On October 28th, the Federal agency, CISA (Cybersecurity & Infrastructure Security Agency), issued a warning about ransomware targeting the Healthcare and Public Health Sector. Among the specific strains mentioned, Ryuk and Trickbot were two that PC Matic effectively identified and blocked on October 26th.
Typically, ransomware strains like Ryuk are sent via email in a word doc. The victim opens the word doc, and then releases the malicious program onto their system. These attachments can be unassuming and difficult to spot.
Even with a security warning, some people still open these documents.
As you can see, the email program is warning the user of a security issue. Most infections are caused due to user error. This means that the targeted victim does what was expected of them and opens the document. While it is possible for a piece of malware to brute force its way into a system, it’s unlikely. As one of my PC Matic co-workers said, “why put the effort into a brute force attack when so many people willingly open malicious scripts?”
Keeping yourself educated on what to look for, like the picture above, will help you better see the warning signs of a malicious file. A good antivirus program is the next step in your defense.
PC Matic Catches Viruses
Our default-deny approach allows us to catch harmful malware, like Ryuk and TrickBot, before they can let loose on your machine. One of our malware researchers put together a video for us last week on how PC Matic blocked both these strains on the 26th. Below are some screenshots from that video.
Both pieces of malware are sitting on the machine in this plain site demonstration.
As you can see, both of those executables are contained on the desktop in the controlled demonstration.
TrickBot is the first selected.PC Matic blocks the harmful strain from executing.
In the above two images, you can see the Trickbot file selected and given an attempt to run. You can also see that PC Matic has blocked the file.
Next, let’s look at the Ryuk file.
Ryuk is selected.And PC Matic blocks Ryuk.
Again, our automated whitelist software blocks the malicious file before it’s able to run. Because whitelisting blocks everything not recognized on our allow lists, even if these were new strains they would still be blocked. This means you don’t have to wait for something to be recognized as bad for us to block it.
As ransomware becomes more prevalent and more sophisticated, it becomes imperative that we know how to stop it. Continued education and proven antivirus solutions should be a part of your anti-ransomware arsenal. So what are you doing to fight ransomware? Connect with us on our social media pages to join the discussion.
Ad blockers are a great way to declutter webpages. Have you ever clicked on a Pinterest recipe or a sports headline only to have to scroll through endless ads to get to the content you want? An ad blocker clears all of those for you.
There’s another advantage to using ad blockers. Occasionally, hackers embed malicious code in links. There’s a good chance these links end up in ads on a site. An ad blocker can keep you safe from these.
But sometimes you need to disable ad blockers. There are several sites that rely on the revenue they receive from ads to run. Having an ad blocker that turns off and on with ease can make browsing the web simple.
Take a look at the video below from PC Matic University to learn about the PC Matic ad blocker and how to turn it off and on.
We like to ask the public from time to time about habits they have pertaining to certain activities. We’ve dug into work habits during the pandemic, RDP awareness, and now holiday shopping habits.
Over 5000 people answered our shopping survey. With 53% stating that their shopping habits have changed due to COVID-19, we wondered how you were feeling about the shift in shopping. Below are the results.
Shopping Stats
At least 80% of Americans, based on our data, plan to shop online this holiday season. Of those people, 76.5% intend on shopping from a laptop or desktop computer. Only 21.5% intend on shopping from a mobile device or tablet.
The majority of online shoppers, 87% in fact, are concerned with retailers selling their data. Additionally, 82% of shoppers display concern over identity theft.
What It Means
The number of Americans planning to shop online will significantly increase this year. Online shopping habits are usually pretty split, due in large part to Americans’ distrust of online privacy and security. It seems that many still have safety concerns.
Most people plan to shop from a computer rather than a phone. With good antivirus software and some common sense best practices, shopping online from your computer can be perfectly safe.
Below we’ve included a handy infograph with all the statistics we gathered in addition to some common sense shopping tips. It’s our hope that you have a wonderful (and safe) holiday season!
PC Matic University (PCMU) has been in development for over a year now. The quizzes, videos, and tutorials are meant to give you a better understanding of how your computer runs. We also show you how PC Matic protects and optimizes your device.
All of this is free to you. Cybersecurity is our number one concern at PC Matic. PCMU is aimed at making sure we keep you educated on the tools you’re using.
Below you can find a link to our basic computer safety test. It’ll test your knowledge on computer safety. Afterwards, the test breaks down any answers you may have missed. There’s also a link to the PCMU video library to offer you additional resources.
Check back frequently for more PCMU content as it’s delivered to you. And, as always, stay safe out there.
User Interface (UI) is so important for any product. If you don’t have an easy way to use your software, you probably won’t use it at all. And that’s not great when it’s software meant to keep you protected online.
Then again, if a product is constantly changing, it becomes annoying trying to figure out where all the features you just figured out are now located. So there’s a balance between a healthy update and changing it because someone didn’t like the placement of a button or the swoop of a font.
PC Matic 4.0 is a beautiful new interface that keeps everything working the way you’re used to with your consumer portal. We’ve updated some information. Getting support is easier. And knowing what’s running on your machines and where to see it is simple.
Take a look at the video below to learn all about the new interface. We hope you enjoy!
Let James take you on a walkthrough of your new PC Matic UI
From time to time, we cover topics from NIST. If you joined us for Cybersecurity Awareness Month, you followed along with the themes that NIST set out. However, you may not be sure what NIST does.
From the Wikipedia page, “The National Institute of Standards and Technology (NIST) is a physical sciences laboratory and a non-regulatory agency of the United States Department of Commerce. Its mission is to promote innovation and industrial competitiveness. NIST’s activities are organized into laboratory programs that include nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement.”
NIST was formed in 1901 and for 120 years, they’ve been pushing American innovation. PC Matic is happy to join in with that mission. Moreover, the National Cybersecurity Center of Excellence (NCCoE) is a branch under NIST. They’ve formed a partnership with 50 American businesses to initiate the National Cybersecurity Excellence Partnership (NCEP).
Partners
As a partner, we’ve pledged to commit resources to, “our mutual efforts to advance the rapid adoption of secure technologies.” These resources can be physical or the collective of our knowledge, including experts in their field to assist with research and development.
Our CEO, Rob Cheng, believes, “cyber threats are an imminent threat to America’s national security.” Furthermore, Mr. Cheng is a proponent of transparency in attacks. Most importantly, by becoming a partner, we can allocate resources to helping strengthen American security.
Learn More
We want you to learn more about these agencies! First, visit the National Institute of Standards and Technology’s website. Learn about all the different sectors they cover.
Next, venture down the cybersecurity rabbit hole with us by visiting NCCoE’s website. You can learn about the center, current projects, and any news. You may even find some interesting events to keep you occupied.
Finally, keep up with us here at PC Matic. We love hearing from you. And we love hearing about what you’ve been learning. Let’s continue to stay safe together.
Between the end of 2019 and the start of 2020, the National Institute of Standards and Technology (NIST) began heavily recommending whitelisting technology. Brands that hadn’t been using it were converting over. Big name AV companies began slowly integrating the technology into their offerings.
It’s over a year later, and they still aren’t utilizing whitelisting technology to its fullest. But PC Matic has been using it as the forefront of our protection for both Home and Pro for a decade. Our whitelist turns 10 this year, and that’s pretty significant.
Building The List
PC Matic Sales reps often get asked about what’s on the whitelist. It always elicits a well intentioned smile from the rep. It’s hard to imagine that everything is on there, but it is.
Over the past 10 years, we’ve been building and refining our whitelist. If you can buy it online, and it’s safe, we’ve whitelisted it. There’s no need to worry.
And if you’re running a piece of proprietary software, something built just for you, we can get that added. Our researchers are constantly analyzing and classifying samples that our software interacts with. If it’s bad, it gets banned. If it’s good, however, it’s added to the collective knowledge.
Working The List
Whitelisting works on the concept that only what we know is good is allowed in. Take a look at this blog I wrote last year to help you understand the concept. It’ll take you through the ins and outs of whitelisting.
Basically though, there’s a list. And when you’re running our product, that list is telling your computer what’s safe to allow on it. This is pretty important to understand. If your email is hacked, that’s your email. It’s not hosted on your actual machine. This is why it’s important to continue to use common sense email practices.
But if your email is hacked and they try to install something on your machine that will allow them to access your network, well, there’s where we swoop in. All your emails may have been compromised, but they aren’t getting into your network, and they aren’t getting into your files.
What’s Next
2020 was the year we received the patent for our signature whitelisting technology. That means that when big corporations like Microsoft make software, they sign it. Since we know Microsoft isn’t trying to hack you, we whitelist that signature. PC Matic was the first to do this, and that’s been officially recognized by the US Patent Office.
And we’re going to continue to bring you next generation technology. As we grow, research, and build our product, it’ll only continue to improve. Now as a partner of NIST, we’ll be working with other American companies to further American business innovation in the field of technology.
Stay with us as we continue to bring you innovation ahead of the rest. And stay safe out there.
Welcome to the fourth in our PC Matic University series. This week’s installment is a quiz regarding your knowledge surrounding malware. Do you know what it is and the different kinds?
Meanwhile, if you missed the first three classes, no worries, you can catch The Internet Test here and link back to the other ones from there. You don’t have to take the classes in order, and you can skip one if you think it doesn’t pertain to you.
But if you’d like to learn more about malware, the different types, and basic prevention strategies, take a look at the video below.
PC Matic University Malware
First, let James take you through the different types of malware. Think about how susceptible you are to each of these. Next, ask yourself if you knew that all of those different types fell under the larger umbrella of malware. What surprised you the most?
Once you’re done with the video, you can take the Malware test here. And finally, run a scan on your own system for good measure.
Visit us on our social media accounts and let us know what you’re doing to prevent malware attacks.
Last week, PC Matic VP of Sales, Corey Munson, sat down with Scott N. Schober. Scott’s book, Senior Cyber: Best Security Practices for Your Golden Years covers topics, “From the basics of the internet to the fight for healthcare privacy and security that is so critical to our aging population, Senior Cyber offers simple advice and expertise for all levels of internet experience.”
Scott covers both basic and advanced tech and security topics with the aim to make them accessible to everyone. One point they discussed, and one that deserves a bit of attention, is the inaccessibility in registration for the COVID-19 vaccine.
Scott discussing a COVID scam
The first round is available to people 65+ who are wanting to get vaccinated. One of the problems with the rollout, is that many adults in the eligible category aren’t as tech savvy as the registration may require. The potential for scams, as Scott describes above, is high.
There’s also the potential that people who need or want the vaccine will be skipped, simply because the signup process isn’t catered to them. In a LinkedIn post, Corey describes his own experience with signing up a family member. Additionally, he calls on others to assist eligible people they may know in getting registered.
Understanding Someone Else’s Point-Of-View
Scott and Corey discussed looking at cybersecurity through the lens of someone over 65.
Based on the comments we receive here on the Tech Talk blog, a lot of you consider yourselves not to be as tech savvy as you’d like. For Scott, that doesn’t mean you aren’t knowledgeable or able. What it means is that you approach technology differently than people in another generation.
Scott discussing differing vantage points on technology
So he’s looking to bring his cybersecurity approach to you in a way that works with your particular viewpoint.
A quick internet search of “ransomware attacks” will show a multitude of stories from just the past week. Phishing and phone scams coupled with fraudulent text and email links are increasing as well. It’s important to be able to know how to spot the warning signs for these scams. Scott wants to make sure you can do that.
Moreover, the book is a guide. We’re in a constant state of searching for information that will help our understanding of the world. Senior Cyber aims to open up your understanding of topics relevant to you and your relationship with cybersecurity.
Win A Copy
Scott was generous enough to gift us with 5 copies of Senior Cyber: Best Security Practices for Your Golden Years to give away. For a chance at the random drawing that will be held on Monday, February 22nd, hop over to this quick and secure survey.
How much do you know about cybersecurity and current events surrounding it? What’s your greatest security challenge? We want to hear from you both in our secure survey above and in the comments below. It’s our responsibility to each other to practice online safety and keep each other informed. We want you to stay safe out there.
Do you know a motherboard from a CPU based just on a picture? If the answer is “no” you’ll want to watch the Basic Computer Hardware videos below from PC Matic University.
This next chapter in the series aims to teach you the basic parts of your computer. But why do you need to know that? You’re never going to open up your computer and monkey around with the pieces.
I thought that too. Then I needed to replace my hard drive with an SSD. Could I have paid someone? Sure! But why when I could do it myself? It’s the same idea as being able to change your own headlights on your car or replace a wonky pipe under the sink.
Computer maintenance and repair should be left to the pros when it’s the big stuff, but the little bits are totally doable yourself. You’ll save time and money. Plus, there’s a feeling of satisfaction when you’re able to fix something with your own two hands.
So watch the videos below then hop on over to the quiz to test what you’ve learned. And stay safe out there.
You did it. You made it to the end of our freshman PC Matic University curriculum. If you’ve been with us through the entire journey, this is your 7th and last section. This one is on PC Matic and the basic features of our Home product.
If you read that and thought, “whoa, wait, there’s 6 previous classes?” Don’t worry! You don’t need to do the classes in order, but we do recommend looking over them. Go to our Tech Talk page and you’ll find them. All of the videos are embedded in the posts. You can watch them from there and then take the test which is linked at the end.
Speaking of embedded videos, check out the ones for this course below.
PC Matic videos about our Home product
I recommend watching those 8 videos then jumping over to the quiz to test what you’ve learned.
We’re so excited you’ve taken this journey with us. You can reach out to us on our social channels or by going to our website to contact Support. Any way you do though, we want to hear from you.
PC Matic’s Corey Munson joined eChannelNews’ Julian Lee yesterday for a chat about the state of cybersecurity. If you read the guest post by retired FBI Cybercrimes agent Scott Augenbaum, you’ll know he firmly believes that 90% of cyberattacks can be prevented. In the beginning of Julian and Corey’s chat, they discuss this and some of the preventative measures we believe can accomplish that goal.
Julian then asked Corey how PC Matic differentiates to achieve that prevention goal. As we’ve discussed in the past, PC Matic uses whitelist technology and holds the patent for signature whitelisting. That means we’re only allowing through programs known to be good.
And signature whitelisting? Well, that means verified sources like Microsoft can sign all their software with their signature. We recognize that as good and let it through. This can save a lot of time when a verified source releases updates or new software.
The Work-From-Home Landscape and MSPs
Corey goes on to address the issues surrounding our new remote work landscape. With more people than ever working from home, companies may not be equipped to handle in house IT. Managed Service Providers (MSPs) are among some of the best resources for those businesses.
PC Matic works closely with MSPs, as Corey states, to help close that security gap. “That’s where MSPs come in, and we can help with our product,” Corey tells Julian.
The two go on to discuss the multi-layered approach to security. Julian asks if we suggest rip and replace versus adding PC Matic as another layer. “We can do both,” Corey informs. And using PC Matic eliminates the need for additional staff.
“Just as recently as yesterday we had a focus group with a group of our MSPs. And that’s one of the things we focus on,” Corey explains, “… is that feedback from our MSP partners to further refine the platform so it is efficient…”
Becoming a Partner
Corey and Julian go on to discuss PC Matic’s ease of deployment, MSP engagement, and partner support. And then there’s a little history on PC Matic itself. Plus the two delve into what it’s like to be a partner with PC Matic.
For more information on PC Matic’s Partner options, visit us here.
For more information on PC Matic’s powerful business tools, visit us here.
PC Matic CEO, Rob Cheng, has always had his finger on the pulse of evolving cyber security technology. It’s what led him to found PC Pitstop in 1999, the company that later became PC Matic. His insights have always been ahead of his contemporaries.
Back in 2016, Mr. Cheng sat down with Bob Bragdon, publisher of CSO. For reference, “CSO is the leading information source for chief security officers (CSOs) and senior executives when making critical decisions regarding effective security and risk practices while driving business forward.”
Mr. Bragdon shared a statement made two years earlier, in 2014, by Symantec declaring antivirus to be dead. Similarly, Gardner stated that the focus should be changed from prevention to detection and response. Mr. Bragdon asked Mr. Cheng his thoughts. What followed was an insightful look at the future of ransomware. Many of Mr. Cheng’s predictions came to pass. Let’s take a look at the most important points.
Antivirus Is Dead
Rather than declare antivirus dead, Mr. Cheng suggested that we abandon the use of the blacklist. He explained the differences to Mr. Bragdon, noting that whitelist is effective prevention because it only allows through the known good. Whitelist is the only preventative measure against polymorphic viruses. Because polymorphic viruses are able to mutate, traditional antivirus, or blacklist software, was inefficient because someone would always have to be infected before that particular strain was identified and stopped.
A good deal of the apprehension toward the whitelisting approach, however, revolves around the prevalence of false positives. That, in turn, creates more work for IT staff to update and maintain the whitelist. Mr. Cheng’s answer to this was a policy still in effect at PC Matic today. Our Support Team does the work of updating and maintaining the whitelist. We also provide support to customers and IT specialists using our products.
In the wake of the shortage of IT professionals, and the security concerns raised in the past year by businesses, this helps fill part of the gap in security. By removing the burden from an already stressed IT team, we free up their ability to monitor other security issues within their organization. It’s a win-win.
So Mr. Cheng’s comment that abandoning prevention completely would be a “misstep” was spot on. In fact, in April of 2019, the Cybersecurity & Infrastructure Security Agency (CISA) released a whitepaper with clear guidelines for ransomware prevention. The final bullet point in the prevention guidelines was to use and keep updated preventative software.
The Evolution of the Attack
When asked about his predictions, Mr. Cheng noted the rise of polymorphic ransomware. In 2016, it wasn’t that prevalent. By 2019, 93.6% of malware was polymorphic. Mr. Cheng’s foresight was spot on with the progression of ransomware.
But the evolution of the viruses wasn’t the only prediction Mr. Cheng made. He explained to Mr. Bragdon that the exploitation of vulnerabilities on the machine would go far. It hadn’t yet been used as a primary source of attack.
While there have been other instances in the 5 years since Mr. Cheng’s prediction, the most notable, has been in the recent news. After the SolarWinds breach, ransomware attacks have exploded. On March 11th 2021, Microsoft disclosed the Microsoft Exchange vulnerabilities were being used to facilitate ransomware attacks.
Right in line with Mr. Cheng’s predictions, one of the largest software giants on the planet was compromised via an exploitation of vulnerabilities.
Where Security Is Needed
Mr. Cheng was passionate about the need for endpoint security. “Technology is so embedded in everything we do,” Mr. Cheng says, noting that everything from schools to hospitals to government are all reliant on their endpoints. Indeed, these have all made news in the past year for continual security breaches.
To his point, 70% of successful attacks in 2019 originated on the endpoint. So the suggestion of focusing less on endpoint security by both Symantec and Gardner was not only misplaced, but also a dangerous lack of foresight. Endpoint security is more crucial than ever.
The Cost of Ransomware
At the time of the 2016 interview, the numbers for ransomware in 2015 were in. The FBI stated that the total cost for that year was around $20 million. Acer computer manufacturer was hit in March of 2021 with a single ransom of $50 million which was double that of the 2015 overall total for all ransomware. By the end of 2021, 6 years later, the estimated yearly cost of ransomware will be over $20 billion.
But monetary values aren’t the only costs of ransomware. As we outlined, in our Work From Home report, there are business and human costs associated with ransomware as well. Prevention is a key part of minimalizing the effects it has on real people.
As we look to the future of ransomware, we can only speculate where it will go. We can guess, however, that Mr. Cheng has a pretty good idea of what that future looks like. Let’s make sure we’re listening.
You’ve been asking for phone support, and we listened. But you know we couldn’t just offer phone support. We had to give you the superior experience you’re used to from PC Matic. So we’d like to introduce PC Matic+.
PC Matic Plus is an unlimited, multi-device service. What does that mean? Unlimited support for all the devices in your home, not just your PC Matic compatible devices. In addition to your computers and mobile devices, PC Matic+ can assist with printers and routers as well. But we’re not forgetting about your PC Matic needs. You’ll still receive unlimited support and training for PC Matic with this new service.
When and How?
Want to talk to someone on the phone? PC Matic+ covers that. But what if email is your favorite? You can do that too. Busy on the phone and need a chat box? That is also an option. Are you completely flummoxed and in need of someone to remote in and do something for you on your computer? You guessed it, PC Matic+ can do that too. And it’s all done by US based technicians.
And it doesn’t matter when you need support, PC Matic+ is 24/7. So if you come home from work at 6pm to find an offline printer that you just can’t restore, give us a call. Did your router go haywire while writing that term paper at 3am? We’ve got you. Unlimited, 24/7 support means you have the freedom to use your technology how you want.
How Much?
I always find it so frustrating when I’m looking at a new product and the company doesn’t want to tell me how much it costs. PC Matic+ is going to be $100 a year, but you can snag it now for $75 for the first year. Even at the regular price, it’s half what the other guys are charging for support that isn’t unlimited. It’s a pretty great deal.
“But do I have to pay for support now?” PC Matic+ is additional, unlimited, multi-device support. Our PC Matic Support Team is still here, and still included, with the purchase of your PC Matic product. That’s a service we believe you deserve. But we urge you to try out PC Matic+ for all of it’s amazing benefits. We know you’re going to love it.
PC Matic CEO Rob Cheng has his finger on the pulse of cybersecurity. In addition to writing multiple op-eds appearing in media outlets across the country, Rob is also part of Forbes Business Council. He also likes to drop in on Myrtle Beach radio host, Liz Calloway, and her show.
They talk about ransomware and prevention, cybersecurity news to what the government is doing, and everything in between. Rob has been a regular guest on Liz’s show since 2019. You may not have known, but now you can listen by visiting the CyberSmart with Rob Cheng page.
Rob’s appearance on each episode ranges from 7 minutes to approximately 20 minutes. Each time, he shares insight, wisdom, and what’s going on in cyber news. Catch up on all the back episodes then check out The Liz Calloway Show for new episodes.
On Wednesday, May 12th, Clemson University will host the South Carolina Small Business Security Summit. While this free virtual even bears the name of the university’s home state, the reach is broader than South Carolina. Cybersecurity is at the forefront of the news each day. Moreover, with ransomware rampant and breaches reported weekly, cybersecurity is more important to a small business than ever before.
PC Matic, also based in South Carolina, is presenting for the event along with an impressive list of panelists and speakers. PC Matic CEO, Rob Cheng, will appear alongside cybersecurity security experts from Clemson, the DoH, the DoD, the New York Times, the U.S. Small Business Association, and South Carolina’s governor, the Honorable Henry D. McMaster.
About The Event
“Clemson is a leader in cybersecurity-related research and educational activities, especially as part of its R1 designation for cutting-edge research programs. A multidisciplinary curriculum and hands-on opportunities provide valuable, real-world experience for the next generation of cybersecurity professionals. Along with years of experience working with leading information security technologies alongside community and government agencies, Clemson safeguards University systems and information through monitoring, mitigation and awareness. Clemson’s rigorous work has earned Cyber Defense Research and Cyber Defense Education designations from the National Security Agency’s Centers for Academic Excellence in Cybersecurity.” Notes the event page.
Don’t worry, however, if you’re a small business owner feeling overwhelmed. The panelists and will discuss ways small business can work with the government for better cybersecurity. Additionally, the resources provided will help the small business owner make informed decisions about their own security plan.
Ransomware isn’t stopping any time soon. As a result, it’s time for American businesses to take their cybersecurity to the next level. PC Matic and Clemson University want to give you the tools to do that.
For more information and to register for this free event, please visit the registration page.
2020 was that to say the least. No matter your political affiliation or beliefs, it was a difficult time in our country. Compounding all of the global news was the looming election in the United States. Americans had a lot on their minds, but where did cybersecurity fall in that?
As malware and data breaches ran rampant, ransoms continued to increase. Ransomware went from being an arbitrary thought in the American household to a regular headline across our news feeds. Everyone is now aware in some respect. And despite the continued attacks, Americans have yet to bring the conversation forward.
So PC Matic was curious, how do Americans feel about cybersecurity? Do we think we’re prepared? Finally, are our federal and local governments equipped to handle an attack?
The Survey
Nearly 1400 people from across the US were surveyed for our Americans on Cybersecurity poll. These respondents represent ages 18 to 75+ and are from a myriad of different educational and socioeconomic backgrounds. Additionally, the gender split was almost completely even.
The highlights include the first and possibly most important question. “How confident are you that the United States government can defend itself against cyber-attacks?” 57% of Americans polled do not feel confident that the US government can defend itself.
Another interesting find is that over 90% of Americans are concerned about identity theft following an attack. In fact, a majority of Americans (85%+) have concerns about losing access to financial institutions, personal devices, and critical infrastructure like water and electricity. These are all valid concerns.
In Summation
Mostly what we found are that Americans are split. Some feel we’re prepared, others vehemently do not. What we can all agree on, however, is our collective concern over if a successful attack were to be executed. With President Biden’s infrastructure plan being rolled out, we wonder how much of that will be allocated to the persistent need for increased cybersecurity. So far there are no set plans.
If you didn’t have a chance to answer, tell us how prepared you feel your local state government is for a cyberattack. Also, do you feel the federal government could defend itself under those circumstances? Let us know! We look forward to hearing from you.
In mid-March, we issued a guide to the patching of vulnerable versions of Microsoft Exchange Server. The affected versions include Exchange Servers 2010, 2013, 2016 and 2019. In mid-April, we took a look at our data to see how quickly this software was being updated to the new releases. Unfortunately, we’re not seeing as much progress as we anticipated. Our data shows that more than 50% of devices are still running vulnerable versions.
PC Matic is confident that its customers are secure but stresses that any vulnerable software should be patched immediately as a best practice.
Unless you’ve been under a rock the past few days, you’re aware of the Colonial Pipeline cyber attack. You may not know all the specifics, but what you do know is that ransomware was involved and now the pipeline is shut down. It’s a mess. And the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have identified the DarkSide ransomware group as being responsible.
DarkSide is a Russian group. Although state-sponsored attacks are prevalent, this group hasn’t necessarily been linked the Russian government. They’ve been extremely active as of late, targeting large American companies for big payouts. The Colonial Pipeline isn’t the first and won’t be the last.
What We Know
I don’t think there are absolutes we can mention just yet as far as what we know about the Colonial Pipeline hack. What we do know is what the next steps are for other businesses. CISA and the FBI released an alert with mitigations and best practices.
Let’s be honest, these are steps that, if you’re concerned about cybersecurity, you should already be employing in your security landscape. But the fact that ransomware gangs are still able to get in means prevention is still woefully lacking. And prevention is going to be your saving grace.
As we can see from the after effects of the Colonial Pipeline shutdown, mitigation and detect and respond isn’t the answer. While there are parts of the pipeline being controlled manually, it’s just too large to be fully operational without it’s systems online. So while they make sure their systems are being cleaned and contained, their operations are offline. Wouldn’t it have been better to prevent the attack in the first place?
Best Practices
Many of the recommendations are steps we should already be using. Have you updated your software or trained your employees on phishing scams? Are you using application allowlisting? Do you have control over your RDP ports? Do you have a product with patch management and RDP monitoring that runs using its own patented application allowlisting technology? (Ok, so this last one is a PC Matic humble brag.)
If you didn’t answer “yes” to each of those, I have to ask why? Ransomware is getting worse. Detect and respond is not a viable only option. The only way is prevention (and common sense practices regarding backups and quick recovery). Paying better attention to preventative technology might have avoided the shut down of a pipeline that services 45% of the east coast. And, to me, that’s a pretty big deal.
Want more information on PC Matic’s preventative approach for government and business? Let’s talk.
It has been 11 weeks since Microsoft released patched versions of Exchange Server, which were being actively exploited since the beginning of 2021. We took a look at our data in mid-April to understand how quickly users were updating their software. The stats were not great. Over 50% of users were still running vulnerable versions of Exchange six weeks after the updates were released. We gave it another month, hoping that the vast majority of users would have updated their software by then. Unfortunately, that is not the case. Our data shows that 48% of users are still running vulnerable versions of the Exchange software.
According to the Cybersecurity & Infrastructure Security Agency (CISA), “New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep your software up to date. This is the most effective measure you can take to protect your computer, phone, and other digital devices.”
Cyber criminals are attacking and exploiting everywhere they can, from individual machines to servers of infrastructure giants. It is up to the users to prevent these attacks by being pro-active in securing their devices and data. Follow the guidance from the CISA and prevent attacks by updating your software as soon as the release becomes available.
