NotPetya/Goldeneye Ransomware Virus Notice

Yet another massive ransomware attack called NotPetya (or Goldeneye) was launched this week using some of the same techniques to spread as the WannaCry ransomware. We anticipate that this will become an increasing trend in 2017. Last month, we sent a similar notice to call attention to the urgency of the issue, provide Windows Update instructions, and additional helpful information for ongoing protection. As a courtesy, we have included the same information again below.

Like the WannaCry ransomware attack, this attack is unique in the way it spreads. Initially, the virus infects a system typically through an email attachment or website link. Once a single user is infected, the ransomware virus attempts to spread throughout the local network like a worm by scanning and exploiting unpatched security holes in the Windows operating system on other systems. The specific security holes exploited are among those that came to light after the recent high-profile NSA hack. Unlike before, the virus may also attempt to spread throughout the network by harvesting administrative credentials from processes running in memory on the same system and use them to issue network management commands via WMI or PSExec to other systems.

A patch was released by Microsoft in March for supported operating systems which resolves some of the security holes used to push the infection over the network. Operating systems that are fully patched with the latest Microsoft updates are not vulnerable including Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016. In breaking with tradition, Microsoft has released patches for long unsupported operating systems to help protect users including Windows XP, Windows 8 (not upgraded to 8.1), and Windows Server 2003.

For anyone whose workstations are not covered under a monthly IT management agreement with us, action is required on your part to ensure that your systems are fully patched. In the Control Panel under Windows Updates (Windows XP through 8.1) or Start Menu Settings under Update & Security (Windows 10), download and install all available updates as soon as possible for all Windows-based systems. As a reminder, a reboot is usually required to complete the update process which will be indicated by a prompt. You may need to repeat this process more than once until there are no more updates listed. Once all updates have been installed, your system will be fully patched. Additionally, you should make sure that all systems are protected with a paid security software as most free products lack critical protections necessary to detect ransomware.

Keep in mind that an unpatched security hole is only one of the ways this particular virus spreads. With any malware it is still possible to contract an infection by opening virus attachments in an email or visiting an infected website. We would like to take this opportunity to remind you to exercise caution when opening any emails with attachments or website links – especially if the email was unexpected. It is a best practice to be skeptical of any email containing attachments or website links regardless of sender. Always take care to vet the authenticity of the email before opening the attachment or clicking on any links. It is easy for an attacker to spoof (or “fake”) the sender address of an email in an effort to have you open it. Other times attackers use generic wording to accomplish the same task referencing a voicemail, package delivery, fax, IRS correspondence, or wire transfer. When in doubt, contact the sender by phone or by sending a new separate email (do not use the reply option) to confirm the original message is legitimate.

Ongoing protection against this type of attack or mitigating the impact of such an infection successfully requires the following key IT systems in place:

  • Security patch management for Windows and third party programs like Adobe, Java, Flash, Chrome, Firefox, etc
  • Enterprise-grade endpoint security software (ie: anti-virus, anti-malware, anti-ransomware, etc)
  • Email security and spam filtering
  • Air-gapped backups that support multiple restore points or file versioning
  • We offer a variety of monthly services to proactively address all of these components which will take the guess work out of protecting your systems. Please contact us for more information or with any questions.

    Goodbye Windows XP…

    As you may have heard recently, Microsoft is ending support for Windows XP on April 8, 2014. You may be asking, what does this mean for me? Generally speaking, it means that nothing will change on your computer immediately. Your Windows XP-based computer and software will continue to run normally for the immediate future. Long term, however, your computer will become more susceptible to virus and malware infection due to unpatched security holes that may be discovered in the future. It also means that as time goes on your computer will be less compatible with new hardware, software, and websites. If you are a business and must meet certain compliances (ie: PCI, HIPPA, SOX, etc), you may no longer be in compliance if you continue to operate on Windows XP.

    We recommend that you replace your Windows XP-based computers sooner than later to avoid these issues. In addition to our own brand of computers, we have access to a wide variety of name-brand systems. Have questions? We love questions!

    Contact us today to see how this will impact you.

    Which Web Browser Should I Choose?

    In today’s web browser market, there are many choices and sometimes it is hard to who which one to choose. There is no right or wrong answer as it ultimately comes down to personal preference. There is certainly no harm in running more than one browser on your computer but not all websites display properly in all browsers. Further, websites that require ActiveX controls will only work in Internet Explorer.

    From our experience, we find that modern versions of Internet Explorer, Mozilla Firefox, and Google Chrome work well and display most sites correctly on modern operating systems. If you are running Windows XP, you are not able to install the latest version of Internet Explorer and should consider Google Chrome for the best performance.

    Still not sure which browser to choose? Call Aspire today!

    Moving to a New Office?

    Moving an office to a new location is a long and tedious process with many details. One of the more commonly overlooked details tends to be the IT infrastructure. Virtually all small business networks rely on Internet connections and phones provided by a local telecom provider and not all providers service all locations. Additionally, your new office may not be adequately cabled for your network needs and office layout. Before moving, make sure that your provider can service the new location and schedule it far in advance as it sometimes takes weeks to complete this process.

    The last thing you want to worry about during an office move is whether or not the network will be fully functional on the move date. At Aspire, we help companies of all sizes with entire process of moving locations as well as assess the adequacy of the cabling in the new office. Call Aspire today for assistance moving your office.

    Lightning Season

    Now that we are approaching the summer months, it is a good time to remember that lightning is not friendly to electronic devices. We typically see a large number of power supplies, DSL modems, and cable modems fail during these months due to lightning-related events. If you live in an area that is prone to frequent lightning strikes, you should consider making it convenient to unplug your devices from outlets, phone lines, or cable lines during strong storms. This will help protect these devices in the event of a nearby lightning strike. Regardless of where you live, all of your electronic devices should be plugged into a power strip that is rated for surge protection as your first line of defense. If you need assistance determining how to protect your devices, please call us for more information.

    Windows 8 on Your New PC

    Microsoft released the latest version of Windows, Windows 8, at the end of 2012. Now that it has been available for a few months, PC manufacturers are starting to bundle new systems with Windows 8 as their default operating system choice. As a rule, we do not recommend upgrading to the latest version of any software until a few months of widespread use have identified key issues or incompatibilities. Now that Windows 8 is past this stage, we have found that it will work as well as Windows 7 in many circumstances.

    Windows 8 is built on top of Windows 7 so they are very similar at their core. Once of the biggest differences, and immediately noticeable, is that Microsoft removed the traditional Start Menu that has been the cornerstone of Windows since 1995. This was done to create a touch-friendly user interface that is similar across Microsoft platforms much like Apple and the iPhone/iPad. After working with it for almost a year, we have found that it has it merits. If given the option, we would still choose Windows 7 over Windows 8 but it is really a matter of preference.

    If you have questions about whether or not Windows 8 is the right choice for you, please give us a call.

    Is your backup really a backup?

    We cannot stress enough how important it is to back up your data. If you do not have a copy of your data in more than one place at a given time, it should not be considered safe or backed-up. Many customers make the mistake of coping data to an external hard drive, deleting it off their main computer to free up space, and thinking it is backed up. Since the data now only resides on the external hard drive, it is at risk when the drive fails. Make no mistake: all hard drives will fail at some point – some sooner than others. Give us a call today to discuss the many options available for protecting your data.

    Regular Tune Ups

    Computers function much like cars. After actually having my personal car tuned-up today, this fact is clear and simple. If you perform regular tune-ups, you will have more consistent experience with performance and speed. Aspire recommends having your system evaluated and tuned-up annually regardless of whether you are using your computer is a business or residential setting. Regular maintenance often times reveals virus infections or imminent hardware failures before they become critical. Our tune-ups are comprehensive and will ensure your system is running at peak performance. Call Aspire today to schedule a tune-up for your computer.

    Java Malware on the Rise

    Java exploits that allow malware installation appears to be on the rise lately. While this has been an issue for many years, it has been gaining more media attention in recent weeks. Keeping Java up to date is key to limiting your exposure. If you have Java installed, it will check for update periodically and notify you in the bottom-right corner of the screen. When prompted, install the Java updates as soon as they appear. If you happen to become infected with malware, give Aspire a call – we are virus and malware removal experts!

    Our new website is finally here!

    Aspire Technology Solutions, Inc. is thrilled to announce the launch of our new website, designed with a new look and convenient, user-friendly navigation. Plus, we’ve made great efforts to update you with the latest information about our products and services.

    We hope that you will enjoy browsing our new site, finding more options and information each time, and that it will be yet another tool for strengthening our business relations.