Telesys Voice and Data Blog

We are going to switch things up a bit and walk you through a retelling of a ransomware attack through the eyes of a business owner. Usually when we talk about these types of threats, we approach it from our perspective and talk about what you should do to prepare and what the threats are, but we wanted to try to show you what an event like this could feel like, for you, in your position, and in your own eyes. We hope that this will raise awareness of how crippling an event like this can be on your company, and we hope you let us know if this perspective helps you, your colleagues, and your staff get a more personal sense of what ransomware can do. Enjoy!

What a day it has been!

Typically, when I have a day like I just had, I wouldn’t sit here and write about it, but since our story is sure to help people, I thought that I should. Besides, my adrenaline is still pumping, and I don’t think I can sleep yet anyway.

The day I had was terrifying but started just like any other. I got through my morning routine and made my way to the office. I even stopped at the shoppe to get coffee. Once I entered the building I knew something was wrong. I had two employees beat me to the office. They were milling around almost aimlessly in the hallway. Before I even reached my desk, I was inundated with bad news.

“We are locked out!”
“What are we supposed to do?”

After getting past my employees into my office, I tried to ascertain what the problem was. It was evident very quickly that we had a major problem on our hands.

@!#?! It’s ransomware! I can’t believe it!

It could only be ransomware.

I wasn’t sure what allowed this to happen. Did one of my staff click on a bad link? Was our network vulnerable from the get go? Since the ransomware had spread onto the network, I could tell that the affected computer had to be used to manage other endpoints, pushing ransomware to all the endpoints the terminal had managed. This is why the computers that were on the network had the same message. This means that it ended up stealing usernames and passwords to open each endpoint and lock down the data on them.

It is during this period that the entity that unleashed this beast on us would look to take as much data as they could. It turned out that my company was using a global password configuration and the ransomware spread throughout our network like wildfire. So, when I was met with the message, I knew exactly what I was dealing with.

I never for a second thought that it would happen to us. Our business doesn’t deal with major financial institutions or medical records, so it would seem to keep us safe from these kinds of security breaches. I guess I’m just the latest person to ask, “why us?”

For those who don’t know, ransomware is any type of malicious application that “kidnaps” the data and holds it for ransom. It can shut down the files of a single computer, or in our experience, it can spread over the network to several endpoints; effectively shutting down operations for long stretches of time. I wanted to share my experience to help you know what to expect if you are one of the unfortunate business owners that have to have all the answers.

Don’t Panic
No matter how prepared you are for something like this, at first, you feel panic. Typically, you are immediately overwhelmed and are left kind of dumbfounded, glancing around the room, looking for answers that aren’t there. Regrettably, if you are doing that, the damage is done and there is nothing you can do about that. Scenarios race by in your head and the more they turn negative, the more the fear builds up in the base of your neck, in your throat, or in the pit of your stomach. You need to stay as calm as you can and begin troubleshooting immediately. The thing about ransomware is you can’t just wait it out. Once that wave of fear subsides, you have to make a measured response, because you likely have people that are on the clock, and an IT infrastructure that is locked down.

After the initial shock, I went to work.

Fighting Ransomware
I learned quickly that there are two main types of ransomware:

• Locker - Malware that locks the computer or device.
• Crypto - Malware that encrypts data and files.

The type we were unfortunate enough to encounter was WannaCry, a crypto ransomware that has infected millions of people worldwide by taking advantage of an unpatched Windows vulnerability. As a small business, our technology management was pieced together, but after this event, and all we’ve learned from it, we will definitely be sure to make our staff cognizant of how to avoid situations like this.

For us, we had three machines infected with a variant of WannaCry. The ransomware stated that if we pay $300 in Bitcoin for every machine that was locked, we could get our data back... and the clock was ticking, literally.

At that point, we had three options. We could abandon the machines and buy new ones, we could pay the hackers that had encrypted our data, or, we could attempt to restore our systems.

Part of me wanted nothing more than to just abandon the machines, bust our IT budget for the year and be done with it. We instead decided to try to restore the machines to a prior version, because paying the hackers was never a real option. First of all, any person that could inflict this kind of fresh hell on a small business was not to be trusted; and, I felt if I were to pay the ransom, there was no guarantee that we would a) get our files back; or, b) not get harassed again by the same people.

Since cost was a factor, we reached out the IT professionals at Telesys Voice and Data, and they walked us through the process of restoring our terminal and the two machines connected to it. Luckily for us, they had the knowledge and expertise to help us get through this horrible time. We will lose quite a bit of work, but, as of right now, it looks like we are going to come out of this whole thing much better than the majority of companies that have dealt with it.

I know we were lucky. I know we have to try harder. I know we aren’t out of the woods just yet, but I have to thank the people at Telesys Voice and Data. They really came through for us!

Ransomware attacks are rampant. If your small business isn’t proactive about its network security and if you don’t train your people on what to look for, you could be dealing with a problem that could potentially sink your business. For more information about ransomware, WannaCry, or other threats your organization faces today, call us today at (800) 588-4430.

If your business were to be struck by a Distributed Denial of Services (DDoS) attack, would it be able to recover in a timely manner? Do you have measures put into place to keep them from hampering your operations? While most organizations claim to have sufficient protection against these dangerous attacks, over half of them have simply proven to be ineffective against DDoS.

Students generally love it when classes are cancelled for whatever reason, but thanks to a cybercriminal group called TheDarkOverlord Solutions, a school in Flathead Valley, Montana was disrupted for an extended period of time. This downtime resulted in a disruption of operations for over 30 schools, as well as the threat to the personal information of countless teachers, students, and administrators due to a ransomware attack.

Dealing with disasters are a part of doing business. You know how difficult it is to recover from a devastating flood or storm. While businesses tend to suffer from these situations, countless individuals suffer every time a natural disaster hits. Just take a look at the United States in recent weeks. Even though you may want to donate to people suffering from hurricanes, there are illegitimate charities out there that want to make a quick buck off of your generosity.

As digital systems have been adopted by more businesses, data has become a bigger tool. This is due to businesses having the initiative to direct this data into creating strategy. Today, data services are a desirable component for a business to embrace. Let’s take a closer look at how businesses are expanding their use of their data.

In both the home and the business, security cameras are becoming more and more commonplace as a means of preserving security. However, some malware can turn these devices, and others, into cyber security threats.

The vice president for Fort Worth-based Telesys Voice and IT Services, a network and technology management company, Titus said his company joined the local BBB in 2009 to strengthen their brand. "We wanted to align ourselves with a standard of trust in business. The BBB is an organization that has been upholding the standards of trust in business for over 100 years.

"In our business, transparency and trust are important. Customers need to have a trustworthy partner for their IT and technology needs," Titus said. "Our company values these things, and we found we could identify with the BBB brand."

Botnets are proving to be a difficult hurdle for security professionals, and it’s easy to understand why. Distributed Denial of Service attacks that can knock down servers or services, as well as hordes of remote-controlled zombie computers, are two of the most dangerous ways that hackers use botnets to serve their purposes. What can you do to protect your business from botnets?

Hackers are always getting their hands into sticky situations, but one of the hot topics in world politics--the 2016 United States presidential election--is one of the nastier ones in recent years. In the past few months alone, hackers have reportedly breached not only the Democratic National Committee, but have also infiltrated at least two state election databases.

Sometimes when your workstation feels bogged down, a relatively cheap and simply hardware update can make a huge difference in performance. Adding more RAM (Random Access Memory, often just referred to as memory) can be a game changer for your bogged down PC.

As a business adopts certain “best practices,” it is important for business leaders to consider why they are adopted, and more importantly, are they really for the best? There are many problems that subscribing to false best practices can produce, and so it becomes important to identify, adjust, and resolve them.

This guide was created so that business owners, office managers, and IT departments can provide it as an educational resource to showcase some of the most basic IT security practices that can be implemented in your workplace. We recommend printing this out and handing it out to your staff for maximum results.

It’s imperative that your organization’s software is managed properly. If you can’t do this, then your operations can suffer in the long run. While this might sound like a lot of work, software management isn’t as difficult as it sounds if you break it down into compartmentalized tasks. Ultimately, you can group it into three major steps: leveraging available assets, testing strategies, and understanding the software.

It sure does seem that the term “network” is tossed around an awful lot. Network security, network maintenance, social networking, network switch… but what is a network, really? That is precisely what we shall dive into here.

The way that business is conducted today, the right technology is more of a necessity than a privilege. There are plenty of benefits that it can bring that an organization requires in order to stay competitive. For our tip, we’ll walk through a few ways that your business can be improved through the adoption of certain solutions.

Sometimes when your workstation feels bogged down, a relatively cheap and simply hardware update can make a huge difference in performance. Adding more RAM (Random Access Memory, often just referred to as memory) can be a game changer for your bogged down PC.

A business’ IT solutions aren’t the kind of thing that you can worry about once and never touch again - this is why manufacturers and developers are always sending out upgrades. However, you also need to have a strategy ready before you go to implement these upgrades. For this week’s tip, we’ll review how to put this strategy together.

Traditionally, small businesses don’t use their data in the same way as larger companies. This is largely because they may not think they have a lot of data. Well, I’m here to tell you that even small businesses can have big data. Let’s go over three ways small business can use their data to their benefit.

Gmail and the applications associated with it seem to have some level of inherent trust among users. We just don’t anticipate threats to come in via something from Google. However, it does happen, as a recent spat of phishing has shown using Gmail and Google Calendar. What’s worse, this particular scam has been around for some time.

There will never be a time that we are not committed to improving the security of businesses. To continue striving for this goal, we’re dedicating this week’s tip to describing some solutions that can assist in locking a business and its data down.