Category Archives: Computer Protection

04.16.16
by

What exactly is “the cloud” and why should you care?

So many of our clients have heard of “the cloud” buy don’t know what it is, how it works, and why they should care about it.

Let’s take a look at the answers to these questions.  First, what is “the cloud”?  When a network diagram is drawn, one of the items on the diagram is the Internet.  The Internet is represented on the diagram by a basic drawing of a cloud.  So, anything that is not on the local network, inside the building(s) is considered to be on the internet, hence the term “the cloud”.  Anything not local (on the PC, or on a server located in the building) is on “the cloud”.  We can have software running on the cloud (Google Docs, Microsoft Office 365, Adobe applications, etc.).  We can also have storage on the cloud (Dropbox, OneDrive, Google Drive, iCloud).

How does it work?  Simple.  You install the client software from the cloud provider, enter a user name and password and you’re on the cloud.  Now, whatever you place into the folders on your cloud drive is on the cloud.  If your computer were to stop working, anything stored on the cloud would still be accessible from another computer.  If you have more than one device (a device is anything that can access the internet including a computer – PC or Mac, smartphone, tablet, game console, etc.) you can access your cloud data from any of these, provided you have the user name and password.

So is it safe to store things on the cloud?  It’s probably safer on the cloud than it is on your local device.  Malware Bytes just wrote an exceptional article outlining the safety of storing things on the cloud, which is well worth the read.

Here are some tips from the article:

If you’re ready to store data on the cloud, we suggest you use a cloud service with multi-factor authentication and encryption. In addition, follow these best practices to help keep your data on the cloud secure:

  • Use hardcore passwords: Long and randomized passwords should be used for data stored on the cloud. Don’t use the same password twice.
  • Back up files in different cloud accounts: Don’t put all your important data in one place.
  • Practice smart browsing: If you’re accessing the cloud on a public computer, remember to log out and never save password info.

What’s multi-factor authentication?  Probably one of the very best methods of protecting yourself.  If you own a smartphone, you give the cloud provider the number.  If someone logs into your account from an unknown device, and you have two-factor authentication enabled, before it allows them to log in, a code is sent to the smartphone via text.  Prior to gaining access, the code must be entered.  If the code is wrong or not entered, no access is granted.  It can be done via e-mail also.  Two-factor authentication should be used for any and all sensitive data and sites, including banks and credit card sites.

What’s encryption?  Encryption is where the data stored is encrypted, meaning that it’s useless unless the public and private keys are used to decrypt it.  Anytime you see the “https://” before a web site URL, the data is encrypted.  This prevents the bad guys from taking a hard drive containing data and simply hooking it up to a computer and reading it.

Hardcore Passwords:  In Alabama the most popular password is : rolltide.  Second most popular is: wareagle.  If you’re using either one of these, or variations of them, change them.  Now.  Don’t use your spouses name, your child’s name, your pet’s name, your birthday, or any word that can be found in the dictionary (combining words is OK).  Your password needs to be at least 8 characters long, contain both upper and lower-case letters, at least one number and one symbol.  The longer, the better.  We prefer passphrases instead of  passwords.  RedDog12! meets the minimum security, however it won’t take long to crack to an expert.  “The red Dog was running on the land with 12 friends!” won’t be cracked anytime soon and meets all of the requirements.  Yes, a space is considered a character.

Different Cloud Accounts:  We use all of the major cloud accounts.  We don’t store all of our data on each.  Some data on one, other data on others.

One neat thing that some cloud providers, like Dropbox, provide is sharing capabilities.  Person A can grant access to a folder in their cloud account to Person B.  Both A and B can look at the files in the folder, but only those files. Person B cannot see anything else on Person A’s account.  This is very useful for parents who have kids in college.  Instead of e-mailing something as an attachment, simply place it in the cloud folder and within microseconds the other person has the file.

This post only touches the very surface of the capabilities of the cloud.

Should you ever need help with your cloud account, or just need help setting one up, contact PCMDX today at pcmdxal@gmail.com or via phone at 205-201-0389.  We’ll service both business and residential accounts, and specialize in security.  And don’t forget to like us on Facebook so you can get updates on important computer and security information.

03.03.16
by

Wendy’s 4 for $4 may hit more than your waist line

wendys

In January 2016 Wendy’s restaurants reported that they had suffered a breach in their network that handles credit cards.  The report included the following: “As reported in the news media in late January, the Company has engaged cybersecurity experts to conduct a comprehensive investigation into unusual credit card activity related to certain Wendy’s restaurants. Out of the locations investigated to date, some have been found by the cybersecurity experts to have malware on their systems.”

What this basically means is that someone had installed software designed to harvest credit card data (“malware”) on Wendy’s network, which is the same thing that happened at other retailers and restaurants over the course of the last few years.  Our sister site, DontBecomeAnotherTarget.com has a list of many of these merchants.

Some credit unions, according to the article, have said that this breach has already exceeded the fraud that the Target breach caused in 2013.

The worst part?  According to the article, “the restaurant chain hasn’t yet said how long the breach lasted — or indeed if the breach is even fully contained yet.”  What does that mean?  That means you don’t use your credit or debit card at Wendy’s.  Period.

It’s unknown if Wendy’s had passed their latest PCI DSS (Payment Card Industry Data Security Standard) prior to the breach, however post breach they are not compliant, since the malware should have been discovered during the required scans.

If you’re a merchant that takes credit cards, you’re required to be PCI compliant.  We’ve encountered so many merchants who don’t have their own IT department who are under the false impression that they are compliant because they’ve signed (or “attested” online) a form from their credit card processing company indicating that they are compliant.

The credit card processing companies, like every other portion of the credit card chain (Merchant>Processor>Bank) have to be compliant, but each entity is required to do their own PCI Self-Assessment Questionnaire (SAQ).  The credit card processors will have the merchant sign/attest a form that indicates that the merchant knows they have to be PCI Compliant, even if the merchant has no clue what that is.  Once the merchant attests to this, the credit card processor has fulfilled their obligation.  If a breach occurs with the merchant, all the credit card processor has to say is “But you signed that you were PCI compliant” and they’re off the hook.

PC Medics of Alabama (PCMDX) specializes in SMB (Small to Medium Businesses) PCI Compliance.  If you process under 6,000,000 transactions per year, PCMDX can make sure you’re compliant.  If you’re not compliant, we’ll take the necessary steps to make sure you become compliant.  We then take care of your SAQ, and we make sure you remain compliant.

Our client base includes restaurants, dentists, doctors, and various other merchants, so our experienced staff can handle any merchant that takes credit cards.  Call us today for a free visit and estimate on how you Don’t Become Another Target. And if you don’t have a dedicated IT department, we can handle that for your as well, which let’s you concentrate on your business, while we take care of your IT needs.

02.01.16
by

Windows 10 – Update 3

The questions about Windows 10 upgrade have not stopped.  We get them daily.

“What do you think of Windows 10?”

“My computer keeps bugging me about upgrading.  Should I?”

“Do you think it’s time to upgrade yet?”

It’s looks very pretty.  No.  And No.

We’ve talked about the upgrades in our two previous posts (Part 1 and Part 2)

In their latest campaign to convince users to upgrade, Microsoft has taken to SMB (Small to Medium sized Businesses).  They have a Facebook post that features a video that shows the benefits of upgrading to Windows 10.  Here’s the part that bothers us about the video:

About a minute in, the “Microsoft Spokesperson” shows a business how easy it is to upgrade.  He sits in front of the PC surrounded by “employees” of the company, clicks on the Windows button in the system tray, it launches the upgrade process.  The he says “Just agree to the terms and conditions and you’re done!”.  They all go to lunch and by the time they get back they live happily ever after since the Windows 10 upgrade is complete.

OK, let’s get out of make-believe land and back to reality.

We all have done it.  Most of the time we continue to do it.  We’re used to doing it.  What?  Agreeing to the Terms and Conditions without reading them.

But in this case, is it the right thing to do?  Needless to say, we’re required to accept the terms and conditions on any software that we install, but all those pages contain information that may be good to know.  Especially in this case.

Windows 10 offers two types of install, Express and Custom.  Express means you agree to the terms and conditions, and accept all of the default settings.  For those of you who haven’t seen the default settings, many of them include a feature that sends information back to Microsoft.  Microsoft uses this information to deliver a more personal experience.  In the Express settings mode, this includes a variety of tracking software.

Microsoft has said they’ve discontinued the practice of tracking everything.  However, they just released the latest stats on Windows 10:

“Here’s the list of milestones that Microsoft just achieved:
  • People spent over 11 Billion hours on Windows 10 in December 2015.
  • More than 44.5 Billion minutes were spent in Microsoft Edge across Windows 10 devices in December alone.
  • Windows 10 users asked Cortana over 2.5 Billion questions since launch.
  • About 30 percent more Bing search queries per Windows 10 device compared to prior versions of Windows.
  • Over 82 Billion photographs were viewed in the Windows 10 Photo application.
  • Gamers spent more than 4 Billion hours playing PC games on Windows 10 OS.
  • Gamers streamed more than 6.6 Million hours of Xbox One games to Windows 10 PCs.”

How do they know this?  Hmmm….

PCMDX clients know that we’re huge advocates of Microsoft, however our main focus is privacy and security.  Yes, if “they” want it, “they” will get it, however, we don’t have to leave the door not only unlocked, but open for them.

No, at this time we’re not recommending that those of you using Windows 7 upgrade to Windows 10.  Those of you using Windows 8 or 8.1 will have to decide if privacy or usability is more important.  We’re writing this post on a Windows 10 laptop (it came with the laptop).  It’s much more user friendly than Windows 8.  But we turned off all of the data mining features that we could turn off.

Is this the best operating system that Microsoft has released?  The word “best” is subjective.  What’s best for you may be different than what’s best for us.  Is it the most feature packed?  Absolutely.  Is it powerful in today’s internet world.  Yes.  If you use a PC to check e-mail, update your Facebook status, and surf the web, then there will be little difference between Windows 10 and Windows 7.

But wait!  Microsoft just issued a warning to those who use Windows 7.

And the latest information tells us that Microsoft will start to make the Windows 10 upgrade a “Recommended Update”.  What does that mean?  Glad you asked.  It simply means that if you have your Windows Update settings set to install all updates automatically, it will install the files even if you’re not interested.  This means if you don’t want it, you’ll have to turn off the automatic update function and go to “Notify me of updates but let me decide to download and install them” in the Windows Update settings in Control Panel.  Which means that you’ll need to make sure you install the important updates at least once a month.

Stay tuned.  Microsoft wants you to have Windows 10.

01.23.16
by

Your credit card got hacked…how did it happen?

We read every day stories about people’s credit cards that were “hacked”.  We put the word hacked in quotes because it’s really not the correct term.  The better word is breached.

Regardless of the what you call it, the bad guys got your credit card number and now you have to jump through a bunch of hoops in order to fix it, from calling the credit card provider, to looking over your statements to see where all the bad guys used your card.

But how did you get here?  Where did the bad guys get your card?  When did it happen?  What method did they use?

First thing’s first.  It most likely didn’t happen recently.  Unless you lost your card, chances are your card was compromised weeks, if not months ago.  So don’t blame the last place that you used your card.  Not only did they probably not have anything to do with it, but you’re also making possibly a slanderous statement against that company and could find yourself in legal trouble.

The card may have been compromised at a merchant who was not PCI Compliant, a requirement for any merchant who takes credit cards.  Unfortunately, many merchants don’t have a clue that they need to be compliant, or under the assumption that they already are, based on wrong information they are receiving from their credit card processor.  Here’s some simple facts:

  •   No breach has ever occurred at a merchant who was 100% PCI Compliant.
  •  All breaches that have occurred were at merchants who were not PCI Compliant.  

The card may have been breached at a gas station or ATM that had a skimmer installed.   This method collects card information for a period of weeks or months.  The bad guys (and girls) then take the numbers and encode them on pre-paid credit cards they purchase at a drug store, and go on shopping sprees.  The length of time between the skimmed cards and the using of the accounts could be a few months.

Banks have become smarter when it comes to compromised accounts.  Many years ago when a card was compromised, the victim would find charges that were made in other states or even other countries.  Today, if there’s suspicious activity on an account, often times the bank will call the account holder and ask them if they are in another state.  If they are not, they will not authorize the transaction.

Because the banks are now monitoring accounts, the bad guys are adapting.  Usually, if a card holder is based in a particular ZIP code, the bad guys will harvest all of the account numbers for that area, then descend on that area and begin to use the compromised accounts in that area.  That raises less suspicion with the banks.  However, the time between the breach and the using of the account can be weeks or months.

Here’s a great article that gives you a very detailed view on credit card breaches.

If you’re a merchant who takes credit cards and are not sure if you’re PCI Compliant, contact PC Medics of Alabama today at 205-201-0389 or via e-mail a info@pcmdx.net for a free consultation.  Our PCI Compliance experts will go over your network and give you recommendations on how to become compliant.

10.12.15
by

Before you get rid of that old PC or Laptop, read this!

So you’re about to replace your PC or laptop.  You’ve transferred all your files and folders and are ready to sell it, donate it, give it to someone or throw it out.  Before you do that, STOP!

Simply deleting files from your hard drive doesn’t make them go away.  All it does is remove the “pointer” to the files so that the operating system (OS) thinks that it’s OK to write new data to that space.  In other words, the data is still there until something else overwrites it, and even then, a good “undelete” program can recover it.

OK, so how about formatting the drive?  Will that take care of it?  Nope.  A good undelete program can still recover the data.

A recent study by Blancco Technology Group and Kroll Ontrack showed that 48% of the used hard drives being sold on Amazon still had enough residual  data on them to reveal information on the previous owner.

So what should you do?  There’s a number of options.  PCMDX sponsors an organization called Learning To Be the Light (2BTL). 2BTL refurbishes PCs and gives them to low-income students in the Hoover City Schools.  Any student who is on free or reduced lunch, 2BTL  will give them a PC, a monitor, keyboard, mouse and anything else they may need.  If they are a junior or senior in high school, they are also given a laptop in addition to the PC.

When someone gives their PC to 2BTL to be refurbished, 2BTL  will ask if they want the old hard drive.  If they do, then the old HD is removed and given to the person giving the PC.  This is by far the safest method because all of the data is on the HD and the HD doesn’t take up much space.  So if you’re giving away or selling your old PC, try to remove the HD first.  A replacement drive usually will cost under $100.

What’s the downside of doing this?  Usually restoration software is on the HD, which means the recipient will have to order the restore software or re-install the OS, then re-install the drivers.  This can be complicated and expensive.

If the person giving the PC to 2BTL  doesn’t want the old HD, then 2BTL  will use a software program called Darik’s Boot and Nuke (DBAN).  DBAN is a free program that will not erase the HD, but write data over the existing data 8 times, usually in the form of 0s and 1s.  After 8 times, the original data is not retrievable, even by the best forensic experts.  This will work on most non-SSD, non-RAID HDs.

The downside of this process is that it’s very time consuming, sometimes taking over 24 hours per drive.  The recipient of the HD, if they plan on using it again in the same PC, will have to order restore software or install the OS, then drivers.

Either method is inconvenient, however, having your personal information compromised is more inconvenient.

If you need to sell or otherwise get rid of your PC or laptop, but don’t want to give it to Learning To Be the Light, PCMDX can take care of securing your HD before you hand your PC or laptop to the new owner.  Contact us today for a free estimate at 205-201-0389 or via e-mail at pcmdxal@gmail.com .

07.15.15
by

Can you be a target for a phishing scam? Take the quiz and find out.

What’s the easiest way to get into a locked building?  Use the key.  What’s the easiest way to get the key?  Get it from the person who has it.

Your network is a building, metaphorically speaking.  Each device (computer, printer, network attached storage, etc.) is a room in the building and each device is protected by a user name and password, or at least should be. The user name and password are the credentials of the device, and are the “keys” to the room.  Usually, in order to make our life simple, once we insert our key (user name/password) into the building (network), we’re granted access to the rooms (devices) our gatekeeper/keymaster (network administrator) has decided we can go into.

Because we’ve become more security conscious over the past few years (we don’t use the password “password” or “123456” anymore…do we?!), the bad guys (hackers) have become more sophisticated.  They use various methods to get the keys.  Some use social engineering.  Others use brute force attacks.  And still others prey on the lack of computer knowledge of network users.

The last group uses “phishing” expeditions in order to get the keys.  This is a play on words on “fishing expedition”.  On a fishing expedition, we go out and see how many fish we can catch.  We target our area, throw out the line, which has bait on it, and see what happens.

A phishing expedition is no different.  The bad guys send out hundreds of thousands of e-mails that have malicious content, and see how many take the bait.  Once the targets take the bait, it’s pretty much over with.  Some of the malicious payload may be a virus or Trojan that captures your “keys”.  Others may be ransomware that encrypt your hard drive and demand money in order for you to get access to your files again.  Regardless of the payload, it’s all bad, which is why we call it “malware”, “mal” being the Latin word for “bad”.

Phishing expeditions are not limited to just gaining access to work networks.  They can also be used to gain access to bank accounts, credit card accounts, or any other password protected site.

So how do you protect yourself or your company?  At PCMDX we take a multi-level approach.  Securing the perimeter is very important.  We use a firewall to do so.  This prevents the bad guys from simply walking into your network through an unlocked door.

We also protect all of your devices by using anti-malware software, applying patches and updates on a regular basis, and making sure there’s no vulnerabilities on the network, such as devices that have out-of-date firmware, or computers with out-of-date operating systems, such as Windows XP or Windows Server 2013

We also believe in training and education.  The more your users know about how to protect themselves, the easier our job is, and the more secure your network becomes.

Keeping your network secure is not a one-time thing.  It requires regular maintenance, and regular training.  Every time the good guys find a way to block the bad guys from gaining access to the network, the bad guys come up with new ways to break in.

Here is a test that you can take yourself or give to your staff to find out how much you and they know about phishing expeditions.  If you score below a 100%, give us a call so that we can begin to secure your business or network.

Phishing Quiz

PCMDX is based in Hoover, Alabama and serves businesses that have 15 computers or less in Alabama, Mississippi, Western Tennessee and the Florida Panhandle.  If you’re a merchant that takes credit cards, you’re required to be PCI Compliant and PCMDX can take care of all of your PCI Compliance needs.  If you’re a medical practice, you need to be HIPAA compliant, and our engineers are HIPAA specialists.

Call us today for your free consultation at 205-201-0389 or via e-mail at pcmdxal@gmail.com .

 

06.21.15
by

Microsoft is Not Watching Your Computer

Over the past year we’ve had several clients contact us to tell us that they had received calls from “Microsoft” indicating that they had errors on their computer, and that “Microsoft” wanted to fix those errors.

Having received two of those calls as well, and having promptly hung up on those calls, we thought that most people would do the same.  Apparently this is not the case.  So please read this post so that you can protect yourself from a social-engineering hack.  And share this with others as well, especially those who are not computer savvy.

Here’s how the hack goes:

Your phone will ring and a person on the other end, usually with a foreign accent (ours had an Indian or Pakistani accent both times) identifies himself as being an engineer with Microsoft and they discovered an error on our computer, and they needed to fix it.  The way they want to fix it is to remote into the computer, by the victim going to a web site that installs remote control software.

If the victim seems dubious, the hacker asks them to go to a folder on their C: drive and look for a file called rundll32.exe (or any common Windows file).  Once the victim sees that file (which is on every Windows computer), the hacker says that it’s a dangerous file and that he will remove it.  He then directs the victim to a web site where the remote control software is installed.  Once it is installed, the hacker has complete control of the computer.  They will tell the victim that they are removing the bad files, meanwhile accessing the victims private information.

The hackers are brazen at times.  One of our clients allowed two of his computers to be accessed, and then the hacker had the audacity to tell the victim that they owed $199 for the “clean-up job”, which the victim reluctantly gave.  Then they called us.  It took several hours to remove all the malware installed by the hackers.

Again, they usually prey on people who are not computer savvy, and, since they sound convincing, the hackers are successful many times.

We have received two of these calls.  On the first one, we played along to determine their method.  Although we never let them get to the computer, and then stopped them by telling the hacker what we did, we were able to gather some information.

The hackers are based in India or Pakistan (ours was in Pakistan).  They are in a phone room and randomly call US numbers.  If successful, they are paid $150 US for each hack.

So here’s a very basic thing to remember:  Microsoft does not monitor your PC for errors.  If someone from Microsoft calls you to tell you there’s an error on your PC, HANG UP.  Quickly.

Now, if you’ve received a call like this and have allowed a hacker access to your PC, and have not had your PC cleaned, please contact us right away.  Once the hackers have access, they will continue to have access.  Our contact information can be found on our web site pcmdx.net or on our Facebook page facebook.com/pcmdx .