ComTech: IT Support Stirling

ComTech: IT Support Stirling

TwitterFacebookGoogle

Tag Archives: encryption

Another week and another ransomware attack

Posted on by

It has been a busy week here at ComTech HQ.  We have had another client whose network got hit with ransomware and this time it was Cryptolocker.  All the machines had McAfee installed, however Cryptolocker somehow uninstalled McAfee off three of the PC’s on the network and then ran riot. Luckily the client noticed pretty quick something was up and when they rang me I told them to switch off their network until I came across basically limiting further contamination.

This client was very lucky as they had Dropbox which allows for account rollback (just incase things like this happen) so all their files could be retrieved. It does take time to get the account rolled back so in the meantime there has been some inconvenience to the client but it could have been a lot worse.

This is the 6th such attack I have seen in the last 3 months alone (Locky and Cryptolocker being the biggest culprits) and whilst most clients have been able to recover their files unfortunately a large minority haven’t.

Your best defence is always not to get infected in the first place but that is better said than done.  Failing that backups are your next line of defence against this type of threat but more specifically offsite backups. Your offsite backups can be as simple as an external hard drive that is kept away from the office but better still are cloud based backups like Dropbox, OneDrive, Google Drive etc.  These allow you to fully automate your backups which gives you the piece of mind your files are safe online if anything happens.

So next time you think I don’t have time to take backups ask yourself one question “How long would my business survive if all my files got encrypted?”

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Cisco, Windows, OS X and Linux based IT Support to small businesses throughout Scotland.

Follow @Comtech247 on Twitter

Just how real is the threat of a cyber attack?

Posted on by

Cyberwar.  This term has being thrown around over the last couple of months and it does sound very scary.  The whole thought of someone taking down a countries power, banks, transport etc without having to leave their computer was once the stuff of science fiction.  If you believe all the hype this is now a reality.

Today the world is so immersed in technology that it affects every aspect of our daily lives.  Any action taken online affects actions taken offline and vice versa.  Everything we use, whether it is banking, shopping, driving etc is linked in some way to our use of computers.  If these computers go down the task they were helping to manage becomes affected.  Just think of the hassle when your emails don’t work and then multiply that by thousands when, for example, a banking error means people can’t access money at cash points.

How real is it the threat of an actual cyber attack then? If you look at what happened to Sony Pictures just before Christmas the threat is very real.  When Sony got hit workers at one point were forced to work with pen and paper. “We even fired up our fax machine,” one employee told the LA Times.  This is a multi national company brought to its knees as emails and confidential data were stolen and then released to the world.

The threat is so real to some governments that the US and UK have agreed to stage cyber war games to test each others defences.

So what is the best defence? Personally cyberwarfare should be treated along the same lines as traditional warfare.  There is always a threat of potential war somewhere in the world but governments don’t panic about it.  The same approach should be taken with cyber attacks.  You continually test your own defences and if they are found to be wanting you improve them.  Knee jerk reactions like banning encryption as David Cameron wanted a couple of weeks ago is not going to help. Teaching people to understand the implications of a cyber attack could also go a long way.

What do you think?

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Cisco, Windows, OS X and Linux based IT Support to small businesses throughout Scotland.

Follow @Comtech247 on Twitter

 

 

When you buy a new machine make sure you know what you are buying

Posted on by

It has happened. You woke up one morning and realised that the old and trusty laptop (or PC) is no longer upto the job and it needs replacing.  No problem you say I will go along to somewhere like PC World and just pick up a new one.  For a home user this approach works well but what about when the laptop or PC is used for business?


You see if you are in the market for a Windows machine (as most businesses are) you may not realise that there are different versions of Windows.  Taking Windows 8.1 as an example, there is Windows 8.1, Windows 8.1 Pro and also Windows 8.1 Enterprise. Which one you choose will depend on what you want the machine for.  If you are a small business user then you should go for Windows 8.1 Pro but if you buy from somewhere like PC World, Argos, John Lewis etc most of the machines come with Windows 8.1  and not Pro.  So what is the downside of just getting Windows 8.1 then?

The two main reasons are encryption and connecting to a server. Windows 8.1 Pro comes with BitLocker which allows you to encrypt your hard drive and keeps all your data safe if someone steals it. At present I don’t know of any way to successfully encrypt a Windows 8.1 system  (if anyone does please let me know).

The second reason is perhaps more pressing.  If you have a Windows server installed on your network you need Windows 8.1 Pro (or Windows 7 Professional) to be able to connect to it.  Home versions of all Microsoft operating systems can’t connect to a Windows server.  I have been to clients in the past who had maybe 5 or 6 Windows 7 Home Premium systems who wanted a server to backup all their data to.  Straight away a Windows server was out the window and I ended up installing a Linux one instead (personally a better choice anyway in this instance).  If you have an onsite Exchange server for your emails home versions of Windows are also a no goer. I have even seen business critical applications being run on a Windows 7 Starter netbook before which should never happen.

So before you go out and spend your companies hard earned on something which doesn’t fit your requirements do yourself a favour and check what software it is running.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

 

Why encryption can be a double edged sword

Posted on by

Encryption is great. Once a laptop or PC is encrypted anyone who steals them can’t access your files by simply pulling out the hard drive and plugging it into a different system. Unless you know the password you are stumped. This is the main reason I tend to encrypt all my clients systems.


But there are some pretty big limitations when using encryption on a system which I have found over the years.  These observations are based on using Truecrypt and might be different with other products.

1. You can no longer access a system at boot.  You need to type the encryption password when the system starts and this can be a pain when you are remotely supporting a system. Unless there is someone physically on site you will not be able to gain access.

2. Forget doing a system restore on an encrypted volume on a Windows system.  I tested this one yesterday on my own systems as I need to restore a clients system to a point before the encryption was put on and this is something I have never needed to do.  I now have a nice shiny brick in the form of a laptop sitting on my desk.  I have also seen system restores that would not have affected the encryption that have still caused issues on Windows systems. You have been warned!!

3. When you come across a Windows system that will not boot you will have to decrypt the system first before you can do anything.  This can takes hours (have seen one laptop take 7 hours to decrypt a 160 GB hard drive before).

4. What happens when you don’t do backups and the hard drive fails? You can’t really call this a limitation of encryption but rather a failure on the part of the user or company to see the value of backups.  If your hard drive starts to fail and you can’t decrypt it in time you will lose all your files. I never implement encryption unless I am happy there is some form of backup strategy in place.

5. Finally what happens if you forget your encryption password? You lose access to all the files that have been encrypted, for ever.

If you weigh up the pro and cons of using encryption the advantages would usually still win. If you do implement encryption though be aware of the limitations.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

 

 

Should you encrypt your laptop?

Posted on by

I had an interesting conversation last week with a potential new client regarding encryption.  He works away a lot and was wondering if there was anything that could be done to protect his data should he lose his laptop.  The answer was a big resounding YES. The yes is encryption.


To put it simply encryption scrambles the data on the hard drive making it unreadable. To read it you need the decryption key (password) which when entered allows a user to see everything.  At the moment most types of encryption are unbreakable so as long as you choose the right type you should be fine.

Sounds good but there are some drawbacks which you should know about.

1. Lose the decryption key (password) and you lose access to your data.

2. If you don’t do backups and your hard drive fails you will lose all your data.  I would never recommend encryption to a client if I wasn’t confident about their backup strategy.

3. There will be a slight loss in performance as everytime you enter your password the hard drive gets decrypted.

So which ones are best?

On a Windows system you are spoilt for choice.  On a Windows 7 system I would personally go with TrueCrypt as I have use this in the past and found it to be a fantastic piece of software.  On a Windows 8 system I would upgrade to Windows 8.1 and then use the inbuilt encryption software.  If you buy a Windows 8.1 system and log in with a Microsoft account then encryption is turned on by default so just make sure you do backups!!

On Mac OSX use FileVault2 which following the Apple way of doing things “just works” and on Linux I would again go with TrueCrypt (unless someone has any better suggestions?).

So the question remains should you use it?

If you are a mobile worker who is away from the office quite a bit then definitely yes.  Encryption will give you that added protection and piece of mind should your laptop go “walkies”.  Just remember to do backups and don’t forget your password.

If you work all day, every day from a desk in an office then encryption is probably not for you.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to both business and personal clients in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

 

 

 

Why Windows 8.1 drive encryption is not necessarily a good thing

Posted on by


I had a client last week who was interested in encrypting a Windows 8 laptop.  His personal choice was Truecrypt but he had read online that TrueCrypt does not support Windows 8. As it was not something I had been asked to do yet I told him I would do some research and get back to him.  This is when I came across drive encryption on Windows 8.1.

Basically it seems that Windows 8.1 comes with drive encryption turned on by default. The only thing you need to do is sign in with a Microsoft account (email address) and the feature will run automatically and store your encryption key on Microsofts servers .  On the face of it this sounds like a good idea.  There is one big downside to this new feature though and that is data recovery.

If you have a failing hard drive that is encrypted it is very difficult to get the data off as you have to decrypt it first.  If your hard drive is failing you may not have the time to decrypt it before you can get the data off.  This is where your backups come in and that is the big problem.  Most home users and too many small businesses don’t do them!!

I know way too many home users and small businesses who don’t bother with backups so a hard drive failure with Windows 8.1 could be costly indeed.  Who would get the blame for this? Microsoft of course.  Microsoft would get the blame for turning the feature on by default which of course would be ludicrous.  People need to start taking responsibility for their own actions and back up their data.

I agree that encrypted hard drives are a massive bonus when implemented alongside a sound backup strategy but I don’t agree it should be turned on by default.

You can of course turn it off (but most people don’t know its on in the first place) and if you update from Windows 8 to Windows 8.1 you would have to turn it own.

So over to you guys. Backup your data or risk losing it.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in Stirling and Falkirk.

Follow @Comtech247 on Twitter

What is encryption?

Posted on by


Today I shall talk about encryption, what it is and the different types available on the market.

Encryption is basically taking a computer algorithm and applying it to a piece of data and making it unreadable to a third party. In essence the only person who can read that data is the person who has the key to decrypt it.  If you had data on your hard drive which was sensitive (e.g financial records etc) then you could encrypt it so no one else could read it.

What are the different types?

There are loads of different types of encryption and which one you use will depend on if you want t0 encrypt transmissions, databases or files / folders.  I am going to concentrate on files / folders because that is what most people will be looking for – making files unreadable to third parties.

This is where I shall introduce you to two of the most popular pieces of encryption software, TrueCrypt and Bit Locker both of which work on Windows.  Truecrypt is open source while Bit Locker is proprietary software from Microsoft.  Both can encrypt and decrypt a hard drive and both are virtually unbreakable (at time of print!!).  TrueCrypt is easy to set up and does not require repartitioning of your hard drive, whereas Bit Locker does.  Bit Locker requires a 1.5 Gb partition to be set up prior to installing the operating system.  If not you will have to repartition your hard drive and restore Windows from a backup.

So what are the advantages and disadvantages of encryption?

Advantages

1. Data is safe as no one else can read it without the decryption key.

2. Once set up it requires little or no user input.

Disadvantages

1. If you lose the encryption key you will not be able to read your data EVER.

2. Uses more system resources (ie CPU)

3. If Windows becomes corrupt and will not boot you have to decrypt your files before you can recover them which takes time (I recently had to decrypt a 160Gb hard drive encrypted using TrueCrypt which took 8 hours!! Only then could I recover the user files and restore the system)

Hopefully this has given you an insight into encryption and the advantages and disadvantages of using it.  Just remember don’t lose the key!!!

About the Author

P1020114

Hi I am Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients throughout Stirling, Falkirk and Clackmannanshire.

For a list of what I can offer you why not visit my website www.comtech247.net where you will find a list of my services, testimonials, blog and much more!!

 

How to change your wireless encryption

Posted on by

Most people know that you need to keep your wireless network secure but how many people know how to check their wireless encryption and maybe even increase it? This tutorial will show you how.

Before we start a few words on the different types of encryption.  There are basically 4 different types of encryption – WEP, WPA-PSK, WPA2-PSK and EAP.  Home users only need to worry about the first 3 whereas EAP will only apply to businesses.  Almost all routers and WAP’s (wireless access points) by default only come with WEP or even no encryption whatsoever.  WEP has some pretty big security failings and can be easily broken using tools off the internet!!  WPA is much better but WPA2 is, at the moment, virtually unbreakable. EAP requires a radius server which centralises all access attempts but this is not covered in this tutorial.

Ok open up a browser and type one of the addresses below which corresponds to your router in the address bar.  For example mine would be 192.168.1.1


Sky 192.168.0.1

BT 192.168.1.254

Orange 192.168.1.1

TalkTalk 192.168.0.1

Virgin 192.168.1.1

You will then be asked for the router login details.  If this is the first time that you have accessed your router then use one of the passwords below.  If you have accessed your router before and changed the login details then use those.

Sky username = admin, password = sky

BT username = admin, password = admin

Orange username = admin, password = admin

Talktalk username = admin, password = password

Virgin username = virgin, password = password

Next thing to do is locate the wireless settings.  Once located you should be able to determine what type of encryption you have and what the key is.  Make sure that you have the highest form of encryption available for your router (either WPA or WPA2) and that your key is made up of both letters and numbers.  Keep a record of your encryption key in a safe place for future reference. Before you leave the router settings change the admin login and again keep a copy in a safe place for future reference.

All that is left to do is reconnect all your wireless devices using the new level of encryption.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

CyberChimps
Follow

Get every new post delivered to your Inbox

Join other followers

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera
WP Like Button Plugin by Free WordPress Templates