News & Events

Ransomware Alert

If you are reading this, you probably know the story of Colonial Pipeline from the news headlines and the gas lines. At Electronic Office, we are intensely focused on the challenges of ransomware because, here is the bad news, our clients are not too small to “fly beneath the radar” of the next generation of bad people who are looking to make a criminal buck from ransomware.

 

Our gas stations are open again because Colonial Pipeline paid $5 million to the criminals that held them hostage. That’s good news for getting gas but bad news for our clients. The FBI has this to say:

 

“The FBI does not encourage paying a ransom to criminal actors. Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illegal activities. Paying the ransom also does not guarantee that a victim’s files will be recovered.”

 

EO agrees with the FBI in theory, but in practice, this is easier said than done. Most companies that are victims of ransomware attacks pay painfully large ransoms to regain control over their data and software tools. The vast majority of these situations are never made public. In many cases the company that paid the ransom does not report a data “breach” because they can at least pretend that the attacker only blocked access to their data but did not extract and retain a copy of the data. This is a technicality with serious implications but, when your business is paralyzed and collapsing all around you, sorting out the nuance is unimportant.

 

Darkside is the ransomware hacker company that was behind the Colonial Pipeline attack and, even as we write this urgent memo, they are publishing information that proves that their software tools have been used to attack 3 more major companies in the past few days.

 

Darkside is a horrific criminal enterprise but we called them a “company” for a reason. Darkside is a well-organized and disciplined business. You might be surprised to learn that Darkside does not hack into companies directly. Darkside is in the business of licensing its ransomware tools and techniques to 3rd parties who want to use their tools to make money via ransoms. Darkside has a sophisticated profit-sharing agreement with its 3rd party licensees.

 

Some entity that we know nothing about and cannot pin down licensed Darkside’s tools and then used them to attack Colonial Pipeline. You have heard of SaaS (Software as a Service), well Darkside is in the business of RaaS (ransomware as a service.)

 

Yikes. As with virtually all legitimate technologies that EO has implemented for its clients over the years, software developed for giant corporations becomes easier and more efficient until it reaches the point where anyone can use it. Today an owner of a restaurant has access to marketing, financial management and data analytics tools that were only available to the Fortune 500 a decade ago. Unfortunately, EO sees no reason why computer hackers sitting in a basement somewhere will not gain access to ransomware tools in the near future. There will be much smaller versions of Darkside and they will be licensing their tools to one-man 3rd parties. With a profit-sharing model, the criminal does not even need to have cash upfront to license this stuff.

 

These people are evil but they are smart. They know that they can extract a $5 million dollar payment from a giant like Colonial Pipeline and they realize that a local healthcare provider, municipality, charter school or manufacturer might only be able to pay $200,000. That perspective has protected our clients so far. It won’t stay that way.  The tools for implementing a ransomware attack are getting into the hands of small-time criminals with a base level of computer skills and they are more than happy with ransom payments that will be painful but doable for clients like ours.

 

When your company gets attacked, the most likely breach of your security that allowed them to get in will have been an innocent human error by one of your own employees. The nickname for these techniques is called Phishing or Spear-Phishing. These simple sounding nicknames belie the underlying sophistication that makes these techniques effective.

 

It is awkward for those of us at Electronic Office to take this problem and treat it as a revenue generating opportunity. Even so, it is what it is. Electronic Office has been reviewing and applying products that can help our clients to dramatically reduce their chances of being a victim of a ransomware attack and we know how to help you. We very much appreciate the feeling that this kind of crisis “will never happen to me” but we owe it to you to warn you that this mindset is obsolete. We owe you the very best insights, ideas and products for your protection when you are ready to accept that the bad guys are forcing our hand. We can’t keep our head down any longer.

 

To the best of our knowledge, this battle against the bad guys must be fought BEFORE the attack begins. Once Colonial Pipeline was under attack, not even the powerful resources of the huge oil industry and the US Government could find a way to beat the criminal behind the attack. The ransom got paid after all other options were exhausted.

 

Don’t feel helpless. The attackers don’t have a personal vendetta or focus on your company. They cast a very wide net and the companies that have done the least to protect themselves become the victims. If your company is doing all that it can to frustrate attackers, they are more than happy to focus on other companies that are not as big of a challenge as yours is. There is no guarantee of safety, but if your company offers the path of most resistance for these criminals, they are much more likely to attack somebody else.

 

Remember, John Dillinger never robbed a bank because he did not like the bank president. Dillinger robbed the bank that was most vulnerable because it was not invested in a high enough level of security protection to concern Dillinger. The ones that invested in a high level of security against bank robbers were of no interest to Dillinger because there was always another bank down the road where management was more nonchalant about security.

 

As of today, zero percent of EO clients have been victims of ransomware. We are way too humble to believe that we can maintain that perfect performance record forever. We know how talented the criminals are. The culture here at Electronic Office is well known to you – we take these challenges personally. Your trust in us is our greatest asset and our greatest sense of responsibility.

 

We are not going to deny that this situation leads to new products and services that generate revenue for EO, but if you know us at all, you understand that pro-actively protecting our clients is in our DNA, revenue growth is the outcome, not the driver.

 

Please give us the chance to dive deep with you regarding ransomware. We are all very busy but let’s not look back in dismay wishing we had done more after your computer screen is just a big ugly message from a criminal who has paralyzed your company.

 

Thank you,

The Electronic Office Executive Team

Share this post

Kaplan CFO Featured Referral Partner

Electronic Office has recently been featured as a Referral Partner of Kaplan CFO Solutions. We are honored by this distinction and appreciate the kind words of Ken Kaplan below.

“Kemper Brown and his team at the Electronic Office are experienced, reliable IT professionals. Not only are they a trusted referral partner, Kaplan CFO has used them extensively for IT and systems maintenance. Our relationship delivers great value. When they say they are available 24/7, they really mean it.”

Ken Kaplan

Kaplan CFO Solutions is a cohesive team of experienced Chief Financial Officers, working side-by-side with small- to mid-sized business owners across western NC, eastern TN and the Upstate. Their partners are a key part of your management team, working on-site to implement and guide the day-to-day efforts and long-term strategies that keep you moving forward, giving you everything you expect from a seasoned, full-time CFO…and more.

“We pride ourselves on partnering with best of breed professional firms such as Kaplan CFO.”

Kemper Brown, Jr.

Please visit Kaplan CFO’s website at: https://www.kaplancfo.com/ to learn how they can be a valuable asset to your organization.

Share this post

Remote Work Questions? Electronic Office has answers!

As you adapt and adjust your workplace and business in response to the evolving COVID-19 situation Electronic Office is here to help. We remain steadfast in our resolve to not only maintain critical operations and support, but also to assist our clients make the changes necessary to overcome challenges and keep their organizations as productive as possible.

 We are actively discussing and assisting clients with telecommuting and remote office work. Whether you are looking to expand your current capabilities to have staff work remotely or build out these systems for the first time EO can guide you through this process as you crystallize your plans.

 Our clients are adapting to the changing landscape and we are ready to help you with the planning and implementation of a remote work force. Please reach out to your account manager, call our office (828-274-1196) or email support@electronicoffice.net to learn more!

Share this post

Electronic Office CEO Kemper Brown, Jr. talks cybersecurity on WLOS

Electronic Office CEO, Kemper Brown, Jr. was recently featured on News 13 WLOS for a story highlighting a recent cybersecurity warning from Gov. Roy Cooper due to increased tensions with Iran.

“Iran has a history of attacking U.S. targets,” Electronic Office CEO Kemper Brown Jr. said.

Iran isn’t the only bad actor individuals and organizations should be worrying about.

“Attacks come from all corners of the world and not just the Iranians, and they come quite regularly. Both small organizations, large organizations and individuals really need to be vigilant,” Brown said.

Patching systems for vulnerabilities, thinking before you click on potential suspicious emails, and having a plan if you get attacked are all ways to protect yourself. Electronic Office works with companies local and across the globe to keep them protected and up-to-date on emerging technology and security practices.

For the original story, please visit: https://wlos.com/news/local/wnc-cybersecurity-experts-urge-people-to-fix-system-vulnerabilities-quickly

Gov. Roy Cooper’s announcement can be found here: https://governor.nc.gov/news/gov-cooper-urges-public-pay-attention-potential-cyberthreats  

Not feeling confident about your organization’s data security?  Don’t wait until it is too late! Contact Electronic Office at 828-274-1196 or info@electronicoffice.net to learn how we can protect you and your organization today.

Share this post

What are you doing to protect your company against phishing attacks?

What is phishing?

Back in the early days of the internet, Nigerian princes would descend from their throne and send email offers of untold riches, only if you supplied your bank information to them. Of course, it was a scam and most people have since learned to ignore and move on. On the other hand, hackers have also gotten smarter, using more sophisticated methods to attempt to get your information, commonly known today as phishing.

Phishing happens when a malicious person sends an email to try and trick another person into giving them private information, especially financial information. It happens most often through email but also occurs over phone (vishing) and text (smishing). In 2018 alone, the FBI reported over $2.7 billion dollars in losses related to phishing attacks.

How can your company prevent phishing attempts?

Harnessing the power of users and the power of technology is the best way to help the fight against malicious attacks. Train your employees how to recognize phishing emails and encourage your users to report any strange emails before they click. Use technology to your advantage. Set up spam filters, enable multi-factor authentication, keep your systems up to date, install a comprehensive anti-virus program, and enable browser add-ons and extensions that prevent users from clicking on malicious links.

When opening an email, ask questions such as:

  • Do I recognize the sender, and am I expecting an email from this sender? (sometimes senders can be spoofed – so confirm before you click!)
  • Did I receive an email that I normally would get during business hours, but it was sent at an unusual time like 3 a.m.?
  • Are there spelling or grammatical errors? Is the message awkwardly written?
  • Is there an unusual attachment included?
  • If I hover over the link, does the same website show up or is it misspelled? (If the hyperlink looks like somebody mashed the keyboard, open a separate browser and type in the website you need to go to rather than click)
  • Is the message demanding, urgent, or threatening?

When in doubt, always call the company or person directly before giving out any personal information.

Conclusion

Security is every user’s responsibility. When every person is dedicated to keeping security at the forefront, your company can prevent attacks better. Always remember: if it sounds too good to be true, it probably is.

Share this post