ComTech: IT Support Stirling

ComTech: IT Support Stirling

TwitterFacebookGoogle

Tag Archives: backups

Another week and another ransomware attack

Posted on by

It has been a busy week here at ComTech HQ.  We have had another client whose network got hit with ransomware and this time it was Cryptolocker.  All the machines had McAfee installed, however Cryptolocker somehow uninstalled McAfee off three of the PC’s on the network and then ran riot. Luckily the client noticed pretty quick something was up and when they rang me I told them to switch off their network until I came across basically limiting further contamination.

This client was very lucky as they had Dropbox which allows for account rollback (just incase things like this happen) so all their files could be retrieved. It does take time to get the account rolled back so in the meantime there has been some inconvenience to the client but it could have been a lot worse.

This is the 6th such attack I have seen in the last 3 months alone (Locky and Cryptolocker being the biggest culprits) and whilst most clients have been able to recover their files unfortunately a large minority haven’t.

Your best defence is always not to get infected in the first place but that is better said than done.  Failing that backups are your next line of defence against this type of threat but more specifically offsite backups. Your offsite backups can be as simple as an external hard drive that is kept away from the office but better still are cloud based backups like Dropbox, OneDrive, Google Drive etc.  These allow you to fully automate your backups which gives you the piece of mind your files are safe online if anything happens.

So next time you think I don’t have time to take backups ask yourself one question “How long would my business survive if all my files got encrypted?”

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Cisco, Windows, OS X and Linux based IT Support to small businesses throughout Scotland.

Follow @Comtech247 on Twitter

Viruses and hacking – horrible things

Posted on by

Computer viruses are nasty things at the best of times but I have felt a bit under siege recently. In the last two weeks alone I have had to deal with:

1. The Locky ransomware which encrypted a Windows 10 PC, network shares on a Linux server along with the Dropbox backups. It also started to encrypt another Dropbox account which had a shared folder with the master account.

2. A trojan which allowed an attacker to get on to a system and change email settings and give themselves remote control of the system without any client intervention whatsoever.  They even intercepted the clients telephone call to hotmail (number searched for on Google) when the client realised something was wrong.

3. Another potential Locky ransomware attack which luckily was spotted by the antivirus.

4. A trojan which attacked Google Chrome and locked the system.  All the client could see was an error message saying their ip address was now blocked due to suspicious activity and they should ring the number below to get it sorted.

As you can see it has been a bit busy!!

The best defence against these types of attack is of course not to get hit in the first place.  Don’t open suspicious emails (and attachments) or even emails from people you don’t know.  Make sure your antivirus is working and fully updated and as always be aware of which websites you are viewing.

One last thing – backups.  In the case of the first Locky Ransomware attack the client had backups on Dropbox which allowed them to roll back the account and recover their files.  Without this they would have lost everything.  Backups are essential in the fight against viruses and hackers so make sure you have some!!!

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Cisco, Windows, OS X and Linux based IT Support to small businesses throughout Scotland.

Follow @Comtech247 on Twitter

Do you know which email account you have?

Posted on by

Emails.  We all use them and many businesses would be completely stuck if they lost them and that is exactly what happened to a client I dealt with recently.

I had a call from a client who sounded very frantic on the phone. Their main PC for the business had just died and they were worried about recovering their data so I went across to take a look.  On arrival on site it became apparent that indeed they had backups for their data on an external drive and the most they would lose was two days.  The emails though were a different matter.

The client didn’t know the difference between POP, Imap or Exchange accounts and thought the email hosting company would be doing backups of his entire account so he didn’t have to.  The main email account was a POP3 account which had quite happily pulled all his emails off the server for the last 3 years until the hard drive died.  Since there was no backup the emails have gone.

The are some main differences between the account types which would could have helpt the client had he known.  POP3 by default will pull all the emails off the server onto the local machine.  You can configure the account to leave the emails on the server for a set period if needs be but you are better using Imap for this.  If your email account is POP3 YOU MUST BACK UP THE EMAILS ON THE SYSTEM and I generally recommend backing your emails to something like Dropbox so they are stored off site.

Imap keeps the emails on the server to which you have access. This makes Imap a good choice when you have multiple devices which need access to the full set of emails in the account.  You can also configure Imap to store a copy of all emails on the local device which means your emails are then in two places (system and hosting server) taking care of backups.

Exchange basically takes Imap a step further with all your emails, contacts and calender backed up on the server. You can also cache a local copy of all your emails too.  Exchange also allows shared calenders between workers which is a very handy feature.

Personally I would go with either Imap or Exchange everytime for your emails as the backup features are a no brainer when running a business.

As for the client they have sent their hard drive off to a data recovery firm but the prognosis is not good.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Cisco, Windows, OS X and Linux based IT Support to small businesses throughout Scotland.

Follow @Comtech247 on Twitter

 

What is the point of doing backups if nobody checks they actually work?

Posted on by

Backups are great.  They can literally save your business if you have some form of hardware failure but more importantly they give you piece of mind knowing your files are safe. Just one thing though when did you last check that the backup you have actually works?

I came across this exact scenario about a month ago. I received a call from a new client who sounded very stressed on the phone. He ran a small home office business with one PC which he backed up to a NAS box running RAID 1.  His PC had suffered a hard drive failure so he was looking for someone to come out and install a new hard drive ASAP and retrieve his files from the NAS box. As it was a quiet day I jumped in the car and went along to take a look.

On arriving on site I did some quick checks and yes his hard drive was completely dead (apparently it had been doing the “click of death” for some time but the client had just ignored it).  Next thing to check was the state of the backups on the NAS so I connected up my laptop and took a look.  This is where the issues started.

The were indeed files on the NAS box but there was nothing there from the last six months.  It turns out that the NAS had been installed about 12 months ago and the backups were scheduled on a daily basis.  Something had stopped the backup software running correctly six months ago and since the client hadn’t ever checked his backups he hadn’t noticed.  The result – all files (invoices, documents, quotes etc) for the last six months had been lost.

I did explain to the client that there might be a slight chance of recovering files from his dead hard drive if he sent it off to a lab but I thought he was going to pass out when he saw the price (they aren’t cheap).

Moral of the story – doing backups is great practice but MAKE SURE YOU CHECK THAT THEY ACTUALLY WORK!!

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

Backups, backups and more backups!!

Posted on by

 

Backups – the dirty word of IT. Everyone knows that you should have some but a lot of the time they don’t get taken as “stuff gets in the way”. But take a moment to think what would happen if you actually lost all your data.

I got called out to a client last week who runs a shop in Stirling. They have an EPOS system (Electronic Point of Sales) system which runs their tills. It turns out that their main system had suffered a hard drive failure and everything on the hard drive was now gone. Luckily the staff take backups of all the data on a daily basis and I take a separate backup off site once a week. After a couple of hours the system got rebuilt and they could continue to operate as normal. If the backups were not taken the shop would probably have gone out of business overnight as all their data from the last 10 years would have been lost.

Scary hey? So what is the best way to backup your data? There is no easy way to answer this as everyone and every company is different. One thing I can say with certainty though is that however you take backups you need to keep a copy offsite. The reason I say this is in the event that anything happens to your premises (think office fire for example) and your backups are destroyed you can still recover your files from the spare backups.

For this reason I use Dropbox.  Some people would rather use Box, OneDrive or Google Drive (even OneDrive for Business) but for me Dropbox has been around the longest and is well established plus it “just works”.  I like knowing that all my files are backed up automatically and that I can gain access to them from anywhere.

For people who don’t like the idea of storing their files online you can always backup to an onsite server, use NAS boxes (don’t buy cheap ones!!) or even use external hard drives.

The choice is yours but whatever you decide remember to keep your backups safe because chances are at some point you will need them!!

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

Try this for testing those backup images

Posted on by

Backups – those wonderful things that come to the rescue when things go wrong.  They are very easy to take (if you decide to take them) but how often do you check them.  Be honest with yourself here.


Anyway as part of my routine server maintenance I tend to take system images.  This means that if something goes wrong, like for example a faulty hard drive, I can quickly recover the system.  Every tech will have their own personal choice on what software to use for taking images and I am no different.  My software of choice is Clonezilla and there are multiple reasons for this, mainly I love opensource software and that it is bloody good software.  I have written an earlier tutorial for anyone who wants to learn how to use Clonezilla.

Once I have the backed up image what is the best way to check them? Again everyone will have their own way of doing this and mine? Turn it into a virtual machine!!

The theory goes something like this. If the system image can be booted up as a virtual machine then it is not corrupt and should also boot up on the original hardware and also similar hardware. This has been tested using Oracle Virtualbox on numerous occasions and I can vouch that it works.

The steps are:

1. Take your image using Clonezilla and save to an external hard drive

2. Create a virtual machine using Oracle Virtualbox (this should also work with VMWare Workstation) and make sure that the hard drive size is exactly the same as the original.

3. Restore the cloned system to the virtual hard drive.

I am not saying this is the best way to check your images but rather a different way that has served me well in the past.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

Backing up your files is great but what about those emails?

Posted on by


I have been banging on about backups now for months and at last some of my clients are beginning to get the idea.  This is good news but I now have a different problem.  I am beginning to see clients who have good backup strategies for all their files but have nothing in place for their emails.

Let me illustrate.  I had a new client last week with a Sony Vaio running Windows Vista which was riddled with viruses (118 to be precise).  The best option I had was to reset the system so I explained to the client that I would backup all their data, reset the system and then move all their data back across.  The client said that he had all his files backed up (on CD) but then I asked him about his emails.  “Funny you should mention that they all got deleted off Windows Mail last week and I was hoping you could get them back”. There was nothing left on the system to retrieve even with file recovery software (my best guess is that a virus has wiped them).  “Surely they will be left on the server though” asked my client who was now getting a bit panicky.  Usually they would be but someone had unchecked the leave messages on the server option in the account options.  He had lost all his emails from the last 5 years.

Now most people in a business environment will be using some form of Microsoft Outlook which is very easy to back up.  If you are using webmail (eg GMail, Yahoo mail etc) you don’t have this problem but it is still good practice to backup all your data anyway.

Moral of this story is backup everything (files, folders and emails) to either another system, external hard drive or cloud storage so this scenario doesn’t happen to you.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in Stirling and Falkirk.

Follow @Comtech247 on Twitter

 

I think it is time to get worried

Posted on by


I had an email from a fellow tech last week about a new threat doing the rounds called Cryptolocker.  I would suggest you take a look at the article as it does make for some scary reading.

The jist of the article is that once this trojan gets downloaded and installed onto your system it encrypts either the whole hard drive or just sections of it (Documents etc) and you have to pay a fee to get it unencrypted.  The problem is that even if you reset the system you can’t recover your documents beforehand as they are encrypted meaning you lose all the data stored on that system.  That however is not the worst part.  Any network drives that are mapped to the infected system are also encrypted!! If you have a central server that shares files across the network potentially this trojan could encrypt all your files.

So what is the best defence against this?

First things first make sure that your antivirus is fully updated and make sure you are running a paid version not free software.  The reason I say this is that recently I have seen a lot of viruses getting through free antivirus plus in a business environment you should have a paid antivirus anyway.

Educate your users and make sure they understand the consequences of what might happen and lastly take backups and get them offsite.  If you are backing up to another system on the network it could also get encrypted if the worst happens.  External hard drives would be a bonus here or alternatively use online storage.  Personally I would suggest something like Dropbox and there is one very good reason for this.  Dropbox allows you to recover seven versions of any file stored in your account and in this scenario that would be a lifesaver.  If your server that is linked to Dropbox did get compromised and the Dropbox folder encrypted you could still recover the files.

Either way make sure you have backups and keep monitoring your systems.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in Stirling, Falkirk and Perth.

Follow @Comtech247 on Twitter

 

 

Is there such a thing as backing up your files incorrectly?

Posted on by


I went out to see a new client last week.  They had a network of 5 Windows 7 laptops networked up to a central Windows 7 file server so nothing fancy.  The owner was very IT literate and knew his way around a PC but asked me in for a second opinion on what was the best way to backup all their files.  No problem.

Their current backup strategy is as follows.  Every user has their own copy of their files on their laptops which don’t change that often.  The laptops are scheduled to back up the users files and emails to the server everyday but not all of the employees work from the office everyday.  If the laptops miss a scheduled backup they will catch up next time.  As the user files don’t change that often this didn’t seam a big problem.  The server backs up to an external hard drive once a week and is then taken off site by the owner.

After carefully looking at the clients requirements I made the following recommendations.

Instead of bringing in the external hard drive once a week and plugging it in to the server to do a backup switch to a cloud based solution.  The cloud based solution would remove the human element from the strategy so no server backups could be missed.

On the laptop side I recommended that the strategy they already had in place was sufficient due to the fact that the user files don’t change that much.

The client was totally surprised by my recommendations.  It turns out that I was the third IT guy they had spoken to.  The first had told them they needed to put everything on the server and then use a VPN to access the files.  The second said they needed to get rid of the server completely and go down the cloud route as “everyone else is doing it” which I thought was a load of trash.

The client didn’t understand how three IT guys could all have such different views on backing up data.  I tried to explain that different people have different views on the best way to  perform backups. Some will go down the cloud route while others such as myself tend to use a combination of both onsite and offsite backups (ie onsite server and cloud based backups).  I did however point out to him that whichever backup strategy he decides to go with he also needs a strategy to check that his backups actually work!!

He is still considering his options as we speak but do you think there is such a thing as backing up your files incorrectly?

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in Stirling, Falkirk and Clackmannanshire.

Follow @Comtech247 on Twitter

 

This is why I do backups

Posted on by


I went to a client last week who wanted me to set up a new laptop for them in a business environment.  When I turned up on site I was asked “while you are here could you also take a look at this other laptop that is having issues with emails”.  “No problem I will take a look at that first” I replied.

I sat down and opened up Outlook 2010 to be greeted with the message PST FILE IS MISSING and sure enough when I checked deeper it was nowhere to be seen!! I asked the client “has anyone taken off any files over the last week” and they replied “no it was all working until we sent it back to get the graphics replaced.  Since it has come back we have had this”.  It looks like that when the client sent the laptop back to the manufacturer to get the graphics replaced (laptop is one month old) somehow their pst file containing all their emails had been deleted.

Lucky for them I had installed a NAS Server in the office one month ago and configured all the laptops to back up all client files to it (inc their emails) and after checking sure enough their backed up pst file was there.

After creating a new profile and importing their pst file the client got their emails back.  It cost them 1 1/2 hours of my time but it could have been worse, much worse!!

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

CyberChimps
Follow

Get every new post delivered to your Inbox

Join other followers

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera
WP Like Button Plugin by Free WordPress Templates