.jpeg

Secure and Stable Storage Strategies for Small and Medium Sized Businesses


Even the smallest business can generate a huge amount of data, and that data has to go somewhere.

Government regulations require businesses to keep and back up certain data for legal reasons; many firms choose to retain information like employee records, emails and instant messages; and every new version of a software application has to be stored somewhere. All that information must then be backed up to protect the business against viruses, ransomware and spyware that might infect their system and put a halt to trading. And that’s not even considering those firms that want to analyze their big data to further profits and business goals.

What are the Options?

Despite the mission-critical status of all this data, many small- medium businesses lack an overarching storage strategy that can ensure the business keeps trading no matter what. There are a number of options, and the good news is the price-per-gigabyte of storage has never been cheaper – even outside the cloud.

Small- Medium Businesses can opt for:

  • Direct attached storage (DAS): Devices connected to PCs or servers, usually via USB. Good for information that's frequently accessed.
  • Network attached storage (NAS)Devices that connect directly to the network and operate as a file server. Good for storing large files.
  • Cloud storageOnline storage that comes in public, private or hybrid configurations. Good for mobile access.
  • Offline media: Backing up data on to tape drives, DVDs or Blu-rays sounds a bit old-fashioned, but Google still backs up Gmail on to tape as a last resort and Facebook has its Blu-ray Cold Storage Data Center. Good for archiving.

How to Choose your Storage Strategy

Mission-critical data, like operations-related software applications and the business website, is the most important regardless of the size of the company. Firms need to consider having at least two complete separate copies of this – with one offline – to ensure business continuity.

For most SMBs, a combination of those aforementioned storage solutions will make up a good strategy, but figuring out the ideal combination can be challenging. SMBs need to analyze their storage needs closely, looking at which applications generate the most data, how quickly and from where most data needs to be accessed. They also need to assess how old the data is, if it’s being unnecessarily duplicated, and if it’s business related or operations related. 

In the end, the budget and volume of data will help determine the combination of solutions an SMB requires. However, careful assessment of the data, the legal and regulatory ramifications, and business continuity are all essential for a secure and stable storage strategy. For more information, talk to the IT professionals at Current Technologies. CT is partnered with Dell Technologies to bring your business the best possible storage solution.

You Still have Questions, we have the Answers

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

Helpful Hackers- They Do Exist

Hacker.png

Business IT systems are complicated, you know that. You've invested in security for your systems, but you're worried that there are still holes in your defense, weak spots between all the bits and pieces that make up your total networking and computing infrastructure. How can you feel confident in your security? You have to welcome a hacker into your midst.

It sounds counter-intuitive, welcoming a hacker (or team of hackers) to come and break into your network and your most sensitive data stores. But that's exactly what pen-testers (short for penetration testers) do—launch non-harmful, sophisticated attacks and probe to see if your network can handle the worst the world has to throw against it. Pen tests are almost always valuable, but to get the most from the exercise there are several things you can do.

1. Turn Them Loose

Too many pen tests are hampered because the client places significant limits on what the pen testers can do. One frequent example involves spear-phishing and social engineering. Will you let the pen testers send email messages to employees trying to tempt them into giving up network credentials or privileged information?

Some companies say they do not want to risk embarrassing employees, so they forego testing the human element of the network. If you do not run these tests, you lose valuable opportunities to see how well corporate training has been put to use by employees. The key is to not single out employees and treat any successful spear-phishing attacks as opportunities for education, not punishment.

2. Define Goals Before You Start

Is the purpose of the test to inform regulatory compliance efforts? Are you trying to see where weaknesses lie before starting a new security purchase cycle? Do you want to give your InfoSec team information before they begin revisions to the corporate security policy? Is this just part of your regular cycle of testing the effectiveness of your security?

Being clear about what you want to achieve from the test, and communicating that information clearly to the pen testing team, will help make sure the pen testers are working with you to be most effective.

3. Do Not Hire Them

Some executives resist pen testing because they worry that the results of the test could become subject to the discovery process in the event of a lawsuit. That is a legitimate concern, but there's a way around it.

Let your law firm hire them. If outside counsel hires them and delivers the report to you, then it is privileged communication and is immune from legal discovery. You get the results, everyone gets protection, and everyone (on your team) is happy.

“Hiring” a team of hackers can be the best thing you do to strengthen your network security. Do your homework on the firm you hire and follow the tips above, and you'll end up with a sound picture of where your security is doing its job—and where you should start immediately patching the holes. Our team at Current Technologies specializes in building state of the art security systems to your specification. If you already know where the holes are from a pen-test, it will be a breeze to have us patch them up for you.

Need Help Passing Your Pen-Test?

Name *
Name

We Value Your Feedback

Was this information helpful?
Was this information helpful?
CurrentTech_Horizontal.jpg

Which Data Backup Type Do You Need?

Data Has A Better Idea.jpg

Every Businesses Storage Needs Are Different


Data is vital to your business. It likely plays a huge roll in determining every decision you make. An array of technologies exist for protecting and backing up your data, and it is important to find the best solution for your needs. Here are the most popular options:

USB Drives

USB-connected drives are not ideal for business, because they rely on human intervention, and the software is usually not very sophisticated. Thumb drives are also easily misplaced. On the plus side, retention periods are reasonably good and quality of restored data tends to be high. The larger external USB hard drives can be unreliable due to moving parts. USB drives are fine for home use but they are not ideal as a business-grade backup option.

Magnetic Tape  

Tape is one of the cheaper ways to store large amounts of data and is still a popular backup medium. However it is largely outdated and it can be complex to manage multiple tapes. Lastly it is slow for restoring small amounts of data. Often tape is used in conjunction with other backup solutions as a long term repository for data.

Network Attached Storage (NAS)

A Network Attached Storage (NAS) device can provide large amounts of data storage on the local network at a reasonable price. It has staging options for spooling off to other locations as well as a facility for storing and compiling snapshots of multiple servers. NAS devices can be a great source for rapid restoration of missing files or folders, but they are not the right long-term data storage solution.

Cloud Backup

Cloud is the new frontier for backup. There are many cloud backup solutions, and the quality of the service varies by provider. VMWare is one of the most popular cloud computing platforms for small to medium businesses, however Google, Amazon, and Microsoft also offer effective cloud platforms.

 Offshore data storage can be much cheaper than local storage but may cause issues with speed, security, privacy, and sovereignty. When cloud backup solutions are built right, they can be robust and hassle-free, as the scheduled backup is totally automated with no disks or tapes requiring manual intervention.

Keep in mind the cost involved in sending data over the Internet and the time it might take to restore data over a low-speed connection.

Hybrid Solutions

Like peanut butter and jelly, often times, multiple technologies combine to make the best backup solutions.

Taking regular snapshots of system files and data files throughout the day can create a point-in-time, rapid recovery option for individual files or groups of files. These snapshots are best stored on your networked server or on a NAS.

At least once a day, a data differential of the changes made during the last period should be stored on a second, external storage system. This is where a second, off-site device, tape, or cloud backup are useful. The usual approach is to backup from disk to disk, then disk to offsite.

A Final Thought

If you have personal or business data that is worth protecting, it is well worth getting professional advice on what systems will optimize your chances of recovery. Backup is a simple concept but implementing the best solution is not straight-forward, so getting good advice from the experienced team at Current Technologies is a good first step. For over 20 years, we have been helping businesses just like yours find the best way to backup their data. Every business has different storage needs, so why would you buy a generic, one size fits all storage system.  Current Technologies will customize a system for you to last long into the future.

Start Properly Storing Your Data Before It's Too Late

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

6 Steps To Secure Your School's IT Network

Compuer Lab.jpeg

Your School's IT Network is a Gold Mine for Hackers


The Open Security Foundation reports that 15% of all data breaches take place at educational institutions. When such attacks are successful, the consequences can be severe. Given the regularity of attacks on educational networks—and the harm they can cause when they’re successful—it’s vital that you make sure yours is as secure as possible. Here are five things you can do to make sure your school’s network is secure.

1. Use multiple defenses.

The key to a secure network is a comprehensive approach that takes into account all possible points of entry. It’s not enough to have one anti-virus program, or to encrypt only some sensitive information. Combining multiple security measures will provide the best possible defense for your valuable data.

2. Update. Update again. Then check for new updates.

According to a report by Symantec and Verizon, nearly one million online bugs are introduced per day. It's little wonder then that anti-virus programs require frequent updates to remain effective. Neglecting these updates increases your vulnerability to costly and time-consuming infections. Current Technologies recommends automating them whenever possible. You must also take care to download security patches for your browsers and operating systems as they become available.

3. Control network access.

Using network administration software, you can restrict user access to information. Apply "the principle of least privilege" and ensure users can only access the information they need. This will allow you to reduce access to sensitive information while ensuring that everybody can still do their job.  

4. Back up everything.

It’s inevitable that you’ll hear stories of students at your school losing nearly finished assignments because of a power outage or a flash flood. Don’t make the same mistake—back up everything you can, preferably in a secure, off-site location. That way, in the event of a security breach (or a natural disaster), you don’t have to worry about extensive data loss.

5. Encrypt sensitive information and use strong passwords.

Finally, it’s prudent to encrypt sensitive information whenever it’s not being used. In the unfortunate event that your school falls prey to a successful cyberattack, you’ll at least have the consolation of knowing that your files were useless to the perpetrators.

The maintenance of a secure school IT network requires you to ensure that it’s kept up-to-date and that the people managing it are following best-practice security protocols.

6. Password Management

In April this year, hackers were able to infiltrate the network of a New Jersey school, steal critical network files, and demand $125,000 for their release, all because of a single weak password.

So make sure that your school’s network administrators are using unique passwords or a suitable password manager app. You can also consider implementing multiple factor authentication (MFA), which requires both a password and a second authorization code—sometimes a secret question, sometimes a code sent to a registered mobile phone.

Don't Let Your Institution Be Another Case Study

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

10 Essential Steps To Protect Your Data

computer data.jpeg

How Much is Your Data Worth?

There are various ways to calculate the cost of losing work stored on computers. Perhaps the easiest way to get a gut feel for the cost is to think for a moment about how long it would take to replace lost work. How many people would have to spend how many days to create everything from scratch?

Here is a simple 10-step plan for making sure they do not have to.

1. Have a Strategy

You will not know what approach is right for you until you have answered these questions:

  1. How long can you go without the lost data?
  2. Will you be making full backups or incremental or differential backups?
  3. How quickly will you need data restored?
  4. What solutions will you use?
  5. How secure do your backups need to be?
  6. How long do you need to keep the data for?

2. Prepare for the Worst

If the building burns down, your onsite backups might go the same way as your primary systems. You should think about offsite or cloud backups as part of your plan. At Current Technologies, we help our clients find the best ways to leverage the cloud for a positive return on investment.  We can help you choose the best path forward to the cloud using proven solutions. 

3. Get Help

You might not have all the answers or even all the questions, contacting experts is never a bad idea. Our team at Current Technologies has been helping organizations secure data for over 20 years. Our knowledgeable and experienced employees will work with you to reach the mutual goal of defending your data.

4. How much can you Afford to lose?

Catalog which data would have the biggest impact if you were to lose it. Break data into tiers and work out how long data from each tier needs to be backed up.

5. How long can you go Before your Data is Restored?

The answer to this question will be different for each of the tiers of data you identified. And it will inform your decision about what backup systems you need.

6. Consider your Applications

Not only does your solution need to fit your business needs, but it also needs to suit the applications you run.

7. Choose your Device

What will you backup onto? This is another area where it is worth taking more expert advice.

8. Set up your File Backups

If you are working with someone, you should be able to borrow their expertise to make sure you set up correctly. If not, look for vendor tutorials that walk you through the process.

9. Take a Picture

Do not just set up to backup data. Image backups capture your whole system so that you can restore everything. That includes your operating system, applications, settings, bookmarks, and file states right before disaster struck. Current Technologies is partnered with Barracuda Networks and VMware to maximize ease and minimize cost of image backups.

10. Check and Double Check

Your system is no good to you if it is not working. Check and check again that you are capturing usable backups in the format you are expecting.

We can Help Each Step of the Way

Name *
Name
Our customers love the piece of mind knowing they can be alerted to issues so outages can either be prevented or responded to very quickly because of the visibility our tools provide
— Mark Rhodes,VP - IT Soluions

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg