Weather Alert: Protecting Your Electronics and Data

If you live in the southeastern United States, you’re undoubtedly bracing for a stormy Labor Day weekend, courtesy of tropical storm Hermine.  Where forecasters originally called for central and eastern North Carolina to take a fairly substantial hit, the storm’s projected track has moved eastward and we’re expecting a wet holiday weekend with a less direct storm impact.Hurricane-Rita-Satellite-NOAA

With that in mind, it’s a good time to think about protecting your electronics and data from natural disasters. Thus, I have listed a fewl precautionary measures that users should take to protect data and equipment when the weather takes a threatening turn.

  • Backup your data – this goes without saying, whether weather is threatening or not. ALL of your data should be backed up to protect against data loss resulting from natural disasters, malware attacks, hacks and other threats to your data security.  If you backup to a hard drive, make sure you’re storing it offsite in the event of fire or flood.


  • Unplug your stuff – unplug power cords AND network cables. This applies to computers, televisions, servers, tablets, routers, mobile phones, etc.  Just take care to perform a normal shutdown of the computer rather than putting it to sleep or hibernation before unplugging from the wall.


  • Use surge protectors – all of your valuable electronics should be connected to surge protectors (NOT power strips) or battery backups to protect against mild electrical impulses.  While most surge protectors will not protect against a direct hit, they should absorb mild jolts.  Even if your electronics are plugged into a surge protector, though, you should still shut down your devices and disconnect the surge protector from the wall when thunderstorms are near.Lightning damage


People frequently ask me whether it’s best to put their computers to sleep at night or shut down completely.  I typically put my machines to sleep at the end of the day so that they start up quickly in the morning.  However, during summer months when thunderstorms can develop rapidly, I frequently shut my equipment down and pull the power and data plugs for extra peace of mind.

Finally, don’t wait until storms are on the approach to take these steps. If you’re leaving for the holiday weekend, go ahead and take precautionary measures to protect your gear.  If you’re already on the road and your devices are connected to surge protectors, hope for the best.

Remember, an ounce of prevention can be the difference between protecting your assets/data and scrambling to recover it!

Internet Explorer Is Not Safe (AGAIN!)

Here we go again.  Microsoft’s Internet Explorer (IE) browser is on the hit list once again.  The Department of Homeland Security has warned computer users not to use Internet Explorer until Microsoft patches the vulnerability.  A timeline for the patch is not yet available.

If you want a faster, more stable and more secure browser, install and use Google Chrome.  Other options include Mozilla Firefox, Apple Safari and the little-known Opera browser.  Don’t know which to choose?  Download them all and see which one you like.  I have used Chrome exclusively for years and find it to be fast, stable and secure.  Plus, it’s built by Google so naturally works well with all of my Gmail and Google services.

If you absolutely must use Internet Explorer, due to company security policy or proprietary web-based databases such as Yardi or NetDocuments, disable the Adobe Flash plug-in since that is how the problem is exploited in IE.  You can also download a patch from Microsoft called the Enhanced Mitigation Experience Toolkit 4.1 which hardens systems against malicious attacks.

If you’re still hanging on with Windows XP, you’re stuck.  Microsoft is feverishly working on a patch for this vulnerability for Windows Vista and Windows 7 users.  However, following XP’s support sunset on April 8, 2014, there’s no relief in the future for XP holdouts.

Your best bet is to dump Internet Explorer for good and move on to a “big boy” browser!

Be safe out there.


HeartBleed Bug

By now you have heard news about the Heartbleed / OpenSSL vulnerability that is sweeping the internet. Since getting wind of the problem many programmers, website owners, and other security professionals have been working around the clock to secure their websites.

It’s still very early in the process and as of 4/10/2014 many operators have not yet addressed publically whether their sites were safe or affected. Lists are popping up that show safe and vulnerable websites.  However, the status of the website is as of a snapshot in time.  Thus, if a website operator was vulnerable but patched their website on Wednesday morning and the test was run on Wednesday afternoon, they may give you a false sense of security. Thus, it is not safe to rely on these lists to assess whether or not your accounts were affected since this vulnerability has been present for 2 years.

What is the issue?

This is not a virus or a hack.  This is a vulnerability in the programming code that allows intruders to get through the security “wall” that protects many websites.  This hole allows hackers to compromise the digital keys used to identify websites and encrypt the info.  It also provides a look at unencrypted data as it passes over the internet onto web servers.

Think of it this way:  You moved into a new house 2 years ago. You always lock your doors whether you’re home or away and have 24/7 alarm system. However, while you were painting your front door, you noticed a secret latch on the outside that releases the locks and allows strangers to walk in your front door. While in, they can grab your wallet, social security numbers, usernames, passwords, etc. as if they have a key to the house.  There’s no way to tell if anyone has accessed the house, but the opportunity has always been there.  Thus, the problem is not “backdoor” access to secure websites… hackers can waltz right in the front door.

I have told people for years never to log into a website, provide credit card numbers or any other sensitive information unless the URL address is preceded by https://. The https://, the padlock and the green color indicate that several things have happened behind the curtains, including:

  1. Verification that the website is really who they say they are – your browser verifies digital certificates to confirm that is really Gmail.
  2. Encrypts the data as it passes across the internet – thus, if someone intercepts your username, password and credit card as it passes across the internet to a web server, it’s scrambled and completely useless to a hacker.

Unfortunately, this vulnerability compromised that security, leaving your passwords, usernames & credit card numbers vulnerable on affected web servers. With that said, you should still follow these rules going forward. They just have not provided the security that we all expected for the last 2 years.

Am I affected?

At this point, it’s not entirely clear which sites are affected – the development is so new that many web site owners are still scrambling to assess and apply patches.  While you can check the lists referenced above, they are as of a point in time. Your best approach is to either check in with your online providers (banks, shopping sites, email providers, etc) to find out whether they were affected, whether they have corrected the problems and what course of action you should take to protect yourself.

Is this a virus?

NO. Despite the subtitle of an Associated Press news article I read Wednesday morning, this is not a virus, but a security hole. According to a Google search

 Virus:  a piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data.


Thus, running antivirus software or active scans will not detect or remove the problem.

What should I do? 

The first step in securing your accounts is to change passwords for all of your online accounts. But don’t jump out there and do it yet.  As of this writing (7AM EST on 4/10/2014) many websites have not applied the patches to OpenSSL so your changes would be made in vain.

You should already be in the habit of changing your passwords to critical sites every 3-6 months.  You’re not?  Neither is the rest of the world.  As such, use this as a wake-up call to freshen up your passwords.  Be sure they’re complex and use the following guidelines as minimum:

  1. Do not use your name, your user name, family names or familiar numbers, like your birthdate or home address.
  2. Avoid dictionary words.
  3. Use a passphrase instead of a password.
  4. Passwords should be at least 8 characters long.
  5. Employ characters from at least 3 of the 4 following groups:
    1. Uppercase letters;
    2. Lowercase letters;
    3. Numbers;
    4. Symbols;

A brief list of the internet’s most popular sites and whether or not they were affected is available here.

As always, feel free to contact me if you have questions about this problem.  If you want additional information on the bug, check out these articles:

Associated Press

The Register



Business Insider

Be safe out there!


If you saw me right now, you would probably ask if I had just seen a ghost.  After reading several articles about a new extremely dangerous and destructive form of ransomware, I feel like I’m facing Freddy Krueger!

This is the kind of attack that keeps IT professionals up at night.

Most viruses, rootkits, and malware are annoyances and can be removed by tools that are readily available on the internet.  While some can be removed pretty quickly with killer apps like MalwareBytes, others may be more tenacious and require a recovery of your files and reinstallation of your operating system, a process that will take hours or days and cost a pretty penny. However, at the end of the day, all of your files can be safely restored either from your hard drive or a recent backup (you ARE backing up right?)  

This one is different.  It’s called CryptoLocker and it will ruin your day.  Here’s what it does:

CryptoLocker is a ransomware program that was released around the beginning of September 2013. This infection will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 96 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted. (thanks to Lawrence Abrams on for this summary)

How do you become infected with CrptoLocker:

Currently, the infection is spread through emails pretending to be customer support notices from Fedex, UPS, DHL, etc. and the attachment is typically named Form_102213.pdf or Form_102213.pdf.exe (or some variant of these), but might also be disguised as a ZIP or other file type.

What if you get infected:

The first thing to do is disconnect your computer from the internet – this will prevent encryption of additional files.  If you’re working wirelessly, disable wireless on your PC.  If connected via Ethernet cable, pull the plug. Next call your IT pro and start deciding how important your encrypted files are to you. Also, figure out where your most recent backup is and how recently it was completed.  Most cloud-based backup services provide file versioning for a period of time.  For example, Carbonite saves previous versions of files for 3 months which could be your saving grace.

Removal of the malware seems to be straightforward according to the articles.  However, without the decryption keys it is absolutely impossible to decrypt your files. Thus, if you cannot recover the files from a recent backup and need them restored, your only option is to act quickly and send the ransom money. There is currently no tool available (or IT Pro) that can decrypt your files.

How to protect yourself:

1.      Be vigilant about opening email attachments – never open an attachment originating from unknown/unexpected sources (i.e. if you’re not traveling anywhere, don’t open a travel itinerary from Delta!).  Also, be careful when opening unusual attachments from trusted sources as their email may have been hacked.

2.      Be very careful about free software you download from the internet.

3.      Backup to an external hard drive ($85 for 1TB) and disconnect it from your computer or use an online service that provides versioning.

4.      Keep all programs updated and Windows Updates applied.

5.      Make sure you’re running System Restore on your PC.  This can help recover previous versions of files that have been encrypted.

6.      Apply the Software Restriction Policies outlined in this article using Local Security Policy or Group Policy (domain computers) to disable the malware’s ability to execute on your system.  This is fairly advanced, so please let me know if you want assistance applying these policies to your PC.  Also, keep in mind that these policies will block the malware in its current form. If the hackers modify the code to install from another location on your computer, these policies will not protect you.

The above tips can help mitigate the risk but the best tip is not to open suspicious files.  Tip #6 is the best available protection in the event that you accidentally open a file and obtain the infection in its current form.

One last comment on updates:  Don’t forget that Microsoft is ending support for Windows XP in April, 2014.  Expect threats like this on XP machines to heat up following the support sunset.

If you want to geek out on more technical details about the threat, take a look at these articles posted on, MalwareBytes and Microsoft.

Stay safe out there!


How Free is Free Wi Fi?

In the past couple of months, I have spoken with several clients that have experienced serious security breaches.  One client lost $15,000 when it was transferred from her checking account to someone else’s account.  Another person’s AOL email account was hacked by a stranger.  The hacker sent messages from the compromised account to the victim’s financial advisor and attorney requesting that they cut checks and mail them to an address in Ohio.  Several other friends, family and clients reported that their email accounts were hacked and they had spammed everyone in their address book. While the missing money is still being investigated by the bank and law enforcement authorities, the other infractions were enabled by users’ lack of attention to basic security precautions. The owner of the AOL account admitted that he had used the same simple password for close to a decade, acknowledged the error of his ways, but was dumbfounded that someone had actually hacked their way in and attempted to steal from him.  These are not stories I read about on the internet. They are friends, family and clients right here in my community.

I encounter simple passwords on a daily basis.  Things like password123 or kenspassword provide a minor speed bump for a determined hacker that wants access to sensitive information.  I discussed creating complex passwords in a blog entry last year and encourage you to read it.

So how do hackers obtain passwords and access accounts?  While some passwords are easily guessed, others are hacked using “brute force” methods – software that repeatedly guesses passwords until an account is unlocked. Still others are found written down on a sticky note and “hidden” on your computer monitor or desk for the world (and cleaning people) to see.

Sure, there are the “typical” ways that passwords are obtained by unauthorized users.  But how safe are you when accessing your accounts on public networks, such as free wi-fi in coffee shops and bookstores? There are a variety of free tools available on the internet that allow snoopers to monitor wireless channels, watching what their neighbors are viewing and collecting passwords, account names and a whole host of other useful information. As illustrated in this recent PC World article, it’s easier than ever for even a novice to gather very damaging information over public wi-fi.

So how do you defend against these criminals?  Here are a few pointers:

  1. Never log into your accounts on public wi-fi unless the website is SECURE**.  This includes all email accounts, online banking, Amazon, or any other service that might store your credit card numbers.  Also, beware of logging into your email account over public wi-fi, especially since your email account can be used to reset passwords for other accounts.  This also includes using MS Outlook. If Outlook is not set up to use a secure connection, then your password is being transmitted in clear text, meaning that the kid in the corner of the coffee shop has access to your email account. (Yes… even if you don’t have to enter a password to get your Outlook email, one is being sent to your mail servers behind the curtains).
  2. Make sure that your connection stays encrypted for the entire session, not just when you log in.  Various websites and email services allow you to tweak this setting.  For example, Gmail includes a Browser Connection option, “Always use https”.
  3. If you have access to a VPN at work, log in to that before surfing the web on a public network.
  4. BYOD (bring your own device).  If you are frequently on the go and need access to the internet, pick up a portable hot spot.  I just got one from Verizon for $0 upfront and $20/month.  This way, I always have access to the internet and can connect up to 10 devices.
  5. When in doubt, just wait until you get back home or to the office to conduct your banking, check email or buy that latest book from Amazon.

As a side note, I NEVER conduct financial transactions on someone else’s internet connection (coffee shops, hotels, or cousin Tommy’s house). I also NEVER check my email on someone else’s computer. You never know what malware or keylogger is lurking on someone else’s machine.

** How do you tell if a website is SECURE?  The address (URL) is preceded with https://.  If it is http:// (without the “s”), then you might as well stand up in the middle of the coffee shop and announce your login credentials. A SECURE connection (https://) indicates that a lot is going on behind the scenes. Your browser has verified that the website is who it says it is (yes, this is really Bank of America, not Vladmir’s fake banking site). It also indicates that anything you transmit across the internet, such as passwords, user names, and credit card numbers are encrypted, or scrambled.  Thus, even if Poindexter intercepts the information, it is worthless to him.

Just one more thing:  If you are using wireless at home and have not set up security on the connection, then everyone on your street can enjoy a free ride on your high speed connection.  Not only that, but your data is subject to the same snooping vulnerabilities described above.  Your wireless router should be set up with WPA or WPA2 security at a minimum.  Wireless router manufacturers have made it easier than ever to complete your initial setup, so it’s worth taking the time to do it right or call someone that can help you.

So take a few minutes to assess your online habits and IT security, whether you’re surfing from the office, from home or on public wireless. If all of this is just too much to digest, give us a call and we can help you navigate these dangerous waters before you surf.

Stay safe out there!

Shop Safely This Holiday Season!

BREAKING NEWS FLASH:  Microsoft’s Internet Explorer Has a Security Flaw! 

As Yogi Berra famously said, “It’s déjà vu all over again”.

This is not the first time and certainly will not be the last that Microsoft issues critical security bulletins and patches. This warning is particularly timely in light of the upcoming holiday shopping season.  According to comScore, online purchases during the 2011 holiday season topped $37 billion, a 15% increase over the previous year.  Forecasters are projecting growth of 12% or more in 2012.

One of the security bulletins released on November’s Patch Tuesday addressed multiple vulnerabilities in Internet Explorer (IE). For those of you who have not followed my recommendation to dump IE in favor of Google’s Chrome browser, it is absolutely critical to apply this update as soon as possible.   This is even more urgent if you plan to shop online next week and enter your credit card information.

To make sure that Windows (and IE) is completely up to date, take a look at my September post.  It outlines the steps to verify whether Windows Updates are current and how to ensure they are installed automatically going forward.

While you’re at it, take a look at my March 2012 blog post about staying safe online. There I touch on public wireless networks, antivirus software, applying Windows Updates and utilizing strong passwords.  I also discuss the importance of ensuring that a website is secure (https://) before entering credit card information.

If you want more details on the current batch of Microsoft Updates (or simply need help sleeping), take a look at the article in PC World or Microsoft’s Security Bulletins.

Stay safe out there.  Please contact me if you need assistance securing your system.

Microsoft Issues Critical Update for Internet Explorer

In case you missed my Facebook and LinkedIn posts over the weekend, Microsoft issued a Critical Security Bulletin on Friday to address vulnerabilities in Internet Explorer.  The security hole may allow remote hackers to access your computer and execute code on it. In other words: NOT GOOD.

If you regularly use Internet Explorer (IE) you should install the Microsoft patch without delay. If you don’t use IE you should update anyway. Either way, you should always make sure you apply all Windows Updates as well as updates for troublesome apps such as Adobe and Java.

If your computer is set to automatically install updates, you’re probably fine.  However, it’s worthwhile to check your system tray (bottom right hand corner of the screen) to make sure you don’t have any pending Windows Updates.

For more geeky details and analysis, take a look at this article in Information Week.


After sending out this post, I received several responses asking how to verify that Windows Updates are up to date.  Here’s the easiest way to check and also set them to install automatically so you won’t have to worry:

Windows 7:

1. Start>All programs>Windows Update

2. At the top left of the Windows Update page click on Check for Updates

(this will take a few minutes)


 3. Once it’s complete, look for ‘Important Updates’.  If any are listed, click the ‘Install Updates’ button.  If there are none, you’re fine.  It will probably list Optional Updates, but I would not install those.

To make sure your updates are applied automatically in the future:

1. On the same page as above, click on ‘Change Settings’.

2. Under Important Updates, change to ‘Install Updates Automatically’.


Windows XP:

1. Start>All Programs>Windows Update

2. A web browser will open and navigate to the following page:

3. Click on Express and Windows will check for updates.  Once the scan is complete, choose Install Updates.  Once this is complete, the machine will likely require a restart.

4. To make sure that Updates are applied automatically going forward:

Start > Control Panel > Security Center > Windows Updates (select Automatic)

That’s it.

Stay safe out there!



6.5 Million LinkedIn Passwords Breached

This just in:  6.5 Million LinkedIn Passwords Were Breached

You may be thinking “what’s the risk?”  Big deal if some Russian hacker adds a Ph.D. to my name or a NASA internship to my resume.

But there might just be a big risk. If you’re one of those people that uses the same password for everything from online banking to your email account, then now is a great time to change your LinkedIn passwords.  If you haven’t changed passwords for other accounts containing sensitive data, there’s no time like the present to do so.

Take a look at the following article for details on the breach as well as some best practices for creating and managing passwords.

For more information on passwords, you can also take a look at my article on the topic.



Flame Malware Spreading Via Bogus Windows Updates

I frequently chastise people for ignoring Windows Update messages and prompts to apply patches to other applications such as Adobe products and Java. The response I frequently hear is “How do I know if the updates are real?” or “Yeah, I keep putting that off”.

I’ve always assumed that when Windows Update pops up in the system tray (the bottom right corner of your screen) that the messages are legitimate and safe since digital certificates are used by the operating system to verify authenticity.

You may not have heard about the newly publicized Flame malware since it has not made a splash in the U.S… yet.  However it’s all the rage in tech articles and blogs lately.  The Flame malware has created counterfeit security certificates that fool Microsoft Windows into thinking that bogus updates are real.  If these “updates” are applied, your computer is infected.

Fortunately, security companies and Microsoft have jumped up and issued (or will issue) updates to protect against these attacks.  However, they’re fearful that the malware may have other exploits that they have not yet discovered.

What to do? Unplug your computers from the internet!

HA! That’s not really an option.  However, it’s now more important than ever to make sure all operating system updates and patches are applied, that your antivirus software and definitions are updated, you’re running approved firewall software, and that you apply all updates and security patches to applications such as Microsoft Office, Adobe products and Java.  If you’re not running antivirus software, find one.  There are plenty of free (and very effective) options out there. 

For more information, take a look at this article from PCWorld:

Stay safe out there!


P.S. If you want to “geek out” and read more, take a look at the next articles.  While security firms are still wrestling with the code, so far they have found that Flame can monitor email inboxes, take screen shots of what you’re working on and even record conversations you’re having near your computer. It also exploits BlueTooth to spread to other devices. What’s really interesting is that this malware does not appear to be the work of bored teen geeks or crime syndicates from the former Soviet Union.  Instead, because it has to date targeted computers in Iran, security experts believe it was created as a cyber weapon by a nation-state.  Enjoy!

Backups Made Easy (even your mother-in-law can do it)

I realize that people like discussing computer backups about as much as they enjoy preparing for a colonoscopy (hey, at my age that’s a reality of life!).  Stay with me on this one because it’s a lot easier than it used to be and might even be free!

I frequently work with home users and small businesses that either have no backup policy or an ineffective one. Thus, their important photos, music and business documents are at risk in the event of a severe virus, hard drive crash or natural catastrophe.

I recently assisted the parents of a high school student whose PC had been infected by a nasty virus.  The infection’s bark was far worse than its bite:  To a casual user it appeared that all files and most programs had been deleted.  A look at the Start menu showed virtually no programs listed.  When the aspiring law student looked in her documents folders, years of academic writing were gone as were a variety of photos and other media. In a desperate attempt to rid the computer of malware, they restored the computer to factory settings.  In other words, the operating system was reinstalled and all user files were deleted.

The good news:  The malware was eliminated.

The bad news:  None of her data was backed up.

Fortunately, I was able to recover a majority of her documents and media files using a file recovery utility.  However, due to the destructive nature of a factory reset, many of her files were either overwritten or corrupted… A loss which could have been avoided by an automated backup.

Power supplies and hard drives are the two most common PC components to fail and are relatively inexpensive to replace:  A power supply runs about $30.  A hard drive costs about $65.  The photos, music, tax returns and other important documents on that same hard drive are often priceless.  Many users often don’t think about backing up until it’s too late.

Businesses have a lot more at stake.  According to a DTI/PriceWaterhouseCoopers study, 7 of 10 small businesses that suffer a major data loss go belly-up within one year of the crash. This is a sobering reminder of the need for some sort of backup strategy. That could be an automated tape or hard drive backup, a cloud-based backup or an employee that brings an external drive or tape into the office on a weekly basis.

The right backup solution for you or your organization depends on the amount of data you need to protect, the frequency of backups (how much data loss your home or business can tolerate) and how long you can be without your information following a meltdown.

For smaller data needs, my favorite solution is Dropbox.  Designed as a way to sync data across multiple computers, tablets and mobile devices, this app is a great solution for backing up your data. Once you create your DropBox folder and get in the habit of saving your files and folders there, you really don’t have to think about it.  Plus, if you regularly access your information on multiple devices (say, a home PC + a work PC) your Dropbox folder will automatically sync your files & folders on multiple machines, eliminating the need to email files to yourself. This last point was a life changer for me.  During the normal course of a day, I might work on one of about 3 computers.  I often grab one of two laptops as I run out the door to meetings.  Before Dropbox, I always had to pause for a second to make sure this particular laptop had all the files I needed. With Dropbox installed on all three PCs, the important files are always synced across all 3 machines. Plus, those files are accessible on other computers via Dropbox’s web interface. There are also Android and iPhone apps so that you can access your files on smart phones and tablets.

What about security? Dropbox uses the same encryption and security techniques used by banks.  All data is encrypted for transit across the web and it is also encrypted while parked on their servers.  However, it’s up to you to make sure your password is complex and difficult to guess. Accordingly, you should go to great links to come up with a long password or pass phrase that includes all of the elements discussed in my blog about passwords.

The entry-level Dropbox account provides 2GB of free storage.  Not enough?  Invite your friends through the website.  For every friend that accepts your invitation you each get an additional 500MB of space, up to a max of 16GB – that’s not too shabby!  If your storage needs are greater than a free account offers, you can purchase 50GB of cloud storage for $100/year or 100GB for $200/year.

So if you have not set up a backup strategy yet because it’s too much trouble, give Dropbox a try.  If it’s remote file access you want, you get that too. Dropbox brings you the best of both worlds in an easy-to-use application.  For most users it’s free too!

If you want to start off with an extra 500MB of storage space, leave a message here and I will send you an invite.

Need a little help understanding how it works?  Check out the tutorial videos on the Dropbox website. If you need even more assistance, drop me a note and I will help you set it up, create your folders and launch your space in the cloud.