BREAKING! A New #Ransomware Outbreak
Here is the latest from McAfee:
McAfee is receiving multiple reports of modified #Petya ransomware outbreak variants. McAfee Labs is receiving various samples which are in analysis, and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.
Extensions currently known as being affected are: .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip
We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.
After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.
Call JamKo Force Networks 239.249.3306 – Your Malware Defense Professional
New WannaCry Ransomware Variants that have Emerged
Previously we alerted you to a global ransomware campaign a few hours after it started. That campaign has now infected over 10,000 organizations and 200,000 individuals in 150 countries. This includes the UK National Health System which saw ambulances divert from affected hospitals.
On Friday a researcher accidentally stopped the ransomware from spreading by registering a domain that served as a kill switch for the ransomware.
A few hours ago new variants of the WannaCry ransomware started emerging. One of the variants was also stopped today by registering a kill switch domain, the same way the ransomware was stopped on Friday. A second variant is not encrypting infected machines due to an error in programming, but it is spreading.
We expect new variants to emerge all week that continue to exploit the vulnerability in SMB that WannaCry has been using. It is critical that Windows users protect themselves immediately against this threat.
WannaCry Ransomware: How to protect yourself
- If you use Windows, install the patch that Microsoft has released to block the specific exploit that the WannaCry ransomware is using. You can find instructions on this page in the Microsoft Knowledge Base. You can also directly download the patches for your OS from the Microsoft Update Catalog.
- If you are using an unsupported version of Windows like Windows XP, Windows 2008 or Server 2003, you can get the patches for your unsupported OS from the Update Catalog. We do recommend that you update to a supported version of Windows as soon as possible.
- Update your Antivirus software definitions. Most AV vendors have now added detection capability to block WannaCry.
- If you don’t have anti-virus software enabled on your Windows machine, we recommend you enable Windows Defender which is free.
- Backup regularly and make sure you have offline backups. That way, if you are infected with ransomware, it can’t encrypt your backups.
- For further reading, Microsoft has released customer guidance for the WannaCry attacks and Troy Hunt has done an excellent detailed writeup on the WannaCry ransomware.
-This info is public access and spread the word!
What is a Ransomware Virus?
Ransomware virus is a kind of malicious script or software that installs itself on your computer without your knowledge. Once it’s installed and running, it will lock down your system and won’t allow you to access any files or programs on that computer. Usually, as in this current WannaCry exploit, it will alert you to the lockdown with an impossible-to-ignore pop-up screen which informs you that your computer is being held for ransom. To unlock your system and regain access to the computer being held hostage, the lock screen informs you that you must purchase an unlock tool or decryption key from the hacker.
How Can You Tell If Your Computer Is Infected?
The most obvious way to tell if your computer has been affected is if you are seeing a ransomware pop-up screen when you start up your computer. But because we don’t know how long the malware sits on your computer or network, not seeing this pop-up isn’t necessarily an indication that you haven’t been infected. The bottom line: if your Windows computer has connected to a shared network, such as those found in schools, public places, cafes and businesses, and you don’t have complete control over every computer on that network and haven’t been keeping Windows up-to-date, your computer may be infected.
How to Protect Yourself From the Vulnerability
According to Microsoft a fix for this vulnerability was released on March 14th for all affected versions of Windows. If you are running Windows and have automatic updates enabled you should be okay. If you don’t and haven’t updated recently you should update to the most recently released version immediately.
Please pass this along to your friends and family. Those that are less technical may not have updates auto-enabled, and may need a helping hand updating their operating system.
-Article: Courtesy of Wordfence.com
JamKo specializes in (Health Insurance Portability & Accountability Act) HIPAA technology compliance for medical offices in SWFL. The fines by the HIPAA regulatory body, are potentially crippling to most medical practices. JamKo can help in avoiding HIPAA fines.
Did you know, doing something as simple as running a Windows XP computer on your network, could result in fines of $50,000/per affected patient record? This could equate to putting a medical practice out of business.
We partner with local Attorney at Law, Bruce Vanderlaan
This partnership helps in covering all the bases in avoiding HIPAA fines and compliance for our customers who are operating medical practices. We believe in a comprehensive approach to securing your computer and network infrastructure, while making sure we do things as cost effectively and competently as possible, without cutting corners. Partnering with a legal professional who possesses a wealth of experience in dealing with HIPAA compliance for SWFL medical practices, allows us to provide the necessary level of service to accomplish our goals.
We offer a free evaluation of your medical office computers and network infrastructure, and we will deliver easy to understand results. Contact us at 239-634-6540 to setup your free evaluation. We will deliver the peace of mind you deserve, so you are able to focus on running your practice.
JamKo provides managed computer services for medical practices in Fort Myers, Naples, Cape Coral, Bonita Springs, Estero, Marco Island, Port Charlotte, Punta Gorda, Sanibel Island, and Lehigh Acres, Florida.
-by Jim Kockler
Did you know most people are running their office and home computer networks at 1/10 the available speed? To make matters worst, wireless networks are often running less than 1/10 the speed available, even while using the popular “N” standard for wireless communication.
Manufacturers, retail stores, and salespeople, know the specs customers are generally honed in on. Most consumers are simply unaware of what the 802.11ac wireless standard actually means, or what a gigabit network switch is. Thus, they are sold outdated and slow technology disguised as a hot-buy because the hard drive is 1TB instead of 500GB. With how much of our computing life is spent inside of a web browser, the salesperson who sold you the computer with a slow wireless interface, would be inline to sell you a car with only two tires.
Even if you are fortunate enough to have modern network and wireless cards in your computer, most networks are still back-boned with outdated technology. We have fixed countless network problems simply by replacing the main network switch, which is one of the least expensive network components to have installed. I often find other IT consulting firms quoting new servers at an average of $7,000 to fix a slow network issue, when the problem was not the server. Instead, simply replacing the outdated 100mbps network switch with a modern 1,000mbps (gigabit) switch, resolved the issue. To give you an idea of the price difference, replacing a 24 port managed network switch is roughly $350 parts and labor. Those numbers speak for themselves.
Fast Computer Networks
The price point for the faster network standards has come well within range of affordability for the average consumer and small business. There is no reason for your business to run at 1/10 it’s potential. Your family shouldn’t have to fight over a bottle necked home network. JamKo will upgrade your network to the level it deserves, and we always make it affordable.
We offer a free second opinion on your current IT needs, so before you buy, give us a call for a no pressure second look.
JamKo offers computer and IT services for businesses and homes in SWFL. We service Fort Myers, Naples, Bonita Springs, Estero, Cape Coral, Marco Island, Sanibel Island, Port Charlotte, Punta Gorda, and Lehigh Acres.
-by Jim Kockler
A Gateway Sun Press Release did a story on our new location in Gateway, and our membership in the new Gateway BNI Chapter, “The Gateway Business Leaders!”
Check out the article here, and checkout a snippet from the article below:
“Someone who we did speak with on the record is James Kockler of JamKo Force Networks.
Kockler’s company represents the group’s Computer Networks category and he was already a BNI member with a Fort Myers area chapter. However, JamKo recently set up a new business office here in Gateway so Kockler decided to make the switch to the Gateway Business Leaders chapter.
“I have been a member of BNI since November of 2013. It was a tough decision to transfer from the Radical Networkers chapter into the Gateway Business Leaders chapter, as my previous chapter had brought a great deal of success to my business. JamKo had recently opened our main location in the heart of Gateway, looking to fill the void for a computer company in the community. After visiting Gateway Business Leaders and seeing the enormous potential for growing my business with such a strong core group of people in Gateway, the decision just made sense,” said Kockler.
JamKo offers IT and VoIP services and their slogan is ‘We speak to you in English, not geek!’