Zaha Hadid Architects held to ransom by cybercriminals

Guest post by Michael Prewett.

This is definitely not something you want to see when you turn on your computer Monday morning! This screenshot is from the infamous NotPetya Ransomware that wreaked havoc on the world mid-2017, causing approximately $10 billion dollars’ worth of damage to businesses worldwide.

Ransomware has continued to rise in popularity as the tool of choice for cyber-criminals and unfortunately has gone from an “It will never happen to me” to a “When might it happen to me?” question for most businesses. It doesn’t matter how big or small your business is, or whether you hold valuable information, the aim is to stop you from accessing the files that matter to you.

The idea behind ransomware, a form of malicious software, is simple: Lock and encrypt a victim’s computer or device data, then demand a ransom to restore access. Additionally, ransomware gangs are now purportedly also releasing stolen information on the dark web if the ransom demands are not paid.

For those in the AEC industry, it’s particularly notable that Zaha Hadid Architects (ZHA) suffered a ransomware attack on April 21, after finding messages left on its server saying internal company data had been encrypted and would only be released if it negotiated a ransom settlement with the cyber criminal. A spokesperson from the firm issued the below statement1

“With all our 348 London-based staff working from home during this pandemic and cybercriminals poised to exploit the situation, we strongly advise the architectural community to be extremely cautious.”

Fortunately, ZHA was in a good position as the data was backed up so the encryption of some server information was not a serious problem. It is unknown though, how much information has been stolen. Additionally, its employees were locked out of the server and forced to reset passwords and as such there was significant downtime and therefore lost revenue in order to remedy the situation.

Initially the firm had not notified their clients as they could not guarantee the security of its communication systems but later issued the following:

“Data protection and privacy is extremely important to us and this is why we regretfully have to announce that on 21 April we experienced a security breach and theft of data in a ransomware attack.”

“We immediately worked to secure our network and reported the incident to the authorities. With minimal disruption to the work of our teams, we continue to investigate any criminal theft of data with cyber specialists.”

In Australia, legislation requires any data breaches must be reported to the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breach Scheme.2

Unfortunately, there is no “magic bullet” for defeating ransomware but there are some helpful guidelines published by the Australian Government that can help put your company in a strong position to minimise the risks these attacks pose.

This list is called The Essential Eight3 and covers items such as using Multi-Factor Authentication, having Daily backups and restricting applications on your computers.

If you would like help reviewing your cybersecurity posture – please contact us on 1300 735 926 or email us at support@pkcg.com.au

Sources

  1. https://www.architectsjournal.co.uk/news/zaha-hadid-architects-held-to-ransom-by-cyberhacker/10046940.article
  2. https://www.oaic.gov.au/privacy/notifiable-data-breaches/
  3. https://www.cyber.gov.au/publications/essential-eight-explained

More about Michael

Michael Prewett is passionate about cyber security, innovation and new technology, and how to apply it to real world business cases. He also likes to find ways to use existing technology in new ways to improve the customer experience.

You can connect with him on LinkedIn at https://www.linkedin.com/in/michael-prewett/

Time to Restart

How often should I restart? Should I shutdown every day? I’ve restarted but it didn’t fix the issue!

These are some of the most common phrases we hear from our clients. Let’s break down these questions and provide a little insight as to why restarting is so important.

We’ve all heard the phrase “Have you turned it off and on again?” As trivial as it sounds, this simple process can resolve a lot of day to day issues. You’ve been working all day but now your application wont open. “What changed?” you may be asking yourself.

Let’s break down the system start-up process and why this can fix most of these issues. During a restarting your system undergoes 3 main processes:

  1. POST / Pre-boot
  2. System Initialisation
  3. User Session initialisation

POST / Pre-Boot

During the POST (Power On Self Test) your system is running a diagnostic sequence testing of all components to ensure your system is ready to begin.

System Iinitialisation

At this point in the start-up your computer is loading the Operating System, Drivers and Services into your RAM (Random Access Memory)

If part of the operating system or services has suffered an unrecoverable crash, this is where your system will restart these applications and services. Examples below of what you may have experienced that will resolve in this stage of the restart.

  • Printers all offline
  • Sound card no long working
  • Unable to access the internet

User session initialisation

When you log into your computer, your user session is created. This loads all your personal start-up applications, profile settings and configurations into your RAM.

Ever had an application crash that wouldn’t reopen? If an application doesn’t close correctly there may be parts of it still running inhibiting your program from opening again. Restarting flushes your RAM of all your running application allowing to have a fresh clean start.

With the complexities of your user session, applications starting and stopping, Windows Updates, application updates, driver updates you can start to understand the importance of the restart and why it’s the most common phrase you’ll hear from your IT person.

Windows 10 – sometimes a bit too smart for its own good

Windows 10 has tried to make our lives better by making it faster and introduced a feature called Fast Boot.

Fast Boot does cause some issues, as when you “shutdown” your system it isn’t getting the refresh it needs. It saves your session, instead of closing everything down, and then just reloads your session, errors and all. To get around this its important to choose Restart and not Shutdown.

Audio Conferencing for Microsoft Teams

Guest post by Michael Prewett.

With a possible staged “return to work” happening soon, many companies will be in the position of some of their workforce being in the office and some still working from home. In addition, face to face meetings may still not be feasible in some situations due to maintained social distancing requirements.

As many people have recently discovered, Microsoft Teams has been a great tool to facilitate collaboration when we have been physically apart. Sometimes though it is easier for your team or your clients to “dial in” to a meeting rather than having to be in front of their devices for video chats. Having Microsoft Teams Audio Conferencing is great for those situations where internet connectivity may be limited or even when the call quality is better when dialing in. It also allows meeting attendees to connect easily without software installs or logins.

Microsoft Teams Audio Conferencing can replace costly traditional dial-in phone conference bridges, which when charging by the minute definitely adds up to a hefty sum at the end of the month!

When you create a Microsoft Teams meeting as a user assigned with Audio Conferencing, a dial in number and conference ID is added to the invitation. This number can be configured at setup to be a toll or toll free number located in your choice of most major cities too.

 

You can call in to these details from the meeting or when joining the meeting through Teams, you can click the Phone Audio button to join and it will display the dial in information to you:

 

PKCG recently implemented Microsoft Teams Audio Conferencing for a client and managed to save them over $2000 a month from their existing audio conferencing solution!

 

If you would like our help reviewing your teleconferencing costs or help with getting more out of your Microsoft 365 subscription – please contact PKCG on 1300 735 926 or email us at support@pkcg.com.au

More about Michael

Michael Prewett is passionate about cyber security, innovation and new technology, and how to apply it to real world business cases. He also likes to find ways to use existing technology in new ways to improve the customer experience.

You can connect with him on LinkedIn at https://www.linkedin.com/in/michael-prewett/

Optimising your Remote Desktop connection

So you’ve recently read our post on how to improve your internet connection at home now you’re looking for the next speed hit. Let’s dig a little deeper into your working from home setup, more specifically, your Remote Desktop connection and how we can optimise it.

Even though it is very good with compression, your Remote Desktop connection is constantly updating everything you see – think of it like watching a video stream of your work computer. Using a single colour background, while boring, is more efficient than that ocean sunset on the beach you’d rather be at.

Out of the box your Remote Desktop connection is designed to detect and provide the best experience based on your internet connection when you connect. This works well, until someone starts watching YouTube or Netflix in the house. When your internet takes a hit like this your Remote Desktop can suffer quite a lot as it won’t automatically adjust to the new connection speeds available.

There are some changes to the quality settings you can make that will speed things up, at the trade off of missing some visual features including:

  • Background Images
  • Windows Themes & Visual Styles
  • Window Content while Dragging
  • Menu Animations
  • Colour depth

Making these changes

We recommend tweaking these settings to find find a good balance between performance and appearance.

  1. Open Remote Desktop Connection
  2. Select Show Options in the bottom left
  3. Select the Experience tab
  4. Drop down the Performance menu and select Modem (56 kbps)
  5. Untick all of the boxes
  6. Select the Display tab
  7. Drop down the Color menu select High Color (16 bit)

That’s it, now you can go to the General tab and save this connection to your desktop for quick easy access every time.

Your Remote Desktop session might not as nice as having the display settings turned up, but it will make for a more fluid and response experience.

If you would like our help speeding up your remote access, and enabling your work from home workforce – please contact us on 1300 735 926 or email us at support@pkcg.com.au

Improving your cybersecurity at home

With the sudden move to working from home, and without the protection of enterprise grade firewalls, antivirus and other protections afforded on your office network, it’s more important than ever to be vigilant against cyber criminals.

Use your home computer, like you would use your computer at work

The number one cause of compromise that we see is human error, whether that’s clicking on a phishing email and entering your details or downloading something that is malicious. Chances are when using your work computer, you are super cautious about the emails, attachments, and links that you open. You should be taking these same exact steps when working from home.

Remember, it isn’t just your personal system you are putting at risk, but company resources too!

Use strong passphrases

Strong passphrases are the first line of defence for your accounts. See our post on passwords and passphrases here for our recommendations. You should use a different passphrase for your computer, each application, and website you use – particularly those that you have given personally identifiable information (PII).  Using the same email address and passphrase across websites will mean if one site is compromised, then all your accounts are at risk!

We recommend the use of a password manager such as 1Password, Dashlane or LastPass. If you’re storing passwords related to work, we can give you access to MyGlue.

Keep your devices up to date

Keeping your devices, including the operating system, any applications you have installed, and for computers, drivers and firmware, is essential to reduce the number of vulnerabilities that can be used to access your device. Updates also deliver new features, and can sometimes improve performance too!

Use reputable anti-virus / anti-malware protection

Anti-virus or anti-malware protection is another layer of security that provides protection for your computer against malicious threats. It’s important that it’s kept up to date with the latest signatures, and if it doesn’t run in realtime then you should be scanning all files you haven’t opened before.

If you’re a current client of PKCG, you are more than likely are using Sophos Intercept X at work and we can install this on your devices at home too!

Use secure Wi-Fi

While the Wi-Fi network  at the office is likely to be secure and encrypted, the same might not be true for your connection at home. If you risk using an unsecured network while working remotely, you could be allowing nearby cyber criminals a route into the company network. It’s trivial  for cyber criminals to set up an unsecured network and “sniff” all the traffic going over a wireless connection.

Back up your data

Storage is cheap, you can use either an external drive or back up to the cloud. Unplug your external drives when not in use, and store them in a secure place. If your backup software supports it encrypt your backups  with a strong passphrase too.

Cyber criminals don’t always want to steal your data, sometimes they want to encrypt it and keep it at ransom. Make sure you test your backups too, firstly to make sure they are happening, and secondly to make sure you can recover data from them.

Don’t forget physical security too!

Lock your computer when not in use, even if it’s only for a short period of time. Make sure your mobile devices have a passcode set, and set up the ability to find or wipe devices remotely if possible.

It’s much easier to access your information if other people have access to your devices.

If you would like our help reviewing your cybersecurity at home – please contact us on 1300 735 926 or email us at support@pkcg.com.au

Slow internet at home?

With the recent shift of business now asking staff to work from home, the reliance on internet connectivity has grown furthermore towards business continuity. Whether simple email correspondence, or a bandwidth demanding video conference, having a stable internet connecting is essential.

At the same time, more people working from home means more people sharing the internet connection which will result in  slower speeds.

Due to COVID-19 the NBNco has increased capacity by approximately 40%, and have started posting transparent reports on their website.

There are several things you can do to help improve home internet at these times with these simple steps:

Check your internet speed

The first thing to know is what speed and plan you are getting with your current internet service provider (ISP). The most common connections in Australia are NBN, ADSL2+, Cable, and 4G. Megabits are commonly used for measuring internet speed.

There are many websites you can use to check your internet speed over the web. Speedtest by Ookla is the most widely used speed testing tools.

Most ISP’s advice is that their connection will slow down during evenings, which is referred to as peak time (when most people are at home, streaming content or playing games) between 7pm – 11 pm.

Upgrade your plan accordingly if you experience slowness but make sure you are getting the speed you are eligible with your plan.

Restart your router

A simple fix like switching your router OFF then back ON again could do trick sometimes. Make sure to wait for at least 5 second before turning it back ON.

It may not work all the time, but it is worth a try before checking other things.

Optimise router location

It is very important to find a suitable location to place your router where it visible and without any obstruction, especially if connecting via Wi-Fi. It is recommended to place it in an open location where devices have line of sight. Always sit the router upright as it is intended by the manufacturer.

Use a wired connection

It is best to use an Ethernet cable to connect your computer with the router to get the best speed. A wired connection provides faster transfer of data and it is less likely to lose connection.

If you would like our help reviewing your home connection to make sure it’s meeting your working from home requirements – please contact us on 1300 735 926 or email us at support@pkcg.com.au.

Getting started with Microsoft Teams

Everyone is asking about Microsoft Teams, so we thought we post up a quick overview on Microsoft Teams on our blog we can send out for companies who are just starting to use Teams.

Microsoft Teams is a chat-based workspace app that fosters collaboration and communication within a company. Right now, the most likely reason you’re using Teams is for internal communication. You’re probably about to start working from home in the coming weeks but still want to be able to easily stay in touch with colleagues and discuss ongoing projects.

Teams provides the features of Skype (chat and conferencing), SharePoint and OneDrive (file sharing and collaboration), OneNote (note taking), Planner (everyday project management), Stream (video sharing), plus tabs to bring in other external apps all in a single app.

If you want to jump in the deep end and get up and running quickly, the quick start guide by Microsoft is your best bet – you can download it here. There is also a Microsoft Teams Quick Start video series, if that’s more your thing.

We recommend keeping things fairly simple at the start while your team adopts to using a new tool – the basic Team template we have been rolling out includes just four channels:

  • Announcements – for relaying important information to your team.
  • General – for general discussion.
  • Management – a private channel reserved for management staff.
  • Watercooler – to keep up the office vibe and banter.

A new Team comes with a lot of stuff, but you don’t have to use everything that comes with it. In addition to conversations, you get a SharePoint site, a OneNote notebook, a Planner plan, a Wiki, and lots more!

Over time as your staff become more familiar with Teams, they’ll likely start creating their own channels, as well as individual teams focused around specific projects and groups. We can lock down permissions so they can’t, but we suggest letting the usage naturally evolve to best fit how your team works.

Some additional resources you might find handy to get the most out of Microsoft Teams are below:

We’re more than happy to field any questions you have about Teams, and provide assistance with implementing it – get in touch with our team by emailing support@pkcg.com.au, or calling through on 1300 735 926.

Time for a Password Checkup

With the ever increasing threat to security by cybercriminals we need to be ever more vigilant in protecting ourselves. Therefore, we are adopting and suggesting the NIST guidelines for passwords to all of our clients. NIST develops and maintains an extensive collection of standards, guidelines, recommendations, and research on the security and privacy of information and information systems.

Following their guidelines we are now recommending the following when creating your password:

  • A minimum of eight characters
  • The use of special characters is not required
  • No sequential and repetitive characters (e.g. 12345 or aaaaaa)
  • No context specific passwords (e.g. company name or abbreviation, office location, etc.)
  • No commonly used passwords (e.g. p@ssw0rd, qwerty, etc.)
  • No passwords that have previously been breached

In line with Microsoft recommendations, we’ll also no longer be requiring passwords to be changed on a periodic basis – something we’re sure will be met with a lot of relief. Periodic password expiration is a defense only against the probability that a password might be stolen. If a password is never stolen, there’s no need to expire it.

 

Length is one of the most important factors toward making a password secure, so we recommend using a password phrase. A long, nonsense to others, but something that makes sense to you phrase that’s easy to remember – but hard to brute force!

To put things into perspective, a reasonable computer can brute force up to 8,031,810,176 passwords in under a minute. That’s every lower case, 7 characters or less password cracked! Put that fancy GPU in your design machine to the task, and it’ll be even faster!

We’ll be rolling out tooling to our clients to ensure passwords are meeting these requirements and provide increased security. For some clients, due to business requirements your password policy may be more strict – please consult your IT Acceptable Use guidelines to confirm.

GeForce or Quadro?

It’s one of the most common questions we receive from clients when they are looking to purchase a new computer… so we thought we’d put the GeForce RTX2080, and Quadro RTX4000, two common graphics cards in our preferred Dell Precision 3630 workstations, to the test.

On paper the Quadro has error-correcting code memory (ECC memory), optimised drivers and less power consumption, however the GeForce has more CUDA cores and higher memory bandwidth.. but is the $500 or so price difference for the Quadro over the GeForce worth it? And, more importantly are you going to notice the difference?!

All other hardware components in the workstations were identical:

  • Intel Core i9-9900 3.1GHz, 5.0GHz Turbo, 8C, 16M Cache
  • 32GB (2x16GB) 2666MHz DDR4 Non-ECC Memory
  • 512GB NVMe Class 40 Solid State Drive
  • Windows 10 Pro

Based on our previous road test, we’ve used the same benchmarking software (just the latest versions) including:

  • RFO Benchmark, a totally automated script which opens and manipulates Revit models to see how fast your computer is under somewhat realistic working conditions. A lower score is better. From our testing, RFO 2019 seems a little slower than the older 2018 version.
  • Geekbench, a cross-platform processor benchmark, with a scoring system that separates single-core and multi-core performance and workloads that simulate real-world scenarios of general computer use. A higher score is better.
  • 3DMark Time Spy, a DirectX 12 benchmark test for gaming PCs running Windows 10. With its pure DirectX 12 engine, built from the ground up to support new API features like asynchronous compute, explicit multi-adapter, and multi-threading, Time Spy is the ideal benchmark for testing the DirectX 12 performance of modern graphics cards, and is the test we use for virtual reality. A higher score is better.
  • Cinebench, a real-world cross platform test suite that evaluates your computer’s performance capabilities. Cinebench is the perfect tool to compare CPU and graphics performance across various systems and operating systems (Windows and macOS). A higher score is better.

So without further ado, on to the results:

RFO 2019Geekbench
3DMark Time SpyCinebench

From the results, it’s clear that the GeForce has an edge over the Quadro.

However, there are other things to take into consideration as well that favour the Quadro, such as error-correcting code memory, optimised and stable drivers, 10-bit colour and slightly lower power consumption. Hardware certification is also important for enterprise environments that demand a stable platform, and also for support with software vendors – however in our experience, there is a negative stigma attached to “gamer” cards, so they are never likely tested in the first place.

We think that losing some of those features to gain performance at a cheaper price point is worth the trade off, and in years of providing IT solutions for the AEC industry we are yet to see any error or issue as a result of using a GeForce video card instead of a Quadro.

Navigating your Office and Microsoft 365 options

At PKCG we see a lot of businesses using Office 365 Business Premium. Office 365 Business Premium is a best-in-class productivity solution that gives you the apps and services that will help your employees get more done and work better together. Is it the best solution for your business though?

We like to think of Office 365 Business Premium as a starting point that puts you on a path to Microsoft 365 Business which will help you address more advanced security and compliance requirements.

Microsoft 365 Business includes everything that Office 365 Business Premium offers while adding Advanced Security and Device Management features to protect your company data across personal and company-owned devices.

Some of the Advanced Security Features offered as part of Microsoft 365 Business include:

  • Protection from unsafe attachments, suspicious links, attachment checking and scanning to protect your business from malware
  • Information Protection Policies to help control and manage how data is accessed
  • Controls to protect company data on personal mobile devices
  • Preservation, compliance and archiving capabilities

Device Management is another feature that is not available on Office 365 Business Premium. Microsoft 365 Business includes an upgrade to Windows 10 Business from Windows 7, Windows 8 or Windows 8.1. There are also simplified controls to easily manage Windows 10 Pro PCs, self-service PC deployment with Windows AutoPilot and secure management for iOS, Android, Windows and macOS devices.

Your business should be taking advantage of the latest offerings to increase security, productivity and efficiency. At PKCG, we can help your business navigate through the many options of Office 365, and Microsoft 365. Please contact us on 1300 735 926 or email sales@pkcg.com.au if you would like to know more about the best solution for your company.