Archive for the ‘Computer Security’ Category

Is Your Data Safe?

Tuesday, August 12th, 2014

In today’s world where everything is going digital, including health records, driving records, photos, documents, licenses, etc., it’s more important than ever to safeguard your data. Is your data safe? Many people may think so, but what steps are you taking to protect it?

Let’s face it, the most important part of a computer system is the data. The hardware and parts can all be easily replaced, but if you have the parts without the data, what good is the computer?

While working on computers in the Virginia Beach / Chesapeake and greater Hampton Roads area, we have found many companies that offer ‘low cost’ or ‘cut-rate’ computer repair services, many of which are run by individuals who are of questionable origin. One company we researched was run out of a garage by a teenager still in high school! While it may pay to have your smart IT nephew or relative help out with technology questions, do you really want to expose your most important asset – your data – to someone you really do not know that well?

In today’s economy many people and companies have severely cut back operations and are looking for deals, but we have seen over and over again, computers are the wrong area to cut back on. I personally would pay a little more to someone I trust and know will take care of my data than to save a small amount, just to have my identity stolen a few months later because the computer shop I chose threw my old drives out in the dumpster without properly wiping them.

Many people have no idea how much information they are giving to the ‘repair guy’ when they hand over their computers for repair. Not only are they giving the data currently on the system, unscrupulous individuals can undelete or recover deleted data, and sift through files to spy on the customer.

The analogy is not far from a daycare – would you drop off your child to a day care you barely know? Of course a computer is much less valuable than a child, but the comparison is very similar.

We have seen how computer repair shops are run – from the inside- and implement steps and procedures to guarantee our clients are protected, while at the same time providing cost effective services.

Some things we have witnessed other repair shops doing first-hand that bother us:

 

* Talking to clients about other clients behind their backs

* Disposing of old hard drives and computer parts without sanitizing them

* Snooping through customers’ files in areas unrelated to the problem

* Installing junkware or remote access programs such as GotoMyPc or some best buy app, without the users’ knowledge

* Selling old computer parts such as hard drives on Ebay without the customers’ knowledge

 

These are just a few things we can guarantee will never happen to our customers, we sanitize all media after the customer is finished with it and privacy is always number one. The next time you need to have computer work done, just remember that your security is only as good as who you let into your computer!

 

 

Who Is Working On Your Cmoputer

Who’s working on your computer?

Finances and Technology – New Threats

Tuesday, December 10th, 2013

With the marriage of computers and finances, what used to be a relatively safe concept is now under attack. As with all computer areas, attackers are now targeting financial data, such as passwords, bank accounts, retirement accounts, credit card information and using them to perform identity theft.

While most people are familiar with thieves in malls trying to grab bags and purses, today’s attackers are using technology to steal.

One of the newest financial systems is bitcoin. Governments cannot control it, it offers instant payments without the fear of chargebacks, and can be sent / received without the use of any bank or financial institution. It can be exchanged for any worldwide currency. However, as is always the case, along with greater convenience also comes greater risk. Attackers have hacked many websites related to bitcoin, emptying accounts and transferring millions. Others have performed denial of service attacks against bitcoin websites, effectively disabling them to manipulate prices and disrupt the bitcoin network.

One way attackers are trying to steal users’ finances now is by planting malware on their pc’s. The bitcoin wallet.dat file, the wallet that resides on a users’ local machine, is frequently copied or moved from an infected users’ machine in an attempt to steal their bitcoins and transfer them to an attacker’s account. While a password can be used to encrypt and protect this file, with the latest Chinese malware infections, keyloggers can be used to record and send every keystroke typed on the keyboard to a waiting hacker. Some users have forgotten the passwords to their bitcoin wallets, locking themselves out of their bitcoin accounts. As with all files on your computer, never send your wallet.dat file or any other file to anyone online you do not trust. All an attacker needs is this file and they can guess passwords to empty your bitcoin wallet.

The moral of this story? Now more than ever computer security is vital. Now computers hold not only documents and photos, but in some cases financial data, personal identification, critical trade secrets and other private content. The importance of keeping your systems free of infections rises more and more each day. If in doubt, schedule a computer checkup with us and we can tell you if there are any vulnerabilities being exploited on your pc. We can help to keep it secure and running well.

 

Yes, there are many other ‘it’ and ‘computer repair’ companies out there. We know because we have worked on machines our competitors have ‘disinfected’, only to find out the same infection they ‘cleaned’ weeks ago is back again. Today’s malware and infections cannot be removed like the last generation computer virus. These are newer, smarter infections, and if one piece is left behind, often the entire infection comes right back again. Best Buy and other ‘big box’ stores claim to be a jack of all trades, but as with any business, it comes down to which tech you get, and you are basically a number. Many Virginia Beach small business and home users have told us they either could not remove the infection or said they did and it is now back again with a vengeance. Unlike the competitors, we can not only remove the infection, but can usually tell you exactly where it came from and how to prevent it in the future! While a cure is great, preventing infection to begin with is always best.

One of the newest malware variants, ‘CryptoLocker’, is especially dangerous and difficult to recover from. The infection usually enters a users’ pc through an infected email or link, claiming to be a tracking update or other urgent information. The attachment can look like a .pdf, adobe acrobat file, or many other files. Once opened, the infection can go right past most antivirus programs, and installs itself on the users’ pc, sometimes in the background, without any symptom aside from slow performance. Once it is installed, it encrypts the majority of the users’ files on the pc with strong encryption, and present the user with a ransomware screen. The malware demands the user send payment to the fraudsters via bitcoin, mail, or other methods. It has a timer and counts down until the private key (needed to recover the users’ files) is deleted, effectively making all the users’ files lost forever. We can recover files in many cases if the user catches this infection early and immediately shuts off their pc and removes it from the network. Unlike our competition, we can install software to prevent this new threat from running on your pc to begin with – sparing you from the hassle, lost time and data. As with all threats, the best defense is to be alert – be SURE to never open any attachments, even if they look legitimate, unless they are from someone you know, and eve then infections can be transferred.

As always, look for symptoms such as slow speed, new popups and windows that are never present, excessive spam, etc. These can all be symptoms of an active infection or network attack. The computer user is the most familiar with the computer system and is the best judge of what is normal for that machine. Keeping your eyes open and acting to thwart thieves and attackers will help to ensure a happy, productive Christmas season!

 

     *
    /.\            
   /..'\
   /'.'\
  /.''.'\ 
  /.'.'.\ 
 /'.''.'.\ 
 ^^^[_]^^^

Malware Ransomware and Data Theft

Saturday, June 22nd, 2013

It’s in the news, in the papers, talk is all around – the latest threats are no longer simple viruses and nuisances, today’s primary threat is malware and ransomware. While performing Virginia beach computer repair and Chesapeake computer repair, we have recently come across these cutting edge malicious programs on several computers. The goal of these infections ranges anywhere from simply disabling a computer system to requiring the user to pay criminals to unlock their screen (such as in the fake FBI virus), to secretly stealing companies’ design information to send overseas to China or to a competitor.

While these infections are bad, the most serious kind is the infection that is silent and sits in the background capturing every keystroke and screenshots of what the user does on his/her computer. Some can even turn on the built-in webcam and send a live video feed from your computer to cybercriminals. How can we protect ourselves against these threats? Surfing unknown sites, looking for ‘free’ programs, and such can open the door to a computer infection that takes over your entire computer. All it takes is one wrong click and your computer may be infected. Many of our competitors charge their customers to ‘clean’ their computer, only to have the infection return at a later date. We know how to completely remove these infections and unlike our competitors, we can usually show you exactly when and where it came from.

Where do these infections come from? The majority of these newest infections come from China or Eastern Europe. We have seen programs written in Russian, Chinese, as well as other overseas languages. The language of the infection doesn’t matter as much as the payload, or dangerous part of the program.

If your computer is running slow, doing strange things, crashing, or doing other abnormal things, let us ensure it is clean and bring it back to optimum health!

The Latest Threat – Malware

Saturday, March 2nd, 2013

Today’s computer threats have changed drastically even from a few years ago. No longer are the common everyday viruses the main offenders, more sophisticated malware and scripts brought in by vulnerable browsers and plugins can cause major headaches and downtime. We stay up to date by following these latest threats and finding ways to stop and prevent them. Unlike some companies, we can not only disinfect and remove these pesky infections, we can usually tell you an exact date and time when your machine was infected, in addition to how it got there. How can an infection be prevented if the source is unknown? The source of most infections we find today originate in Asia and Eastern Europe, and some can run in the background virtually undetected. Some symptoms may be slow operation, popups, programs hanging or stalling, etc, but the most serious infections may never provide a symptom, and more advanced stages can even capture every keystroke. One infection we removed actually captured passwords for a user’s bank account and allowed them to withdraw funds from her bank account. This is a new type of infection which warrants the highest vigilance and security. We can show you what to avoid, antivirus programs that are virtually useless, and those which will provide the best security. Beware of any program that offers anything ‘free’, the old saying is usually true: “You get what you pay for”. Stay safe on the web!

 

Are All Antivirus Programs the Same?

Monday, May 24th, 2010

In today’s world of computer repair we deal with numerous threats from malware, spyware, ransomware, viruses and others that require most of us to run antivirus / antispyware programs. While most other companies only sell the programs that bring the highest profit, we recommend you take a deeper look at what each program does and how it affects your system. Contrary to popular belief, the most well-known names do not necessarily mean the best performance. On the contrary, some of the least-known ones work the same, if not better. Many factors should determine which antivirus program you choose,  some of which are:

  1. Protection
  2. Compatibility
  3. Speed (Does it slow your system down?)
  4. Price

Some big names such as Symantec Endpoint Protection have the most media exposure, but our experiences have shown it can bring an entire network to it’s knees, including servers. We had one network in Virginia Beach that called after another company installed SEP and they were completely down. Removing the Endpoint Protection was the solution! Symantec’s home product, Norton 360, can be compared to a virus, in that it slows the system down to an unusable state. One user in Chesapeake had this program on her desktop machine. Removing and replacing the program with another antivirus program was comparable to a memory upgrade! Mcafee and other big names may work in some applications, but for the majority of users, it is not the best choice. Virus creators are always targeting the well-known protection programs as well, and we have seen many current malware programs that instantly disable both Symantec and Mcafee, then proceed to infect the computer, unrestrained. What can be done to avoid this? We believe using a lower-profile antivirus solution, combined with a layered approach helps. Still, in some cases, we recommend others based on specific needs. Watch out for antivirus programs that say they are free as well. There are many ‘fake’ programs out there that infect your computer instead of protecting it, or generate popups on your screen every few minutes. The moral of the story: Don’t be sold on a brand name. Dig a little deeper to see which solution is best for you. This requires research and taking many factors into account. What works on TV does not work for everyone. One size does not fit all!

virus

Transformation from Virus to Malware

Monday, May 10th, 2010

The most familiar type of infection known as a virus has now changed into an even more dangerous form of infection, Malware. ‘Mal’, as the name suggests, describes a program with malicious intent. These programs are from the dark side. What are they called? Some of the most popular names include: Spy Sherriff, Winantivirus, Antivirus 2008 Pro, Antivirus 2009, Internet Security 2010, Advanced Virus Remover, etc. Aside from just being annoying, these programs can bring in and install even more malicious programs that can steal passwords, private documents, and even allow the bad guys to control your computer. One customer in Virginia Beach even had funds withdrawn from a bank account to a Russian criminal due to an advanced computer infection. Fortunately, it was caught in time to stop the transaction. Most programs of this type we see can be traced to either Chinese or Russian origins. Are you protected? Most antivirus programs cannot protect against this new threat, because it appears to be a legitimate program. If / when it is detected, the infection has already installed itself into your computer.

Our approach is threefold:

  1. Determine the type of infection and trace it’s origin (most come from facebook, myspace, email, banners, etc). We can usually tell when the infection occurred, to the minute.
  2. Carefully remove the malware to ensure it is clean. Current infections will reload themselves if just one piece is left intact.
  3. Prevent re-infection

In practice, many of these ‘bad’ programs appear to be ‘free’ antivirus or security programs, which always cause more problems than they solve.  Some are even so bold as to ask the user for credit card information to ‘pay’ for the fake software. Never provide any financial information to any program you are not familiar with, even if it is on your computer. The best suggestion is to shut the power off and call your computer tech. Unlike some other problems, this cannot be safely resolved over the phone or remotely. Attempting this may lead to privacy issues and more. Once infected, the machine must be thoroughly processed in- shop to ensure a complete disinfection. To make things worse, most antivirus programs scan right over these newest infections, not even detecting them! The only way to resolve some of these latest infections is to know what you’re looking for and remove it yourself. That’s where we come in. Our combination of filesystem tools in addition to our years of disinfection experience gives us an advantage in successfully identifying and removing infections from your desktop laptop or server. While surfing the world wide web, be careful where you go and what you click on!

fake_av