Are You Having A Technology Emergency?

True North Networks Blog

True North Networks has been serving the Swanzey area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

HIGH ALERT: Massive Ransomware Campaign Spreading Fast

A massive ransomware campaign appears to have already infected a number of organizations around the world. There have been reports of infections in the UK, US, China, Russia, Spain, Italy, Vietnam, and Taiwan and at least 16 hospitals in the United Kingdom are being forced to divert emergency patients today after computer systems there were infected with ransomware. It remains unclear exactly how this ransomware strain is being disseminated and why it appears to have spread so quickly,

but there are indications the malware may be spreading to vulerable systems through a security hole in Windows that was recently patched by Microsoft.

The ransomware's name is WCry, but is also referenced online under various names, such as WannaCry, WannaCrypt0r, WannaCrypt, and most commonly just called Wanna Decrypt0r. First appearing in March, activity from this ransomware family was almost inexistent prior to today's sudden explosion when the number of victims skyrocketed in a few hours. What was clear about this ransomware was that Wana Decrypt0r was extremely virulent. An alert published by Spain’s national computer emergency response team (CCN-CERT) suggested that the reason for the rapid spread of Wana Decrypt0r is that it is leveraging a software vulnerability in Windows computers that Microsoft patched in March. According to CCN-CERT, that flaw is MS17-010, a vulnerability in the Windows Server Message Block (SMB) service, which Windows computers rely upon to share files and printers across a local network. Malware that exploits SMB flaws could be extremely dangerous inside of corporate networks because the file-sharing component may help the ransomware spread rapidly from one infected machine to another.

The exploit is delivered as a Trojan through a loaded hyperlink that can be accidentally opened by a victim through an email, advert on a webpage or a Dropbox link. Phishing emails containing Word or PDF documents disguised as an invoice or links to a Dropbox document are especially common. Sometimes the payload can occur simply by visiting a website containing a malicious program. Even well-patched operating systems cannot help users who are tricked into deliberately running the software by opening an attachment or clicking a link.

True North Networks maintains Windows patching for managed clients and applies Microsoft patches according to your scheduled patching window on a monthly basis. Please be extra cautious with emails that contain hyperlinks, attachments, or anything that looks suspicious or out of the ordinary. Please share this email with all employees in the office. 

Continue reading

Cybersecurity: How to Stay Ahead of the SEC

The Office of Compliance Inspections and Examinations (OCIE) announced in January of this year it will continue its ongoing initiative to examine for cybersecurity compliance procedures and controls, including testing the implementation of those procedures and controls at broker-dealers and investment advisers.  This session will cover topics on how to be prepared for the OCIE, case studies, tools to protect against a breach and legal ramifications regarding data security.

When: Wednesday May 17, 2017

Time: 8:30AM – 11:00AM

Where: Grand Concourse Restaurant, 100 West Station Square Drive, Pittsburgh, PA 15219

FREE & Open to ALL

Presented by:

·         Steven Ryder, True North Networks

·         Matt Meade, Buchanan Ingersoll & Rooney’s Cybersecurity and Data Protection Group

·         Ben Cotton, CEO of CyTech

Register here: http://www.fpapgh.org/ 

Continue reading

True North Networks Merges with Helpful Office in Saco, Maine

TNN logo

True North Networks Merges with Helpful Office in Saco, Maine

SWANZEY (March 31, 2017) —True North Networks announced that it has completed a merger with Helpful Office, a full-service information technology consulting firm, located in Saco, Maine. The merger will better serve the needs of True North Networks clients in the Maine area and no change in personnel is expected.

The merger fits into True North Network’s growth strategy and enables current President Richard Petersen of Helpful Office to expand continued sales opportunities and the operation will continue to do business as Helpful Office.  “True North and Helpful Office are aligned with an incredible level of customer service”, per Richard Petersen, “and this merger will not only strengthen that commitment to our clients, but strengthen our offerings with higher level tools and expertise True North currently provides their clients.”

“Our merger complements our overall managed service offering so we can now provide support to another vertical”, says owner and President, Steven Ryder. “We provide technology support and cybersecurity services to clients across the country, and strive to eliminate IT issues before they cause expensive downtime.  The merger also adds to our capacity and geographic presence in New England to provide exceptional service to our current and future customers in Maine and beyond.”

 

About True North Networks, LLC

True North Networks, LLC (TNN) is a managed technology outsourced, cybersecurity service and private cloud hosting provider based in Swanzey, NH with offices in Concord, NH and Pittsburgh, PA.  Serving clients throughout the country since 2002 and specializing in supporting the financial services and other industries for over 15 years.  TNN helps its clients be more productive by designing, delivering, and servicing tailored network solutions that address their individual needs, and exceed their expectations.  TNN’s mission is to enable the success and well-being of people and organizations by fostering a caring community-minded culture.    Learn more at: www.truenorthnetworks.com.  

Recent comment in this post
evelyn guerrero
I am so happy to peruse this. This is the sort of manual that should be given and not the arbitrary deception that is at alternate... Read More
Thursday, 11 May 2017 07:07
Continue reading
1 Comment

Your Biggest Cybersecurity Weakness is Your Phone

Mobile devices are one of the weakest links in corporate security, and now more than ever, companies are doing their part to protect their data, secure networks, and train their employees to take security seriously. However, the potential for mobile attacks continues to expand and recent research shows that half of all digital time is spent on smartphone apps and 68% percent of time is being spent on a mobile device. If mobile security isn’t a problem for your company yet, it will be.

Securing mobile devices is tricky and involves a heavy dose of individual responsibility. Be sure to follow the below recommendations:

  • Educate employees and upper management to make sure upper management know how dire security breaches can become.
    • Employees that travel frequently can also become easy targets without security education.
  • Encrypt corporate data using the security software your company provides.
  • Connect your smartphone to company networks via VPN connections.
  • Set a lock and PIN on your phone.
  • Use two-factor authentication whenever possible.
  • Turn on your phone’s auto-lock.
  • Use container technologies such Samsung’s Knox, which adds a layer of security to work items and segments them away from personal items.
  • Back up information to the cloud and try to store as little as possible on your device.
  • Ignore spam email and downloads that don’t come from an approved application marketplace (Apple’s App Store, Google Play, etc).
  • Keep devices close to you and within sight at all times.
  • If device is lost or stolen, notify your employer right away for remote wiping procedures.
  • Avoid unsecure Wi-Fi connections.
  • Keep Bluetooth out of discovery mode when not in use.

Mobile security is likely to become the next frontier for corporate security executives as exploits and hacks become more creative. Making mobile security a regular part of your company’s security policy and procedure framework will be critical.

 

Continue reading

Cybersecurity Starts with Training Your Employees

Training employees is a critical element of security and protecting your company online starts with making sure they are prepared to keep your computers and networks safe.  It is our shared responsibility to talk to our employees to ensure a safer environment at your company:

Talk to Your Employees About:

  • Keeping a clean machine: Your company should have clear rules for what employees can install and keep on their work computers.  Make sure they understand and abide by these rules. Unknown outside programs can open security vulnerabilities in your network.
  • Following good password practices: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). Additionally, having separate passwords for every account helps to thwart cybercriminals. At a minimum, they should separate work and personal accounts and make sure that critical accounts have the strongest passwords. Finally, writing down passwords and keeping them in a safe place away from the computer and enabling two-step authentication are other important ways to secure accounts.
  • When in doubt, throw it out: Employees should know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source. Employees should also be instructed about your company's spam filters and how to use them to prevent unwanted, harmful email.
  • Backing up their work: Whether you set your employees' computers to back up automatically or ask that they do it themselves, employees should be instructed on their role in protecting their work.
  • Staying watchful and speaking up: Your employees should be encouraged to keep an eye out and say something if they notice strange happenings on their computer.  

Information taken from: https://staysafeonline.org/business-safe-online/train-your-employees

Continue reading
TOP