Lifelong Learning is Our Competitive Advantage in the Automation Age, Here’s Why
WWDC: One More Thing…
Microsoft’s Advice on How Business IT Professionals Can Disable SMB 1 Insecurities
This white paper details what additional steps IT pros need to take to safeguard their networks and systems and why they should leave the newer versions of SMBs alone.
With the recent appearance of the “WannaCry” ransomware cyber attacks, the vulnerability of the 30-year old SMB1 protocol was finally laid bare. Through the use of an exploit tool called “ETERNALBLUE” and leaked from the NSA by the “Shadow Brokers” hacker group, the vulnerabilities in the Server Message Bock (SMB) services were successfully exploited to spread its malicious denial-of-service mayhem.
Most of the hacks affected those with older, less-secure systems, as with Windows XP and Windows Server 2003, which are so old that they are no longer even supported. Security bulletin MS16-114 detailed the vulnerabilities of the protocol implementations in those (mostly older) Windows versions.
The Microsoft Corporation hurriedly issued a “critical” security bulletin release to be installed in networks as a safety measure but even Microsoft’s engineers are in agreement that the only reliable way to stop the spread of the virus is to disable the SMB1 protocol completely.
The problem
But, you say, I have a newer version as well as SMBv2 or 3 and besides, aren’t the Microsoft protections enough to stop the ransomware’s infestation? Why bother with tinkering with the SMB at all – isn’t that a bit of overkill?
That’s only part of the story: even with a patch or other protective installations and newer versions of the SMB, there is remains the very real problem of interaction with other devices that may need to continue to connect with SMB1, such as printers or other peripherals. The real problem is, according to Microsoft field engineer Ralph Kyttle, that SMB1 is still lurking in your computer’s innards or those of your clients, who can unwittingly act as SMB servers by ‘talking’ to devices using SMB1, including printers or NAS or anything else that might be running Windows or Samba/Linux. This is why even those at Microsoft highly recommend getting rid of SMB1 as soon as you download their version-specific instructions.
Solution #1: Follow Microsoft’s instructions for disabling the SMB feature
If you want to remove the possibility of a future hack or another SMB1-related security issue, the best – really, the only – way, according to Microsoft’s Principal Program Manager and engineer Ned Pyle, is to remove it completely. Microsoft gives somewhat differing instructions according to this link depending on which OS you are using. Be sure to backup your data before trying to follow their advice as there is a possibility there may be a change to the Windows Registry – and not following the steps as set forth by Microsoft could result in your machine crashing altogether.
Solution #2: Banishing SMB1 “zombies”
Like a zombie rising from the grave, even a disabled SMB1 has a way of coming back to haunt users all over again. Because of the real possibility of post-removal SMB1 interactions, Kyttle recommends that IT pros use one of more of the following methods to detect SMB1 network dependencies, such as network capture and other software and tools to detect and remove any noncompliant configuration.
It’s worth noting that Microsoft offers tools for IT pros to detect whether SMB1 is being used within a network. One is the Microsoft Message Analyzer, a tool which displays logs of inbound and outbound traffic which can be subject to filtering for SMB1 activity.
Another useful tool is PowerShell’s Desired State Configuration Environment Analyzer (DSCEA) module. Requiring PowerShell version 5.0, DSCEA shows compliance information via Power BI or HTML, allowing IT pros to use the scans to repair problematic configurations.
Finally, users should be aware that depending on an individual computer’s configuration as well as other variables, there have been reports that SMB1 had to be reinstalled at least temporarily, in order to authenticate domains and access shares.
Solution #3: SMB2 and SMB3: Love ‘em or leave ‘em?
Most experts say to leave them because unlike with SMB1, they’re there for some pretty good reasons. Microsoft warns that disabling them should be viewed only as a temporary measure – be sure to enable them once done with troubleshooting tasks.
Here’s what you stand to lose if you leave these two important SMB protocols disabled:
In Windows 7 and Windows Server 2008 R2:
Disabling SMB v2 deactivates the following:
- Caching of folder and file properties allowing clients to retain file copies
- Improved use of faster networks through larger reads and writes
- Durable handles which permit transparently reconnection to the server in case of a temporary disconnection
- Request compounding which allows the user to send multiple SMB2 requests as a single request
- Improved scalability for sharing files, increasing the number of users, shares and open files per server
- Improved message signing with MD5 hashing algorithm replaced by HMAC SHA-256
- Better support for symbolic links
- Client oplcock leasing model which limits transferred data between client and server, resulting in improved SMB server scalability and performance with high-latency networks
In Windows 8, Win 8.1, Win 10, Windows Server 2012, and Windows Server 2016:
Disabling SMBv3 deactivates the following (as well as previously-described SMB2 functions):
- Concurrent access of shared data on file cluster nodes via Scale Out
- End-to-end encryption and protection from eavesdropping by untrustworthy networks
- Transparent failover allowing clients to reconnect to cluster nodes without interruption during failover or maintenance
- Directory leasing which improves branch offices’ application response times via caching
- Multichannel aggregation of fault tolerance and network bandwidth if multiple paths are available between client and server
Summary
In the aftermath of this hacking, taking steps for immediately removing SMB1 should be a no-brainer. Removal, however, is only part of the solution: doing so can bring in other, possibly unwelcome consequences. Thanks to the sheer pervasiveness of SMB1, IT pros can’t let down their guard even after disabling the pesky protocol. So, while it may at first seem like overkill, in today’s cyber environment it’s better to be safe than sorry.
Sneak Peek: macOS 10.13 High Sierra
When Apple releases macOS 10.13 High Sierra this fall, it will include big behind-the-scenes improvements and a few upfront changes in core Apple apps like Safari, Mail, and Photos. The upgrade will be free, and High Sierra will run on all Macs that can run 10.12 Sierra now.
The most important change under the hood is a new file system called APFS (Apple File system), which is designed for modern needs like fast backups of massive amounts of data and optimal behavior when storing files on solid-state drives. The file system is the smarts beneath the Mac’s Finder, helping your Mac to keep track of all its data. The Finder itself won’t change much, but certain tasks like duplicating lots of data will be much faster.
Other low-level technology changes will enable developers to bring faster video streaming and playback to the Mac. Plus, they’ll be able to create graphically demanding apps that have even more realistic images, which is important for the fields of virtual reality and gaming.
More obviously, you can look forward to Safari providing a more enjoyable Web browsing experience, with fewer ads, articles opening in the less-cluttered Reader view, and no more auto-playing audio. You can customize all these settings, as well as the text zoom percentage, on a per-site basis.
Searching in Mail will be significantly faster, with a Top Hits area that Apple says will learn from you over time and get smarter about suggesting ideal results. Mail will also feature a redesigned split screen option that puts the compose window next to your messages, and your Mail archive will consume less drive space than before, thanks to better compression.
Photos gets a lot of attention from Apple in High Sierra, with a refined interface that should make it easier to find tools, syncing of facial recognition training between your Apple devices, new editing tools for fine-tuning and saturation, and fun choices for enhancing Live Photos. Also, Photos will finally allow integration with third-party editing apps like Photoshop and Pixelmator, along with support for printing projects to non-Apple print services, so you’ll have more choices in that area.
Overall, High Sierra looks like it will be a solid refinement on Sierra, with some core improvements for pro users and a nice collection of enhancements to apps that the rest of us use every day.
New iPad Pros
The wait is over!
Although these days Apple is putting more emphasis on the Mac, particularly for professional use, the company certainly isn’t ignoring pro iPad users. If you’ve been holding off on an iPad Pro purchase, there’s no reason to wait any longer. Apple introduced a new 10.5-inch iPad Pro that’s just a hair taller and wider than the 9.7-inch iPad Pro it replaces, despite having a larger screen that’s 20% larger. The company also enhanced the 12.9-inch iPad Pro with a variety of new hardware capabilities.
All motion on the screens of both iPad Pros will be smoother and more responsive, thanks to a previously unheard of 120 Hz refresh rate. It will make drawing with the Apple Pencil even more fluid. The screens are also brighter, can display more colors, and have low reflectivity. Both models get new cameras that match those in the iPhone 7: a 12-megapixel rear-facing camera with optical image stabilization and True Tone flash, plus a 7-megapixel FaceTime HD camera on the front.
Since professionals care about performance, the new iPad Pros rely on Apple’s new processor, the A10X Fusion chip. Apple claims that the A10X is 30% faster than the A9X used by the previous generation of iPad Pros, and it also delivers 40% faster graphics rendering.
You can buy an iPad Pro with 64 GB, 256 GB, or 512 GB of storage, significantly more than last year’s models. The 64 GB 10.5-inch iPad Pro with Wi-Fi costs $649; jumping to 256 GB increases the price to $749, and going to 512 GB raises it to $949. For the 12.9-inch iPad Pro, a 64 GB configuration starts at $799, with 256 GB at $899 and 512 GB at $1099. Add $130 to any configuration to get cellular connectivity as well.
Although the iPad Pros are available starting this month, you can look forward to them becoming significantly more useful when Apple releases iOS 11 in the fall. That’s because iOS 11 promises to bring a number of iPad-specific features, including:
- A customizable Dock that holds more than six apps
- A new App Switcher that includes split-screen app combinations
- A new Files app for managing documents
- Drag-and-drop capability for moving data between apps
- Instant Notes, which opens the Notes app with an Apple Pencil tap on the Lock screen
- Inline drawing with the Apple Pencil in Notes and Mail
- Handwritten text recognition so you can search what you write
How the Internet of Things is Helping Factories Reduce Costs and Enhance Processes
The Internet of Things (IoT) and cloud technology offers manufacturing plants the data necessary to improve organizational processes and increase profitability.
Leaders of enterprises spanning every industry are continuously looking for ways to improve organizational processes, reduce spending, deliver quality goods and services, and increase profits. While every business stands to gain from achieving these goals, manufacturers who miss the mark have the most to lose. Every second of downtime puts the entire plant behind schedule, leaving the workforce scrambling to make up the difference. For many, developing a preventative maintenance strategy is the answer to minimizing downtime and optimizing maintenance costs.
The Internet of Things (IoT) and cloud technology is at the heart of this solution, making it possible for manufacturers to monitor assets and equipment, develop a routine maintenance plan, and identify issues before they force a halt in production.
Cloud technology and the Internet of Things are making it possible to remotely monitor and diagnose equipment, assess existing scenarios, fix equipment before it fails, and reduce overall maintenance costs.
Harnessing the Power of Data
IoT devices, partnered with facilities management software tailored to meet organizational needs, collects and analyzes data from manufacturing equipment. This information is then used to ensure a higher level of control over the manufacturer’s costs and facility conditions. In fact, a recently published report by McKinsey & Company estimates that the Internet of Things stands to save enterprises more than $4 trillion by 2025.
Manufacturers who invest in these business tools stand to benefit in three ways:
1) Reducing Downtime
A manufacturing plant is comprised of a series of complex machines. There are thousands of moving parts, each adding value to the entire production. If one piece of the puzzle, large or small, fails, production in the entire plant could be halted. This downtime reduces workforce engagement and costs the business both time and money.
Business tools like IoT sensors monitor every moving part, identifying weaknesses and deficiencies early on. Monitoring technicians can plan ahead, fixing the issue swiftly and during slower plant production times. Organizations also have the advantage of developing an automated preventative maintenance plan, scheduling routine maintenance before weaknesses arise. Since reactive maintenance accounts for more than 85% of an organization’s total maintenance spending, investing in a preventative maintenance strategy stands to significantly reduce facility management spending.
2) Increasing Organizational Efficiency
IoT tools can also help manufacturers better understand how the facility is performing and identify any opportunities to improve efficiency. For example, if a portion of the building is only used a few hours a day, is there really a need to keep the lights on all day? Or perhaps the HVAC runs colder in certain areas? IoT temperature and light sensors collect this data, offering management teams real-time analytics for each section of the plant. Once these issues are identified, plant managers can redefine processes, offering a more efficient working environment, at a fraction of the cost.
3) Increased Collaboration and Visibility
Historically, manufacturing plants have relied on IT systems tailored to a specific need. Each system worked separately from the other, making it impossible for the plant to truly run like a well-oiled machine. The Internet of Things integrates and connects each moving part, while still allowing them to perform their distinct, required job. This open line of communication offers management increased visibility and a better understanding of the big picture.
Before the arrival of IoT, organizations had a surplus of data, with no defined way of using it. With the implementation of the right business tools, manufacturers now have access to real-time, relevant data that assists them in making better decisions. Gaining a better understanding of their assets, resources, and facility ensures increased productivity and, ultimately, profits.
Wisdom Wednesday: The Hidden Costs Of Malware
Ransomware is malware that either freezes your computer or locks it so you cannot access data and programs that your company normally uses. The criminal that is holding your system hostage, demands a ransom that is usually paid in Bitcoin.
Imagine opening your business one morning, turning your computer on and reading a message that says something like: Attention – Your System is Locked. If you want your data and programs unlocked, you must pay a fee of $800. If you are a new business or a small one, $800 can be a lot of money. It is in effect a ransom payment and is the harbinger that your computer is a victim of ransomware.
What is Ransomware/Malware?
Ransomware is malware that either freezes your computer or locks it so you cannot access data and programs that your company typically uses. The criminal that is holding your system hostage, demands a ransom that is usually paid in Bitcoin. One thing about this kind of criminal is they believe in excellent customer service. Instructions are sent you about how to pay in Bitcoin. Also, the thief or gang of thieves usually do return your computer back over to you – otherwise, most people would not bother to pay the ransom.
However, the ransom is only the beginning of your expenses relating to a ransomware incident involving your business.
What Are the Other Costs of Ransomware?
In 2016, the average cost of paying a ransom demand involving accessing a business’ computer programs and data was $679. It is expected to rise in 2017 to nearly $800. But, that is not the only, nor necessarily, the greatest expense. The other costs attendant to ransomware include:
Regulatory Fines
It is the duty of every business to safeguard the Personal Financial Information (PFI) and Personal Identifying Information (PII) of clients and customers. Regulatory authorities such as the US Department of Health and Human Services (HIPAA compliance) or the Federal Trade Commission for letting PII fall victim to a ransomware attack. Fines can be high (millions of dollars) but are usually not levied if there had been no other prior issues regarding confidentiality. For those firms who had previous breaches, fines can quickly add up to millions of dollars.
A Lack of Productivity
When a computer system is unreachable, your employees are undergoing downtime. Without your business data and programs, they are unable to work and are simply nothing more than another expense due to ransomware. Depending on the size of your workforce is how much this costs. A research study by the firm Vanson Bourne for SentinelOne reveals that it takes 38 man hours to recover from a ransomware attack.
Loss of Customers/Lack of New Customers
When a company is victimized by a ransomware attack, most states require that anyone whose data may have been breached must be advised of the possible breach. Doing so may lead to customers leaving you for another company. Likewise, it is harder to find new clients or customers.
Loss of Employees/Inability to Hire Top Applicants
The situation is similar when it comes to employee retention and new hires – employees want to know their employer has an excellent reputation that is unsullied by a successful ransomware attack.
{company} in {city} is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at {phone} or send us an email at {email} for more details.
HoeflerText Malware: How to Stay Savvy in the Internet Jungle
Mozilla Firefox users, the HoeflerText malware is back and this time, it’s targeting you.
Several months ago, Google Chrome users were the target of a vicious malware scam. When visiting a targeted website, an official looking Chrome message popped up indicating:
“The ‘HoeflerText’ font wasn’t found. The web page you are trying to load is displayed incorrectly, as it uses the ‘HoeflerText’ font. To fix the error and display the text, you have to update the ‘Chrome Font Pack’”.
Unaware this wasn’t an official message, users clicked the update button and received additional information regarding how to update their Chrome fonts. Malware developers determined this error message was being used by cyber criminals to spread Spora ransomware, which comes with active infection channels, sophisticated ransom payment service, and advanced crypto. The virus was discovered and a “fix” was defined, but not before thousands of Internet users were infected. Well, the malware attack is back again, only this time, it’s targeting Mozilla Firefox users.
What Mozilla Firefox Users Need to Know
The latest malware campaign, as discovered by Kafeine, a Proofpoint exploit expert, especially targets Mozilla Firefox users who have the banking trojan Zeus Panda. Fortunately, the cyber attackers left some easily recognized evidence behind; they kept the HoeflerText font name the same.
Here’s a little bit about how this attack works:
- These attacks only target users visiting websites that have already been compromised.
- The user is then scanned to see if they meet certain specifications. If they do, the web page is rewritten, and the screen looks distorted.
- The “‘HoeflerText’ font wasn’t found” message looks convincingly like an official Mozilla message. Users are persuaded to download and install the latest “Font Pack” version. Once the “Update” button has been clicked, the attack has been launched.
Once the user’s system has been infected, Zeus Panda is set to automatically launch when the user signs in. The command and control center is then notified to forward information regarding the infected device’s firewall and antivirus information. Panda, the online banking trojan, has targeted banks in North America, Europe, and Brazil. Its target is bitcoin exchanges, online betting accounts, bankers, airline loyalty programs, and online payment providers. If these recent attacks have proven anything, however, it’s that virtually everyone is at risk.
To safeguard yourself against this type of cyber attack, it’s critical that you’re careful about what you download from the Internet. If a window pops up indicating a new version of anything is required, go directly to the developer’s site to ensure authenticity. If no updates are found, contact the developer immediately. Additionally, keep your computer’s antivirus software updated at all times. Cyber criminals are becoming increasingly more advanced in their methods of delivery; it’s up to us to exercise caution and protect ourselves.
Still Using 1995 Internet Technologies
The internet has changed over the years, but people remain the same. See what’s different, what’s similar and how the past can define the future.
There’s a famous clip from The Today Show in 1994 where the hosts try to figure out what the internet is. Millennials watch it and giggle as the stars puzzle over seemingly simple concepts like email and web pages. The hosts weren’t silly or stupid, they were only trying to come to terms with a disruptive technology that has since taken over practically everything we do. There are articles from experts in subsequent years that promise the internet would die off soon, much like Hula Hoops or flagpole sitting. We’ll look back at the results of a survey from the early days, and what the average person was doing when they used their precious phone line to connect.
The Pew Research Center took a survey in late 1995 about how Americans were making use of the internet. People check their email on average 15 times a day in 2017, and some are always getting alerts as to every new piece of mail that pops into their inbox. But back in 1995, 29% of more than 4,000 people testified that they only checked their email once a day. On average, they sent three emails a day and received only about five.
CD-Roms Vs. Internet
If Americans had to choose between CD-ROMs at the time and the internet, it seems that people would choose CD-ROMs. Around half the people surveyed had CD-ROMs, and attitudes and usage patterns suggest that the web just wasn’t cutting it for them yet.
Adult Entertainment
Most people wanted to eliminate any type of adult entertainment from the internet entirely, though the margins were somewhat slim with a 52 to 41% vote for banning it. At the time, censorship seemed perfectly reasonable, much like the movies or television.
Websites
Only 1 in every 5 users had ever signed onto the web, even though the first website was already 5 years old. Survey participants appreciated connecting with strangers via chat and skipping postage costs via email, but the days of idle surfing weren’t quite here yet.
Privacy Concerns
The concerns over privacy have waned and waxed over the years, but it’s not a new concept. Half of the users admitted to worrying about someone invading their privacy in 1995. While that concern would filter out some in 2008 and 2009, it was revived again after Edward Snowden laid out the brutal truths he’d encountered in national security. Americans are more concerned about their privacy regarding businesses and government than they ever were before.
Understanding the past is a good way to keep us moving forward — until the time another generation can ask questions that will seem obvious to the generation that follows.
{company} is the trusted choice when it comes to staying ahead of the latest developments and can provide you with tips, tricks and news. Contact us at {phone} or send us an email at {email} for more information.
Wisdom Wednesday: 4 Features to Send Your Business Website to the Top of Google’s Rankings
Because Google always changes the algorithm that it uses to determine search engine rankings, your business’ website needs to stay on top of the current key features that can help move it to the top of Google’s search results.
Many companies approach search engine optimization as a one-time challenge; once you have set up your company’s website with an eye to maximizing your Google search ranking, they think, you’re all set. In actuality, Google regularly makes changes to its algorithm that determines its search engine rankings. Keeping your business’ website at the top of Google’s search results requires constant attention to the changes in Google’s ranking factors and continuous tweaking of your site’s content. With that in mind, here are the four key features to utilize right now to improve your business’ Google search ranking.
HTTPS
Google first announced that HTTPS would be used as a factor in its ranking system back in 2014. MozCast, an online platform dedicated to tracking the changes in Google’s algorithm, has found that Google is keeping that promise; almost 46 percent of all of Google’s top ranking websites are HTTPS sites. Google has made this push based on their belief in the need for strong Internet security. Especially if your business offers any form of online shopping or information gathering features, moving to HTTPS is critical.
Google AdWords
While pay-per-click services like Google AdWords have not traditionally been a part of search engine optimization, MozCast has found a direct relationship between the two. Almost 53 percent of websites that appear on the first page of Google’s search results feature Google AdWords on the top of their pages. In short, paying for Google AdWords yourself won’t raise your search ranking, but becoming a part of Google’s advertising network and having ads embedded on your web page might.
Reviews
Google is upfront about the fact that it utilizes customer reviews in determining website rankings, so it should come as no surprise that almost 37 percent of businesses that reach Google’s first page of search results feature customer reviews. Indeed, Google itself now displays customer ratings right below text ads in order to connect customers with quality businesses.
Knowledge Panels
As MozCast has noted, approximately 38 percent of Google’s highest ranking websites have Knowledge Panels. Knowledge Panels appear as information boxes to the right of Google’s search results and are intended to help potential customers quickly find contact and other information for businesses. Unfortunately, you cannot directly put your business in a Knowledge Panel; Google itself makes the determination based on your company’s relevance to a potential customer’s search. However, you can influence the chance that your business will be included in a Knowledge Panel by increasing your business’ general prominence and local search engine optimization.
Concerned that you’re not doing everything that you need to help get your business to the top of Google’s rankings? Contact us today at {phone} or {email} and we can introduce you to an expert from within our community of specialists.