News & Events

wannacry security attack

WannaCry IT Security Protection Case Study: What You Should Know

The far-reaching WannaCry ransomware attack made international headlines last year when unidentified hackers encrypted the data of more than 200,000 computers in over 150 countries between May 12–14, 2017. Large corporations or tech giants weren’t the only ones targeted. The attack affected an assortment of entities, from financial institutions and hospitals to banks and individuals. Although it only lasted a couple of days, the effects were long lasting—and so were the lessons learned.

Once a computer was infected and its data became encrypted, the WannaCry perpetrators demanded a $300 ransom payment in bitcoin in exchange for restoring these files. They increased the price until the end of the countdown when the data would be ultimately deleted if the ransom was still unpaid. The attack finally ended when someone discovered a kill switch (just one of the clues that WannaCry was an amateur attack).

The scariest part? All of this could have easily been prevented. It all boils down to the importance of updating systems and backing up files.

The Challenge

The reason WannaCry successfully and quickly encrypted the data of so many systems worldwide had to do with the enormous number of people who did not update their computers right away. It all started with an online leak that exposed a vulnerability in the Microsoft system. EternalBlue is a tool developed by the US National Security Agency that exploited a vulnerability in the server message block (SMB) protocol for network file sharing. Basically, the NSA found out that in some versions of Windows, the SMB protocol could accidentally accept information from remote attackers. The NSA could use this for surveillance purposes. In short, this tool took advantage of a security weakness in Microsoft software. A group of hackers called the Shadow Brokers stole this information from the NSA and leaked EternalBlue online last April.

Fortunately, once the exploit was published (and before WannaCry occurred), Microsoft acted quickly and released a patch for their supported operating systems, Windows 7 and 10. Note that this did not include XP, as Microsoft announced years ago (with plenty of notice to users) that support for XP would discontinue on April 8, 2014. Even as other variants of WannaCry came out in the following days, Microsoft continued to release new patches to protect the systems.

The reason WannaCry was successful (despite all of these patches) is that many people failed to update their systems. WannaCry spread like wildfire because, unlike phishing emails, this computer worm wiggled from one infected computer to a healthy computer.

The Solution

it security is important

Once the kill switch was found, the attack finally came to an end. Microsoft released an emergency patch for XP and Server 2003, although they were under no obligation to do so since they were no longer supporting those systems. Many people learned the hard way that regularly updating your computer systems is vitally important.

Some systems that were infected had backed up their data, so it was more easily recovered without having to pay a ransom.

Avoid Becoming a Victim

As a company, Electronic Office operates in a proactive (and not reactive) way. None of our clients were affected by WannaCry because of the precautions we have in place. As soon as we sensed this threat, we assembled an Incident Response Team and communicated this security alert to our clients. We evaluated all of our clients’ systems, advised them not to turn their computers off, and pushed out any patches that were missing, which we can manage remotely.

What could have prevented this ransomware attack? Everyone must regularly update their computer systems and back up their data.

We’re Here to Help

Following IT news and protecting your data properly can be a lot to keep up with. An IT company like Electronic Office can take care of this for you. We’re always staying on top of the latest threats and trends. Additionally, we constantly evaluate new and emerging technologies to offer our clients. We currently have the most robust data backup platform in the world.

We regularly patch our client’s systems through a triage policy. We evaluate at what is needed and what is not needed. We manage and understand where our thousands of end points are in their state of patching.

EO offers Security Awareness Training to better prepare users for real-world situations. This training can take many forms including fake phishing emails, training videos, and even alerting our clients to real malicious emails that have been sent.

Even if you don’t have confidential information and think nobody is trying to hack your system, you still need a firewall to protect your networks. Purchasing and installing a best-in-breed firewall appliance is just the start and is not a “plug in and forget it” situation. The key is configuring the firewall to the current threat landscape and consistently maintaining it to make sure that networks are protected from new and emerging threats. Other maintenance includes keeping the firewall current from a support, warranty, and software perspective.

IT Assessments are critical for knowing your current state of weakness, strengths, and vulnerabilities. It’s much easier (and stress-free) to have measures in place so that when the next big cyberattack happens, your systems are safe.

Don’t fall victim to ransomware: The work you do and clients you serve are too important. Avoid downtime and the risk of data loss. Get better protection starting today. Contact us for more information.

Share this post

Cybersecurity 101: Protecting the Medical Practice in an Evolving Threat Landscape

By Kemper W. Brown, Jr., CISSP

I recently gave an IT security presentation at a fall conference for medical managers of physician practices in Western North Carolina. As the only speaker on the topic of technology, my goal was to help medical managers stay on top of IT security best practices and the current threat landscape.

View My Cybersecurity 101 Presentation Slides

The Malware Menace

Today, it’s not just large corporations (and infamous breach victims) like Target and Sony who are at risk of breaches or cyber attacks; it’s everyone. The perpetrators aren’t so much setting their sights on one company and trying to get in as they are automating their systems to find and exploit vulnerabilities and execute phishing schemes. What’s so scary is that small practices and organizations now also find themselves in the crosshairs. Security measures have had to catch up to the growth of ransomware, yet every company can be at risk. Taking preventative action and following up with 24/7/365 support by experts is key to ensuring your clients’ information doesn’t fall into the wrong hands.

Over the last year and a half, for example, many small to medium-sized clinics and surgery centers have found themselves victims to breaches, ransomware, or crypto type attacks. A group of hackers known as TheDarkOverlord has pirated hundreds of thousands of digital medical and dental records across the country. These ransomware schemes encrypt or lock medical records or other critical files, and demand a ransom in bitcoin for regained access. Medical records are highly valuable on what is known as the “dark web,” and crime groups pay top dollar for hacked personal identifiable information.

How Do You Avoid Becoming a Victim?

We recommend that you protect your practice through:

  • Annual HIPAA Security Assessments
  • Layered Security
  • Robust Data Backup Solution
  • Security Awareness Training

An annual HIPAA Security Assessment is not only a requirements of HIPAA/HITECH compliance, but is also a best practice for protecting systems and evaluating vulnerabilities.

Layered security is also recommended because you want to have multiple defenses in place (e.g. firewalls, updated patching, consistent antivirus across all endpoints). This approach includes perimeter defense, which can call for a firewall with deep-inspection capability (protecting the outside of your network), as well as internal defenses such as intelligent spam filtering, vulnerability patching, password policies, and antivirus/antimalware support.

Robust data backup solutions with onsite and offsite copies are also critical to a strong data protection plan. If something happens to the servers, you have it backed up on your site; if something happens to the building, you have it stored off site. When you need to restore something, having confidence that your files are there and usable is key. Data backup is also the best protection against ransomware and crypto type threats.

Security Awareness Training

Yet, in today’s world, having a strong firewall, backup, and antivirus software is no longer enough. Unfortunately, the majority of breaches that occur today are the result of social engineering or unsuspecting employees opening a malicious email or clicking a harmful link.

Do you think this could happen to someone on your team? If you set up a simulated attack, would anyone fall for it?

In the weeks after an actual cyber theft of customer assets in 2015, financial institution JPMorgan sent a fake phishing email to their employees to test their reaction. According to the Wall Street Journal, 20% of staff opened it. If this had been real, it would’ve been disastrous for the bank’s networks. Remember, it only takes one person opening that email for the entire system to become infected.

Phishing emails have gotten more sophisticated over time. It may be less obvious that these emails are malware. The idea is that we can train users to identify malicious and phishing emails.

I recommend that your entire team undergo security awareness training (we do it for our own organization). This training can take many forms including fake phishing emails, training videos, and even alerting our clients to real malicious emails that have been sent. The idea is to better prepare users for real-world situations.

What to do After a Data Breach

Experiencing a data breach can be an extremely scary scenario and like in any emergency how an organization responds is critical. First off, document, document, document. Next, contact critical IT personnel and isolate affected systems from the network, do NOT power off breached systems. At this point, begin analysis, and respond according to organization WISP (Written Information Security Policy).

As any practice manager or organizational stakeholder in a breach scenario, you need to be able to answer these questions:

  • Who is responsible for the breach?
  • External hackers?
  • Internal personnel?
  • When did the breach occur?
  • How did the breach occur?
  • Were servers or systems hacked?
  • Did an employee unlawfully access the information?
  • Was protected health information compromised?

There will also be a point when it may be advisable to engage legal counsel and IT security professionals to help with response and prevention of further harm.

How Do I Report a Data Breach?

There are laws (state and federal) that dictate the responsibilities of businesses whose data has been breached, whether it was employee data, or client/patient data. Contact professional legal counsel who can assist with a notification plan and provide proper communication and documentation related to the breach.

They’ll be Back

A breach or even a close call (like opening a phishing email) can attract other attacks. Post-breach it’s important to:

  • Conduct a thorough security audit to identify any additional risks
  • Remediate all identified risks
  • Establish proper protections and protocols for future threats

Moving Forward: The IT Assessment & Beyond

You’re likely wondering, Are we really protected? Do we have layered security posture? Do we have enough training for our staff?

One solution for peace of mind includes an IT assessment to establish baseline knowledge of your technology infrastructure and uncover any potential vulnerabilities. The Electronic Office will develop a comprehensive overview of your current systems and prepare recommendations based on industry best practices.

The Electronic Office delivers worry-free, trouble-free security for your organization’s network. We offer installation, configuration, monitoring, patch management, and continuous updates to ensure robust protection against today’s advanced IT threats. We provide around-­the-­clock monitoring, management, and remediation. Our knowledgeable security support team is available 24/7/365 to address problems quickly. As business needs change, our team will work to fine­-tune your security plan. With our expertise and support, you can rest easy knowing your network systems—and your business—are secure.

Share this post

Company News: Our Commitment to the Lifesaving Work of Mission Health

At Electronic Office, we strive to be a good neighbor in our hometown of Asheville, NC. One way that we show our commitment is through charitable giving. Our relationship with Mission Health has been going strong for more than 30 years because we have seen the enormous positive impact they have on the people of Western North Carolina. We were recently honored at Mission’s Mountains of Hope event and by a visit and presentation by Mission Health’s CIO Jon Brown.

Electronic Office Mission Health award

Mission’s State-of-the-Art Virtual Care Centers

Because of our region’s mountainous terrain, rural physician shortages, and other disparities and barriers, many families and communities are isolated from reliable healthcare. Mission Health is poised to launch a transformative network of Virtual Care Centers, which would help hospitals and health systems utilize physicians more efficiently, connect specialists to rural physicians or hospitals, and improve patient access to care. Virtual care will help:

  1. Prevent disease
  2. Educate our community
  3. Assist in the management of chronic diseases prevalent in the WNC population
  4. Expand care sites to patient homes
  5. Improve access to primary and specialty providers across WNC
  6. Drive healthcare value-improvement through consumer connectivity
  7. Disseminate discoveries for the benefit of care improvement across the nation

Our Investment in Mission’s Success

This year, the employees of Electronic Office made a five-year commitment to support Mission Health. Our gift directly supports the Virtual Care Centers of the Center for Advanced Virtual Care. These state-of-the-art Virtual Care Centers will ensure that WNC residents have access to healthcare services when and where they need them.

Thank You, Mission Health!

We applaud Mission Health on their vision and action. We believe in these innovative solutions to enhance timely and convenient access to healthcare for the rural communities of WNC. Thank you, Mission Health! We are honored to support you.

Share this post

IT Industry News Round-up December 2017 Edition

In this round-up, we focus on important information on cybersecurity and protecting your data. We also take a look at the growing trends in Information Technology to combat threats to privacy. With 2017 coming to a close, we look ahead at expert predictions of what’s likely to come and how we (and our systems) can best be prepared.

cyber security it

When a Data Backup isn’t Enough: Ways to Protect Against Ransomware

After a ransomware attack or any kind of data breach, the companies with good back-ups and a well-tested restore process are typically the ones who can bounce back most quickly. Cybercriminals are escalating their efforts, however, beyond infecting single workstations. Many are aiming to destroy backup processes and tools as well.

In his article Ransomware Will Target Backups, Rod Mathews, Senior VP & General Manager of Data Protection Business for Barracuda, offers four recommendations to help companies protect their backups against ransomware attacks. These efforts will keep backups at the top of the list of ransomware defenses and will reduce the risk of losing data in the event of an attack.

Read the full article.

Online Security Myths

Do you live under the impression that your Mac is bulletproof against intrusions and malware? That protection software makes your computer slow? That hackers won’t bother attacking your computer because you’re just one person out of billions. If so, keep reading—these three myths and others are causing big problems. Don’t let a lack of knowledge leave your data vulnerable. In 8 Myths About Online Security, F-Secure dispels these online security myths.

Read the full article.

Cyber Security Predictions for 2018

2018 is right around the corner. In this Information Age article by Mike McKee, CEO of insider threat management company ObserveIT, offers his predictions regarding cybersecurity in 2018. In his forecast, he says that social engineering tactics by cybercriminals will continue to pick up speed. One way of combating human error is through education and awareness training. Next year, companies will be investing more time and effort in training their workforce. Will you?

Read the full article.

Electronic Office IT Security Services

Wondering how your own business’ IT posture compares to IT best practices? Worried that you may be open to risk? At Electronic Office, we offer IT Assessments that identify your company’s IT strengths, weaknesses, risks, and provide a series of recommendations to remediate the weaknesses and risks. We recommend that every company solicit an IT assessment every two years—even if you already have someone managing your IT. Think of it as an independent audit.

Our goal with an IT Assessment is to provide all the necessary information to your team so you can know where you stand and what steps you can take to remediate any weaknesses and risks.

Share this post

Four Things Small and Mid-Size Businesses Need to Profit from the Digital Transformation

The digital age continues to deepen its impact on businesses of every size. Large companies are routinely challenged by smaller, more innovative competitors. Organizations that have dominated their industries for decades risk being displaced virtually overnight by data-powered business models. And the right technology makes all the difference.

For many smaller companies, traditional ways of managing data make it hard to capitalize on the digital transformation. Simply storing large amounts of data locally can be prohibitively expensive, and implementing the tools to make sense of it adds a new layer of challenges. Microsoft offers a look at the 4 basic things you need to consider when building the data foundation of your digital business transformation.

Share this post