Just this morning I wrote about this topic; this afternoon we learn that a California hospital was hacked.
Firstly, someone executed that ransom-ware in an e-mail or some other way. The payload most probably came in as an attachment through a phishing scheme, like the one that I wrote about.
Secondly, this tells me that they do not have a good disaster recovery plan.
Thirdly, this tells me that their firewalls were inadequate to block “zip” files.
Firewalls should be set to strip any attachments from messages.
“You say, oh that is just great, my business uses attachments all the time!”
Most probably, attachments could be directed to a virtual machine, much like a bomb disposal box, where it could be executed in such a way that if it were a virus or worse its damage would be mitigated.
Fourth, what kind of anti-virus were they using? Were they using group policies stopping the execution of executable s?
Someone on his or her IT team messed up, and it starts with the “CIO!”
The bottom line is you never want to be a position where you have to pay money to terrorist. Folks, make no mistake, people who extort money like that are terrorist.
I would be doing a serious root cause analyses to see how it happened, and why they paid the ransom.
The news tonight said it happened on the 5th. Are you telling me that a hospital being down for 13 days cost less than a good disaster recovery plan and of course an audit of your system?
Do not open attachments that you are not expecting and if you are, make damned certain it is what you are looking for.
It might be a real good idea to keep a standalone pc that employees take their files to on a thumb drive and open it there.
Once infected you options are, pay the ransom or start from scratch.
With a tested DR plan, you could be back up a lot sooner than being at the hands of the terrorist.
Lastly and I cannot stress this enough, don’t get cheap on your anti-virus software. MailWareBytes has been working on software to mitigate this threat.
You would be surprised at the companies that I run into who use the cheapest damned software that they can find. Often Free! Whoever does this should be dismissed as they clearly dont value your data or your company. This is a hill to die on folks.
You can take the cheapest CFO and argue or “negotiate” the need for the expense, or you should not be there.
Excuse me but that is like living in a high crime area using using a bathroom lock set for your protected, you know the kind, the one you stick a small pin in to unlock it…
Before you think this is some macabre blog about life and death hold on! I am talking about time to let your trusted computer retire.
“Why the hell is my computer so slow!” I substituted “hell” for the F word! You get the point. People are frustrated and just pissed off by the time I get a call.
The average life span of a PC is about 5 years, give or take. The issues I have with that are many, and most of that revolve around the EULA. (End User License Agreement)
Does anyone read these? I did a couple of times and boy oh boy, you need a lawyer to figure it out!
If you purchase a computer with an operating system that dies than the OS dies when the computer does. Unlike the old days of DOS and or early Windows.
When it gets right down to it the expensive part of the computer is not the hardware, but the software. The OS is about $150 or so… Ok I can stomach that.
Office full blown is $500! Does it die with the computer?
The Adobe suite is off the charts expensive, does it die with the computer?
Why is it that a computer running an OS runs just fine and as time goes by it slows down? Does the computer just get tired?
Three finger solute brings this up…
It has a lot to do with the patches and ad-ons that we do to them. A computer is much like a baby. Everything that you do to it, or with it from its “birth,” has some effect on it.
Herbie Pulling a trailer and from the 1954 movie the long long trailer Ricky and Lucy pulling a trailer full of rocks.
I equate it to a car. Let’s say your car is a Volkswagen beetle that new, gets you down the road and does what you want it to do. After a few months it is not quite as Zippy as it was earlier and after a year it starts showing its age. You take it in for a tune-up, start using a higher grade of gasoline and for a while it works fair. Then after a while going up hills are a struggle. After downshifting to 2cnd you make it up the hills but you remember earlier in its life when maybe you only had to downshift to 3rd but for the most part; not at all.
After much head scratching you start looking at every little detail of your poor car. Suddenly you find out that your partner in crime has secretly had a fascination with collecting rocks. Your poor car is hauling tons of rocks in the “bonnet” under the back seat, and even the glove box!
Some of the rocks have been there so long that they have become part of the car! After removing all of the rocks that you can; the car once again makes it up the hills but not as fast as it did when it was new.
Your computer when new; was the fastest thing around, if you are like me, you over buy!
After months and maybe years the computer much like the car has the occasional issue with web sites, or e-mail or loading a picture file to edit.
Time to look for rocks.
You buy a product like Crap Cleaner and you let it work its magic. Not before too long, your computer is running “ok” so you push on.
After a few years Crap Cleaner no longer does it. You enlist the help of someone like myself. I hunt and kill malware and other viruses. I check for the latest drivers and work my magic and manage to get your computer running as it should, but it is not as good as it was new.
Yep, that is me….
I can tell you that it is most probably not the hardware. I can prove it to you by installing another hard drive and installing the virgin OS that your machine came with. The machine will behave just like it did out of the box, until you put your “stuff” back on it, most of the time.
One of the things that I find the most, is people install all of this “stuff.” It all looks cool until you see that your computer is full of trial-ware, and other “stuff” that you don’t use. Delete it or “uninstall it.”
A quick look at the startup software will usually tell you that you have too much crap starting up.
A CTRL ALT DELETE or three finger solute will bring up a menu which you can then bring up task manager. Look at the processes utilization and so forth and see where it is. Frequently I see machines that have used all of the allotted memory and are now into virtual memory. Virtual memory is orders of magnitude slower than “real memory” as it is swapping to your hard drive. Troubleshoot the issues and remove programs or processes that are starting up that you really don’t need. The goal is to keep the machine using only real memory and not have to deal with a bunch of “Rocks!”
Hardware dust bunnies
I have seen worse!
They are overclocking some computer so they have taken to using water cooling systems much like they did back in the days of the Amdahl MainFrame’s.
There is a special breed of animal that I liken to gremlins. They live inside your computer and other electronic “stuff.” They plug up the vents, restrict air flow and clog up fans and get inside your CD Rom drive stopping it from working, even inside your floppy drive if you still have one. These are the ever present Dust Bunnies that once only lived under beds and furniture. Now they have found a new occupation destroying electronic stuff and they are not even cute!
Someone had way too much time on their hands…
Just like Gremlins, don’t get water anywhere near them!
One thing that I never overlook is cleanliness of the machine. These things are ecological disasters when it comes to dust! If Hoover was smart they would build a combo PC / Air Cleaner as these things really do look like the inside of the vacuum cleaner bag. If you have pets or maybe are in a warehouse etc. the problem is exacerbated. While I really want to title this BJ, I decided that might be too crass. You get the idea, take it outside and blow the crap out of it, “literally,” with an air compressor if you have it, or that expensive canned air. I clean mine out every 6 months and that goes double for laptops as people use those things in strange places, even on their bed where the machine can’t breathe correctly! Laptops should be used on a hard surface, not carpet, couches or beds!
These machine generate heat and must be adequately cooled. If your machine is still running warm after the BJ, consider buying and installing a better CPU cooler and even more fans for the case.
While I am talking about hardware, make certain that your power supply is up to the task at hand. It needs to be able to produce more wattage than you need and it should have a large fan in it that moves lots of air. Today they have power supplies that have plug in cables that give you the ability to only use that which you need in the way of cables and not have a lot of extra wire floating around inside the box! Anything in there that you don’t need can obstruct air flow.
While I am talking about cables, dress them properly. They should be neatly tied together and routed where they do not obstruct a fan from turning and if possible away from air paths so cool air can make its way through the case.
Antivirus is Key to computer users today and more critical than ever before. While my tin foil hat side of me thinks that the creators of this software are all out to be better than the next guy by actually producing and passing the thousands of viruses out there; I don’t have the smoking gun. I see that this is a huge industry and where there is money there is greed / motive. I cannot fathom why anyone would sit around in their mother’s basement in their underwear writing destructive viruses if they cannot see the effect of their work and are not being paid.
Eww, I just about feel bad putting this here….
My current favorites are Eset Node 32 and Trend Micro. I also have Norton running on a PC that I use infrequently and do not depend upon or even allow anything “free” other than defender on my network / lab computers / home computers. Free is not worth what you pay for it! Defender is not the end all be all product and I would never depend upon it as my sole protection. That would be like people practicing the “rhythm method” for birth control, you know what they call those folks right? Parents!
Get the latest updates
Allow the stinking updates from Microsoft as they have a vested interest in your machine working properly. Like the antivirus folks who work tirelessly to constantly put out new updates, so does Microsoft. It may be a simple tweak and yes, they frequently allow stuff out that should be tested more thoroughly so you may want to wait for a few days before you actually install it yourself but, most of the time they are the thing to do.
Turn off indexing
By default Windows has indexing turned on. As your computer ages and you fill up those massive terabyte hard drives with stuff, the computer uses valuable horse power to index all of your stuff. That can slow your machine down to a crawl! Unless you search for files constantly turn off indexing! If you still want to have faster access to certain files you can selectively index.
After all else, run check-disk and then defrag your hard drive. If during the checkdsk process you find bad sectors don’t wait, stop right there and back up everything and replace the hard drive! Most all electronic equipment is rated in MTBF or (mean time between failure.) It is not a matter of “if” but when it will fail.
Let it Die
XP is dead, get over it. End of life software keeps those that write the stuff in business. Software is an incredibly dynamic industry. Linux is more static if you want to learn something totally new but even it changes.
Machines that run DOS have been re-cycled and are polluting third world countries where some send old boards and parts to allow low budget workers to re-claim precious metals at risk to the person and their ecology. If old Al really wanted to something of value, he would tackle this issue as those people are seriously polluting their environment as our garbage is a job for them. Bottom line, re-cycle your old hardware in a responsible manner. PC’s are not an investment in hardware but rather for what they do! They have a finite life and when they start sucking the life out of you by you having to baby them, wait on them and spend your hard earned money to “fix them” get a new one!
If I had a nickle for every time the phone rang asking me what do I do now with this C thing….!
If you decide to re-cycle any old computer and you are worried about your “information, as you should be” remove the hard drive and hang on to it. When you are certain that you no longer will need anything that possibly could be on it, take your drill and drill a hole, straight through it, hit it with a hammer multiple times, after dropping it on a cement surface, and then put the remains into the recycle bin. Wear your safety glasses just in case….
I am experienced in forensic computing so trust me, if you do any of the above, or some combination, nobody will get anything off of it, ever!
Crap Cleaner as part of its program has something called Drive Wiper. That may very well do it, without all of the destructive energy being spent. Once you run it everything is gone to the great bit bucket in the sky, or basement..
Who am I?
I am just a guy who has been working with computers since before Steve Jobs and Bill Gates were anyone, period! The internet was not around and Al Gore was still inventing the calculator to determine how much to charge for green-house gas emissions, from the basement in his mansion!
Al, what can be said?
Actually a lot, can you say “MEME,” I bet you can…
There was no e-mail, no internet; and porn was not digital anywhere! There was still Greg Shorthand and Secretaries were a hot commodity, as executives could not construct a proper sentence without them.
First picture of something racy that was found on the internet I think using “gopher.”
Early Internet usage… This is actually advanced as there is a browser!
I lecture, consult, and when time permits, give back to the community with things like this “free advice or entertainment.”
Re-post this if you think that it will help your folks, or readers, or some family member that wonders why their computer is “so slow!” just don’t edit it and make sure proper credit is given. Thanks!
Just in case: There are no warranties expressed or implied with this “free advice” for the legal record, let’s call this “entertainment” as I know that there are those out there that will do something to their computer and try to claim that this blog was in some way responsible and they might even be the ambulance chaser attorney type, that sees a lawsuit in a free lunch!
So, anything that you read here is “entertainment” and if you should try this at home, you do so at your own peril, if something goes awry! “Plain language…if you stuff it up” I am not responsible.
Every day someone somewhere tries to embezzle money from someone. If not some Nigerian trying to get your bank account number so they can give you free money, than someone somewhere through e-mail tries to get the unsuspecting, to click on a link that is not what they think it is.
Through the years I have received e-mails from all sorts of alleged government agencies telling me that I need to click here to resolve some complaint.
If you have a business like I do, and you have a website, you are more vulnerably because you are more visible.
As I have explained to people for years, the government would not contact you via e-mail. Still I get computers in here that have been infected by someone clicking before thinking.
Today I got a rather unique e-mail from PayPal or so it would seem.
Looking at the e-mail notification one thing pops out at me immediately in that, it is flagged urgent. PayPal does not flag things as urgent. The perpetrator of this hoax wants to get my attention. Secondly I have set up rules which automatically move certain e-mails from certain people. Upon receipt they are put into a specified folder arranged by who they are and where the e-mail is from. This was my second clue that something was amiss, as this was in my Inbox, not in the folder where it should be. So why didn’t the rule work, it was not from PayPal.
Looking at the e-mail itself, it looks fairly normal at first glance. Notice it says that I sent $149 dollars for a watch to someone on eBay and that the shipping address is somewhere in New York.
I do purchase things on eBay, as do a lot of people, and it would not be unlike me to buy a watch for a $149. Firstly, I did not buy a watch so now I am looking at this e-mail a little more closely and see that it is to be shipped to someone in New York!
Someone not paying too much attention to this would quickly see the link that offers you “dispute resolution” and then click upon it. That is the gotcha and most likely the intent of this ruse. They want you to click on the link. Hovering over the link you will quickly notice that it does not go to PayPal or eBay.
Looking at the link, I really have no idea where it would take me or what it would do to my computer, if anything. The trick here is not to be a victim of some nefarious person or people. It may very well be a link to some website that tries to sell you something and they are driving traffic to it by disreputable means. It could however be a link to some site which will infect your computer with some type of Trojan or malware or both.
One other trick that I will share with you is this. As well as having good anti-virus software running and updated at all times, have a user account set up that does not allow administrative privileges on your machine. Use that account for your normal daily computer use and only use the administrative account when adding or changing hardware and or software on your computer. The virus and or malware may very well be limited to whatever rights that the user that got it, has. If the user has no rights to modify the way a program behaves, the virus might be limited to those rights as well.
Remember that not all anti-virus software will protect you from all attempts to hijack your computer. Not all viruses are created equally. The more sophisticated the virus, the more intelligence or (computer smarts) on the part of the user is necessary.
Selecting an anti virus software today is like trying to look at a watermelon in the store and telling how it is going to taste without opening it up. This is also the question that I get asked most frequently.
Not all software is the same and that holds true with the virus itself.
When I evaluate anti virus software I look for several things. Firstly what can I find in the way of reviews on the internet? Try to find independent reviews vs. going to their website.
Amazon frequently has reviews of products.
From a technical stand point I want to know what size footprint it has. When I say footprint I want to know how much of my available memory is it going to chew up and I want to know how much CPU is it going to use. There are several anti virus software’s out there that literally will stop you from using your machine while they scan, update etc. Ideally this type of software should run at a lower priority when you need the resources of your machine. To me there is nothing more frustrating than needing to check your e-mail and the anti virus software among other software takes over your machine for the first 30 minutes doing updates, scans and what have you.
Here is the biggie, will it catch everything?
Sadly there is no silver bullet. Some software makers have a lot of resources to pour into updates and research as well as the ability to quickly push out updates to their customers on an as needed basis. Software like Trend Micro has an easy way to upload suspicious files for them to analyze.
Another thing to look at with software is technical support. How much will you need, what do people say about their support and how much will it cost?
I have been in IT since before there were viruses. I fought the first virus which got out onto our network of several hundred employees through a shared file brought in by an employee on a floppy disk. I say that to set the stage for the different iterations of anti virus software out there. The first company on the scene was McAfee. PcTools was picked up by Symantic and over the last few years there have been many players enter into the game.
My personal favorite as of this moment is EsetNode32. That could change tomorrow as they may rest on their laurels or have a policy change of some sort which would affect the quality of their product. That is the same for all companies.
I see a lot of computers that have been infiltrated. While they all have some sort of protection, free software seems the most susceptible to attacks, MailWare and other forms of infections.
While free is better than none, I would certainly budget anti virus software into my computer needs.
TIP: Go to the store and purchase it in the box vs. getting it online. Do this even for the renewal. One can almost always find it on sale going to the office supply store or even Wal-Mart. Purchasing it online usually involves a third party which makes money off of the sale as well. You pay a price for convenience and it could be as much as 100% more than you would pay in the store. In the below URL’s you can gain quick access to the different brands that I am personally familiar with. Several ranking sites will rank these differently so do your research and roll the dice.
This blog in no way constitutes any type or warrantee or guarantee of usability or protection against the hackers either expressed or implied. While I have had good fortune with Eset, your mileage may vary and I will be held harmless, in the event that your results are not what mine have been.
What you do on the internet and who sends you e-mail may put your computer in less risk or more risk than me. There are independent labs out there that evaluate different software so you might search them out as well. The trick is make sure that they are independent and do not have any dog in the fight. The problem there however is obvious; if they don’t have a dog in the fight, why do the work and give it away? Do your own research. Consumer reports frequently look at this topic as well.