Guest post by Michael Prewett.

This is definitely not something you want to see when you turn on your computer Monday morning! This screenshot is from the infamous NotPetya Ransomware that wreaked havoc on the world mid-2017, causing approximately $10 billion dollars’ worth of damage to businesses worldwide.

Ransomware has continued to rise in popularity as the tool of choice for cyber-criminals and unfortunately has gone from an “It will never happen to me” to a “When might it happen to me?” question for most businesses. It doesn’t matter how big or small your business is, or whether you hold valuable information, the aim is to stop you from accessing the files that matter to you.

For those in the AEC industry, it’s particularly notable that Zaha Hadid Architects (ZHA) suffered a ransomware attack on April 21, after finding messages left on its server saying internal company data had been encrypted and would only be released if it negotiated a ransom settlement with the cyber criminal. A spokesperson from the firm issued the below statement¹

“With all our 348 London-based staff working from home during this pandemic and cybercriminals poised to exploit the situation, we strongly advise the architectural community to be extremely cautious.”

Fortunately, ZHA was in a good position as the data was backed up so the encryption of some server information was not a serious problem. It is unknown though, how much information has been stolen. Additionally, its employees were locked out of the server and forced to reset passwords and as such there was significant downtime and therefore lost revenue in order to remedy the situation.

Initially the firm had not notified their clients as they could not guarantee the security of its communication systems but later issued the following:

“Data protection and privacy is extremely important to us and this is why we regretfully have to announce that on 21 April we experienced a security breach and theft of data in a ransomware attack.”

“We immediately worked to secure our network and reported the incident to the authorities. With minimal disruption to the work of our teams, we continue to investigate any criminal theft of data with cyber specialists.”

In Australia, legislation requires any data breaches must be reported to the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breach Scheme.²

Unfortunately, there is no “magic bullet” for defeating ransomware but there are some helpful guidelines published by the Australian Government that can help put your company in a strong position to minimise the risks these attacks pose.

This list is called The Essential Eight³ and covers items such as using Multi-Factor Authentication, having Daily backups and restricting applications on your computers.

If you would like help reviewing your cybersecurity posture – please contact us on 1300 735 926 or email us at support@pkcg.com.au

Sources

1. https://www.architectsjournal.co.uk/news/zaha-hadid-architects-held-to-ransom-by-cyberhacker/10046940.article
2. https://www.oaic.gov.au/privacy/notifiable-data-breaches/
3. https://www.cyber.gov.au/publications/essential-eight-explained

More about Michael

Michael Prewett is passionate about cyber security, innovation and new technology, and how to apply it to real world business cases. He also likes to find ways to use existing technology in new ways to improve the customer experience.

You can connect with him on LinkedIn at https://www.linkedin.com/in/michael-prewett/

How often should I restart? Should I shutdown every day? I’ve restarted but it didn’t fix the issue!

These are some of the most common phrases we hear from our clients. Let’s break down these questions and provide a little insight as to why restarting is so important.

We’ve all heard the phrase “Have you turned it off and on again?” As trivial as it sounds, this simple process can resolve a lot of day to day issues. You’ve been working all day but now your application wont open. “What changed?” you may be asking yourself.

Let’s break down the system start-up process and why this can fix most of these issues. During a restarting your system undergoes 3 main processes:

1. POST / Pre-boot
2. System Initialisation
3. User Session initialisation

POST / Pre-Boot

During the POST (Power On Self Test) your system is running a diagnostic sequence testing of all components to ensure your system is ready to begin.

System Iinitialisation

At this point in the start-up your computer is loading the Operating System, Drivers and Services into your RAM (Random Access Memory)

If part of the operating system or services has suffered an unrecoverable crash, this is where your system will restart these applications and services. Examples below of what you may have experienced that will resolve in this stage of the restart.

• Printers all offline
• Sound card no long working
• Unable to access the internet

User session initialisation

When you log into your computer, your user session is created. This loads all your personal start-up applications, profile settings and configurations into your RAM.

Ever had an application crash that wouldn’t reopen? If an application doesn’t close correctly there may be parts of it still running inhibiting your program from opening again. Restarting flushes your RAM of all your running application allowing to have a fresh clean start.

With the complexities of your user session, applications starting and stopping, Windows Updates, application updates, driver updates you can start to understand the importance of the restart and why it’s the most common phrase you’ll hear from your IT person.

Windows 10 – sometimes a bit too smart for its own good

Windows 10 has tried to make our lives better by making it faster and introduced a feature called Fast Boot.

Fast Boot does cause some issues, as when you “shutdown” your system it isn’t getting the refresh it needs. It saves your session, instead of closing everything down, and then just reloads your session, errors and all. To get around this its important to choose Restart and not Shutdown.

With the sudden move to working from home, and without the protection of enterprise grade firewalls, antivirus and other protections afforded on your office network, it’s more important than ever to be vigilant against cyber criminals.

Use your home computer, like you would use your computer at work

The number one cause of compromise that we see is human error, whether that’s clicking on a phishing email and entering your details or downloading something that is malicious. Chances are when using your work computer, you are super cautious about the emails, attachments, and links that you open. You should be taking these same exact steps when working from home.

Remember, it isn’t just your personal system you are putting at risk, but company resources too!

Use strong passphrases

Strong passphrases are the first line of defence for your accounts. See our post on passwords and passphrases here for our recommendations. You should use a different passphrase for your computer, each application, and website you use – particularly those that you have given personally identifiable information (PII).  Using the same email address and passphrase across websites will mean if one site is compromised, then all your accounts are at risk!

We recommend the use of a password manager such as 1Password, Dashlane or LastPass. If you’re storing passwords related to work, we can give you access to MyGlue.

Keep your devices up to date

Keeping your devices, including the operating system, any applications you have installed, and for computers, drivers and firmware, is essential to reduce the number of vulnerabilities that can be used to access your device. Updates also deliver new features, and can sometimes improve performance too!

Use reputable anti-virus / anti-malware protection

Anti-virus or anti-malware protection is another layer of security that provides protection for your computer against malicious threats. It’s important that it’s kept up to date with the latest signatures, and if it doesn’t run in realtime then you should be scanning all files you haven’t opened before.

If you’re a current client of PKCG, you are more than likely are using Sophos Intercept X at work and we can install this on your devices at home too!

Use secure Wi-Fi

While the Wi-Fi network  at the office is likely to be secure and encrypted, the same might not be true for your connection at home. If you risk using an unsecured network while working remotely, you could be allowing nearby cyber criminals a route into the company network. It’s trivial  for cyber criminals to set up an unsecured network and “sniff” all the traffic going over a wireless connection.

Back up your data

Storage is cheap, you can use either an external drive or back up to the cloud. Unplug your external drives when not in use, and store them in a secure place. If your backup software supports it encrypt your backups  with a strong passphrase too.

Cyber criminals don’t always want to steal your data, sometimes they want to encrypt it and keep it at ransom. Make sure you test your backups too, firstly to make sure they are happening, and secondly to make sure you can recover data from them.

Don’t forget physical security too!

Lock your computer when not in use, even if it’s only for a short period of time. Make sure your mobile devices have a passcode set, and set up the ability to find or wipe devices remotely if possible.

It’s much easier to access your information if other people have access to your devices.

If you would like our help reviewing your cybersecurity at home – please contact us on 1300 735 926 or email us at support@pkcg.com.au

With the recent shift of business now asking staff to work from home, the reliance on internet connectivity has grown furthermore towards business continuity. Whether simple email correspondence, or a bandwidth demanding video conference, having a stable internet connecting is essential.

At the same time, more people working from home means more people sharing the internet connection which will result in  slower speeds.

Due to COVID-19 the NBNco has increased capacity by approximately 40%, and have started posting transparent reports on their website.

There are several things you can do to help improve home internet at these times with these simple steps:

Check your internet speed

The first thing to know is what speed and plan you are getting with your current internet service provider (ISP). The most common connections in Australia are NBN, ADSL2+, Cable, and 4G. Megabits are commonly used for measuring internet speed.

There are many websites you can use to check your internet speed over the web. Speedtest by Ookla is the most widely used speed testing tools.

Most ISP’s advice is that their connection will slow down during evenings, which is referred to as peak time (when most people are at home, streaming content or playing games) between 7pm – 11 pm.

Upgrade your plan accordingly if you experience slowness but make sure you are getting the speed you are eligible with your plan.

Restart your router

A simple fix like switching your router OFF then back ON again could do trick sometimes. Make sure to wait for at least 5 second before turning it back ON.

It may not work all the time, but it is worth a try before checking other things.

Optimise router location

It is very important to find a suitable location to place your router where it visible and without any obstruction, especially if connecting via Wi-Fi. It is recommended to place it in an open location where devices have line of sight. Always sit the router upright as it is intended by the manufacturer.

Use a wired connection

It is best to use an Ethernet cable to connect your computer with the router to get the best speed. A wired connection provides faster transfer of data and it is less likely to lose connection.

If you would like our help reviewing your home connection to make sure it’s meeting your working from home requirements – please contact us on 1300 735 926 or email us at support@pkcg.com.au.

Everyone is asking about Microsoft Teams, so we thought we post up a quick overview on Microsoft Teams on our blog we can send out for companies who are just starting to use Teams.

Microsoft Teams is a chat-based workspace app that fosters collaboration and communication within a company. Right now, the most likely reason you’re using Teams is for internal communication. You’re probably about to start working from home in the coming weeks but still want to be able to easily stay in touch with colleagues and discuss ongoing projects.

Teams provides the features of Skype (chat and conferencing), SharePoint and OneDrive (file sharing and collaboration), OneNote (note taking), Planner (everyday project management), Stream (video sharing), plus tabs to bring in other external apps all in a single app.

If you want to jump in the deep end and get up and running quickly, the quick start guide by Microsoft is your best bet – you can download it here. There is also a Microsoft Teams Quick Start video series, if that’s more your thing.

We recommend keeping things fairly simple at the start while your team adopts to using a new tool – the basic Team template we have been rolling out includes just four channels:

• Announcements – for relaying important information to your team.
• General – for general discussion.
• Management – a private channel reserved for management staff.
• Watercooler – to keep up the office vibe and banter.

A new Team comes with a lot of stuff, but you don’t have to use everything that comes with it. In addition to conversations, you get a SharePoint site, a OneNote notebook, a Planner plan, a Wiki, and lots more!

Over time as your staff become more familiar with Teams, they’ll likely start creating their own channels, as well as individual teams focused around specific projects and groups. We can lock down permissions so they can’t, but we suggest letting the usage naturally evolve to best fit how your team works.

Some additional resources you might find handy to get the most out of Microsoft Teams are below:

• 9 tips for having the best online meeting experience with Microsoft Teams
• Microsoft Teams blog
• Microsoft Teams video training
• Microsoft Teams help & learning center
• Staying productive while working remotely with Teams

We’re more than happy to field any questions you have about Teams, and provide assistance with implementing it – get in touch with our team by emailing support@pkcg.com.au, or calling through on 1300 735 926.