Ransomware- What you should know!!!

The purpose of this article is to educate users on the dangers of Ransomware, or Cryptolocker.

Definition: Ransomeware is malicious software that is delivered usually via emails that look legitimate, and are designed to trick users in to opening attachments or opening links to files in order to encrypt files (making them unreadable) and demanding a fee to have the data de-crypted.

What is CryptoLocker?

CryptoLocker is a ransomware program that was released in the beginning of September 2013 that targets all versions of Windows computers. This ransomware will encrypt files using a strong encryption that is almost impossible to crack. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransompayment in order to decrypt the files.

If the payment is not made in time, access to all of the files will be lost. The only good way to recover from CryptoLocker is restoring from a backup (if you have one, and hopefully it’s recent).

How do you become infected with CryptoLocker?

This infection is typically spread through emails sent to company email addresses that pretend to from Fedex, UPS, DHS, or even invoices. These emails traditionally contain a zip file that when opened will infect the computer. These zip files contain executables that are disguised as PDF files , office files or any sort of document that can use macros. The infection can also spread and wreak havoc on your network if not stopped. According to Newsweek, in 2015 affected Americans paid about $325 million due to ransomware attacks; in 2016 cyber security analysts estimate it will be much higher.

If these attachments are opened, they will change files files on the network (workstations and servers) to an encrypted version that can only be unlocked with a special key.  Without this key, your data is impossible to get to, and must be restored from a backup.

These unlock keys are available for purchase, typically for thousands of dollars.  Without a backup, even the FBI says “pay the ransom

i.t.NOW does its best to ensure data that resides on servers is protected, but we typically do not back up every single workstation we manage.  This means if you were to open one of these attachments, the data on your C: drive would be unrecoverable.

Even with backups, downtime is costly.  It can take hours to restore from backups, and during that time the entire company is typically at a standstill waiting to regain access to valuable data.

What about protection??
i.t.NOW provides several layers of protection to prevent these types of attacks on your network.  Emails are filtered by a spam and virus firewall.  Workstations are loaded with the latest OS patches and anti-virus software.  However, these attacks are typically referred to as “Zero Hour” attacks.  This means that the anti-virus and anti-spam databases of the world don’t yet know about this particular flavor of virus, and can’t flag them as such until they are identified, and virus definitions are created and applied.  Additionally, attackers are getting more and more clever at the delivery methods, like embedding viruses into word documents and java scripts.

i.t.NOW is providing this information because some of these messages look so legit, they would trick even the most savvy of users.  Have a look at the copies of actual emails below and let us know if you would open the attachment.

Generally, if you’re not expecting an email with an attachment, don’t open it!  Especially if it says is from a scanner or e-fax.  When in doubt, have someone check it out!  We’re happy to help, we’d rather get 1000 calls asking if you should open an email than have to spend hours, or days cleaning up damage caused by ransomware.  We’ve had several infections this year and with each one we sure up our defenses.  However part of those defenses is you!  We want to educate you so that you can be better prepared against this ever changing threat landscape.

Social Engineering attacks- Additionally, we’ve had a couple cases where an attacker will purchase a domain that is very close to your domain- for example, if your domain was acmepartners.com, an attacker may purchase acmepartnars.com and use it to send emails that seem to be from the CEO to the Controller asking for a wire transfer.   If you see something like this- pick up the phone and verify!  We had a client wire $60,000 to what they thought was their vendor, who at the last minute changed the bank routing number for the payment they were expecting.  Closer inspection showed the from address was one letter off on the domain name.

The bottom line is to be cautions when opening email attachments, or requests for large sums of money to be transferred, even from an email that looks legit, it could be a spoof or a domain thats one letter off.

If you see anything suspicious, feel free to forward the email to [email protected], or you can open a ticket by right-clicking your i.t.NOW icon and selecting “Create Service Ticket”.

Thank you for helping us protect your networks!



The Journey of Netflix’s Cloud Migration

Netflix’s journey to the Cloud started all the way back in 2008 when the company experienced a major database corruption – an event that hindered their ability to deliver DVDs out to their customers. That’s when the idea of a Cloud migration came about. Netflix needed a highly reliable and scalable platform like the Cloud to host their systems. Prior to 2015, they migrated the majority of their systems to the Cloud with the help of Amazon Web Services. In early January 2016, Netflix reported the completion of their Cloud migration and shut down the last remaining pieces of their data center used by their streaming service.

One reason it took so long to make the shift was because Netflix had to rebuild nearly all of its software before the start of their Cloud journey to minimize the risk of disruption. The company built a series of tools such as “Chaos Monkey” – a service which identifies groups of systems and randomly takes them offline to ensure Netflix’s safety without affecting customers. Netflix’s “Simian Army” consists of services including Chaos Monkey, Janitor Monkey, and Conformity Monkey in the Cloud that generate failures and detect abnormalities to test Netflix’s ability to survive them.

Since their Cloud migration, the company has seen numerous benefits. They have eight times more streaming members compared to 2008 and are experiencing a viewing growth by three orders of magnitude.

The flexibility offered by the Cloud allows Netflix to add thousands of virtual servers to support their long-term expansion. On January 6, Netflix became a global force, expanding its service to over 130 new countries. Their Cloud migration has allowed them to offer better and more enjoyable streaming services to Netflix members all over the world.

“We rely on the cloud for all of our scalable computing and storage needs – our business logic, distributed databases and big data processing/analytics, recommendations, transcoding, and hundreds of other functions that make up the Netflix application,” Netflix stated on their company blog. “Video is delivered through Netflix Open Connect, our content delivery network that is distributed globally to efficiently deliver our bits to members’ devices.”

One of the main reasons why the company decided to migrate to the Cloud was because of the cost benefits. With the Cloud, they are continuously able to grow and reach economies of scale that wouldn’t be possible with their own hosted data center.

The technology behind Netflix streaming has come a long way within the past eight years, and the company is continuing to reach new heights with the possibilities offered by the Cloud.

“…it feels great to finally not be constrained by the limitations we’ve previously faced,” Netflix stated. “As the cloud is still quite new to many of us in the industry, there are many questions to answer and problems to solve. Through initiatives such as Netflix Open Source, we hope to continue collaborating with great technology minds out there and together address all of these challenges.”

Here at i.t.NOW, we equip you with the latest technology in Cloud computing to help your business grow more efficient and scalable. For more information, please contact us for a free consultation!

Why Spotify Is Moving To Cloud Computing

Why Spotify Is Moving To Cloud Computing

Spotify is one of the largest music content providers in the world, has finally adopted cloud computing to continue to offer its users the best music streaming service available. Until recently, Spotify used the traditional data-center space method, which was once recognized as being both affordable and efficient. This method let Spotify deliver quality music streaming to users around the world. As the business continued to grow, its scaling requirements meant taking a second look at its data-center space. Although cloud computing is still uncharted territory for many businesses, Spotify decided to take a leap of faith in an attempt to scale back on unnecessary expenses while increasing efficiency.

Cloud Computing Allows Spotify To Keep Pace With Growth

To understand Spotify’s migration to the cloud, it helps to think of traditional data-center space as a shoe box with set dimensions. Once the shoe box is filled, nothing else can go in it. The cloud is more like a rubber band that expands and contracts as your business’ needs change. Like Spotify, your business can get instant access to more storage space as it grows and then scale back when that extra space is no longer needed. With 30 million songs, 2 billion playlists, and 75 million users and counting, it is easy to see why Spotify felt the need for a more flexible storage system.

The Cloud Is Cheaper

When Spotify was managing its own data center, the business had to pay for server hardware, networking gear, and data-center leasing space. In addition to these material costs, Spotify also had to pay for personnel to manage storage and maintain the technology. With the cloud, you can immediately reduce your in-house maintenance costs.

The Cloud Gives Efficiency

By transferring data using Google’s Direct Peering, Cloud VPN, and Cloud Router, users get a fast and secure music service. Spotify’s move to the cloud also means that streaming services are will continue to be fast and with great quality for users. When your business switches to the cloud, you gain the benefit of cloud support as well as functionality. This can drastically reduce your in-house support costs.

And these are just the beginning of the benefits Spotify’s move towards the cloud is expected to have. The Spotify Labs blog documents Spotify’s migration to the cloud and how it will allow them to develop new applications and provide more utility.

Talk to us to find out more features that cloud computing gives your business.