Tips for IT Storm Preparedness
Before the storm
- Ensure all systems are fully backed up.
- Ensure that you have a copy of your data stored offsite
- Review your Disaster Recovery plan.
- Pick up equipment off of floors and place on shelves, tables or desks to prevent damage in the event of a flood or water leak.
- Ensure that you’ve met with your IT team to discuss how you prefer to handle IT during and after the storm. For example, you may declare a support blackout during the storm and for 24 hours after the storm so that the IT team can focus on addressing any damage.
- Ensure that you have a process for tracking the status of techs. Some may be without power and may need assistance themselves.
During the storm
- Human life is more important than IT. Ensure everyone stays safe. Do not take unnecessary risks.
- Stay away from low-hanging or fallen power lines and report them immediately to the utility company that services the area.
- If the water has risen above the electrical outlets, ensure the breakers are turned off. DO NOT ENTER THE WATER in areas that are flooded. Ensure a license electrician inspects the circuits before restoring power.
- If water enters your server room from above, shutdown the servers and turn off the breakers to the areas affected. Once power is off, cover the gear with tarps.
After the storm
- Open up any equipment that was exposed to water and look for damage.
- Make sure the equipment is dry before testing.
- Clean any contamination as quickly as possible.
- Utilize your spare inventory to replace production equipment damaged by the storm.
- Contact Nieto Support firstname.lastname@example.org or 713-893-5667 for assistance.
Hackers have recently exploited malicious software stolen from the National Security Agency (NSA) and are executing damaging cyberattacks that have affected companies and individuals in dozens of countries worldwide. Transmitted via email, the malicious software locks users out of their computer systems and demanded ransom before users could be let back in — with a threat that data would be destroyed if the demands were not met.
If you believe you are affected by Ransomware or want to know more, contact Nieto Support immediately at email@example.com or (713) 893-5667.
What is Ransomware and what does it do?
Ransomware stops you from using your PC by holding your PC or files for “ransom”. It does this by infecting your PC and locking your screen or encrypting your files.
Ransomware will demand that you pay money (a “ransom”) to get access to your PC or files. There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
The following are best practices for the prevention of ransomware:
- Install a Dell SonicWall firewall with Total Secure. Ensure that all communication ports are closed except those that are absolutely necessary to conduct business.
- Install and use Continuum on all servers and PCs, which will install Webroot and Malwarebytes.
- Make sure all software on your PC is up-to-date.
- Avoid clicking on links or opening attachments or emails from people you don’t know or companies you don’t do business with.
- If using Internet Explorer, ensure you have smart screen turned on.
- Ensure that Adobe Flash is turned off.
- Turn off Office macros, if they’re enabled. (In Office 2016, you can ensure they’re off from the Trust Center > Macro Settings, or just type “macros” in the search box at the top, then open the “Security” box.)
- Have a pop-up blocker running in your web browser.
- Regularly backup your important files.
- Turn on File History (in Windows 10 and Windows 8.1) or System Protection for previous versions (in Windows 7 and Windows Vista). In some cases, these might have been turned on already by your PC manufacturer or network administrator
- Use a backup system that stores files in a manner where they cannot be altered.
- Stay out of the bad corners of the Internet. A bad ad on a legitimate site can still inject malware if you’re not careful, but the risks increase if you’re surfing where you shouldn’t.
We don’t recommend you pay. There is no guarantee that handing over the ransom will give you access to your files again. Paying the ransom could also make you a target for more malware.
How do I get my files back?
How to recover your files depends on where your files are stored and what version of Windows you are using. If you suspect a PC is infected, remove it from your network to prevent it from damaging files on network shares.
Before you try to recover files, contact Nieto Support at (713) 893-5667 to assist you in cleaning your PC and recovering your files.
Attackers have been exploiting an unpatched vulnerability in Microsoft Word for the past few months to compromise computers and infect them with malware.
The first report about the attacks came Friday from antivirus vendor McAfee after the company’s researchers analyzed some suspicious Word files spotted a day earlier. It turned out that the files were exploiting a vulnerability that affects “all Microsoft Office versions, including the latest Office 2016 running on Windows 10.”
The flaw is related to the Windows Object Linking and Embedding (OLE) feature in Microsoft Office that allows documents to embed references and links to other documents or objects, the McAfee researchers said in a blog post.
When the rogue documents used in this attack are opened, they reach out to an external server and download an HTA (HTML Application) file that contains malicious VBScript code. The HTA file is disguised as an RTF (Rich Text Format) document and is automatically executed.
“The successful exploit closes the bait Word document, and pops up a fake one to show the victim,” the McAfee researchers said. “In the background, the malware has already been stealthily installed on the victim’s system.”
By searching back through its data, McAfee has tracked down attacks exploiting this vulnerability to late January.
Following McAfee’s report, security researchers from FireEye also confirmed that they’ve been aware of these attacks and exploit for several weeks and have coordinated disclosure with Microsoft.
According to FireEye, the malicious Word documents are sent as email attachments. The company hasn’t provided examples of the malicious emails, but because this is a previously undisclosed, zero-day vulnerability, the attacks are likely targeted toward a limited number of victims.
Both McAfee and FireEye noted that the exploit can bypass most memory-based mitigations included in Windows. That’s because the vulnerability is a logic bug rather than a programming error.
Microsoft is scheduled to release its monthly security updates on Tuesday, but it’s not clear if a patch for this vulnerability will be included. The company did not immediately respond to a request for comment.
In the meantime, users should be wary of documents received from untrusted sources and should enable the Office Protected View mode because it can block this attack.
See full Article…