Colonial Pipeline: Lessons to Learn

Colonial Pipeline made the headlines recently after being hit on May 7 by ransomware. The attack was so successful that it led to a complete shutdown of operations. While the exact cause of how this attack occurred hasn’t yet been made available, similar attacks have been traced back to unpatched vulnerabilities, compromised user credentials, and simple phishing email messages. Here are some more details.

With the crisis unfolding, Colonial explored various options and ultimately decided to pay the ransom and hope for the best. The ransom was $4.4 million in Bitcoin. Colonial worked with a professional team who negotiated with the attackers and worked to ensure they held up their end of the bargain.

After paying the ransom, the pipeline resumed operation but the damage continued. The pipeline took several days to return to running at full capacity and ultimately Colonial had to rely on internal backups. Full internal recovery will probably continue for months.

So what are the takeaways?

  1. Colonial had spent $200 million dollars on IT, proving that it takes more than just technology to prevent an attack. This is why we emphasize end-user security awareness training to all our clients.
  2. The fact that Colonial felt that paying the ransom was their best option means that we’ll almost certainly see an increased level of cyber attacks in the months ahead. It’s a good return for Cybercriminals – anyone can pay a ransomware-making service less than $200 to have a ransomware attack package made for you.
  3. Don’t leave yourself without a plan. There is no 100% foolproof way to prevent a ransomware attack, so be ready.

If your organization doesn’t have a plan for preventing and if needed, recovering from a ransomware attack, contact us today and learn how we can help your business prepare.

Everyone stay safe out there!

6 Tips for Staying Safe in the Cloud

The Covid-19 pandemic forced many individuals to work at home, so it’s not surprising that there was a sharp rise in the use of the cloud for storing information. There are risks with using cloud resources, but they can be managed with some simple steps. Here are 6 tips for staying safe in the cloud.

  1. Use strong passwords and 2FA. Passwords will be the key to accessing data in the cloud, so passwords should be complex, unique, and not used for any other site or service.
  2. Research the Cloud provider and read the user agreement. Yes, it’s not glamorous, but it’s important to understand if the cloud provider you’ll be working with has a good reputation and also how they will store and protect your data.
  3. Encrypt your sensitive files. Certain cloud providers can encrypt your files before they are stored or give you the option to encrypt individual files.
  4. Sign out of cloud services when not in use. It’s convenient to stay signed in to a cloud service, but it’s safer to sign out when you’re done. And avoid using shared computers and having your browser remember your cloud passwords.
  5. Backup your data. Just because you store data in the cloud doesn’t mean it can’t be lost. In fact, almost all cloud storage provider agreements specifically state that your data safety is not guaranteed. There are cloud-to-cloud backup solutions as well as local backup solutions available.
  6. Keep personal and company cloud data separate. Use personal cloud services to store personal data and files. If available, use your company’s provisioned cloud storage solution for any work-related files.

Everyone stay safe out there!

Popular Android Barcode App Installs Malware

Source: Malwarebytes

From our partner Malwarebytes comes this news. If you are one of the millions of Android users that installed the LavaBird Barcode Scanner application from the Google Play store, you’ll want to get it off your phone ASAP as the app secretly installed malware onto every Android phone that downloaded it.

I’ll tell you how to check if you have the app in a minute.

What’s really interesting is that the app was legitimate and clean at first. It was launched in 2017 by a company called LavaBird and back then contained no malware. It had over 10 million downloads from the Play Store but on November 25 of last year, LavaBird sold its ownership of the app to an account named “the space team.”

The new owner snuck a nasty piece of malware into the most recent update. The updated version now allows your phone to be completely controlled by someone else. This is known as a Buy to Infect scheme.

And the bad guys didn’t waste any time as they began hijacking browsers and redirecting them to pages containing advertisements – that I’m sure they got paid for.

Google has removed this app from the Play Store now that the malware has been detected but if you have it on your phone, you’ll have to manually remove it yourself. Here’s how to check (exact steps can vary slightly depending on your Android version):

Settings > Apps > See all…apps > Barcode Scanner > App Details in store. This should take you to the listing in the Google Play store. If the Google Play Store listing doesn’t exist, you have the bad Barcode Scanner app and should uninstall it asap.

Consider installing the Barcode Scanner from ZXing Team instead.

And a reminder – with more remote workers, your organization needs to extend protection and monitoring to all remote devices. If you’re unsure how to do this, call us for a free consultation.

Everyone stay safe out there!

Romance Scams

It’s almost Valentine’s Day and while love may be in the air, sometimes as the J. Geils’ 1980 song explained, love stinks. And I’m not talking about unrequited love, I’m talking about cyber scams targeting romance. These scams have swindled hundreds of millions of dollars out of love-seeking victims year after year.

Dating sites have become incredibly popular and cyber criminals have taken note and targeted users. If you visit any of these sites, here’s what you need to know.

The scam starts with Catfishing. This is when a user makes up a persona complete with fake photos and information. Usually the Catfisher pretends to reside ‘out of country’ making it almost impossible to check up on them of quickly meet. Once connected to a real user, they quickly try to develop the relationship usually leading to a profession of love along with a desire to ‘take a flight to come see you!’ or communicating that they need to pay off an ‘urgent medical bill.’ This is typically followed by a request to be lent some money (typically gift cards or a wire transfer). Or sometimes the scammers request personal info or pictures with the hope of later blackmail.

It may seem highly unlikely to the average reader that these types of scams would be successful, but Catfishing works because the bad guys are using social engineering tactics to create a personal relationship. Once they feel they have developed the relationship, they strike.

So even if you’re not in the market for love right now, we all probably know someone that is or will be. So here are the red flags to look out for:

  • The connection confesses their love very quickly
  • They start asking for money attached to a crazy or intricate story
  • They start asking very personal questions such as financial information
  • They avoid video chats or attempts to meet in person

If you suspect Catfishing, try doing an Internet search on the individual, their photos, or their job to see if their story matches up.

Everyone stay safe out there – and Happy Valentine’s Day!

The January MicroOutlook Newsletter is Now Available

Stories this month include an in-depth look at financial relief for small businesses with PPP 2.0, our new Office 365 Management service plan, an unlimited-capacity Cloud backup special, and tips for using Multi-Factor Authentication.

Download or read your free copy here.

Second PPP Loans Cover Cloud Computing and Business Software Expenses

The U.S. Government recently approved $284 billion in loan assistance as part of a relief effort for the global Covid pandemic. One interesting item that may help many small businesses is that this second round of PPP funding includes forgiveness for “operations expenditures,” including but not limited to business software and certain Cloud computing services.

To qualify for the loans the following requirements must be met:

Must be a business, independent contractor, eligible self-employed individual, sole proprietor, not-for-profit organization, 501(c)(6), and a few other designations are also available (consult link below for more details). Criteria for eligibility are:

  1. Fewer than 300 employees
  2. Received a PPP loan in the first emergency funding bill
  3. Experienced a revenue reduction of 25% or more in 2020 compared to 2019
  4. Expended (or will have expended) all of the first PPP loans prior to receiving the second.

There’s more info at the Small Business Administration website.

Microsoft’s Creepy New “Productivity” Technology

Maybe working remotely won’t be the casual, relaxed atmosphere you may have experienced in the past now that Microsoft has just patented and released its new Productivity Score technology.

The technology assesses the ‘quality’ of employees in meetings in part by monitoring their body language and facial expressions. The patent application describes it as “a meeting evaluation machine configured to collect quality parameters from meeting quality monitoring devices.”

“Quality monitoring device 106B is a camera (visible light camera, infrared camera) that may, for instance, record which of the invited meeting participants attended the meeting, the body language and/or facial expressions of meeting participants, the amount of time each participant spends contributing during the meeting,” Microsoft ( MSFT ) said in the filing.

Microsoft is marketing this technology claiming its ability to support collaboration and better tech experiences. But it’s pretty clear that Microsoft is responding to companies’ fears (with some justification) that employees are not being productive when working in a remote environment.

This is a lousy use of technology as meetings clearly aren’t the equivalent of highly creative work, research, or writing. So I wouldn’t expect engagement levels to be close. I’ve managed many employees over the last three decades. And I’ve found that empowering employees to do their jobs, helping to remove obstacles, and trusting them to get the job done all inform the best approach to management. Surveillance isn’t the answer.

Everyone stay safe out there!

Lessons from the AWS Outage

There’s an old joke in the IT industry that goes like this; “What’s a computer without electricity? A paperweight.” There’s a similar truth about Cloud services and last weeks outage of Amazon Web Services (AWS) served as a vivid reminder. AWS is used for delivery of many core Internet services and applications and many of the world’s largest enterprises and many important public institutions rely on its infrastructure to keep the digital universe humming along. So a multi-hour outage ended up taking down a significant portion of the Internet.

Disrupted services included Adobe, 1Password, Autodesk, Glassdoor, Flickr, Roku, Coinbase, DataCamp, and the Washington Post (plus many others). And as so many services tie into AWS, even basic household items such as those provided by iRobot and Ring were affected.

So what lessons can be learned? First, the use of Cloud services offers many conveniences but these services are still provided by computers. No matter how much redundancy, problems can and will arise. So businesses need to plan accordingly.

Second, if you scan the fine print of most common Cloud-based storage and email services, you find that data integrity isn’t guaranteed. So you should plan for a Plan B ‘just in case.’

Finally, your corporate Disaster Recovery plan should include what your company will do in the event of the loss or corruption of Cloud data. In this case the outage only lasted a few hours, but what would you do if an outage lasted 24 hours?

It may be worth exploring the concept of Hybrid-Cloud computing for your business. This model can minimize the impact of a failure in any one area and provide additional redundancies to assist with responding to disasters and unplanned events.

Welcome to 2020!

Ring Doorbells Being Recalled

The Internet of Things can be tricky sometimes and here’s an example. If you live in the U.S. or Canada and purchased a Ring doorbell between June and October of this year, dig out your paperwork to check the model number as Ring is recalling over 360,000 of the units over a concern they may catch fire if incorrectly installed. The problem model is 5UM5E5.

Apparently the issue is that the doorbells shipped with two sets of screws for the installation. If you mixed them up during the install it creates the real possibility of one of the screws puncturing the battery causing it to overheat and potentially exploded or catch fire. There have been over 80 reported cases thus far in the U.S.

There’s more data on the U.S. Consumer Product Safety Commission website and also at Ring.

Everyone stay safe out there!

Remote Work is the New Normal

Nearly everyone in the U.S. was tossed into a remote work situation as a result of the pandemic. Some users were well-prepared (such as our Private Cloud users who had virtualized their operations and have been working remotely for years). But for many this was a completely new – and often chaotic – experience.

As the economy starts to emerge from shutdown, many are now wondering if remote work will fade back to a service for a select few users or if it actually represents a new normal. Here’s some evidence that it’s the latter.

Social media giant Pinterest just pulled the plug on it’s state-of-the-art office campus in San Francisco. Pinterest has been growing strongly and had been in the process of designing a huge 490,000 sq/ft campus. It had even leased the office space.

Pinterest Proposed Campus
Source: IwamotoScott Architecture

Anyone in business knows it costs a lot to break a commercial real estate lease, but Pinterest has done just that. They have agreed to pay a one-time fee of $89 million to back out of the lease.

To be fair, Pinterest can afford it. Their books show a cash cushion of $1.7 billion. But still, escaping from the lease is about 5.2% of their cash on hand. Clearly, Pinterest doesn’t expect the traditional work environment to come back. They seem all-in on remote work both in the present and in the future.

Does your business want to investigate virtualizing or downsizing your business physical footprint? MicroData can help you explore options and chart a path to the New Normal. Visit us at to learn more.

Dual-screen Android Smartphone from Microsoft

After a 4-year break, Microsoft is jumping back into the smartphone business but this time with a couple significant changes; their new phone will be running Android 10 and the phone, called the Surface Duo, will be a dual screen/dual battery folding design.

Other manufacturers have tried hinged or folding phones before but they have never been able to stand up to the harsh realities of actual use. Microsoft has gone at it differently by using an actual strong hinge to accomplish the fold. The result is that the dual 5.6″ AMOLED screens can combine to yield a huge 8.1″ diagonal display. The combined resolution is 2,700 x 1,880 pixels.

Also interesting is that the hinge swivels a full 360-degrees which means it can open partway like a book, flat like a tablet, or even bend back-to-back. Portrait or landscape modes are selectable.

Microsoft has also designed this smartphone to be a multitasker. It has the power and capability to run two apps side-by-side. So think of a video conference running on one screen while you surf the web on the other.

The 11-MP camera should produce nice results and the the phone can be had with either 128GB or 256GB of storage space. Interestingly, there are two batteries or about 3,600 mAh each. Weight is just under 9-ounces and when closed the Duo is only 5.7″ tall and 3.66″ wide. Thickness is just under 10mm (a little more than 1/3″)

The Surface Duo will be available September 10 with pricing starting at $1,399 and supporting all major cell carriers.

4 Non-Technical Tip to Improve Work-from-Home

Many of us are facing a new reality of working from home – either full or part-time. At first glance this seems like a welcome change, but as time has gone by some have found stress and frustrations they hadn’t expected. So if you do find yourself working from home in some capacity, here are 4 tips to improve your work-from-home experience.

  1. Maintain normal working hours. When you’re working from home your office is always just a few steps away. While convenient, it doesn’t mean you need to be in work mode your entire day or work until 8pm. Stick to your normal schedule and save non-work related tasks until after your regular working hours. Make sure to take your regular lunch and other work breaks you are entitled to during your workday. And consider taking your coffee break and heading outside for some fresh air and exercise.
  2. Create a dedicated workspace. While anyone can throw a notebook computer onto the kitchen table for an afternoon, it can be extremely frustrating to try and work without enough space, proper lighting, and a decent chair. This doesn’t mean you need a full office in your home, but creating a private area that you can use just for work is highly recommended. Make sure your selected location has some natural light and a way to close the door for privacy or to help concentrate.
  3. Minimize distractions as much as possible. Closing a door to your work area can help, but also try to avoid distractions within your workspace, as well. This includes keeping televisions off, minimizing the use of your cell phone, and avoiding browsing the Internet or social media. At home, these services may not be blocked or monitored like at the office, so try and stick to your office routine.
  4. Socialize responsibly. Many people working at home cite the lack of human interaction as a real downside. So it’s encouraged to continue socializing with your colleagues when working remotely. So if your office has communication tools, use them! Think about how you traditionally would ask questions or advice on a work matter, or you’d stop for a minute to say hello to a co-worker when you passed by their desk. Try doing these same things digitally.

Everyone stay safe out there!

Use Google Chrome Incognito?

Chrome is a very popular browser and offers users a feature called ‘Incognito’ mode that claims to allow users to browse the web privately. It’s a popular feature.

There’s a problem, however. Incognito browsing isn’t private.

New revelations show that Google still tracks everything and collects behavioral surveillance on consumers, even when they think they are using a privacy feature. Now users want to hold Google to account.

A $5 billion class action lawsuit has just been brought against Google. And rather than just another headline, this one has an interesting angle. The lawsuit alleges that Google has violated the Federal Wiretap Act. The FWA allows users the right to sue if their private conversations are unlawfully monitored.

For those of us that work in technology we’re not too surprised at Google’s actions. Fundamentally, they are a company that collects, processes, and sells behavioral data. To date, they really haven’t been held to account for their practices – but this lawsuit may change that. I think it has a fighting chance in court.

And if the class action prevails against Google it will set a new precedent for data surveillance. Companies like Google and Facebook would be significantly affected because their businesses revolve around this practice. In 2019, 83% of Google’s revenue came from serving ads based on behavioral data.

Everyone stay safe out there!

Small Business Owner’s Guide to the CARES Act

If you’re a small business owner wondering how your business can stay afloat amidst the current coronavirus crisis, the good news is that there are relief resources from the Federal Government available to any business – including 501c3’s, Sole Proprietorship’s, independent contractors, and self-employed individuals.

One of the best, concise guides I’ve found to date has been published by the U.S. Senate and is available here.

Of particular benefit is a program you should check out called the Paycheck Protection Program. The goal of this program is to enable you, the small business owner, to keep your employees on your payroll and your business up and running until the crisis is past. And while this is technically a loan program, the terms are such that up to 8 weeks of payroll costs incurred to maintain employees and wages may be forgiven if you maintain your workforce – effectively making it a grant. Definitely worth a look!

Everyone stay safe out there!

Tips to Avoid Coronavirus Scams

Scammers have begun sending phishing emails about the Coronavirus with the goal of infecting computers or stealing information. The email appears to come from the World Health Organization (WHO) and claims to provide new information on the virus and will contain a link or an attachment to access that information.

The email message prompt users to download an attachment or click on a link to “get important information.” Ironically, clicking on the link to learn more about the virus can give your computer a virus – or worse.

Here are some tips to avoid falling victim to this scam.

Check the sender of the email to verify if they are legitimate. Be wary of any misspellings in the sender’s email domain. A proper email domain for the World Health Organization will be

Be careful of links and attachments. Without clicking, hover your mouse over any links in email messages and your system will show you where clicking that link would take you. If you don’t recognize the destination or it’s different that then domain of the email sender, don’t click on it.

Think twice about opening any attachments. Generally, unknown organizations that you haven’t personally interacted with won’t send you attachments. Rather, they would direct you back to their website for more information.

And if you do click on a link, avoid sharing any sensitive and personal information that may be requested.

Don’t fall for donation scams requesting a charitable donation to assist with relief efforts for the virus. Generally, charities don’t request donations via mass emailing. If you’d like to consider a charitable donation, open a brand new browser window and go directly to the charitable organization’s website and proceed from there.

These tactics aren’t new but they do work because they appeal to our fears and curiosity. So expect more of these attacks as other emergencies occur in the future.

Everyone stay safe out there!

Coronavirus Technology Fallout

You may not yet have noticed, but supplies of many technology items are drying up and it’s related to the Coronavirus in China. Here’s what’s happening and what you should do.

For many technology items like notebook and desktop computers, China is the world’s primary source producing most – or all – of some vendor’s products. But the Chinese governments response to the virus outbreak is, at least in part, to tell all its citizens to stay home in an effort to break the infection cycle. So not only does this mean that factories are idled, but some of our clients that operate in China have reported that finished goods are sitting in warehouse as shipping has also ground to a halt.

So what should your business do? If you know that you will need new computer hardware in 2020, our recommendation is to get it now – if you still can. We’ve already seen the channel dry up for some items like sought-after notebook PCs: if you want a business-class notebook with 1080p resolution and an SSD, those are largely gone. Less desirable, lower resolution notebooks with mechanical hard drives are still available but no one wants those.

And of course this means that you can expect prices to jump on a lot of tech products.

Airline Debit Card Scam – This One Can Sting You

You’re a target if you use these

Debit cards have always been a security concern, and here’s yet another good reason to get rid of them if you have any. A new scam targeting debit card users leverages the airlines to (usually) successfully get your cash – and the bank issuing the debit card will typical not cover the fraud. Here’s how it works.

Cybercriminals steal your debit card info from a store or shop where you used it for a payment. Importantly for this scam, they steal both your card number/expiration/CID info and your name & address. Then they go to a major airline and purchase frequent flier miles. They then launder those miles to another Point program (such as for a hotel chain). They may move the points additional times until they get them to some point program where they may be redeemed for cash or used to make a product purchase.

Here’s where it gets nasty.

You find out about the fraud, immediately contact the bank that issued you the card, and they “open an investigation”. They will contact the airline who will confirm that you (cybercriminal using your name) made the purchase at which point your bank will deny the claim – after all, you made the purchase. So your money is gone. If you try and contact the airline about the purchase they will refuse to talk with you because they ‘want to protect the identity of the purchaser’ – even though it’s you. This irony is just some salt on the wound.

Your only recourse at that point will be to request the bank’s investigation info and try to pursue the fraud yourself. This will likely be a hopeless task as the cost in time and expenses will be almost certain to exceed the couple of hundred dollars of the fraud. So the takeaway? Don’t use debit cards. You have better protection with a credit card.

Everyone stay safe out there!

MicroData is Hiring!

MicroData has an immediate full-time opening for an Accounting and Operations Specialist at our Beverly headquarters. This position offers full benefits including health, dental, 401K, and paid vacation/sick time. It’s also eligible for our 4-Day Work Week option.

This position would be perfect for someone with an accounting background that’s interested in moving up into Operations. Apply online at our website.

No calls or placement agencies, please.

Microsoft revamps Edge browser – here’s what’s new

New browser, new logo

Microsoft’s Edge browser first appeared in 2015 and the new, second generation of Edge has just been released and it’s entirely re-worked from the old version. Here’s a quick summary of what’s new and also the download link if you’re ready to check it out.

The biggest change is that Microsoft has switched the core engine in Edge to the Chromium engine developed by Google. Chromium is open source, meaning its free and available to anyone to use. It’s also the foundation for the Brave and Opera browsers.

By switching to the Chromium engine, all plug-ins for Chrome will work without modification in the new Edge. This is becoming more important in a Cloud-centric world where the browser is increasingly being called upon to manage the user experience. This will also make developers happy as it’s one less platform that they have to create for.

According to Microsoft, the new browser is available for Windows macOS, Android, and iOS. If you’d like to install it now, you can do so here.

In our testing we’ve found the new Edge to be speedy and stable – as we’d expect. It will readily import all your favorites, history, and passwords from your current browser and using your Microsoft account you can automatically sync multiple browsers.

We’ve tried a bunch of plug-ins including ad blockers, O365, news/media add-ins, and some development tool hooks and everything has worked flawlessly so far.

Tips for Safe Online Shopping

It’s that time of year again. Black Friday, Cyber Monday, and what’s expected to be one of the busiest online shopping seasons ever. So to get everyone off on the right foot, here are 10 tips to help you shop safe online.

  1. Never click on links in emails. If you want to shop at a site, enter that site address in your browser. There are thousands of fake sites that look almost identical to the real thing. Don’t fall for evil-twin shopping sites.
  2. Don’t open attachments with special offers. It’s a classic scam. The offer should be in the email and you should be able to see it right away.
  3. Watch for malicious ads and popups. Do not click on ads that sound too good to be true, and ignore popups that might propose the “best deal ever”.
  4. Beware of e-skimmers. This is a new one. Do you know that bad guys sometimes skim your credit card at gas stations or ATMs? Well, there is a new flavor of that, the shopping website you order from might be infected with a “e-skimmer” and they steal your card data when you check out. You can prevent that by using PayPal or Amazon.
  5. Use a credit card to buy stuff online if possible. NEVER use a debit card to make online purchases but use that debit card to take out cash only.
  6. Do not shop over a public Wi-Fi. You simply do not know if it’s secure and who is listening. Only shop using a secure, trusted network. If you have no other way to shop, use a VPN which encrypts your traffic.
  7. Be very careful when you see a free offer during the holidays. There is an explosion of all kinds of survey fraud and gift card scams.
  8. Do not re-use any of your passwords. Instead, use a password manager to create hard-to-break passwords. Re-using any password is literally an invitation to get hacked.
  9. Keep a close eye on your credit card and bank accounts. During this season, unexpected and strange charges might appear which could very well be the first sign your card or even your whole identity has been stolen. If you think you might have been scammed, stay calm and call your credit card company, nix that card and get a new one.
  10. Be especially suspicious of gift card scams. They can be a perfect holiday gift, but gift card scams are skyrocketing. Only buy gift cards from trusted sources.

Everyone have a safe and Happy Thanksgiving holiday!

Have you been Cryptojacked?

Cybercriminals aren’t just looking to steal your company’s data, they are also eager to steal the use of your computers for other nefarious purposes. So today, I want to tell you about Cryptojacking, how it works, and the steps you can take to keep your organization’s devices safe.

Cryptojacking is when malware on a computer steals a device’s memory, processing power, and electricity to make money for someone else – all without your knowing it’s happening.

Cryptojacking is an outgrowth of the rising popularity of cryptocurrencies. Cybercriminals typically stage a cryptojacking attack by infecting websites that generate a lot of online traffic. When an online user accesses an infected website on a desktop or notebook, malicious code embedded in the website then infects the user’s device. This type of attack isn’t designed to steal your private data, but to harness the power of your computer’s CPU. It’s malware that accesses your computer for the sole purpose of mining cryptocurrency.

After the currency is mined, it is then electronically transferred to the cybercriminal and remains untraced. Several difference cryptocurrencies such as Bitcoin, Ethereum, and Litecoin may be mined this way. And while none of these crypocurrencies are illegal, mining them without permission is.

Over 2,500 websites have already been accused of capturing its visitors’ CPU power to harvest cryptocurrency instead of displaying ads.

So how can you prevent cryptojacking?

  1. Always use a good antivirus and antimalware software on every computer in your organization
  2. Make sure that you are updating all your computers, firewalls, and network devices regularly. Most types of malware infect computers by exploiting known vulnerabilities that haven’t been patched.
  3. Never install software of apps that you don’t trust.
  4. Don’t click on links without knowing where they lead
  5. Always be careful when visiting unfamiliar sites
  6. Use a reputable adblocker. Many of these will block mining code and specifically look for cryptojacking malware
  7. Check your CPU usage periodically. A resource monitor will allow you to check and see if CPU usages is abnormally high. In Windows it’s the Task Manager and on a Mac is the Activity Monitor. If you close all your apps but still see CPU usage running very high, you may have a problem.
  8. If you ever notice generally poor performance or after clicking a link you hear your computer’s fans speed up, you may have a cryptojacking infection.

If you need a hand with cybersecurity at your company, contact us and we’ll be glad to assist you.

Everyone stay safe out there!

3 Tips for Fighting Hackers

Rather than just sitting back and waiting for cybercriminals to come after you, there are preemptive steps you can implement right now to strengthen your personal IT security. Here are 3 simple tips.

Address your Mobile Security. This one is easy. You can call your cellular provider and ask them to maximize the security on your account. And add a pin and password to your device if you haven’t done so already.

Passwords. Don’t keep passwords in a spreadsheet or text file on your computer. Use a 3rd party password manager like KeePass – it’s free and easy to use.

Back it up. While not so much preventative in fighting off a breach or a hacked account, having a reliable and secure backup can really save you in the event your data is compromised. With a good backup, a compromise or breach is turned from a major disaster into a minor inconvenience. And it’s inexpensive – a service like our SecureCloud Backup covers up to 250GB of data for just $20/month.

If your organization is looking for assistance with cybersecurity, the experts at MicroData would be glad to talk with you. Contact us today.

Everyone stay safe out there!

Email Quarantine Scam

Be on the lookout for a new and more sophisticated phishing scam that has some clever hooks to catch your users. Here are the details.

You receive an email nicely formatted and with color and good grammar. It addresses you with a user name – typically the first part of your email address – and tells you that has ‘prevented the delivery of “x” new emails to your inbox…’. Here’s what it looks like:

But if you hover your mouse over the ‘View Emails’ button without clicking, you see that the actual destination is a ‘zombie’ server that’s hosting malicious code to infect your system.

Remind your users to Stop and Think before they click! And consider some formal Security Awareness Training for your end users such as included with all MicroData Managed Service Plans.

Everyone stay safe out there!

How to Lose $31,000

In this July’s MicroOutlook, we show the real email messages from an organization that actually lost $31,000 from CEO Fraud. We’ll also explain what CEO Fraud is and how to keep your company from becoming a victim. And yes, small businesses are targets.

And are you aware that Windows 7 is end-of-life at the end of this year? That means no more security patches, updates, and support. Before you groan too much, the good news is that a direct upgrade to Windows 10 is possible for most systems and MicroData is offering a promotional 7-to-10 upgrade service.

And speaking of Windows 10, check out our some of our favorite Windows 10 tips-and-tricks.

Get your free copy here

MicroOutlook is the monthly newsletter for IT Decision-Makers published by MicroData

New Google Spoof Attack Hitting Hard

We’ve recently seen a large quantity of spoofed messages, supposedly from Google. If an unsuspecting user clicks on any link in the message they are taken to a malware-laced website which will try and install malicious code on the user’s system. Here’s what you should look for.

The fake email messages all involve Google services in one form or another, include a Google logo, and tell the recipient that some sort of action is required or something bad will happen. Here’s an example:

Clicking on any link anywhere in the message will take the user to a fake ‘Google’ page which will try to induce the user to enter credentials and also will attempt to exploit unpatched vulnerabilities on the workstation and install malware.

Remind your users to stop and think before they click.

And remember the best way to equip your users to resist these types of attacks is get Security Awareness Training. All MicroData Managed Service Plans now include SA Training at no additional cost and standalone Security Awareness Training is available, too. Contact us for more information.

Everyone stay safe out there!

MicroData is Hiring!

Interested in working at a small and fast-growing IT company on Boston’s North Shore? MicroData has multiple openings for IT support professionals at our Beverly Massachusetts location.

To learn more, visit our Careers page on the web.

Welcome the Newest Member of the MicroData Team

It’s my pleasure to introduce the newest member of the MicroData team, Dean Sheldon. Dean is a Help Desk Technician and his educational background is in general information technology along with a specialization in networking and security.

Dean will be working at our Help Desk starting today and I’m sure everyone will enjoy working with him. Please take a minute to say ‘hello’ if you call in and get to speak to Dean.

We Need How Many Updates?

When IT systems are running properly it’s easy to assume everything is OK. But unlike refrigerators, information technology needs frequent attention to keep everything running smoothly – particularly regarding security updates and patches.

Servers, desktops/notebooks/tablets/handhelds/smartphones, firewalls, switches, and even printers are complex devices made up of thousands of parts and often millions of lines of software code. It’s unavoidable that hardware and software will need some updates as bugs and functional issues are found. Some of these are from issues ‘missed’ during initial design, but many updates are in response to interoperability issues with other vendor products, newly released technology, and new threats.

As a result many vendors release monthly updates for their products and more critical updates as they occur. Some of these are automatically installed although some require manual attention. So to help you understand why it’s so important (and often legally required) to keep up with these updates, here’s a summary of what’s been released just this month.

Microsoft is releasing 79 patches (22 identified as critical) including a critical fix for Windows (CVE-2019-0863) that is so important they are even releasing a version for the long-since unsupported Windows 2003 Server and Windows XP. They also have a patch for a just-discovered bug with Intel CPUs. Some of the required updates will require going back to hardware manufacturers to download new firmware.

Just so you know Microsoft isn’t a solitary bad example, Apple has also released fixes for every Mac and MacBook released since 2011.

Then Google has patches out for Android and Chrome. Mozilla is preparing a long-term fix for it’s FireFox browser. That’s due May 21.

But this month I think Adobe holds the record with patches for Flash, 83 individual vulnerability patches for Acrobat/Reader, and media Encoder.

So what’s the takeaway? Your business has to keep up with these patches and updates to stay safe and to show compliance with security and privacy laws. Doing it manually is almost impossible and even if you did have the luxury of someone to run around doing all this, how would you track what’s been done?

One of the easiest ways is to use a package like MicroData’s Essential Care Managed Service. You can learn more at

Everyone stay safe out there!

MicroData is Hiring!

We’re growing and have an immediate opening for a Bookkeeper/Operations Assistant in our Beverly office.

We also have two Internships open for the summer; Marketing and IT/Engineering.

Check out all the details or apply on our website. No calls please.

How Employees Bypass IT Security

Your company has installed the latest firewall with a costly subscription to keep it updated, you’ve got best-rated centrally managed antivirus and anti-malware software deployed, you’ve got clearly-written security policies in your employee manual and you hold quarterly meetings to go over the material, and you even conduct employee security awareness training for everyone. But then your company still gets hit with ransomware. What happened?

One answer is that your employees may simply be bypassing your security altogether. Here’s a common way we see this happen.

Let’s say you’ve got the perfect network setup including filtering web content like social media – think Facebook, Twitter, Instagram, etc.. These are prime vectors for malicious linked content so it’s a good idea to restrict access in the workplace – aside from the wasted time factor.

Then you walk by Bob the accountant’s desk and see Facebook on his notebook screen? How did he do it? Is Bob actually a secret genius hacker? Actually no, he simply connected to the neighboring company’s guest wifi which has no filtering restrictions.

The takeaway? Like water finding a low point, employees will try and use technology to access what they want. So instead of focusing on individual, traditional protections, you need to deploy a comprehensive Unified Threat Management solution that anticipates all factors and reacts and updates to new threats as they emerge.

Using a foreign wifi network is only one of dozens of vulnerabilities we’ve identified. MicroData has a UTM solution that can be quickly and efficiently deployed in organizations of any size. Learn more on our website – and consider signing up for a free Dark Web scan & report or Network Security Threat Assessment at a special 70% off the regular price.

Everyone stay safe out there!

March MicroOutlook & a Free Dark Web Scan and Report

The March edition of MicroOutlook has been published and you can download a free PDF copy here.

Stories this month include and in-depth review of why Cloud Backups aren’t a substitute for a true Disaster Recovery solution, an article on ‘Leadership and the Art of Performance’, and Tech Tips on using Android devices.

And if you’ve been curious about whether your company’s confidential user info is for sale out on the Dark Web, through the end of March we’re offering a free Dark Web scan and report for any business.

Use Google Chrome on Any Device? Update Now.

If you’re running Google Chrome on any device – including a smartphone – make sure that you are running the latest version which fixes a security vulnerability (CVE-2019-5786) that can potentially be exploited by malicious webpages to hijack the software and run spyware, ransomware, and other nefarious code.

This type of vulnerability is particularly sneaky because the user doesn’t even need to click on anything. Simply visiting a webpage where a malicious advertisement is running is enough to become a victim.

Justin Schuh, Google Chrome lead, tweeted “Seriously, update your Chrome installs…like right this minute.”

The vulnerability affects Windows, Linux, Android, ChromeOS, and macOS builds of Chrome: if you’re running version 72.0.3626.121 or higher (or 72.0.3626.122 or higher on ChromeOS) then you’re all set. Open the Chrome menu, click on ‘Help’, then ‘About Google Chrome’ to check the version. From there you can update as necessary.

Normally, Chrome gets it updates automatically but we’ve seen quite a few instances – particularly on Android smartphones and tablets – where an update needs to be manually kicked off.

Everyone stay safe out there!

Snowpocalypse? It’s Just One More Disaster to Prepare For

This last Monday we received a foot of wet, heavy snow. We New Englander’s took it in stride – this winter hasn’t been that bad, but I do remember thinking about the power possibly going out from falling trees and limbs. Being without power at home in the winter isn’t much fun. And as a business owner or manager, what would your business do without power? This is another type of disaster you need to be ready for. And we have the solution.

MicroData SafeGuard is a complete backup and disaster recovery solution for businesses of all sizes. When you lose a server (or servers) or critical workstations, SafeGuard quickly brings up virtual on-premises replacements. And if your offices are without power, heat, water – or worse – SafeGuard will bring up replacement virtual servers and workstations in the Cloud within minutes so your employees can work from anywhere.

And for about the same cost as simple Cloud backup solutions, SafeGuard can do much more. And installation and setup is 50% off for new customers in March.

Learn more at

Everyone stay safe out there!

Phishing Campaign abuses Google Translate

A circulating email phishing campaign uses the online translation tool Google Translate to obscure a link included in phishing emails. When victims access the link, they are led to a fake domain: a spoofed login page for Google or Facebook whose URL is obscured in their browser’s address bar. Enter your credentials and BOOM – the bad guys own you. This technique appears to bypass in-browser security notifications.

Using Google Translate as means to hide malicious action is a unique tactic, but this campaign doesn’t appear to be a ‘professional’ attack. Rather it appears to be a widespread and untargeted campaign. But still, because it’s new make sure you alert your users to be on the lookout.

And if you’re not sure that your users are prepared to recognize these types of attacks, contact us to learn more about end-user security awareness training. For a very small investment, you can train everyone in your organization to spot these types of threats.

Everyone stay safe out there!

GPS to Croak on April 6?

There’s a real possibility that if you have a GPS device – particularly an older device – it may have some trouble on April 6, 2019.

GPS uses a timestamp as part of calculating a position. As part of the timestamp the system stores the week number using 10 binary bits. That means that you have 2-to-the-10th values, or 1,024. So that means that every 1,024 weeks – every 20 years – the counter rolls over.

And if you remember the Y2K mess, you can probably guess the problem. According to US Homeland Security (PDF), if you have a device that hasn’t been specifically updated or patched to deal with the rollover, you have the real possibility that device will have a problem. And to make it worse, if you have a device that talks to a GPS system that’s affected, your device may receive bogus data – again causing a problem.

What to do? Talk to the manufacturer(s) of your GPS device and ask them if your device is affected and if so, ask if you can download or get an update.

Everyone stay safe out there!

The Polar Vortex and a Big Misunderstanding about Data Backups

Chicago -23F, Cotton, Minnesota -56F, Minneapolis -28F, Cedar Rapids, Iowa -30F . What do all these bitter cold temperatures have to do with data backups at your business? Two words: Disaster Recovery

Pretty much anyone knows that they should be backing up servers and critical business systems. But here’s something many business owners & managers don’t know: simply having a backup of your data is NOT ENOUGH to guarantee you could be back up and running quickly in the event of a disaster. Let’s look at an example.

Let’s say your employees can’t get to work because of the extreme cold. Or perhaps more likely, because of the extreme cold several fire sprinkler or water pipes in your office freeze and burst ruining your office and everything in it – including servers, routers, switches, and PCs. What do you do?

You were smart and have been backing up your servers to the Cloud. Great! But now you realize you have two big problems; it will take days to download the backed up data or have the vendor copy it all to a portable hard drive and mail it to you. And then once you get it, you’ll need to purchase/rent new servers and networking equipment, find a temporary location to run your business from, and then successfully build and restore the data. Best case scenario? Maybe 3-4 days if nothing goes wrong.

This is why a Disaster Recovery solution is much more than just a backup (although it can also replace your current backup solution). With a true DR solution like MicroData’s SafeGuard, complete virtual server(s) of failed systems can be brought online in the Cloud in minutes and your employees can go back to work from anywhere.

MicroData SafeGuard often costs little more than a simple Cloud backup product, so implementing a true DR solution – and getting the piece of mind that comes with being prepared – doesn’t have to be expensive.

And through February we’re offering 50% off the regular setup charge for MicroData SafeGuard. Learn more or contact us and we’ll be glad to answer your questions or evaluate your current backup/disaster recovery setup.

Everyone stay safe (and warm) out there!

770 Million Email Addresses & Passwords up for Sale

On his Have I Been Pawned website, Infosec researcher Troy Hunt has revealed that more than 700 million email address are available in some popular hacker forums and many of these contain plain text passwords. Once again I point out that no elaborate hacking skills are required if the bad guys can just purchase your email address and password.

In reviewing the data it appears that many of the email addresses and passwords are from 2008-2015. Hunt can’t speak to the validity of all the data but he did say, “my own personal data is in there and it’s accurate; right email address and a password I used many years ago.”

So what should you and your company employees do? The New Year is a great time to change your password and to make use of a password safe app such as the excellent and free KeePass application – available for download here.

Everyone stay safe out there!

Tech Support Scams: What They Are and How to Stay Safe

The Bad Guys are Looking for You!

Cybercriminals are very determined and with a wide range of tools at their disposal, they are always coming up with new ways to try and rob you and your company’s identities and hard-earned cash. And tech support scams are an increasingly popular way for them to do this. In 2017, Microsoft Customer Support received over 150,000 reports from customers around the world who encountered this type of scam. So if you’re unsure of what these scams are or how they work, this blog entry will give you all the info you need to stay safe.

There are a couple of different types of tech support scams but two common elements. Typically there is an online and/or phone call scam. With either the scammers pretend to be technical support for a major reputable corporation like Microsoft or an ISP. They try to trick you into believing there is something wrong with your computer so that you agree to either give them a credit card to pay and ‘fix it’, or you give them remove access to your computer where they then install malware to steal your data or turn your computer into a zombie.

Here are the two main ways these scams can begin:


An online scam generally starts when you visit a malicious website. Sometimes this happens by mistake or sometimes by clicking a link in a bogus email message.

After reaching the site you might suddenly be confronted with pop-ups saying your computer is infected with malware or malfunctioning. Often your screen will be blocked with warning messages you can’t move and these message will have a ‘tech support’ phone number you are asked to call to take care of the problem. Calling this number puts you in touch with the scammers in scenario #2.


You can get a telephone call at any time from a fake ‘tech support’ worker. They typically try and confuse you with tech jargon and create a sense of urgency that your data is in jepordy unless you ‘act immediately’. Typically you are asked to download a special ‘tool’ to permit them remote access to your machine after which they’ll report your computer is infected with malware and that there will be a fee to remove it. In some variations you’ll be told you need to purchase a security tool to remove the problem and then ‘keep your computer safe.’

If you fall for either one of these tactics you’ll not only lose some initial amount of money, but you’ll be exposed to further fraud with the credit card you used. And if the bad guys steal enough data from your computer, they may get your social security number or bank account numbers and then you’ll likely be dealing with identity fraud.

Staying Safe

So how do you stay safe? Follow these rules:

  • If you receive an unsolicited call from someone claiming to be Microsoft, Apple, Verizon, or someone similar, just hang up. Microsoft makes clear that that they will never call you in an unsolicited manner and most other vendors are the same. If you’re concerned that there might be a legitimate issue, go to the company’s website, locate a general contact phone number and give them a call. Once you’re talking to a human they will be able to quickly tell you if there is an issue they need to talk with you about.
  • Keep your computer, network devices, servers, and software up to date. The majority or attacks exploit known vulnerabilities that the manufacturers have likely taken care of via updates and patches.
  • Be extra cautious in clicking on links in email messages.
  • Only download software from legitimate vendor websites/app stores
  • Make sure you have quality antivirus/antimalware software installed on your computer. We like both WebRoot and Trend.

And if you’ve been scammed…

  • immediately delete any software you might have downloaded
  • if you can, restore to a previous Restore Point
  • Once you’ve removed and software that was installed, change all your passwords – both on the computer and online
  • Call your bank/credit card company and cancel the card involved. Put in a claim for any money already lost. The credit card company can probably freeze the charge and deny the scammers their ill-gotten gains.
  • Monitor your bank and online accounts for unusual activity
  • Report the scam to Microsoft, Apple, or other providers.

If you’re hit by one of these scams as an individual it’s embarrassing and frustrating but not fatal if you act quickly. But if you are a company and having these types or problems, give us a call for assistance. There are tools and training available that greatly minimize the chances of success with these sorts of scams.

Everyone stay safe out there!

‘Bomb Threat’ Scam Update

If you were the recipient of last Thursday/Friday’s ‘bomb scare’ spam campaign, here’s some more info and an update on who was responsible.

This scam blasted out thousands of email messages claiming the recipient’s building would blow up unless they sent $20,000 in Bitcoin.

Work by researchers at Cisco’s Talos report that this latest batch of email messages is very similar in composition, a demand for Bitcoin payoff, and the IP addresses used with a previous scam – the so-called ‘sextortion’ scam. If you don’t recall, that was the one where the bad guys claimed to have installed malware on the victim’s computer  and unless money was sent, compromising videos would be leaked. Of course, those videos didn’t exist and there was no malware.

The good news – it doesn’t appear that the cybercriminals are being very successful with this latest scam. Only two small transactions have been made to the Bitcoin payoff address with both of those on the day the email went out.

The attackers response to their failure? Yet another try, this time with a threat to scare people into paying them money by threatening an acid attack.

What should you do when you get one of these types of threats? Don’t pay any ransom demanded by unsolicited email but promptly report all threats to your IT and business administrators and/or contact your local police department. 

Everyone stay safe out there!

WiFi Calling Services are Insecure

Researchers at Michigan State University and National Chiao Tung University in Taiwan have published a paper documenting that WiFi calling services from T-Mobile, AT&T, and Verizon suffer from 4 security flaws that can be exploited to attack mobile phone users, leaking private information, harassing them, or interfering with service.

The 8 computer scientists who contributed to the paper basically claim that existing security measures fall short because of “design defects of Wi-Fi calling standards, implementation issues of Wi-Fi calling devices, and operational slips of cellular networks.” 

The significance of this problem is underscored by the researchers claiming that WiFi calling volume is expected to surpass Voice over LTE and Skype calling next year.

What should you do if your users make WiFi calls? We suggest either using a VPN service on the mobile device or switching to regular cellular service.

Everyone stay safe out there!

Half of Small Businesses Were Cyber-Attacked in the Last Year

Recent news has been full of high-profile IT security breaches such as the theft of customer data from British Airways, but I have to remind smaller businesses that they are not ‘flying under the radar’ of attackers when it comes to being vulnerable.

According to a recent study from the insurance firm Hiscox, 47% of small businesses surveyed in the US, UK, and Europe, had suffered at least one cyber attack during the past 12 months. Contrast this with the fact that 51% of SMBs don’t see themselves as a target (Switchfast survey). Does anyone else see the problem?

Switchfast’s conclusion is “the actions of small business employees and leaders reveal little is actually being done to address the lax attitude toward security. Negligent employees are the number one cause of data breaches at small businesses.”

What sort of negligence is Switchfast referring to? Firewall vendor Fortinet put their finger on it when they reported their monitoring shows that cybercriminals are only exploiting 5.7% of known vulnerabilities. So the conclusion is that SMBs simply aren’t applying published fixes and updates in a timely fashion. By taking this fundamental step, SMBs could go a long way toward protecting themselves from a cyber attack.

So why don’t SMBs do a better job with updates and patches? Those that manage this themselves tend to forget about it or perhaps only try to ‘do something’ on a 6-month or yearly basis. Or they miss less obvious updates such as those needed for firewalls, routers, switches, and wireless access points.

What’s a good strategy? Find an IT partner with the automation tools to handle this for you. Regardless of whether you have in internal IT resource or you do-it-yourself, modern automation tools such as those provided by MicroData’s Managed Services can eliminate concerns about patching, monitoring, and many cyber security threats – and for pennies a day.


And the Most Disliked Companies in America are…

…Internet Service Providers (ISPs). According to a recently released study by the American Customer Satisfaction Index, ISPs are even more disliked than airlines. ISPs get a score of 62 with airlines coming in at 73. And in case you’re wondering, Breweries top the list with a score of 85.

So why are ISPs so disliked? Everyone knows they are pseudo-monopolies and horrendous ISP service is legendary, but why has service gone so far down hill? I think the real problem is that most ISPs have morphed from delivering a single-product (Internet bandwidth) into providers of phones, television broadcasting, security services, email, and a host of other services. And now with the Internet-of-Things becoming a reality, we’re not far from a typical home having literally hundreds of devices becoming inoperable if the ISP isn’t doing their job.

Quite frankly, many ISPs aren’t even close in keeping up with the substantial support needs that accompany all these applications.

And some ISPs argue that it isn’t their responsibility anyway. For example, some ISPs believe that just because you purchased phone service from them doesn’t mean they are responsible for phone hardware or software. This hair-splitting philosophy may technically make some sense but it drives end-users crazy.

But there’s relief coming and it’s called 5G. This new wireless technology is currently being built-out by wireless network providers like AT&T, Verizon, and the soon-to-be-merged T-Mobile and Sprint. It’s about 100 times faster than 4G wireless networks so will be able about five times faster than the average ISP speed of 60 Mbps. This means real competition for traditional ISPs and they will need to step up their service and adjust their pricing.


British Airways Breach: Over 500,000 Customer Accounts Compromised

The details are continuing to emerge – and get worse – about the hack of British Airways. In September it was revealed that for over two weeks, hackers stole over 385,000 customer data records which included full name and address info and complete credit card data including CCV numbers (for 77,000 of the users) from the BA website and Mobile app.

A follow up notice published by BA’s parent International Airlines Group, on Thursday last week admitted that passengers who made bookings between April and July using rewards points were also snooped on by the cybercriminals.

What’s the takeaway? As usual, we recommend that it’s important to have  Dark Web monitoring in place for your entire organization so that you can watch for these stolen credentials to appear for sale. Personal monitoring is also important so make sure you’re using a reputable product like our Spotlight ID.

And if you’ve flown British Airways recently make sure you change those account credentials, get a replacement for whatever card you used for reservations, and if you used the same credentials at any other site, make sure you change all those passwords, too.

Everyone stay safe out there!






California’s New IoT Password Law. A Nice Try but…

California governor Jerry Brown recently signed a bill into law called the ‘Security of Connected Devices,’ or SB-327. Starting in 2020, the new law requires any California manufacturer of Internet-connected devices to equip every new device with a unique password or have a setup procedure that requires users to change the default password as part of the setup procedure.

The law is an effort to address a geometrically growing problem – customers that simply take their latest Internet-of-Things device, plug it in or connect it to their wifi, and then forget about it leaving default and hard-coded service passwords in place. This is how automated malware like NotPetya and WannaCrypt recently wreaked havoc around the world.

Like many government initiatives, there are good intentions but while the new law may provide some help it unfortunately misses the much larger problem; failure to update software. There are many ways to access an IoT device and a username/password is just one of them.

New security holes are discovered all the time and they usually take advantage of elements of the device whose operation is invisible to users.

It’s hard enough for Apple and Microsoft to get users to update their main computer systems, so imagine the difficulty in getting users to update a smart light bulb socket, a security camera, or a smart refrigerator? Or how about hundreds or thousands of devices in a home or business?

So what’s the takeaway? First, don’t rely on manufacturers to supply perfect products or products that update themselves. In fact, many self-updates create more problems than they fix (hey – some of this stuff is complicated!). And don’t look for a government magic wand to solve the problem. The new California law makes nice press and allows legislators to claim that they ‘did something about the problem,’ but understand that you have to take responsibility for what you connect to your network.

Especially at work, be extra careful. In addition to thinking twice about whether you really need that IoT device, we recommend deploying a system like our Ransomware Guardian that can restrict unknown and rogue IoT devices from functioning on your network.

Everyone stay safe out there!


Have a Netgear Router? Heads up on a Massive IOT Attack

Over the weekend a massive IOT attack on unpatched Netgear DGN series routers was observed so if you have one or more of these devices and you haven’t updated it recently, you need to act ASAP.

The attacks have been primarily observed in the United States and India but has been reported in 75 other countries, too.

The attacks are completely automated and scan the Internet for the devices and if found, exploit a vulnerability to take over control of the routers and use them as Bots or as Crypto Coin Mining Zombies.

Netgear has released firmware updates that fix the vulnerability for all affected products but user action is required to apply the fixes. Specifically, you need to upgrade the Netgear software to DGN1000 / DGN2200 v3 or higher. Updates are available at the Netgear download center.

Need a hand with network security? Give us a call at 978.921.0990 or visit us on the web.

Everyone stay safe out there!



Facebook Accounts Compromised – Again

Stop me if you’ve heard this one before. Facebook today announced that 50 million user accounts were ‘impacted’ by a security breach that potentially allows an attacker to take over an account.

Apparently the issue was caused by a flaw in Facebook’s ‘View As’ feature that lets you see what your profile looks like from the perspective of other users in the system.

Facebook has reported that they have fixed the flaw and deleted access tokens that allow users to access Facebook without logging in each time from the same machine. This means about 90 million users will be prompted to log in from any device they use at their next access.

And while you don’t have to change your password as it wasn’t directly exposed, it might not be a bad idea – especially if you haven’t changed it lately.

Everyone stay safe out there!



Running Adware Doctor on Your Mac? Remove it Now

Malwarebytes on Friday noted that this app and several others on the macOS App Store have been spotted siphoning off user data including browsing history (Chrome, Safari, and Firefox), a list of running processes, and a list of all software you’ve downloaded and from where, and sending it to a remote server in China.

What’s extra disturbing is that this app is reported as the 4th highest grossing app in the ‘Paid Utilities’ category in the App Store. And it’s been there for a while. This clearly flies in the face of Apple’s own App Store rules and any reasonable user’s privacy expectations. Apple has removed the app. If it’s on your Mac I’d suggest you do the same.

Thomas Reed, the director of Mac and mobile security at Malwarebytes, also mentions similar behavior at other apps doing similar data harvesting including Open Any Files, Dr. Antivirus, and Dr. Cleaner.

I’d agree with Reed that you should treat the Mac App Store with caution. Just because an app is there doesn’t mean it’s safe.

Everyone stay safe out there!




Which Countries are the Top 5 Hackers? You May be Surprised

As I’ve mentioned before, hacking is big business. Whether to steal intellectual property, extort companies for a ransom, infecting systems to be used for spam or covert mining, or just outright stealing of cash, cybercriminals want what you’ve got.

Here at MicroData we manage many systems and I wanted to share some specs on a server we manage that readers may find interesting. The server in question hosts websites and in addition to the usual security measures we put into place on any Internet-facing server, we also install software that monitors login attempts and if too many failed attempts are made within a given time period, the IP address trying to login gets blocked. The address – and its general  geographic location – also gets logged.

So over the past 30 days, here’s the Top-5 list of countries where those hack attempts originated:

  • China (792)
  • USA (766)
  • Brazil (480)
  • India (355)
  • Russian Federation (205)

Seeing China and Russia on the list probably doesn’t surprise anyone, but having almost as many hack attempts from within the U.S. as from China usually does cause an eyebrow to rise. And most people are surprised that Brazil and India are so active in trying to access systems. They are almost never mentioned in popular press.

There are a couple of takeaways.

First, understand that these are automated attempts. It’s not personal so don’t think about it in that way. There is no human sitting at a keyboard trying different password combinations. The defenses your organization needs to have in place must protect against continuous, 24×7 attempts to get at your systems, data, and users.

Second, you need to be extra concerned if any of your user’s  credentials are on the Dark Web where they can be simply purchased. Hackers and their automated systems will endlessly try those credentials and thousands of variations. So a password change from ‘lollipop1’ to ‘lollipop2’ is almost useless – but it’s still what most users do. This is why even if hackers get an old password, they will be often successful in gaining access to a network or system.

Make sure you have a Dark Web monitoring solution in place like MicroData’s Dark Web Guardian. We now offer a small business package for organizations with up to 15 users for just $49.

Everyone stay safe out there!



Galaxy Phone Meltdown

If you’ve been following the saga this year of vulnerabilities discovered in CPUs used in most computers and smart devices, then you recognize the term ‘Meltdown’. It was coined to identify one of the vulnerabilities attributed to design flaws internal to many popular microprocessors. Now we can add a wildly popular smartphone to the list of affected devices – the Samsung Galaxy S7.

In a story from Reuters, it’s now been determined that the microprocessor used in the tens of millions of S7s sold worldwide also contains the Meltdown vulnerability and therefore can expose user data or trick applications into revealing confidential information.

Samsung said it introduced patches in January and July to protect S7 phones against Meltdown.

Is it a safe guess that other smartphones may also have the same problem? It’s not yet known but in the meantime make sure you keep your phone up to date – just in case.

Everyone stay safe out there!


Your Website Still Accessed via HTTP? Trouble in 24hrs

If your website’s default access is still HTTP instead of being secured with an SSL certificate, starting tomorrow Google Chrome browsers – which represent about 60% of the browsers used out there – will start reporting your site as ‘Not Secure’ in the Chrome address bar.

Obviously this will cause many users to not trust your site – even if you don’t conduct financial transactions or store data. Not good.

Google’s motivation for this move was explained in an online memo they released in February. Basically, when accessing sites secured by HTTPS encryption, interactions between the site and the end-user’s browser are fully encrypted. And as a positive benefit, most bots and browsers favor HTTPS sites. This means more traffic and better placing in search results.

If you’re website isn’t fully encrypted, it’s scramble time. In addition to purchasing, configuring, and installing a SSL certificate, you’ll also need to make sure that any plug-ins used on your site are configured to access content securely.

Note that 90-day SSL certificates are available for free but then you’ll need to renew the certificate every 3 months. Certificates are available to purchase for 1 and 2-year terms from most of the Domain Registrars including GoDaddy,, and Network Solutions. If you have a hosted site, get in touch with your hosting provider – but expect them to be busy.


Scam Alert: Hackers Don’t Actually Have Video of You Watching P0rn

A new scam making the rounds has cybercriminals trying to extort money from netizens by threatening to leak a video to friends and family of their marks watching X-rated videos. Here’s how it works.

A user gets an email from a crook who claims to have obtained, through hacking their computer, compromising webcam footage of them watching an adult website.  In reality, the user’s computer wasn’t hacked but rather the cybercriminal has simply purchased some passwords and email addresses on the Dark Web that likely originated on a hacked forum or site that the individual may frequent. Think a hobby or club-type forum.

The attacker’s message includes a reference that they have obtained all the user’s contacts including co-workers, friends, and family. And the clincher is that the extortion message shows the user’s actual password in an attempt to convince the reader that they need to pay up – or else.

The cybercriminal is banking on the target reusing their leaked password for other more important websites and being convinced that those accounts have been compromised as well. In reality, the attacker probably only has the one compromised password and is hoping for a quick payout.

If you receive this email, don’t panic and don’t send them any Bitcoin. There most likely isn’t any video. Change your password, don’t reuse any passwords that you use for important sites, and consider using two-factor authentication and a password manager to keep your accounts secure going forward.

And if you’re a company exec or IT pro, make sure your organization is monitoring the Dark Web for ID account compromises. That’s where cybercriminals are purchasing credentials for scams like this. Check out our Dark Web Guardian service that provides 24×7 monitoring for these types of compromises – 50% off a new 1-year subscription when purchased by August 31.

Everyone stay safe out there!


MicroData is Hiring!

MicroData has an immediate opening for a part-time Bookkeeper and Administrative Assistant. Flexible schedule and a great, stress free work environment in our Beverly Office.

See all the details and apply on our website.


What Are 51% Attacks and How to Stop Them

I was pleased to contribute to a story by bonpay’s Jegor Nagel on cryptocurrency 51% attacks and the risks they present. If you hold any crypto it’s worth understanding what a 51% attack is and why the blockchain is so inherently secure.

Read the entire story at


Worried About a 51% Attack on Bitcoin?

I’ve had several people as me what I think about the possibility of a 51% attack on popular cryptocurrencies like Bitcoin, Ethereum and Litecoin? Since there’s a lot of interest in this topic right now, I thought I’d put the answer out for everyone to see.

A 51% attack is when malicious actors take over more than 50% of the mining network to make fraudulent transactions. To do this they need to hack or take over more than 50% of all systems mining the cryptocurrency in question and do it within the time period in which a block is mined.

So using Bitcoin as an example, to successfully hack the blockchain you’d need to hack the majority of computers mining the network simultaneously. This would be a massive undertaking for Bitcoin. Gobitcoin estimates that hardware costs alone for hacking the Bitcoin blockchain would be almost $7 billion dollars and the electricity needed for all that hardware would be the equivalent of 10 days’ worth of New York City’s energy consumption – about $10 million.

But even if you got past the above, the hack would have to happen within a 10-minute time interval as that’s how often a new block is mined.

So the point is that to be successful, a hacker would have to compromise more than half the computers in the network at the same time…and do it all in under 10 minutes. So you can see that while technically possible, it’s impractical to hack a large blockchain like Bitcoin.

The 51% attacks that have been successful have targeted small networks for altcoins where the practicality of amassing the computing horsepower necessary is possible – assuming that success offers enough of a reward to make it worthwhile. In recent weeks Zencash, Verge, Bitcoin Gold, and Electronium have seen 51% attacks.

So while there are many things to worry about with crypto investing, hacking the blockchain of a major player like Bitcoin or Ethereum isn’t something you have to lose sleep over. Instead, spend a lot more energy making sure your wallets and exchange login credentials are secure.


Don’t Let This Happen to Your Company

Employees come and go – but in this case a departing employee took thousands of confidential supplier and customer records from the sports-apparel firm Fanatics when he left to join a rival company.

How did he do it? It wasn’t an elaborate hack. He simply grabbed one of Fanatics’ own flash drives and copied the data from his password protected company laptop. He planned to share the data with his new employer. And because Fanatics is a $3 billion company, the stolen data was worth a lot.

This type of employee behavior is difficult to monitor and control – unless you have a MicroData Managed Service Plan. Every MicroData MSP includes our exclusive Ransomware Guardian toolset that lets you implement a variety of user controls including the ability restrict the use of Flash drives on a company, group, or individual basis. And yes, it also includes the ability to restrict the use of web-based file sharing services like DropBox™ and OneDrive™.

If your current provider or IT system doesn’t have these types of security tools, give us a call and enjoy the peace of mind that comes with the latest in IT protection .



“My Login Info/PII Isn’t on the Dark Web.” Let’s Find Out…

Unfortunately, most people that say this have little basis for the belief. The reality is that without monitoring it’s almost certain that some of your employees credentials are available for sale – or for free – out on the Dark Web and you’ll not know it. In 2017 we found 92% of organizations tested had compromises.

Here’s an example. I recently ran a quick scan on our local school system. I stopped the report after the first 190 compromises were found. And the report showed concerning details like failure to have implemented a complex password policy, setting a reasonable password depth, exposed Personally Identifiable Information (PII), etc.

Having the best firewalls and monitoring solutions in the world are useless if a cybercriminal has someone’s account info and password and just logs in.

I’m offering to help you find out at no cost or obligation. Visit this link and fill in your information and we’ll run a Dark Web scan for your domain at no cost and with no obligation. We’ll even give you a copy of our MicroData Dark Web Scan Action Guide that provides detailed recommendations on what to do if compromises are found.


82% of User Have Never Changed Router’s Default Administrator Password

A recent poll by Broadband Genie, a UK Internet Service provider (ISP), found that the vast majority of users – including some small businesses – have never changed the default administrator password on their router, thereby leaving themselves wide open for all sorts of cybercrime mayhem.

The survey also found that 52% had never changed the network name, updated the firmware, or checked to see what devices are on their network.

And 48% said they didn’t understand why they would need to make these changes.

If your small business is simply using the router/modem supplied by your ISP (not a good idea), make sure you get these items taken care of ASAP. And regularly review your router’s logs for suspicious activity. And if you don’t know how or why, contact us for some help.

Everyone stay safe out there!


IBM Bans all Removable Storage

If you’re looking for good examples of safe cyber security policy, take note of IBM’s recent actions.

In an advisory to employees, IBM Global Chief Information Security Office Shamla Naidoo said that the company is “expanding the practice of prohibiting data transfer to all removable portable storage devices.” This will include USB, SD cards, flash drives, etc.

Why are they taking this step? According to Naidoo, “the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimised.” Or in other words, it’s just not worth the risk.

IBM will have employees use it’s own synchronization application service for moving data around.

The takeaway for your business? Only let your employees use approved removable storage devices that are trackable and managed, and don’t permit use of non-secure and unmanageable Cloud storage services.

Every MicroData Managed Service Plan includes our exclusive Ransomware Guardian – a suite of cybersecurity tools with functionality that includes limiting and managing removable storage and restricting the use of Cloud-based file sharing services. And our SecureCloud Sync service provides Cloud-based file sharing but without the risks inherent in consumer-grade solutions like DropBox™ or OneDrive™.


Equifax Breach: It’s Worse than You Thought

Equifax has released more info about the data stolen by the hacks in 2017 and it’s pretty grim. According to a letter Equifax submitted to the SEC on Monday, here are the numbers of actual compromises:

  • 146.6  million names
  • 146.6 million D.O.B.
  • 145.5 million Social Security Numbers
  • 99 million addresses
  • 27.3 million gender
  • 20.3 million phone numbers
  • 17.6 million driver’s license numbers
  • 1.8 million email addresses (without credentials)
  • 209,000 credit card numbers and expiration dates
  • 97,500 tax ID numbers

And the following government issued IDs:

  • 38,000 Driver’s license numbers
  • 12,000 Social Security or Taxpayer ID Card
  • 3,200 passport or passport card

What’s the takeaway? You really need to be monitoring your personal credit info. And we don’t recommend LifeLock™ as ironically they use Equifax for monitoring. Take a look at SpotLight ID which I personally use and we recommend to our customers. SpotLight ID provides more comprehensive protection plus it’s about 1/3 less expensive than LifeLock.

Everyone stay safe out there!


Windows Defender Anti-Phishing Plug-in Now Available for Chrome

Google’s Chrome does have some built-in security protection, but you can now add the well regarded (and well behaved) Microsoft Windows Defender anti-phishing product to the browser on your PC.

The Windows Defender plug-in doesn’t disable any of the Chrome security components but adds an additional layer of defense.

If you’re not familiar with how the plug-in works, it alerts you about known malicious links and sites before you actually visit the site.

And remember, while plug-in tools like these are helpful in protecting your network and users from malware and ransomware, they are only a part of a Unified Threat Management System you should have in place at your company.

You can find the plug-in at the Chrome Web Store or directly at Microsoft.


Thinking about LifeLock? There’s a Better Solution

We already assist our clients with monitoring for cyber breaches and mis-use of corporate data. But we’re also frequently asked about ID Monitoring for individuals.

While LifeLock™ has been around for a long time, we really lost interest in the service after the Equifax data breach. LifeLock™ offers to protect you from the Equifax data breach – by selling you credit monitoring and reporting services provided by Equifax. Yeah, maybe not…

We’re pleased to now offer a much better solution, SpotLightID from our partner ID Agent. ID Agent  has been around for quite a while providing threat intelligence and identity monitoring solutions to the public-sector. We’re delighted that they are now doing the same for private business and individuals.

SpotLightID is much more comprehensive than LifeLock™ and costs about 1/3 less. In particular I like that SpotLightID offers a single plan that covers 2 adults and up to 10 children – all for the same cost as the individual LifeLock™ Ultimate Plus plan.

You can learn more and sign up here.


“Your computer has a virus’ cold call scams on the rise

Microsoft has recently reported that complaints are up 24% for tech support scams. And freshly released stats show 15% of complainants losing cash to the scam.

If you’re not familiar with how it works, a user will get a call from someone usually claiming to be from Microsoft who will talk the victim through a number of steps on their computer that will cause something technical or scary to appear on the user’s screen. At that point the scammer will declare the information showing is ‘evidence of a serious problem’. An offer to fix the problem for somewhere between $200 and $400 is then presented.

This scam is indiscriminate, targeting both businesses and individuals. It’s  particularly frustrating in that individuals over the age of 55 seem to be particularly targeted.

This is one of those IT areas where no software or network gizmo will protect the user. Only training can help and is one of the reasons why MicroData always includes End User Security Awareness Training as part of any IT system design. Contact us if you’d like some help with locating these sorts of resources.

And remind your users and friends that if they get a unsolicited call from anyone about a ‘problem’ with your computer and the individual claims to be with Microsoft (or anyone else), just put the phone down. Microsoft and other reputable vendors never make unsolicited calls to users.



Panera Bread *finally* acknowledges data compromise

A vulnerability was discovered at Panera Bread in August of 2017 and was finally acknowledged by the company on April 3 of this year. Compromised data includes names, emails, physical addresses, birthdays and the last four digits of the customer’s credit card number. “There is no evidence of payment card information nor a large number of records being accessed or retrieved,” Panera Chief Information Officer John Meister wrote in an emailed statement.

The data was obtained through a website vulnerability that has now been reported as corrected.

The bad news here is that data was leaked for 8 months after a security researcher contacted Panera in August 2017 with details of the exploit.

The actual fix was a patch to the website that took 1 hour to deploy.

While Panera has talked about “[not] a large number of records” being affected, they have apparently identified 10,000 customers who likely did have their information exposed. Other reports suggest as many as 37 million accounts may have been exposed.

This is another good reason why your company should have a Dark Web monitoring solution like MicroData’s Dark Web Guardian in place. You may never know exactly what credentials and PII have been compromised in any given breach. And some compromises may never be reported, so your business needs to aggressively be checking for compromises.

And tell your users that if they previously set up and used an online Panera Bread account, to be safe they should change their password at the site and any other place where they may have used the same email/password credentials.

And of course, remind your employees to never use their corporate email address and password for account registration with other businesses/social media sites/entities.


Orbitz Data Breach: What You Need to Know.

If you’ve ever used Orbitz you’ll want to pay attention.

As reported by The Hacker News, it took Orbitz almost 3 months to discover that attackers exploited a legacy version of their travel booking platform

between October 1, 2017 and December 22, 2017. Users of may also be affected.

Compromised data includes full names of customers, credit card numbers, birth dates, phone numbers, mailing addresses, billing addresses and email addresses. More than 880,000 individuals are affected.

Orbitz is currently working to notify the thousands of affected customers and plans to offer one year of free credit monitoring and identity protection service. Affected individuals should proactively monitor their personal data for misuse.


Windows 7 and Server 2008 R2 Critical Patches

If you have any computers running Windows 7 or Server 2008 R2, heads up! The previously released patches for Meltdown actually opened up another vulnerability – much worse than what was exposed by Meltdown.

According to researcher Ulf Frisk who previously found glaring shortcomings in Apple’s FileVault disk encryption system, the early Microsoft patches left a crucial kernel memory table readable and writable for normal user processes. Or in non-technical speak, the vulnerability allows any program or application of any logged in user to manipulate the operating system and extract and modify any information in memory.


The regular batch of March patches from Microsoft contained a fix but Microsoft has released a subsequent special emergency fix for this issue. So if your Windows 7 and 2008 R2 machines aren’t set for performing regular updates for critical patches, you should apply that special emergency fix as soon as practical. You can download that patch here. Other versions of Windows aren’t affected.

If you’re a MicroData customer with any of our Managed Service or Security service plans, this issue has already been automatically taken care of for you.

Everyone stay safe out there!


Your Private Info Harvested from Facebook – Here’s how to Stop it

If you’ve been following the news stories about Cambridge Analytica obtaining private user data from Facebook, you might be wondering how that happened and assuming it’s a breach of trust by Facebook – or someone.

The reality is that you’ve done it to yourself. Remember being in a rush that time and allowing some wacky application to access to your Facebook profile? Well, that’s how the application creators harvested accounts’ private info. They access the info and then typically sell it to anyone that wants to buy it. Which is exactly how  Cambridge Analytica and hundreds of other companies legitimately purchase the data.

In the ‘old days’ this was how you got paper junk mail. Each magazine or record club you subscribed to readily sold their subscriber list on the market. So the next thing you know you’re getting 8 flower and seed catalogs every spring. It’s just much worse with computer data as there is so much more of it.

OK, so how do you turn off access in Facebook? Fortunately it’s easy.

To stop applications and websites accessing your profile, consider turning off Facebook Platform, which connects accounts to services. Click the down arrow in the top-right of FB and select Settings. Click Apps in the left side menu. Go to Apps, Website and Plugins, click Edit and then Disable Platform.

Bear in mind you may then be unable to log into sites that you use FB for access and some linked apps won’t work.

And the bigger takeaway is that you should be honest with yourself and acknowledge that you won’t read all the fine-print legalese that’s available from every app and site. Deep in those documents you’ll find that by installing the application you are granting access to all your data on that site – in this case Facebook. So maybe it’s a good idea not to put any personal info there.

Everyone be careful out there!


Less Than Half Paying Ransomware Actually Get Their Data Back

As it turns out, paying the ransom on a ransomware attack is a great way to end up losing both your data and your money.

According to a study by Cyberedge, less than 50% of people hit by a ransomware attack who pay the ransom actually are able to recover their files. Of those who caved to the demand and paid the ransom, 49.4 per cent said they could recover their data, while 50.6 ended up losing it anyway. The not-so-shocking conclusion is that criminals don’t always stay true to their word.

So what’s the takeaway? Further reading of the study confirms what we’ve advised our clients for years; make sure you have good backups regardless of whether you use the Cloud or store data locally. And in the event of a ransomware infection, restore to the last backup.

If you’re not 100% sure of your data backups – whether you have Cloud data, premises data, or a combination – contact us and we’ll be glad to assist you. MicroData offers a full Managed Backup service as well as 1-click rollback restore solutions. You can also learn more on our website.

Everyone stay safe out there!


CIA: These Phones Will Steal Your Info

There are many factors to consider when buying a cell phone and now we can add espionage to the lists of risks to consider before making a purchase.

Chinese-based Huawei has been trying to make inroads to the U.S. market for a while now and has been selling unlocked phones online and through some retail outlets such as Walmart, Amazon, and Best Buy. They were also recently about close to an agreement with AT&T stores for selling their phones, but the deal fell apart at the 11th hour.

Now the heads of six U.S. intelligence agencies have warned consumers to avoid the brand due to what are considered security threats. Heads of the FBI, CIA, and NSA are telling Americans that the phones can “maliciously modify or steal information” and also “conduct undetected espionage”.

But with the Huawei flagship Mate 10 selling around $600, there are plenty of other choices out there without the risk. A favorite of mine which is still available is the Samsung S7.

Does your company need help with Mobile technology and security? Contact us for immediate assistance.

Everyone stay safe out there!



5 of the Best Business Travel Tech Accessories

Many of our clients travel for business – some travel a lot. If you have to be on the road for business, having the right pieces of tech can really help make the trip more productive and less stressful. Here are 5 great business travel accessories.

Bluesmart Cabin 22 Carry On. For the business traveler, a good carry-on is a must, but the latest version from Bluesmart gives more than a tough case that you can throw into an overhead bin.

The polycarbonate Cabin 22 includes a worldwide GPS tracker if your case ever disappears, a built-in charger energized by a 10K mAh built-in battery, and Bluetooth connectivity (weight, locking, etc). 9lbs, $599

Don’t want to spring for a new carry-on? Or maybe you’ve got a classic Zero case and don’t want to part with it. Then check out the Trakdot Luggage Tracker. Throw it in your bag and find it anywhere with your smartphone. $39.99

If you have to do some serious computing work while traveling you know that a real mouse is very helpful. Pick up a Microsoft Bluetooth Mobile Mouse 3600. Small but fully functional – works with PCs or Macs. Black, Blue, & Red. $29.95,


How often have we been stuck in an airport and needed to charge portable equipment? Make sure you have a USB Wall Charger like this one from Power-7. No cords to deal with and you can easily charge two USB devices simultaneously from any outlet. $9.99/2 from Amazon.


And our 5th favorite is actually an application. Download the free AwardWallet app. It lets you track all frequent flyer miles, hotels, and credit card points in one location. You can even check your balances if you’re not online. Free, Android and iOS.


Are You Being Stalked via Your Fitness Monitor?

In our October 2017 MicroOutlook, I wrote about the risks of the Internet of Things (IoT) and the accompanying management challenges to keep your organization safe. Here’s a fresh example.

This week news came out about an unexpected side effect of many popular Strava-enabled fitness trackers. These devices interface to your smartphone and compile activity data and give you all sorts of reporting. Sounds good, right? Except the latest version includes a heat map which gets uploaded to the manufacturer who makes it available on the Internet. And it shows the aggregated routes of all its users. Social media users quickly realized that this info could be used to figure out where Western military camps in the Middle East are located. Fitness conscious soldiers jogging about the bases’ perimeters were building up nice neat traces on the heat maps over time.

Remember, IoT presents many security challenges. You can’t simply say ‘It’s just a temperature sensor’ or ‘it’s just a fitness tracker’. Any device that gathers data and connects to either the Internet or a network has to be scrutinized before it’s deployed. And you have to monitor your network to make sure employees aren’t bringing in their own devices and attaching them to computers or data jacks.

If your organization needs help with managing IoT or security, contact us for assistance.

Everyone stay safe out there!


Free MicroData Newsletter

Did you know that MicroData publishes a print newsletter every month? Called MicroOutlook, the MicroData newsletter is written for business leaders and owners and is filled with stories about the latest IT technology and opportunities, business management information, and tech tips.

You can subscribe for FREE by contacting us. And to get you started, you can download the January issue in PDF format here. The main story, Cyber Security Guide for Small Business has some great tips for keeping your company safe from cyber crime.

W2 Phishing Season is Here. Alert your Accounting Department

For the past several tax seasons, cyber criminals have used sophisticated social engineering tactics to dupe hundreds of payroll and HR departments into providing W-2 data on their employees, which results in the filing of fraudulent tax returns, other identity theft cases, and even class-action lawsuits against the company.

The typical W-2 phishing email is spoofed to look like it is from a  high-level executive and asks the employee to provide W-2 or other tax-related information either by replying to the phishing email, by sending the information to another email address, or to upload it to a server owned by the bad guys.

In many instances, the request for the information appears to be urgent, which forces the employee to act quickly. These spoofed messages can be very convincing. The emails have the email address and often contain the actual signature block of the executive that makes the employee believe that the email is authentic.

So remind your employees to think before they click. And consider some Security Awareness Training for your business. It’s the proven, effective way to significantly reduce employee susceptibility to phishing attacks. Contact us if you’re looking for help in improving IT Security at your business.

Everyone stay safe out there!


Meltdown & Spectre Vulnerabilities: Important Update

A few days ago I wrote about the Spectre and Meltdown CPU vulnerabilities and immediate recommended steps to take to mitigate the security problems created by these hardware bugs. Microsoft has already released some updates for the vulnerabilities along with their regular group of monthly patches, but some actions on your part may be required in order to successfully deploy these fixes.

Specifically, Microsoft is changing how they release updates. They will now check for a setting on each computer that will verify compatibility of the installed antivirus software with the operating system and to-be-installed patch. This is necessary because without this setting the antivirus software will block needed updates causing them to fail. Because the update is being blocked by the antivirus software, it’s up to the AV manufacturer to make sure this setting is present and correct.

Actions to Take: Expect antivirus manufacturers to start releasing updates to their products to take care of this issue. Trend Micro has just released a critical update to address this issue and more information is available on the Trend website.

For users running the current version of Webroot (9.0.19.x), no updates are required.

If your organization runs any other antivirus software applications, please check with the manufacturer or contact us for assistance.

And remember, these fixes I’m talking about today are only associated with Microsoft’s operating systems. For Apple, Linux, and other operating systems, contact your respective manufacturer for assistance. And also be sure to check with your hardware manufacturer for almost certain-to-be-released firmware updates and other important related news.

Note: For MicroData clients with Complete, Select, and Business Care service agreements, no action is required on your part. MicroData has already taken all necessary steps for you.

Everyone stay safe out there!


Meltdown & Spectre Vulnerabilities. What You Need to Know

Meltdown and Spectre are recently discovered hardware design flaws in the main processing chip – the CPU – in most modern computers. It turns out this design flaw has actually been present for years but has only recently been identified. These vulnerabilities affect PCs, Macs, desktops, notebooks, tablets, and even smartphones. And if you’re running applications in the Cloud, Cloud Providers that use Intel CPUs are also affected.

This is a big deal because it affects almost every computer and server on your network – Mac or PC. The design flaw, if exploited by specially crafted software, allows stealing of data that is being processed in your computer’s memory. Normally this couldn’t happen as applications and their data are kept isolated from each other, but this hardware bug breaks that isolation.

So if cyber criminals are able to get malicious software running on your computer either via malware or an infected website, they can gain access to your passwords stored in a password manager or browser, your emails, instant messages, and even business-critical documents.

So what to do?

First, if you are a MicroData Complete CareSelect Care, or Private Cloud  customer, we’ve already implemented a remediation plan and there’s nothing you will need to do. Taking care of Meltdown and Spectre involves  patching and updating all machines on your network and in many cases making modifications to the underlying operating system. These fixes will take some time as some patches won’t be released for several days.

If you’re managing your own security you’ll need to obtain the relevant patches for your operating systems, examine your antivirus software to make sure it will work properly with the patches and modify/update if not, and then apply the updates to all systems.

MicroData has tools that permit company-wide implementation of these patches and required changes, so if you need assistance contact us at 800.924.8167 or at

As always, but particularly until you get these updates applied, be extra vigilant of email links you click on and websites you visit.

Everyone stay safe out there!

Your 1st IT Security Resolution for 2018

Happy New Year! As your Resolution #1, make this the year that you increase the security of Information Technology both at work and at home. And start with your own PC. If you haven’t updated your version of Windows 10 in a while, make sure you do soon. Microsoft recently ended support for early versions of Windows 10 which means you won’t get important security updates and fixes.

To find out which version of Windows 10 you have, enter Settings into the search bar and hit Enter.  Select System > About. The version will be listed under Windows Specifications. If you don’t see Version 1709, you need to update your version of Windows.

Microsoft provides a free tool called the Windows 10 Update Assistant that will double check your installed version and take care of any needed upgrades.

If you have any questions or need a hand, contact us and we’ll be glad to assist you.


End of Year Patching Deserves Your Attention

2017 is finishing with large groups of patches from almost all manufacturers. These bug fixes, if not applied, leaves systems vulnerable for exploitation. Unpatched system is how Wannacry ransomware spread this summer, so take some time to be sure that all your computers, networking peripherals, and Internet-connected devices are patched and updated.

Here’s a few highlights:

  • Linux ‘systemd’ flaw
  • MacOS High Sierra (quite a few vulnerabilities that Apple has been rushing to fix including an emergency patch for the vulnerability that allowed the bad guys to log in to Macs as administrators without passwords and let any app gain root privileges). If you’re running High Sierra, don’t wait for an automatic update – initiate a check now.
  • Intel Management Engine (used in many servers and desktops)
  • A mass of updates from Adobe including Flash and Acrobat and Reader
  • A large grouping (50+) of updates from Microsoft for its various products

If you’re not already using some sort of automated patch management solution from an IT partner with the security expertise to make it work, it’s time to take a look. Manually trying to keep up with all the vendors and issues is pretty much impossible. And if you’re just not sure what to do, contact us and we’ll be glad to give you a hand.

Everyone stay safe out there!


MicroData Offices Closed for Thanksgiving Holiday

From all of us at MicroData, we want to extend our warmest wishes to you and your family for a Happy Thanksgiving.

The MicroData offices will be closed Thursday, November 23rd and Friday the 24th in observance of the holiday.

Normal office operations will resume on Monday the 27th. Emergency services and the MicroData support portal will continue to operate 24×7 as usual.

Glenn Mores & the MicroData Team


Meet MicroData, Explore the Dark Web, and Pickup $10,000 (maybe?)

If you’re in the Eastern Massachusetts area, you’re invited to stop by the main lobby of 100 Cummings Center in Beverly Wednesday, December 6th  from 11:30 – 1:30 and meet some of the MicroData team including MicroData’s President, Glenn Mores.

You can get a free, on-the-spot Dark Web scan to see if your company’s sensitive data is for sale, learn how to get a Hewlett Packard Enterprise Server with Microsoft Server 2016 for $249, and pick up a little Christmas gift for yourself: a Massachusetts Lottery Holiday Bonus scratch ticket for the first 100 people to sign up for the MicroData Blog at the event!

See you there!


Netflix Phishing Scam – Pass the Word!

Heads-up! Bad guys are emailing you that your Netflix account has been suspended, and it looks just like the real thing. They are trying to get your login information and your credit card data.

Don’t fall for this type of scam. If you want to change the settings of subscription services like this, never click on links in any email and just type the name of the site in your browser or use a bookmark that you set.

Everyone stay safe out there!



Bad Rabbit Ransomware Outbreak. Here’s What You Need to Know

A new strain of Ransomware called Bad Rabbit is spreading around the world. Bad Rabbit spreads via Social Engineering so here’s what to warn your users to look for.

Users receive a pop up in their browsers telling them that an update to Adobe’s Flash Player is available. There are two buttons to click; Install and Remind Later. Both do the same thing – install the malware payload on the system. Bad Rabbit then uses a list of known weak passwords and tries to access all found servers and workstations using common accounts such as Administrator, Guest, root, etc. If it gets a match, the ransomware proceeds to encrypt the files on the computer and then replaces the Master Boot Record – effectively bricking the computer. So recovery forces you to purchase two decryption keys. Price is .05 Bitcoin or about $275.

There are two takeaways. First, train and remind your users to use complex passwords and change them often. Second, have your users undergo Social Engineering security training.

Contact us if you’d like more information or assistance in keeping your network and data secure.

Everyone stay safe out there!



Mac Users, Heads up! Elmedia Player & Folx Infection

Late last week Eltima admitted that their servers had been hacked and their Folx and Elmedia Player DMG applications had been distributed with  the nasty OSX.Proton Malware.

Their advice? If you only performed an update you’re likely OK but if you downloaded the entire application Thursday the 19th, you may have a problem. We recommend anyone with these apps do a scan for the following files/directories:


If any of those exist, your system is likely infected.

Unfortunately, since this malware affects the administrator account, a total system OS reinstall is the only guaranteed way to get rid of the malware.

Proton is a remote-control trojan designed specifically for Mac systems. It opens a backdoor granting root-level command line access to commandeer the computer. It can steal passwords, encryption and VPN keys, and crypto-currencies from infected systems. It can gain access to a victim’s iCloud account, even if two-factor authentication is used. Bad stuff.

If you’re concerned about cybersecurity at your business give us a call today at 800-924-8167


Las Vegas Shooting Scams


Heads-up! It’s sickening, but cyber criminals are already exploiting the Las Vegas shooting. There are fake Facebook pages, tweets are going out with fake charity websites, and phishing emails being sent out asking for donations to bogus Vegas Charities.

Don’t fall for any scams. If you want to make a donation, you can go to before you consider giving to any charity. This free website will let you know if the charity is legitimate or a scam. It will also tell you how much of what it collects actually goes toward its charitable work and how much it spends on salaries and administration expenses.

Do not click on any links in emails or text you might get. Whatever you see in the coming weeks about Las Vegas disaster relief… THINK BEFORE YOU CLICK.

Everyone stay safe out there!


Equifax Data Breach Affects Half of U.S. Population. Here’s What to Do.

Equifax, one of the nations largest credit reporting companies, recently admitted that it had suffered a massive data breach and the personal information of 143 million U.S. residents was stolen.

The breach was detected on July 29 and data was compromised from mid-May through July. Compromised data includes:

  • Names
  • Social Security numbers
  • Birth dates
  • Addresses
  • Driver’s license numbers (in some cases)

As you can imagine this is major bad news as in many cases the above is all that’s required to open credit card accounts, take out loans, etc. And it’s even worse for small business owners because personal credit information is typically the base for business creditworthiness.

So what do you do? As an individual, we suggest the following:

  1.  Consider putting a Credit Freeze on your credit report. This will prevent potential creditors from accessing your credit report therefore making it much harder for someone to open a new credit-based account. You will need to contact Experian, Equifax, and TransUnion directly to request this action and note that there may be a modest charge to apply or lift the freeze.
  2. Contact any one of the above credit agenecies and request a Fraud Alert. When anyone applies for credit in your name a fraud alert requires the creditor to take additional steps to verify that the individual seeking the new credit card or loan is actually you. There’s typically no cost for a Fraud Alert.
  3. Set up Credit Monitoring. Credit Monitoring tracks changes to your credit report and can alert you immediately to any activity. With most requests for new credit, there is a 24-48 hour period in which you can revoke the credit request so getting a quick alert is helpful.
  4. Get Identity Theft Protection. ITP is more comprehensive than just monitoring and often includes monitoring of bank and credit card accounts for suspicious activity.

If you’re a business, you need to take additional steps to protect your network, data, and bank accounts. You can learn more by attending our next free Executive Cyber Security webinar. Register here.


Beware of Bogus ‘Voicemail’ Email Messages

This is an old scam but has been updated to be more dangerous so remind your users to be on the lookout. The old version ‘just’ installed a keylogger but this new version installs ransomware on your system.

You receive an email message from ‘Voicemail Service’ with subject like ‘New voice message from <some number>. There’s a bit of standardized-looking text in the body of the message which tells you that ‘you might want to check it when you get a chance.’

There’s a compressed attachment which if you click on it will play an audio file with embedded code that will encrypt files to [original file name].crypted.

Send a reminder to all your users: Do not click on links in “voice mail” emails from someone you do not know, and certainly do not open any attachments!

And if you have an IT department, in addition to good firewall and endpoint security management, make sure they are stripping compressed attachments from all incoming email messages from whatever email vendor you use.

Everyone stay safe out there!



Hurricane Harvey Charity Scams

Hurricane Harvey was (and still is) a bad one and people in Southern Texas and Southwest Louisiana are experiencing some severe flooding.  Unfortunately, low-life cyber-criminals are already exploiting this disaster. Here’s what to tell your users to watch for.

Links are already appearing on Facebook and Twitter and phishing email messages are hitting mailboxes trying to solicit donations for the flood victims. Most often these links take you to bogus websites that infect your computer with malware or try and get credit card info.

Be very very cautious of anything online looking for your ‘help’ in the coming weeks. If you’d like to assist, go yourself to a relief agency’s website. A couple of suggestions are or

Everyone stay safe out there!


Social Media Gotcha

You need to exercise a new degree of care with social media posts – both personal and corporate. Specifically, you have to watch that you and your users don’t make posts that can enable criminal activity. Let me explain.

You have probably already heard the good advice about not letting newspapers pile up on your front steps when you’re away, but in this era of instant electronic communications, criminals aren’t interested in driving around neighborhoods any longer. They now routinely cruise social media looking for opportunities. Today, an estimated 75% of burglars use social media to find potential targets. So posting those pictures while you’re on vacation or out for the evening isn’t a good idea. Either is providing details online about that expensive new piece of equipment the company just purchased. Aside from potentially having property stolen, there’s now a new gotcha; insurance companies are now actively using online activity to decide coverage and claims. What’s the basis for doing this? It’s a clause in the insurance contracts known as ‘reasonable care.’ Reasonable care means not doing anything reckless that would make you or your company a target.

So here are some simple guidelines for both personal and corporate social media usage:

  • Turn off your location. Disable electronic’s GPS unless you’re actively using it and also turn off location tagging.
  • Don’t post real-time. Put up pictures after a vacation or the details of the CEO’s Asian trip after they get back.
  • Don’t display high value items. Why make it easier for the bad guys?
  • Never post identifiable info online. This includes addresses, your auto’s license plate, etc.
  • Check privacy settings. Take some time to investigate what the settings are on your social media accounts. Facebook in particular updates its privacy settings on occasion and many of the defaults are quite open.

Everyone stay safe out there!


Chester Bennington & O.J. Email Scams – Heads Up!

Cyber criminals are already exploiting some recent celebrity news. Warn your users to be on the lookout for a couple of ransomware-loaded email messages that are spreading through the Internet.

The first has a subject line claiming Chester Bennington’s Suicide Note Released (or similar). And the other is O.J. Admits Guilt in Murder of Ron and Nicole. Both messages contain a link which if clicked, activates the payload.

Remind your users to stop and think before they act. And if you don’t already have a security training program in place for your users, why not? The investment is trivial compared to what a ransomware attack can cost your organization. Contact us for more information.

Everyone stay safe out there!


Business Process Compromise

All businesses have unique operational processes they rely upon to handle distinct needs. Even common tasks like shipping are handled differently from company to company. But in general, the larger a business is, the more complex its processes.

Business Process Compromise is a new type of cyber attack that recently has come into focus. It specifically targets unique systems and processes and manipulates them for the attacker’s benefit. And rather than a brash warning such as is received with ransomware, BPC attacks are typically silent and have a goal of stealthily appropriating goods and/or funds over extended periods of time.

Many BPC attacks go unnoticed because employees largely ignore the workings of these processes treating them as almost automatic.

Defending against BPC requires a multi-pronged approach.

  • File Integrity Monitoring should be considered for critical systems
  • Regularly check system operations and compare normal activity from abnormal and possibly malicious actions.
  • Regularly audit long-established processes looking for vulnerabilities as well as proper results from test data
  • Ensure that your organization has implemented cybersecurity measures to protect against identified malware exploits

Everyone stay safe out there!


MicroData’s Hiring!

MicroData has an opening for a full-time Operations Manager at our Beverly location! If you or someone you know might be interested, you can get more information and apply online on our website.


“Revoke your license” Email Scam

A new scam has appeared where users receive an email claiming they have unpaid traffic tickets which, if not paid or disputed by clicking a link within 48 hours, will cause the individual’s drivers license to be revoked.

Clicking the links provided does one of two things. Either malware gets installed onto the user’s comptuter to track web pages visited, or more serious, the user is taken to a fake RMV website where they are prompted to reveal personal information including names, Social Security numbers, date of birth, and credit card info.

Remind your users to stop and think before responding to unusual email messages. Or even better, consider training your users to recognize and avoid phishing attacks like this. Our partner, KnowBe4, offers a free phishing test you can safely send to your users to learn how prepared they are for these sorts of attacks. Contact us to learn more.


WanaCry Ransomware: Did You Listen When We Told You?

If you’ve been following the news from last Friday and over the weekend, you’ve head about the latest Ransomware that’s spreading like wildfire around the world. The ransomware’s name is WCry, but is also referenced online under various names, such as WannaCry, WannaCrypt0r, WannaCrypt, or Wana Decrypt0r. Whatever you call it, according to Avast security researcher Jakub Kroustek, it racked up over 57,000 victims in just a few hours last Friday.

Targets have included 40 hospital organizations across the UK and Spanish telecommunications firm Telefonica.

The ransomware targets unpatched computers and once inside an organization, it quickly spreads to other systems.

But getting infected by this ransomware was 100% avoidable if organizations did the right things – the things we keep pounding the table about in our blog and newsletters.

Back on January 3rd we blogged the following advice:

  • Make sure you have a good and up-to-date antivirus/anti-malware product installed
  • Be sure your Windows firewall is working and up to date
  • Don’t run old, out-of-date software. It often contains known vulnerabilities that cyber-criminals exploit

WanaCry specifically takes advantage of organizations that aren’t doing these things. But for MicroData customers with a Managed Service Plan like Business Care, Select Care, or even our value-priced Essential Care, this ransomware is a non-event. All our service plans include our ARIES Expert System that automatically applies critical patches and updates to all systems. A fix for this issue was released in March 2017.

And we always remind our customers not to continue using old, out-dated software like Windows XP which is no longer supported or updated by Microsoft.

If you’re affected by WanaCry or just aren’t sure your organization is protected, give us a call today and we’ll schedule a no-obligation assessment of your organization’s IT security profile.

Everyone stay safe out there!


1971 Disruptive Technology Event That Changed History

In October 1971, a programmer working on a secret government project called ARPANET did something new. He sent the first-ever email message.

The programmer was Ray Tomlinson and according to later interviews, nobody asked him to do it and he didn’t think much of it at the time. He just thought it was neat.

It took over 2 years for people to grasp the fundamental paradigm change represented by Tomlinson’s vision. By that time, more than 70% of all ARPANET traffic was email.

Today, 2.5 million email messages per second are sent on ARPANET’s successor – the Internet.

What’s so powerful about email is that it offers a highly efficient and effectively zero cost means of communication to anywhere in the world that has an Internet connection. Today, any business or organization needs email to work effectively so it’s important that you have a robust and highly reliable email system that is secure, capable of being backed up, manageable, and able to handle a variety of message and attachment types. This would rule out free email services – although those are fine for personal use. But organizations need a professional, commercial solution. At MicroData we recommend Microsoft’s Exchange – either in it’s Cloud form, Office 365, or as a local server solution.

Through the end of April, we’ve got a special offer for Office 365 email. Activate a new O365 email subscription with us and your first month of service is free. With prices as low as $4 per user/month, there’s no reason for any organization not to have a secure, flexible, and full-featured email solution.

Contact us at for more information or to get started with your own Office 365 solution.


60% of SMBs Go Out of Business After This Happens

A survey just published by The Business Journals has some sobering statistics. Only 28 percent of owners of small and mid sized businesses responded that they are very concerned about ‘the safety and security of their firm’s technology, email and documents.’

What makes that particularly concerning is that it runs directly counter to the potential impact for small companies should they suffer a data breach. The Insights report said 60 percent of U.S. businesses with between 1 and 499 employees that suffer a data breach shut down within six months.

As a business owner or manager, if IT security isn’t one of your highest priorities, change your thinking and get some help. Proper IT security usually isn’t hugely expensive but it does require an understanding of the issues, threats and environment, and then implementing a comprehensive plan.

If you’re not sure where to start MicroData is offering a free, no-obligation IT assessment of your business. You’ll get detailed, specific information about the security of your IT environment along with recommendations for corrective actions. And of course we can handle all aspect of implementing and managing IT security for your business. Click here to learn more.


CEO W2 Request Scam

Cyber criminals want access to sensitive data. But rather than a brute-force attack to get it, they’ve figured out its much easier to simply go after users that already have access to the data. One scheme that’s popping up everywhere in the last few weeks is the CEO W2 Request Scam.

This appears as a phishing attack directed at someone in HR or Finance that has already access to this information. The individual receives an email with a spoofed sender address of the CEO (faked address) asking if they would ‘kindly forward PDF copies of all W2s’. It might even be followed up with a text message or another email and sometimes an additional request to have money wired somewhere.

W2s are selling for between $4 and $20 out on the Dark Web. The information on the W2s is used to file bogus tax returns, open financial accounts, apply for loans and credit cards, etc. And once this information is out, there’s no getting it back. It’s a major, long-term headache for anyone affected. And small and large companies are being hit, so no one is immune.

So tell your users to be careful and remember to not send personal or financial information via email and if they are ever unsure, stop and pick up the phone and verify any requests for information that are unusual or uncharacteristic.



5% of Amazon Purchases to Charity!

Today only, Amazon is celebrating its #1 ranking in the American Customer Satisfaction Index. And as a ‘thank you’, they are donating 5% of your purchase price of eligible products when you buy through the Amazon Smile link.

If you’re not familiar with Smile, it’s a special portal URL for accessing Amazon that let’s you designate a charity of your choice to receive 1% of your purchase price. But today only it’s 5%.

So if you had something you were going to purchase soon from Amazon anyway, why not do it today and send 5% to your favorite charity? Shop at


The Cloud Domino Effect

Yesterday around lunchtime, Amazon’s eastern web services went down and stayed down until about 4:15 in the afternoon.

Many users learned that their Cloud services utilized Amazon’s web services. Netflix, Reddit, Slack, Pinterest, and many other major companies were affected by this outage. This is what I call the domino effect of the Cloud – most Cloud services utilize other Cloud services as part of their solution.

From a user perspective, if you make use of a Cloud-based service and it goes down, you can break out a deck of cards. There are no workarounds and nothing that you can do to fix it.

Are there options that can keep you working? The answer is ‘Yes’. And you might be surprised to learn that these options can often cost quite a bit less and offer greater flexibility than the Cloud in some circumstances. Learn more about Hybrid-Cloud or other premises services at


Windows 10 PC in Your Pocket

Sirius B Windows 10 PC

Everyone likes portable electronics and computers which is why cell phones are so popular. But so are tablets and notebooks which can give you full processing power but without the cord.

Manufacturers keep pushing miniaturization and the latest is the Sirius B from Ockel. Smaller than many cell phones, the Sirius B is a full-fledged Windows 10 computer complete with HDMI video output, USB, wireless, Bluetooth, 2GB of RAM, 32GB of flash storage, an SD card slot, and a quad-core Intel CPU.

And at $189, it might just replace your desktop PC.


Verizon Wireless Offering Unlimited Data Again

Five years ago Verizon ended its unlimited wireless data plan and as recently as last month, company officials said they had no plans for re-introducing it. But thanks to Sprint who just recently announced an unlimited data plan, Verizon has done a 180 and is now offering unlimited data for smartphones and tablets on its 4G LTE network.

Verizon’s new unlimited plan is $80 per month for unlimited data, talk and text for the first line and an additional $45 per line up to four lines. We found that by hunting around on the Verizon website other combinations are available, too.

More info is available at


400,000 Cyber Attacks a Day?

Sun Tzu, the famous 5th century BC Chinese general and philosopher has been credited with the statement ‘know yourself, know your enemy and you shall win a hundred battles without loss.’ This applies to cyber-criminals, too. A critical part of your organization’s defense is understanding the extent and nature of the threat. Here’s an example of what I mean.

We recently installed a server for a client which communicates directly to and from the Internet. While it’s a given that adequate security needs to be in place, many business people don’t realize the extent to which the bad guys will go to gain access to a system like this. Cybercriminals deploy automated systems to silently scan for computers, routers, and other IT-related devices which are connected to the Internet and once found, automatically and continuously attempt to exploit configuration mistakes, default or ‘easy’ passwords, and unpatched vulnerabilities.

After only 1 day, here’s a summary of the individual attempts to hack this single system:

USA (106)
Russian Federation (18)
India (17)
China (14)
France (13)

Note that because of the software we installed, after an attack was attempted 3 times that address was blocked from further access. So the above total of 168 individual attempts in 24 hours – if not stopped by the software we had installed – would have likely been continuous attempts every few seconds by each attacker. This would likely have put the daily total at close to 300,000 – 400,000 attempts.

The takeaway? Don’t underestimate the enemy. They have resources to find your systems, exploit vulnerabilities, and make your life miserable.

Invest in good quality security, keep systems and hardware up to date, and monitor everything.

Everyone stay safe out there!


‘Can you hear me?’ Phone Scam – Heads Up!

Another nasty scam making the rounds is the so called ‘can you hear me?’ phone scam. This one is low-tech – no computer required – and has already targeted residents in Virginia, Florida, and Pennsylvania this year according to WNEP. Here’s what you need to know.

You receive a call from a number you don’t recognize although it’s usually a local area code. When you answer the phone you hear a simple question – ‘Can you hear me?’ If you answer ‘yes,’ it gets recorded. From that point there are a couple of ways the scam can go.

In one variant you are later charged for a variety of services or products and if you contest the charges, the scammers will play back your verbal confirmation ‘yes’ and threaten you with legal action if you don’t pay.

Another option is for the cybercriminals to try and use the recording to trick an automated system into authorizing charges on a stolen credit card or to give additional personal information.

So what should you do? While it seems impolite, if you get this call just hang up the phone. And for phone calls in general, follow this advice:

  1. Don’t answer the phone from numbers you don’t recognize
  2. Never give out personal information over the phone unless you initiated the call
  3. Don’t confirm your phone number over the phone unless you initiated the call
  4. Don’t answer questions over the phone unless you initiated the call

Spread the word especially to seniors you know. Everyone stay safe out there!