Ransomeware Attacks Hit Home

Coronavirus (COVID-19) has proven to be challenging. For most of the US, this epidemic has been ongoing for near 9 months with a new wave overtaking the country once again. Businesses have shuttered, jobs have been lost, and financial insecurity has become an obstacle for many to deal with.  

As one of the ongoing complexities, COVID-19 has shuttered in-school learning for many US students. Several US school districts including Baltimore County, MD announced that online learning had been impacted for 115,000 students due to an apparent Ransomware attack. As parents struggle to maintain a somewhat normal learning experience for their children studying from home, lacking information security practices within the information infrastructures are paramount in these disruptions. 

So what is ransomeware and how does this impact a compromised organization? Ransomeware is malicious software designed to deny access to an organizations information assets, files and or services. The perpetrator having compromised the target organization demands a ransom payment prior to restoring access to the locked data. In the case of Baltimore County, it has been reported that access to online learning tools and grading systems have been disrupted. 

Cyber insurance policies are available to facilitate ransom payments should such an attack occur within an insured’s environment. Many organizations choose to pay the ransom through insurance or directly if not insured. The cost of ransom payments have risen with many payments now being 6 figures or larger. Other organizations that choose not to pay a ransom spend millions trying to restore systems.  Atlanta Georgia in the spring of 2018 chose not to pay a ransom of $52,000 and instead paid a reported $2.6M to recover. 

While an insurance policy payment may reduce the recovery cost of an outage it does not account for the lost time of a disruption and only encourages further ransomware attacks. Ransomware attacks accounted for 41% of policyholder claims, insurer Coalition stated in its 2020 “Cyber Insurance Claims Report,” released in September of 2020. In some instances insurance companies have denied claims with excessive damage as in the case of NotPetya.

According to a Dark Reading article Maryland State auditors found a variety of vulnerabilities that could have lead to the incident in Baltimore County. While there is not clarity yet in the Baltimore County incident, it should be noted that ransomeware attacks have been ongoing for many years and most propagate due to unpatched systems. Typically, exploited systems are Windows based. Impacted systems in the case of Baltimore County have been reported to be Windows based.

At what point do we demand that organizations who maintain our personal information and upon which we rely on make certain that vulnerabilities are minimized? Individuals that are placed in technical roles must be held accountable in some manner as well as their management teams should they choose not to appropriately address ongoing maintenance of the systems and applications for which they are responsible. 

The most formidable defense against most cyber attacks beyond a properly designed infrastructure, is to establish reliable ongoing patch management and update processes for the entire infrastructure. While some may have you believe that this is a complex endeavor and perhaps it is in a very large scale environment, once established the organization’s ability to withstand cyber attacks is significantly improved. Choosing not to establish the proper protocols either through in-house staff or consulting resources is a dire mistake.

Network Management Solutions has been assisting organizations to properly design, implement, monitor and manage information technology infrastructure since 1996. We are available to assist your company in navigating the technical complexities associated with your business infrastructure. Call us today at 908-232-0100 for a free, confidential discussion on how we can assist your business and support your ongoing information security and technology goals.

Business Continuity Planning – Lessons Learned

The COVID-19 pandemic has created strife across the globe. Many families have suffered from illness, the loss of a loved one, loss of employment, and in some cases maybe a loss of hope in a way forward back to normal. While many businesses have been shuttered others deemed critical or those that operate virtually may be thriving. Assuming your business is operating, have you been able to operate effectively and efficiently? 

Some businesses are benefitting from their consumers being shut in, leading to increased online video and music consumption, people using at home time to learn a new skill, hobbyist expanding their knowledge base. All that aside, in order to operate virtually a business must have at a minimum an appropriate technology infrastructure and a business continuity plan that considers workflows.

Maybe you moved your business operations to the cloud so that all you applications are hosted in some remote data center and not your office space. Maybe you had a plan in place. Providence Regional Medical Center in Everett, WA treated patient number one in the US. They had a pandemic plan, had recently tested it, felt confident but when the pandemic hit they realized they didn’t have enough critical supplies and were scrambling for personal protective equipment, PPE. Additionally, defective test kits provided by the CDC were also a major problem. This story played out throughout Washington State, the country and world.

Some business may have segments or divisions that were able to operate just fine while other segments were shutdown. Content providers such as Netflix or Disney have had no problem providing streaming services and supporting end users watching TV shows, movies and documentaries. However, their content creation businesses that produce new movies and shows have been shuttered. Even with the best planning and infrastructure in place, market dynamics have had a huge impact on business operations.

Assuming you have been able to provide your service virtually or were deemed critical and allowed to remain open, having employees isolated at home has had its problems. I personally needed equipment and what normally would take no more than 2 days took over 2 weeks to connect, get advice and place an order. The company was operating virtually and demand was at all time highs and their technology infrastructure did not support their business process remotely as it did when employees worked onsite.

So what have we learned? For me the biggest difficulty was to have imagined the scenario we all faced. This event was beyond many organization’s planning. Perhaps many of the behemoths got it right, or scrambled to make things work. The largest obstacle perhaps was getting the business processes right when forced to operate remotely with employees in isolation. Difficulties collaborating with colleagues, maintaining business workflows, and operating efficiently are among the largest hurdles that virtually operating businesses have had to deal with. This pandemic will certainly impact business continuity planning for many years to come.

So what can we do to be better prepared for other unanticipated disruptions? A framework is important to getting things right for all business continuity planning. Below is a simplified 5 step approach.

  1. Develop a plan – Assemble a team, identify outage scenarios and goals. List what services must function as soon as possible, and what other functions can wait.
  2. Establish business operations workflows – Define how various departments and staff function both independently and cross functionally. Identify how the business operates with staff in isolation or at remote locations. Identify logistical moves of personnel that could be made today which would support business recovery plans in the future. Some firms such as Facebook are already defining work from home positions. Establishing work from home positions could potentially boost employee productivity and reduce company costs.
  3. Define the technology – Identify the services and infrastructure necessary to support the plan, as well as what other technologies could improve efficiencies or resilience. Identify potential logistical technology moves that might better protect the company, i.e. cloud computing and services.
  4. Brainstorm potential pitfalls – Ask what are we missing, identify the what ifs….
  5. Test the plan – Testing can help identify gaps in planning. After testing assess what worked well, and where expectations fell short. Identify the necessary changes and retest.

Network Management Solutions has been assisting companies since 1996 to design, implement, monitor and mange IT infrastructure. We have helped companies recover from failed projects, security breaches and outages. Contact NMS for a free, confidential, consultation to understand how we may contribute to your business ongoing businesses success.

The Value of Independent Oversight

The other day I was working in my shop. I mistakenly placed an expensive tool in a precarious spot and as circumstance would have it, the tool fell and was damaged. I was of course upset but it was my fault and I own the mistake. I was focused on the task at hand and not paying attention to details. Well, when I checked for a new part to repair the tool and found it was more than half the cost of the original tool, I was even more regretful. It was a hefty price to pay and an expensive lesson learned.

I identified the supplier for the part, a well known company, and begrudgingly placed the order. The quicker I ordered the part the sooner I’d get over the sting of my hurried mistake. Ordering the part was easy and my credit card was charged immediately. I waited for an email to relay the shipping details, one day, three days, one week passed before I finally decided to call the supplier for an update.

Upon calling the supplier the phone was answered within a matter of minutes and the support person pleasant. I was advised that the part had yet to ship because the company warehouse was 6 days behind schedule due to a failed IT upgrade. I was assured however that the order would ship within the next week. I was not happy as the payment was processed the day of the order.

I had never dealt with the company prior. It’s likely if I listed their name you would know the brand and perhaps like me, having dealt with them or not had a positive image of the operation. The reviews I read prior to ordering were largely favorable. My opinion however has changed and I know that’s harsh. The reason is that had I been advised before placing the order I would have had an opportunity to consider a different source, or been an informed, understanding customer that waited for the part through the delay. Instead there was no communications prior, and I had to call for the company for the reason of the long delay.

Does this major tool supplier realize the cost of their failed IT upgrade? A six day delay in processing orders is a big deal. What is the cost in terms of revenue, rebates and apologies to big buyers and future sales, but far beyond that the damage to the brand’s reputation? What other companies that depend on the supplier were unable to meet their customer deadlines?

Often organizations large and small don’t consider all the details of a complex or even routine upgrade. Personnel sometimes don’t speak up due to politics or their input is dismissed. Many times companies don’t measure the business impact of failure and hence there is no back out plan to restore service or communicate status with management and other stakeholders. 

At a minimum when undertaking an upgrade consideration needs to be given to items such as, can the current infrastructure support the new requirements; can the in-house personnel support the project; is there sufficient knowledge and planning by the stakeholders to ensure success; and most importantly what are the potential impacts to the company if the project fails? Critical to every project is a back out plan. Should the project fail, how are negative impacts to the company and its customers minimized? Finally if necessary at what point does the company communicate with their customers and what is the specific messaging?

Of course I don’t have the detailed reasons for the disruption. I do however know one thing as do many of the company’s customers and that is they failed. While failure is not uncommon in the complex information technology world, it is largely due a lack of planning and oversight, and when things go wrong negative impacts are magnified. Perhaps if there had been a back out plan to revert to the prior state no one except the company and maybe it’s vendor would have known. Even planning customer messaging would have minimized impacts to the company’s brand and its customers.

Network Management Solutions has been assisting companies since 1996 to design, implement, monitor and mange IT infrastructure. We have helped companies recover from failed projects, security breaches and outages. Contact NMS for a free, confidential, consultation to understand how we may contribute to your business’s success and its good name.


Why Your Business Needs A Professional Information Technology Team

You may run your small to midsized business with ad-hoc resources that support your IT infrastructure. What do I mean by IT infrastructure? You know your desktop computers, servers, internet connectivity, cloud infrastructure, all the technology ‘stuff’ that enables you to track inventory, bill for services, manufacture inventory, produce reports; all the things your business needs to operate. You may utilize an in-house resource for some IT things since they have perceived knowledge but it’s not their primary role. You also call on outside resources such as a local computer store, your Internet Service Provider, email hosting company, or others depending on the perceived issue.

You might think that you’re saving money by not having dedicated resources that can monitor, manage and secure your infrastructure but you are not. You might think that much of what an IT person or company would do is not necessary for your small or mid-sized company but again you are mistaken. Having provided services for over the last 22 years we have seen many companies make assumptions that they can get by until they find that their business is in jeopardy having suffered a data breach, data losses, system outages or other problems that now threaten the company and perhaps its viability.

What do outages and slowdowns cost your business over the course of a year? If you or your employees cannot work for an hour or two, or you can’t track orders or inventory, or if you can’t appropriately communicate with your customers for the day, or run a production line for an extended period what is the cost? What if your server gets compromised and begins emailing all your clients malware? In all these cases there is not only a quantifiable cost in dollars but perhaps also in loss of reputation. I don’t know about you but if I can’t count on the companies that I interface with I go elsewhere for the products or services I need.

At Network Management Solutions we have seen in many instances where companies cannot operate for days or beyond. Improper software or hardware setup can not only cause performance issues such as slow response but also lead to data breaches. Malicious phishing attacks are emailed on an ongoing basis, without proper setup an employee’s mistake of clinking on a link may lead to malware, compromised passwords and systems. Perhaps the real value of the IT infrastructure and the business reliance on it were not scrutinized until the small problems became momentous.  

So what  can a service provider do for you and your company? While no one can guarantee that IT problems will never occur, a professional services organization like Network Management Solutions can ensure that problems are reduced to a minimum and the effects of any outages are quickly recognized and mitigated.

A proper Managed Service Provider (MSP) will make certain that your infrastructure is appropriately designed to meet the business information needs, focusing on reliability, information security, and performance. This may include ensuring desktop computers are maintained, servers are updated, security patches are applied, outages are addressed in real time, and the overall health of the infrastructure is monitored to prevent and mitigate potential outages. Additionally, an MSP will identify design flaws and recommend measures that will improve service levels, security, and data retention. You can’t get these services from a full time employee acting as a part time IT resource, or a part time IT firm of 2 people that may be assisting other customers and cannot address your business needs for days.

If you are interested in protecting your business, its information assets, and the systems that help it operate while maintaining a fiscally sound approach we would like to speak with you. Network Management Solutions can be reached at 908-232-0100.  Please contact us for a free, confidential discussion to learn more about how we can assist your organization.

Small Business A Prime Data Breach Candidate

Has the news reached your computer?  Small business is a prime candidate for hackers looking to capitalize on an unprepared target.  What do I have to loose you might think, but think again.  You may have financial assets, bank accounts, intellectual property, credit cards, protected personal information, or even your business reputation at risk.

While you may believe that none of this matters, the turmoil created by a breach is a nightmare to remediate taking months or longer to recover from.  Some incidents carry on undetected for years and end in court cases with the compromised business as a defendant fighting lawsuits and regulatory fines. Not withstanding the legal challenges you may find your business suffering from reputational harm or an inability to recover funds from a financial hack.

When business magazines such as Forbes and Inc. are writing about small business being targets you know things have reached a tipping point.  For further information check out the list of identified firms compromised so far this year at the Identify Theft Resource Center.

So why is small business a prime candidate for data breaches, the answer is simple.  Small businesses typically have weak information security programs.  The technology deployments are limited and improperly configured; management and employees are not security aware; the ability to detect most compromises early on is non-existent; and the business is information and asset rich to a would be attacker.  Business owners compound the problems being technology averse, believing that it’s all too complex and all too costly to manage.  So the task gets delegated, underfunded, or left to chance, none of which are viable in the long term.

Pragmatic solutions are available that won’t disrupt business operations or strain company budgets.  Employees and management can become better stewards and learn simple security best practices and the reasoning behind them.  A robust program integrates technology, business practices, operational procedures and point insurance products.  A well-crafted security program protects the business from financial, reputational, legal and regulatory issues.  Integrated within the business operation the security program is generally simple to maintain and effective in its objectives.

Ensuring that you engage the appropriate resources, as part of your security strategy is key.  Most small companies don’t have the internal resources to commit to develop and maintain the security program and hiring such resources can be costly.  Utilizing a managed service provider is an excellent cost affective approach to identify business requirements, develop solutions and maintain the program ongoing.

About Network Management Solutions

Network Management Solutions (NMS) has been helping companies address their business and technology issues since 1996.  We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia.

Please contact NMS to schedule a no obligation, consultation to discuss your concerns.  We will provide expert advice in simple business terms on how to best meet your business needs.  NMS can be reached by phone or email at 908-232-0100 or info@nmscorp.com.  More information on Network Management Solutions can be found at www.nmscorp.com.

Investing in Your Business Infrastructure

Your business provides products or services that are important to its customers. As a viable entity the business provides investors, owners, management and employees an income and is vital to the financial well being of those involved. Every business is part of a commercial ecosystem and a micro economy in itself. In an effort to compete and stay viable why do so many business owners ignore the need for good information technology and security practices?

Admittedly for most it’s not a great topic of discussion. Information security and information technology in general is considered by most individuals too complex, too foreign, and best left to computer geeks to sort out. Well if you are in a position of responsibility within your organization you might agree, but it would be a dereliction of your duties not to be involved in defining overall technology objectives while reviewing outcomes ongoing.

Why? The operation of business today depends on information technology and information security. There may be some companies out there that still get by with pens and paper but they are very few. Most business relies on email, the web, databases, online banking, and perhaps some computer automation. A breakdown or breach of IT systems can be very disruptive and costly.  Ever contacted a business to order something when their systems were down?  How well did they meet your needs?

Most small business owners ignore the importance of information technology in their business planning.  This leaves the company prone to inevitable breaches, outages, and data losses. Too often simple maintenance and upgrades are ignored for extended periods of time and ultimately the lack of oversight backfires. We have seen businesses shut down by outages.

By the time a crisis occurs all the perceived money saved is long spent in lost productivity and potential reputational harm to the business. You might think you can hide the weaknesses from your customers but they know through their ongoing service experience. Many times your employees will tell your customers of recurring problems before they tell you.

Building and maintaining pragmatic IT solutions is the most cost effective and efficient way to operate. That’s not always easy to do as the latest technology is like a drug to some staff, and the vendor supplying it wants to move as much of the latest greatest as possible. Your involvement and the use of outside consulting are critical in developing, and maintaining your best interests.

Business objectives should be clearly defined with an IT plan supporting each objective in plain English.  There is no need for all the tech jargon. A simple question like how do we ensure data security should drive clearly defined objectives and an information technology roadmap that meets each point, which any layperson can understand.  Keep it simple, stay involved, your business depends on it.

About Network Management Solutions

Since 1996 Network Management Solutions (NMS) has been helping companies best meet their business objectives with pragmatic solutions.  Please contact us with your concerns we are here to help.  Network Management Solutions can be reached at 908-232-0100 or by email at info@nmscorp.com.  Further information can be found at our website, www.nmscorp.com

Are Shadow Cloud Services In Use Within Your Business?

Shadow Cloud Services are unsanctioned networks and services that are subscribed to by individuals and business groups without the involvement or knowledge of Information Technology, Security, Compliance Groups, or others.  These services can pose serious risks to the business including data leakage, data integrity, business continuity, and regulatory compliance issues. This is a formidable exposure for both the small business owner and the larger enterprise.

The ability for an individual or group to procure services for collaboration or individual use at a low cost price point makes it an attractive way for some to bypass IT and do things “on their own”.  Services that fall under this can include collaboration software, remote storage, customer relationship and human resources applications.

There may be considerable financial implications in larger enterprises due to duplication of services.  However, there are business risks that can far outweigh operating costs, including loss of intellectual property and trade secrets, regulated data exposures and the breach of rules pertaining to data handling, along with business continuity problems.  For the small business owner a rogue employee(s) utilizing personal cloud storage could lead to serious issues.

In a survey, conducted by Frost and Sullivan, of 300 IT employees and 300 business unit managers 80% of respondents reported using SaaS (Software as a Service) applications that were not approved by IT.  This is the equivalent of business units running non-sanctioned manufacturing facilities, offices, or lines of business.

Skyhigh Networks recently conducted a study of 200,000 public sector employees with various organizations in the U.S. and Canada.  The study found that the use of shadow cloud services was on average 10 times greater than the applications that IT was running within these government organizations.  A copy of the report can be downloaded here.  This is a serious issue that must be addressed if the government is to protect our personal information and control costs.

The ability to identify unsanctioned or rogue usage can be a complex issue to solve for most organizations large and small.  The outcome however can be well worth the effort and potentially avert serious issues.

About Network Management Solutions

Network Management Solutions (NMS) has been helping companies address their business and technology issues since 1996.  We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia. For more information please contact us.

Superstorm Sandy Tested Business Continuity Plans

Superstorm Sandy ripped through the Northeast at the end of October creating significant damage throughout New York and New Jersey.  Many residents and businesses were without power for days and in many instances weeks. The storm damaged coastal homes and properties and in certain cases devastated entire towns.

How did your business fare during and after the storm? If you were not seriously impacted was it due to being prepared or were you lucky? Were you prepared in that you had a Business Continuity Plan (BCP) in place to call on, or were you lucky that you were able to scramble for alternatives, or were there no significant service disruptions experienced? Did your prior planning ensure that redundancy was available and alternate measures in place to sustain business operations and that those who could not get to work had designees in place to take over in the interim?

Now is the time to take stock of your preparedness and assess what went well and how you might have done better. Many times an outage will expose weaknesses in a company’s BCP and Disaster Recovery Planning.  We heard from numerous businesses that felt the effects of Sandy and realized they were not prepared.  Equipment damage, data losses and long standing service outages and an inability to rapidly provide alternate resources hurt those businesses.

Companies that prepared plans and tested their viability ongoing did remarkably well.  Critical services were available and key business activities continued. The effort to develop, execute and manage the plan was well worth it to those who prepared.

Network Management Solutions provides Business Continuity and Disaster Recovery Planning.  For more information please contact us.