Internet

Next-Gen Webinars

What do webinars and infomercials have in common?

Most of us have to have nothing else to do in order to watch either one of them.

 

If you are like me, you receive invitations to webinars every day.  If you are like me, however, you delete most of them without even seeing what it is about.  Why do we do that? Because we just don’t have the time.

 

Well, the truth is, we all have the same amount of time every day.  We have to determine what is worth our time and what isn’t.  For instance, I would probably rather have an uncomfortable hour at the dentists than spending a day at a seminar.

 

And then, the oddest thing happened.  I had to HOST a webinar.  The things I had to say were of VITAL importance.  But, it was ill-attended, and I know why.  We, as business people, are past saturation with these things.  So what do folks do to overcome this?  They offer bribes, in the form of gift cards, or product, that is awarded at the end of the webinar.  Other folks use the promise of discounts, and still others try to convince you by misleading folks as to the point of the webinar.

 

So, what is the answer? Most webinars are over in under an hour.  Many webinars are best attended by competitors to get an edge on what others are saying and doing.  In my industry, all you need to do is mention the word “cyber-security”, and suddenly, everyone is an expert, or is so daunted by the topic that they just walk away.  Is it a really important topic?  Yes.  Do most of them say the same thing?  Yes.  “Have a good anti-virus / anti-malware, and have good backups”.  I just saved you from attending 95% of cybersecurity webinars.  You are welcome. They tell you about how to mitigate the risks of the day.  What we really need is a webinar that is going to tell us the future.  If I had a stock analyst that could accurately predict the future, I would be very well off.  If you had an IT partner that could accurately predict the future, you would be better off too.

 

So, we are shining up our crystal ball.  We are looking at the changing landscape with respect to technology.  We are consulting with law enforcement and evaluating international trends.  What we *won’t* do is to promote what we call ‘cyber-info terrorism’.  This is where folks try to scare you into buying their products.

 

So, lets try something new.  If you would like to know some vital information about the future and how it WILL affect your business technology, then respond to this.  We will be happy to share with you what is coming, and discuss possibilities to make certain that it doesn’t adversely affect your business.

 

What you do with that information is up to you. It is, however, better to be informed, than not

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , ,

Friday, May 26th, 2017 Cybersecurity, General, Internet No Comments

Stability Sense

Introduction

Imagine losing $100,000,000 in revenue in two days: 1/10th of a billion dollars gone in two business days. This was the reality for Delta Airlines in September of 2016, when a loss of power shut down many of their servers, causing thousands of flight delays.  Everyone enjoys using the term “crash” when referring to basic program and process failures, but do not often convey the impact that crashes can have on a company. Expanding on this; companies that are not prepared with backups and continuity solutions are risking hemorrhaging resources like money and time the entire time their network is down.

“Crash” Course

One of the contributing factors to “crash” being such an overused term is that fact that a crash can be caused by many different things, and can come from both internal and external sources. A crash is, at its’ basics; an unwanted and sudden shutdown or cessation of function by a program or process. This can be cause by many different core issues, but amongst the most common would be information overload and hardware failure. Information overload is when too much information is attempted to be processed by the program or process and consequently the demand exceeds the capability of the software, causing a crash. Hardware crashes are more diverse, being caused by a variety of physical or mechanical failures that can cause the software logic to conflict with itself or trigger emergency shutdown procedures within the program itself. These can be caused by simple pre-existing conditions within the computer such as trying to run a program that has higher demands than your network can meet. However not all process and program failures stem from crashes; the recent “WannaCry” malware if present, can lock your files away, threatening their deletion for ransom, leading to a similar situation as a crash.

Why does network stability/continuity matter?

What truly makes a crash dangerous is its’ potential to “go down with the ship”. It is possible that on a computer network, if a key component or program fails and crashes, it could take the network with it; one server crashing has the capability to make a network unusable from a business perspective, costing time, and a large sum of money. As previously mentioned, in September, 2016, Delta Airlines had a physical hardware failure that caused a power outage at their Atlanta facility. Not all the servers within had backup which led to a massive data loss.  This caused flights to be delayed, which meant that flight crews went overtime and had to clock out as per federal limitations, meaning flights were delayed even longer to replace flight crews, which meant passengers were in some case waiting days for their flights. Vouchers were offered to appease many of these passengers, but by time all had been said and done, Delta reported they lost over $100,000,000 in revenue all within a few days.

How can I protect my data?

The act of protecting your sensitive data from these situations is often referred to as “data continuity” or “business continuity”. The idea is that if the worst should come and your data is the victim of a crash or attack, it can be recovered quickly and effectively. There are a few ways to go about this, from keeping up-to-date backups, to having copies of your data present at off-site or off-network locations that wouldn’t be affected. However, as usual, we at Micro Systems have a few ideas to get you started, so give your friendly wizards a call.

 

 

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , , ,

Thursday, May 18th, 2017 Back to basics, Cybersecurity, Internet No Comments

Stop the Inavsion of the Data Snatchers!

Introduction

Have you ever seen an action movie involving “hacking”? The one where the hero must figure out some sort of visual graphic interface puzzle to break into the plot device to save the day? Obviously this is more than a little misrepresentative of how such things work. I personally liken it to a sort of crossword puzzle. You have many points you can start at, and as you go and find information, the more information is revealed through what you already know. In this way, when someone attempts to break into networks that are not theirs, they have what are referred to as points of ingress. These are the “entrances” people can use to enter your network and start doing the things bad people do in others’ networks.

So logic dictates the best way to stop this from happening is to block these points of ingress; if there is no entrance, they cannot enter. This is the objective of many anti-malware programs and firewalls, but no network is ironclad. There are many “entrances” you might not have heard of. These can include:

 

  • Telnet
  • SSH (SecureShell)
  • Internet Port 80
  • Internet Port 443 (Https webpages you see commonly)
  • E-mail SMTP Port 25
  • E-mail alternate SMTP Port 587
  • E-mail POP Port 110
  • Remote Desktop port 3389
  • PPTP Tunneling Protocol port 1723
  • SQL port 1433 and 1434

 

These may seem complex and numerous, but most of these are simple things one might expect. Things such as internet webpages, E-mail, and remote desktop services, are points of ingress many people are familiar with. However, most people don’t think of telephone networks when they think of “hacking” and data theft, yet it is just as much a weak point in network security as an online webpage.

As always, Micro Systems Management is committed to providing the best data security services we can offer to our clients. If you have any questions regarding this topic, ask about our upcoming event on the 30th where our own Randy Zinn talks more in depth on the subject. And as always if you have questions about your network and what Micro Systems Management can do to make it safe – give your friendly IT wizards a call!

MSMC logo

 

 

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , , ,

Monday, March 27th, 2017 Cybersecurity, General, Internet No Comments

My Internet Died Again!

Introduction

Computers and other devices can talk to each other, but computers on their own can only handle so much information; if you tried to host all of, say, Google on a single server, it’s simply not possible without a server bigger than your average house. Computers can talk to each other in networks through various means of connection. This connection can be crucial to your operations as a company, or to how fast you can get that cat video to buffer at home. Firstly, for those people unfamiliar with the basic concepts of connectivity and networking; we offer a little primer (you veterans may skip ahead a section if you’d like).

Connectivity basics

Computers are intelligent things, insofar as they can handle a great deal of information, but they’re limited by the amount of information a hard drive can hold. This is where networks come in, the concept to get two (or more) devices to share the information they hold. When these computers are connected, they can share information, but the method of connection itself dictates how fast information can be transferred and how far that information can be transferred. A common type of connection you may have heard of is Ethernet. Ethernet is a type of cable (usually a thick, white or blue cable with a white/clear jack) that runs from the back of most devices into whatever provides your network capabilities (likely a router). An Ethernet cable works very much like a highway; you have one centralized avenue for information to travel (that’s the cable itself) with multiple small “driveways” so information can leave its host device to travel on this “highway” (the “driveways” are the Ethernet ports). Information can then flow more or less freely between devices.  Once that occurs, you have your network. Another common connection for computers is one you most likely experience everyday: Wi-Fi. Wi-Fi is not the magical internet particle that the gods of the web have bestowed upon the common folk, despite how people think (or don’t think) of it. Wi-Fi, at its’ core, is data transfer via radio waves. Wi-Fi is different than Ethernet insofar as the data transfer is typically slower, but the lack of cables and maintenance means more reliability and ease of use, though it is less secure. Trading ability for convenience, though certain advancements in Wi-Fi have recently allowed for transmission speeds approaching (but not matching) Ethernet cables. Fiber optics are a newer transmission type with incredible transmission speed, though they are very fragile due to their glass cables, and much more expensive than other options. The basics of how they work is: in lieu of radio waves to transmit data, fiber optics use light, allowing incredibly fast transmission speed.

Why does connection matter?

It seems like a silly question, but for many people how they have a connection is irrelevant as long as they have one. Largely, people are satisfied to be connected and don’t think about things like network speed; if something is accessing slowly, it must be an issue with my provider/computer! This is not always the case, though. Sometimes your Wi-Fi signal may be blocked by a wall (older buildings may have block walls or cement ceilings which can result in poor signal), or your Ethernet cable might not be connected on both ends. This all seems trivial until you’re attempting to pull a crucial document off a networked server and it won’t download. Or consider a skype meeting across continents to ensure a deal goes smoothly and the video keeps failing. Most modern companies use computer networking in some way; advertisement via website, grouped workstations, usage of cloud servers; these all require an internet connection, and it can make a real, monetary difference to know the difference between your provider having an issue or a poor signal because someone installed your router behind a brick wall. You should also be careful when accessing public wireless. Typically places like Starbucks will have an unencrypted free public Wi-Fi; you should be careful on these networks and avoid using anything that requires a password: email, banking, and shopping to name a few. These networks are easy prey for people looking to intercept personal information. The internet is not the quiet, gentle place it once was.

What can I do about my connection?

There’s a variety of ways to improve your internet connection on your own without rousing the beast in your office that is the IT department. These methods can be situational though, and vary depending on the problem and type of connection. First, you need to determine that it is in fact a problem with your network connection; what type of computer do you own? Some models come with radio switches that can turn the radio inside of your computer on or off – if it’s off, you’re not going to be connected to the internet anytime soon. Also check to make sure you’re connected to the correct network – Wi-Fi has a limited range so if you’re trying to connect to a network some distance away you might encounter difficulty. On that note you should always know whether you have a wired or wireless internet setup; you can tell this by the connection icon in the lower right of most PCs.

 

shutterstock_161319536

A few examples of common symbols used to express your devices’ internet connection

 

Another question to ask: are you the only one having issues? Ask around, see if anyone else can connect with the internet – if they can’t, it’s probably not an isolated problem to you. So how do you determine where the problem is when it’s not just you? Go to adjacent office, ask your neighbor if they are having any trouble. If they are (and they use the same service provider) there is likely nothing much you can do, since it’s on the provider’s end. If they’re not having issues, it’s most likely a problem with your network. So what’s the issue exactly now that we’ve determined it’s your network? If everyone is still connected but has a weak or sporadic signal (1-2 bars for Wi-Fi), check your router. It may be that your router is placed far away from the machines it’s connecting, or it may be obstructed.  Radio waves can travel through walls but thick walls like concrete can severely weaken or block them. Resetting your router can often help, but you should never do this without checking with your boss/notifying your employees; the internet might stay down and that can hurt everyone. Also before handling a router be careful! Some routers are more complex than others and it has the capability to do damage and loss of company productivity if you just start flipping switches. Beyond these basic solutions, it becomes a good idea to contact your IT professional (we happen to know just the right people) and remember to ask nicely, computer wizardry isn’t easy, you know.

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , , , ,

Thursday, July 7th, 2016 Back to basics, General, Internet No Comments

Malvertising: Ads that are bad!

Maybe you do everything right: you only go to websites you trust, you have updated antivirus and anti-malware programs, you use complex passwords, you even floss twice daily. (Just kidding. Nobody does that.) But you still deal with the occasional internet annoyance, like pop-up or banner ads. Unavoidable and pesky, but part of the web-surfing territory, right? They’re annoying, but they don’t really get in your way. Why should you worry about them?

Well, because they can be sneaky as all-get-out, that’s why. And even if you never click on them – I REPEAT – even if you don’t interact with them at all, they can infect your computer with malware – just by being displayed on your screen.

Here’s the problem.

You see, most websites innocently use ad services to create revenue – even websites you trust, like your favorite news site. The ad service will set up a certain number of ads in a rotation on the website. While many of the ads are harmless, sometimes an ad in the rotation will have invisible, malicious code embedded in it (without either the ad service or the website knowing about it). When your computer displays the ad, the evil, embedded code gets run on your computer, looks for any security “holes” it knows how to exploit, and downloads the right kind of malware for your particular vulnerability.

You won’t even know what hit you until, say, you find that your browser homepage has changed to a porn site or ransom page. And you were just trying to update your fantasy football league stats! Thankfully, there are some simple steps you can take which will greatly reduce your chances of falling prey to this type of attack.

Step 1: Update your internet browser.

You’re probably reading this right now using an internet browser like Internet Explorer (or the new Microsoft Edge), Firefox, Safari, or Chrome. If you don’t know if you have the most current version of your browser, here are some directions for finding out. (It never hurts to double check!)

Step 2: Update your browser plugins.

Javascript and Flash are the two biggest security concerns. Click here to check your version of Java and here to update Flash. You can also change your browser’s default plugin settings so your computer must “ask to activate” them. Disable unnecessary plugins entirely.

Step 3: Download good browser protection programs.

If you’re using Firefox, Adblock Plus and NoScript are great browser extensions that will prevent most ads from displaying and will prevent a lot of “invisible” browser activity from happening. Malwarebytes also offers a good free version of its Anti-Exploit Kit (for personal use) that specifically defends against malvertising attacks.

Step 4: As always, take care when browsing. Click wisely!

We’re always happy to help if you have questions or concerns about internet/computer security, or if you’d just like to learn more. Feel free to email us at marketing (at) msmctech (dot) com.

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail
Friday, September 25th, 2015 Cybersecurity, General, Internet No Comments

As an attorney, how would you defend yourself?

USA Today reports in the November 12th 2014 issue that “Former Jodi Arias attorneys blamed for porn deletion”. The claim is that when the defense attorneys viewed the evidence at the police station, that they secretly deleted thousands of files. This is why it is important, if not imperative, that attorneys never work with live evidence. Had the attorney been working from a forensically sound copy, as they should have been, this allegation could not have been made.

The sad part is that most attorneys have not had the training to know how to use a forensic copy. That is not hard to fix, as this process simply isn’t that hard.

1. The police should *never* give access to original evidence that could be altered – in the case of hard drives, or mobile devices, forensic copies should be made for examination.

2. An attorney should *insist* that the evidence that they are examining must be in such a condition that it could not be altered. Failure to do this invites this kind of claim.

3. An attorney should request an authenticated copy of all electronic evidence. These authenticated copies can easily be compared to the original to verify that the data is authentic

4. An attorney should possess software that can mount the forensic copy as a drive on their computer. (This software is FREE.)

5. The attorney should know where to look for standard documents.

What are the take-aways?

• If the police department, or opposing counsel, lets you have access to evidence that can be altered, REJECT IT.

• If the police department, or opposing counsel, gives you access to evidence that has not been authenticated, REJECT IT.

• If you get an authenticated image of electronic evidence, know how to mount it.

• Once you mount the authenticated image of electronic evidence, know where to look for common files.

• When in doubt, consult a certified forensic computer examiner.

I’ve heard attorneys state “relax, this isn’t life or death”. In this instance, and the instance of Casey Anthony, I have to differ in opinion.

Jodi Arias was found guilty of murder, and the evidence was overwhelming. If this improper handling of evidence is used as grounds for a new trial, then a murderer could go free.

If the investigators that were working the Casey Anthony case had done a proper investigation of the internet browsers on Casey’s computer, perhaps there would be some degree of justice for her daughter, Caylee. I am not casting blame on anyone – the fact is that people make mistakes. However, if those mistakes can be fixed, then there is no excuse to make them again.

This evidence, found on June 16th, 2008 (the day Caylee Anthony died), was never admitted as evidence.

•At 2:49 p.m., after George Anthony said he had left for work and while Casey Anthony’s cellphone is pinging a tower nearest the home, the Anthony family’s desktop computer is activated by someone using a password-protected account Casey Anthony used;

•At 2:51 p.m., on a browser primarily Casey Anthony used, a Google search for the term “fool-proof suffocation,” misspelling the last word as “suffication”;

•Five seconds later, the user clicks on an article that criticizes pro-suicide websites that include advice on “foolproof” ways to die. “Poison yourself and then follow it up with suffocation” by placing “a plastic bag over the head,” the writer quotes others as advising;

•At 2:52 p.m., the browser records activity on MySpace, a website Casey Anthony used frequently and George Anthony did not.

Does this mean the Casey was guilty? That is not for me to say. What it does mean, is that valuable evidence was not considered because someone didn’t know what they were doing. We all do our jobs to make a living, but there must be something greater than that. We have an obligation to society to help fix the things that are wrong.

The things I point out in this article, we can help you fix.

 

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail
Thursday, November 13th, 2014 Forensics, Internet, Legal No Comments

Get off of my cloud!

Isn’t it amazing how our government, politicians and large companies push us into THEIR decisions for our future?  Wait a minute – did she say “large companies”?!  Yes, I did.  Technology is experiencing that very phenomenon through cloud computing.  By giving consumers and companies substantial savings, we can now use the cloud for almost everything technology.  Look, I get it, no one likes to spend $500 on a piece of software to own it outright when, for $15/month, one can use the cloud version.  It’s all about ROI (return on investment).  It would take, under this scenario, just under 3 years to make purchasing the software profitable, and by then, the current version will be obsolete.  Is there an inherent danger in having your company’s technology, processes or both, all in the cloud?  We all have heard about the infiltrations, hackers, malware, ransomware and viruses.  But here’s one to ponder which might not have received thought:

Has your internet ever gone down?  During business hours?
It’s frustrating when it happens, isn’t it?

What if all of your company’s technology functions were in the cloud (i.e. Internet)?  It would most likely bring your entire company to a grinding halt. Imagine ALL of your personnel sitting there (on your payroll) unable to work until the internet comes back up.  How long do you wait before you send them home for the day?  How much new and existing business would it cost you?

OK – what’s the solution?  “I can’t afford to keep buying my hardware and software when cloud solutions will save me so much money!”

The best answer is one of moderation.  We do believe that there are some instances where the “cloud” is the absolute best choice.  But it isn’t the ONLY  choice – and there are a myriad of options.  In this industry, there are a lot of people making a lot of money converting your world to their cloud.  But we would be remiss if we didn’t tell you about companies that put the needs of their business ahead of yours.  Like the difference between buying and leasing, there are factors to be considered; who really owns the data that you think is yours?  You may be unpleasantly surprised at the answer.

There is no single solution that fits everyone.  We encourage you to schedule a meeting with one of our cloud experts to discuss the possibilities.

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail
Thursday, June 26th, 2014 General, Internet 1 Comment

Internet Explorer Vulnerability?

I’m sure you have probably heard on the news, or been sent an email describing the terrors of the Internet Explorer vulnerability.  It is concerning when so many IT companies want to use scare tactics to get in the door of your company.  Yes, there is a concern – yes it is real.  But does it apply to you ?

Do you use FireFox, or Chrome, or Safari, or Opera ?  Then this doesn’t apply to you.  There are other issues which may be present with your chosen browser, but this one isn’t yours. You may safely stop reading and enjoy the rest of your day. However, some people *must* use Microsoft’s Internet Explorer as it is required by their software or their workplace.  What can you do ?

First of all you must know the conditions that must be met for this vulnerability to apply to you:

1) You must be using Internet Explorer
2) You must be viewing an animation that requires Adobe Flash

Not doing that ?  Then you need not worry.

You ARE doing that ?  Well, then we need to do something until Microsoft releases its patch to remedy the vulnerability.
The easiest thing to do is simply disable flash until it is fixed.  Now, you *can* install FireFox, Chrome, or another browser if you like, but you should be aware that they may not work with your software.

This isn’t difficult to do.

6 steps (not kidding) – if you have dual monitors, put these instructions up on one screen and do the steps on the other:

  • While in Internet Explorer
  • Click on Tools Menu item or Gear in the upper right hand corner of your screen
  • Choose Manage Add-Ons
  • Locate Shockwave Flash Object (Under Adobe Systems)
  • Highlight it
  • Click “Disable” in the lower right hand corner

How does this affect me while I wait for Microsoft to release the patch for this vulnerability:  You will not be able to view any animations which require Adobe Flash.  An example would be YouTube animations.

We fully expect Microsoft to release a solution by early next week.

If you have any questions or concerns, please call us at:  440.892.9997.

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail
Thursday, May 1st, 2014 Cybersecurity, General, Internet No Comments

Sticks and stones may break my bones, but I will still get your password.

“I can do more damage on my laptop, sitting in my pajamas,
before my first cup of Earl Grey than you can do in a year in the field.”

– Q, Skyfall.

 

In the history of combat, it used to be that one could see the enemy approaching and take proper precautions.  A “fair” fight dictated that one announced their intentions to their opposer and stand firm to look the enemy in the face.  When the revolutionary war came about, the Americans did not prescribe to these notions – they did not wear red, they did not march in a straight line, they hid behind rocks and trees, and attacked in the dead of night.

There is a certain aristocracy for those who follow in the traditional steps of war.  I recall hearing two older men arguing once and one of them said “sure, anyone can drop a bomb – but real men go hand to hand”.  Interesting.  So pilots and smart warriors are not real men ?  No, I believe that they are.  They just have better tools.

So what does this all have to do with the internet ?  I was reading the comments of someone who stated that password cracking was now “officially” a script-kiddie activity.  Wow.  You know, you can call these people names all you want.  That does not negate their intelligence, nor should it lessen the impact of what they are able to do.  Password cracking is a great example of where scripts can come in pretty handy. The article goes on to say that an amateur, using only free tools available on the web was able to break more than 10,000 passwords in one day – and he had never broken a password before in his life.

You have heard it said by everyone : Change your passwords often and make them complex.  Don’t use words that are easy to type or remember – and don’t use words that are in the dictionary – and don’t write them down.  But you aren’t a computer are you ?  How will *you* remember a password that is complex, not in the dictionary, and you didn’t write it down ?  You won’t – unless you are willing to put a little work into it.

Padding a password helps – the longer the password, the longer it takes to break.  What is padding ?  Im glad you asked.  Imagine the password PASS123 – a very common password – most password cracking programs will have this done in moments.  However, if we padded it slightly PpAaSsSs112233, this will increase the complexity dramatically – and it isn’t too hard to remember.  However many systems now require you to have three different types of characters of the four you can choose from (lower case, upper case, numbers, and special characters). Our previous example has three – but if you want to be even more secure, lets add two more characters : PpAaSsSs11!22!33@.

That is a strong password – and we haven’t done a lot to make it so.  Simple changes like this can make the job of password cracking a little harder.  Of course, if you wrote them all down and leave them on your desk, then it won’t take a lot to lose them all at once.

This isn’t a new concept, but it is one that deserves your time.

According to CBS news, the 25 most common passwords of 2012 are as follows :

1. password
2, 123456
3. 12345678
4. abc123
5. qwerty
6. monkey
7. letmein
8. dragon
9. 111111
10. baseball
11. iloveyou
12. trustno1
13. 1234567
14. sunshine
15. master
16. 123123
17. welcome
18. shadow
19. ashley
20. football
21. jesus
22. michael
23. ninja
24. mustang
25. password1

 

If you use a password on this list, you are not alone. It is worth taking the time to make a change.  You wouldn’t use 1234 on your home alarm would you ?  Don’t fall victim to the use of an “old friend” password.  Your attacker will not be wearing a red coat, with a musket, marching in a straight line, with drums behind him.  They might just be in their Pajamas, eating Captain Crunch and waiting for their morning cartoons.

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail
Wednesday, April 3rd, 2013 Cybersecurity, Forensics, General, Internet, Legal No Comments

Read this only if you want to have Internet access after next Monday.

(this article originally published 7/4/12)

Everyone loves George Clooney in an Armani suit, but that isn’t the only reason why people like watching the movie Ocean’s Eleven. Even when we know the “bad guys” are doing things they shouldn’t, we can all still admire a particularly elegant or sophisticated scheme, even when it involves stealing a few million dollars. Sometimes crime can be cool, right?

And sometimes it can be positively infuriating, and we don’t care for a second how “cool” it is because we’re too busy turning into The Hulk and throwing the nearest appliances at the wall in sheer rage. And it will be infuriating, next Monday, when millions of innocent internet-users are going to open their Internet Explorers, Chromes, and Firefoxes to find that their internet won’t take them anywhere anymore – not their email accounts, not their Facebooks, not even CatsthatlooklikeHitler.com. There’s a particularly insidious computer virus called TDSS that is currently residing on millions of computers worldwide, and, much of the time, it’s completely invisible. (It’s actually been around for awhile now, but the most recent strains of it have been particularly harmful.) Sometimes the only “symptom” of TDSS is your computer running a bit more slowly. (Other symptoms include not ending up at unintended websites, no security-check dialogue boxes when you run a new program for the first time, and increased pop-ups when you browse the internet.)

If your computer has TDSS, it’s running slowly because it has become a “slave machine”…and yes, that’s just about as technologically disturbing as it sounds. Until recently, TDSS’s “slave bots” were under the control of some programmers in Estonia, and those Estonians could control those computers to do pretty much anything they wanted. Of course, they could get people’s personal information out of the enslaved machines, but they could also use infected computers like puppets to perpetrate other crimes. It’s pretty much the plot of every zombie movie ever made, but with computers, and it’s real and happening now. It spreads just like most other viruses: the good news is that you’ll often stay out of trouble if you don’t go looking for it (by going to suspicious websites, opening sketchy emails and attachments, etc.), but the bad news is that sometimes the innocent fall victim anyway.

TDSS is also known by the monikers Alureon, TidServ, or TDL4, and it’s what’s called a rootkit. (Tech-speak ahead; skip down to the boldface for the most important stuff.) Like a blood-sucking leech, it’s difficult to remove once it’s made itself nice and cozy in your hard drive, but thankfully it can be eliminated. Whenever you want to visit a website, your computer uses something called a DNS server to tell it how to get where it’s going, like your car’s GPS. When TDSS infects a computer, it redirects your browser to use a different DNS server than the one it’s supposed to, and that bad DNS server can make your computer go wherever it wants. This means our Estonian friends could make the infected computers go to all sorts of harmful sites, among other things. It’s the equivalent of replacing a normal car GPS with one that will only take you to likely gunfight venues in Gangland while laughing at you maniacally like Jack from The Shining. And, because they’re sneaky bad guys, the first thing TDSS does is disable any of your antivirus/antispyware/antimalware softwares, so your computer won’t even notice it’s there. You can do all sorts of malware scans, but your computer will never find anything fishy, so those softwares won’t remove it, either.

Now, thankfully – and this is pretty rare in the world of computer viruses – the guys who created this virus and set up the rogue DNS servers were caught. Unfortunately, that doesn’t mean that the virus automatically disappeared in a puff of smoke and binary code, as it’s still on several million machines all over the globe, but it does mean law enforcement bodies are trying to clean it up as best they can. Unfortunately (but not all that surprisingly) this cleanup effort is what’s going to shut down the internet for a bunch of people on July 9th. You see, law enforcement had no feasible way of resetting all those millions of infected machines and redirecting each one back to its proper DNS server – the best they could do was to make the rogue DNS servers work the way they were supposed to, so that the browsers on all the infected machines would go back to taking users to the correct sites. This is why the majority of users with TDSS-infected machines have no idea they’ve been infected – their computer might be running a little slow, but their browser usually works fine, and nothing seems seriously amiss.

However, on Monday, July 9th, the previously-rogue DNS servers are getting shut down entirely. For anyone whose computer has been relaying information through those servers, their internet is going to stop working. When the authorities caught the originators of TDSS, they were able to get a court order allowing them to take the servers under their control and to temporarily get them back to directing computers to the correct sites again. That court order will expire on 7/9, without warning and without explanation.

So! The important stuff. Is my computer currently infected by TDSS and will it be affected by the 7/9 shutdown? The authorities have created a super-simple method for you to tell: go to this site in your browser on whichever computer you’d like to test.The webpage will either give you a bright green graphic that says you’re clean, or it will tell you that your computer’s been affected. If you get the “green is for go” page, you’re golden and may now return to your previously scheduled life. However, can something be done if you have the virus? Of course, why do you think we’re writing this article?

If your computer has TDSS, a company called Kaspersky Labs has created your new best digital friend, TDSSKiller.
1. Download it here (green link towards the bottom of your screen). Save it to your desktop or somewhere else that’s easily accessible.
2. VERY IMPORTANT STEP. Once you have the file saved, you need to rename it, preferably something nonsensical (abcdef.exe, etc.), but make sure the filename still ends in “.exe”. The virus won’t let you run anything with “tdss” in the name, just in case it’s an antivirus tool.
3. Right-click the renamed file and hit “Run.” The good folks at Kaspersky Labs will take it from there.

It’s never a bad idea to double-check with this sort of thing, so when TDSSKiller is done with its magic, you should go back to the dns-ok.us site and give it another go. Everything should have returned to the proper Aquinian order of things. (Or, you know, whatever order things were in before.)

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail
Thursday, July 26th, 2012 General, Internet No Comments
 

Categories of Posts

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Follow Us

FacebooktwitterlinkedinrssFacebooktwitterlinkedinrss