October 16th 2017, US-CERT publicly disclosed a vulnerability at the core of the WPA-2 encryption protocol. This vulnerability affects nearly every modern encryption configuration used for transmitting information across the internet, especially Linux and Android devices. The KRACK exploit was discovered by security researcher Mathy Vanhoef before it could be implemented for widespread misuse; however, now that this issue is public knowledge, it is extremely important for businesses to update their systems to protect against it.
How Serious is this Vulnerability?
In terms of how harmful this exploit can be, it is extremely serious:
It can be used to steal any encrypted information that is transmitted from or received by your computer or mobile devices.
It can be used to inject various forms of malware into local networks and website.
It affects all kinds of internet enabled devices; however, the most serious threats of injection are specific to Linux and Android.
The good news here is that a hacker needs to be within range of someone’s wifi network to implement it; so, the likelyhood of it being used against your home computer is fairly low. The most likely candidates for this attack are big businesses and smaller businesses that handle secure information.
Due to the potential damage that this exploit could cause, we strongly urge our clients to review their local networks to ensure that all of their connected devices are properly patched.
Equifax revealed on Sept 7th, 2017 a data breach that compromised the personal information of 143 million users. This breach is reported to have exposed a number of sensitive pieces of personal information including Social Security numbers, birthdays, driver’s licenses, credit card numbers, and credit dispute documents.
To find out if your information has been compromised, visit:
In light of the storms heading toward the Gulf of Mexico, ComSolutions wanted to share a few reminders to help make things a little easier when an emergency arises.
Please note the following. If you are bringing your server or computer equipment with you or just want to leave it in place, please be sure to follow proper shutdown procedures. Remember that it is never safe to power a server off without following a specific protocol. To prevent damage, there is a specific order in which your equipment should be shutdown. If you’re unaware of how to shutdown your server or equipment orderly, CSI would be happy to assist. Please call our office at 504-224-9475 Ext 2 or email email@example.com to schedule a call or an on-site appointment.
If you plan to work while out of town, here is a basic kit that can make working on the road easier:
Plastic storage bin to carry the following
Extension cord / surge protector
Network switch and RJ45 patch cables
Wireless router or WiFi HotSpot
External drive(s) or NAS unit that we have identified.
A list of all of your vendors, customers, and primary points of contact
A copy of your insurance policies, agents phone number, and your business checkbook in the event of relocation.
Setup an employee social media page for emergency communications
If you already have a cloud disaster-recovery plan with CSI, please call us so we can schedule a phone interview or appointment to review this. Remember to stay safe, keep us informed of your plans, and keep our contact info handy should you need any assistance.
March 31st is World Backup Day, but it’s important to backup more than one day per year! Here’s why.
Data can be lost in a number of ways including:
Operating systems crashes
Lost or stolen devices
Natural catastrophes including fires, flooding, etc.
Accidental file deletion
Failed or incompatible upgrades, patches, or other improvements to your system
Deliberate sabotage by a disgruntled employee
April Fools Day pranks gone too far… one more reason to do backups on March 31st
Remember don’t just back your data up, have a backup plan! This means having a comprehensive strategy for dealing with all of the above. Your backup plan should include solutions to all of the following common problems:
If your entire workplace is destroyed by a catastrophe, do you have an off-site copy of your data to work from?
Do your backups go back far enough to insure that you will have a good copy of your data, even if a virus or corruption gets saved to your most recent backup?
Do your backups include all of the system settings required to restore your work to a new device without having to undergo lengthy reconfiguration issues?
Do you have a place to restore your data and software to?
CAN EMERGENCY RESPONDERS FIND A 911 CALLER IN YOUR ORGANIZATION?
E911 Legislation and Compliance
As of 2017, your company or institution can be legally liable for 911 calls that fail to provide the correct location of the caller. As of December 31, 2016, if your system does not meet these standards, you have a legal obligation to change your phone system immediately in order to avoid stiff fines and penalties ranging from $500.00 to $5,000.00 per offense.
What does E911 compliance require?
Calling 911 cannot require an outside access key such as having to press * to dial out (common in hotels and offices).
A call to 911 must relay the detailed, physical location of the phone down to the room number, floor, or office number. Police, fire fighters, and paramedics use this exact information so they are sent to the correct location, avoiding any delay reaching the emergency.
If disconnected, emergency dispatchers must be able to call the phone back directly without getting an auto-attendant, answering service, call center, or remote switchboard.
911 calls connect to the agency within closest proximity to the caller — not the central phone system’s location (e.g., corporate headquarters).
These safeguards are already built into our VoIP phone systems, but if you are unsure if your phone system meets these specifications, give us a call and we’ll make sure that you are covered.
Yesterday, Yahoo confirmed claims that 500 million user accounts were stolen as of a 2014. The data that was compromised includes names, emails, passwords, telephone numbers, and the answers to account security questions. If your account is one Yahoo suspects was compromised, you’ll be prompted to enter a new password as soon as you log on. If you use the same password on other accounts, you should change those, too.
How to Minimize Risk
While there is nothing you can do to prevent these breaches, there are a number of best practices that you can use to prevent exposure from these kinds of attacks:
Pick better passwords: When information gets stolen, the time it takes the hacker to decipher your password is directly proportionate to how common and complex of a password you are using. Avoid common passwords and patterns such as “12345”, “qwerty” or “password” and if you use any actual words in your password, pair them with a few random letters and numbers as well.
Change Passwords Often: Often times these attacks don’t become clear until well after the data is stolen, but if you change your password often, the stolen information will likely be outdated by the time the hacker tries to exploit it.
Never Reuse Passwords: Just like changing your password can prevent stolen info from being used against you, reusing old passwords can re-open you to risk from old breaches.
Update Security Questions: Just like passwords, these can be stolen and used against you as well.
TWO-FACTOR AUTHENTICATION: Adding a second type of authentication, like a one-time code sent over text message, can greatly secure your online accounts making them hard to get into even if your information gets stolen.
Contact us today to find out more about how to secure your company’s online accounts.
With the increase in frequency of Malware and Ransomware attacks over the past few months, we felt the need to make our clients aware of this threat and offer a best practices summary to assist our clients in defending their networks.
What does it look like and how does it work?
There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC.
Prevent you from accessing Windows.
Encrypt files so you can’t use them.
Stop certain apps from running (like your web browser).
They will demand that you do something to get access to your PC or files. We have seen them:
Demand that you pay money.
Make you complete surveys.
Often, the ransomware will claim you have done something illegal with your PC, and that you are being fined by a police force or government agency. These claims are false. It is a scare tactic designed to make you pay the money without telling anyone who might be able to restore your PC. There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
Crowti (also known as Cryptowall), and FakeBsod are currently the two most prevalent ransomware versions. These two families were detected on more than 850,000 PCs running Microsoft security software between June and November 2015.
Please remember once your files are encrypted, you cannot recover them but must restore a fully tested backup and also have removed the threat from your entire system and server.
What can I do to protect myself and my company?
Always verify who the email sender is:
If the email is coming from a bank, verify with your bank if the message is legitimate. If from a personal contact, confirm that they actually sent the message. Do not rely solely on trust by virtue of relationship, as your friend or family member may be a victim of a virus or spam campaign.
Double-check the content of the message.
There are usually errors or discrepancies that you can spot such as a claim from a bank or a friend that they have received something from you? Try to go to your recently sent items to double-check their claim. Such spammed messages can also contain an executable (.EXE) or ZIP file attachments. Never open .EXE, PHP, HTML or script file attachments within an email. Always confirm with the sender that any ZIP attachments are also legitimate.
Refrain from clicking links in email.
In general, clicking on links in email should be avoided. It is safer to visit any site mentioned in email directly.
Refrain from clicking pop up ads on websites offering software upgrades.
In general, clicking on popups should be avoided. You can contact the software vendor’s website or CNC to obtain an updates necessary for your software.
Use a reputable Antivirus security suite.
It is always a good idea to have both anti-malware software and a software firewall to help you identify threats or suspicious behavior. Malware authors frequently send out new variants, to try to avoid detection, so this is why it is important to have both layers of protection. Most malware relies upon remote instructions to carry out their misdeeds. If you run across a ransomware variant that is so new that it gets past anti-malware software, it may still be caught by a firewall when it attempts to connect with its Command and Control server to receive instructions for encrypting your files.
Backup important data.
Unfortunately, there is no known tool to decrypt the files encrypted by ransomware. One safe computing practice is to ensure you have accurate back-ups of your files. You will also need to ensure all data is being saved properly and guarantee your backups validity. Please contact CNC for your data backup options right away.
CNC advises that you do not pay the ransom
Paying the criminals may never get your data back. There have been plenty of cases where the decryption key never arrived or where it failed to properly decrypt the files. Plus, it encourages criminal behaviour.
We want to discuss the importance of having server images and solid backups of all data. This is the single most important part of your defence. CNC would like to review and verify the type of data backups you are currently using and then discuss our findings in detail. CNC will be reaching out to schedule an appointment and we would be glad to provide you with updated options for your system.
Microsoft has been getting more and more aggressive with their upgrade to Windows 10, but it is important to make sure that all of your important programs are compliant with Windows 10 before going through with the upgrade. This is very important since there are a number of mainstream and proprietary business applications that have known compliance issues with this new OS.
Since Microsoft began offering free upgrades last year, reverting Windows 10 upgrades have become one of our most common tech support calls. In many cases these were the unintentional result of Microsoft’s automatically scheduled upgrades. There are several reasons why people have chosen not to go to Windows 10 just yet, but from a business perspective, the process of updating and then reverting Win 10 can cause a lot of down time.
If you have decided that your company would not benefit from upgrading, we have a couple of solutions that can disable Windows 10 upgrades on your machines until YOU are ready to make the switch. The ideal solution, if you are running Windows Pro, is a server level patch that will disable the upgrade dialogues across your network. Our remote technicians can also log into individual machines to prevent updates, we just need a list of those employees and a means of contact.
Love it or hate it, Windows 10 is eventually going to phase out 7 & 8, but this migration process should be done on your terms after your company has had the opportunity to prepare and test for the upgrade. Not because Microsoft decided to arbitrarily pick your name out of a hat.
If you are interested in blocking Windows 10 upgrades, give us a call at 504-224-9475 and we can do the rest.
The legal requirement of websites to be handicap accessible has been a point of hot debate since the 90’s, but in August of 2016(This decision has been deferred until 2018), that debate is finally expected to take a major turn in favor of our handicap community by requiring most websites to adopt the same handicap accessibility requirements as federally funded websites.
Understanding the new Section 508 Compliance Standard
In 1990, the Americans with Disabilities Act (ADA) changed the face of this country by legally requiring that places of public access be handicap accessible. Now we see wheelchair access and handicap parking available for every restaurant, doctors’ office, entertainment establishment, and government agency. At the time, however, the internet was so new that most people did not consider these companies’ websites as a necessary point of access for handicap individuals.
In 1998, congress released a list of legally required compliance standards that apply to all federal and federally funded websites that ensured that people with color-blindness, poor vision, total blindness, deafness, slow reading, paralysis, and seizure disorders could access these sites. These standards came to be known as Section-508 Compliance, or more simply “508”. The new 508 standard is not going to be a new law. Instead, it is a decision expected to be made by the Department of Justice to consider websites as a “place of public access” since so many public services are now only available online. Read more about this here.
What about International Compliance Standards?
While the United States was the first country to establish guidelines for handicap access, many other nations have chosen to adopt the more clearly defined international standard of accessibility known as WCAG 2.0. If you do business internationally, please check this list of nations and territoriesto see if your website is required to meet accessibility standards under the laws of other countries.
If you are unsure if your website meets your legal obligation for Accessibility, or if you have other accessibility questions, please contact our Web Development department today!
*article updated on 11-22-16 to reflect the postponed date of this ruling.
Since Apple officially pulled support for Windows QuickTime earlier this year, two major vulnerabilities have been discovered that significantly compromise the security of any Windows machine that currently uses QuickTime player. While the discovery of such vulnerabilities is not uncommon in the IT industry, in most cases the publishing company will quickly release updates to fix these problems. However, for discontinued products such as this, there is not going to be a solution.
Rather than waiting for these exploits to become more widely used, we are asking that all CNC clients remove QuickTime player from their Windows machines. Since we expect QuickTime compatibility to quickly wain as a result of these developments, we also suggest converting your existing .MOV videos into alternate formats such as .WMV or .MP4 as soon as reasonably possible.
Does this affect you?
If you have QuickTime on your Windows computer, it affects you. There are also many common places that your company may be using .MOV videos right now that could be effected by this issue:
Videos on your website will no longer play in browsers.
Training, Demo, and Product videos may no longer work after you remove the player, or may be playable by perspective clients.
Personal videos saved at home may also become unplayable after removing the player.
If you believe this issue might affect you or your business, Let us Know.