News

Security experts have been saying for more than a decade that it is “not if, but when” an organisation will be hacked. Therefore, the focus needs to move to “What to do when you are hacked”.

Cybercrime is big business, a huge underground economy estimated to be larger than the drug trade. Large amounts of money are then invested into developing new cyber-attacks to steal data, hijack systems and find your passwords, credit card and bank details.

Companies need to identify what their critical data is, where it is located, the impact on the company if that data is destroyed or shared, and how quickly they can recover from a breach. The response to a major hack becomes as important as the security measures taken to protect that data.

The attacks are getting more sophisticated and even security professionals fall for phishing.  This highlights the need to report and alert the general public to new scams and attacks as they are detected.

The reality is that “people are the weakest link” in the security chain.  Organisations need to foster an environment that allows employees to do their jobs by providing training and testing to mitigate the risk.

The New Zealand Government has set up CERT NZ to provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.

Computer Culture is constantly updating our Cyber Security solutions to ensure that our customers have the best protection and a way back from a disaster.

Each year we see security reports from dozens of companies about how the sky is falling – mainly because the people sponsoring the reports are in the umbrella business. However, some data in a recent Verizon Data Breach Investigations Report was of some concern. Unpatched vulnerabilities are still a huge opportunity for threat actors.

The report looked at over 100,00 incidents with only 3% recognised as actual breaches. An enormous 99.9% of the exploited vulnerabilities took advantage of a reported Common Vulnerabilities and Exposures weakness that had been patched at least a year ago.

Most crucially, the report noted that it’s not just about patching, but also about ensuring you prioritise patching of your most critical and vulnerable systems.

For a considerable period, small external USB hard drives were a favoured means of backing up a company’s valuable data. This backup method ticked the boxes by ensuring the storage device was backed up to another destination and secondly that backup was taken offsite. It was a satisfactory solution provided there was at least 3 drives, they were rotated out daily and one of the set was always offsite in a secure location.

Unfortunately, over time the short comings of this type of backup have become painfully apparent.

The list of problems include:
• USB Drives failing due to constant handling and transporting
• Drive not changed due to designated person being on leave or off sick
• Staff become forgetful or complacent and drive changes do not occur daily
• Error reports generated by the backup software being ignored

One of the inherent problems with this backup system is that if the current backup and the source are at the same location and a disaster occurred later in the day the amount of work lost can be up to 2 days. In this scenario, the last backup is going to be at least 24 hours old and still onsite with the person who was responsible for taking it home that evening.

We know of a company where one of the backup drives had failed and they were down to only two in rotation. On the day of the February earthquake, the server was in the office, the first backup drive was plugged into the server ready for the end of day back up, and the second drive was in the manager’s briefcase ready to be taken off site that evening. When the quake struck everyone quickly evacuated the building leaving the server and all the backups in the building.  Fortunately, the company was able to get back into the building and rescue the backup. In doing so they avoided a disastrous data loss and learnt a very powerful lesson.

It is for all of the above reasons that Computer Culture no longer recommends this type of backup. With the value of company data and rapid growth of cybercrime, a robust backup system is now an essential part of an organisations IT. 

An offsite backup solution which is proactively managed and monitored has become the favoured solution of many of our customers. Please call us If you wish to make the move away from the rotated drive backup system.

Sometime during 2012 a large number of the free Dropbox accounts had the login and password details hacked. There was considerable publicity at the time and users were urged to change their passwords.

Unfortunately, it does appear that many people didn't react to this warning as they may have either missed the publicity or just plain forgot.

Dropbox has recently asked users that haven't changed their password since, to now do so.

Backups are so important, hence why we bring them up a lot! Recent cyberattacks have proved how critical having a recent reliable backup is.

Here are the 5 most important features that make up a good backup solution:

It only takes a moments inattention to change a normal day into an unimaginable nightmare.  In this particular case, although we are still yet to verify, we are assuming an employee opened an attachment in an email which started a chain of events which had a serious impact on the company’s ability to trade.

The innocent looking email opened contained the file locking Trojan which quickly locked up the file system and prevented access to the data.


Normally we would be able to recover the damaged system by restoring the latest backup. Sadly, in this case, it transpired that the unmanaged backup had stopped working several weeks ago which took away that solution.

Due to the daily cost of the disruption a decision was made to pay the ransom, but unfortunately, this wasn’t a straight forward as one would expect.  The criminal(s) behind the ransom demand, would only accept payment in Bitcoins (Bitcoin is a digital asset and a payment system, transacted online).

Under normal circumstances, setting up a Bitcoin account takes several days.  Computer Culture managed to shorten the process by using a trader that accepted payment via a Smart Eftpos money machine. We had 1 hour to withdraw the cash (compounded by BNZ being down during that timeframe) and deposit the cash at the designated machine.

To shorten the story, the unlock code was sent and the majority of the data was recovered. Paying a ransom was a last resort and an action we found abhorrent.  So serious is that treat that in the UK, companies are purchasing large amounts of Bitcoins to reduce the downtime in the event of a ransom attack. Prevention though is better than trying to find a cure and that is what we focus on at Computer Culture.

There are powerful lessons to be learnt from this experience.
1) Organisations need a level of security to reduce the chances of an intrusion and enable early detection.
2) Organisations need a robust and comprehensive backup system
3) These processes need to be proactively managed and reviewed.
4) There needs to be polices, procedure and staff training to mitigate the risk
5) Consider taking our Cyber Insurance (we can recommend some companies)

If you feel your site does not meet this criteria, please contact us urgently and we will help you through the process.

According to data and media global Bloomberg, the number of known Ransomware attacks has now surpassed five million, with just a single infection causing more than $325 million worth of damage in one instance. Ransomware locks the files on your computer and refuses to hand over the key until you’ve paid the demanded sum, or “ransom”. 

Ransomware has bigger implications for some industries than they might first realise. Not only does it impact day-to-day business while they can’t access their data or IT systems, but it can also cause some bigger affects down the line. Sensitive data that needs to be accessed regularly or whenever requested is the main point that should ring the alarm bells.

Unfortunately for the healthcare sector, the hackers have realised they’re a big juicy target. We’ve seen reported incidents of multiple hospitals in the US being infected with ransomware and having to resort to extreme measures to resume functionality. The fact that prominent medical facilities are giving in to the demands of cyber crooks because they had no contingency plan, is a sobering thought. This has also been reflected internationally, as Germany has also seen its share of ransomware attacks on hospitals. One hospital even having to resort to pen, paper and fax due to a sophisticated attack that brought their IT to a crawl.
The global healthcare industry’s being targeted as it ticks all the boxes for ransomware attackers. Those targeting the industry have realised it sits on a goldmine of sensitive information that’s so indispensable for its users, that they’ll pay almost anything to get it back. To make matters worse, healthcare is bound by regulations around medical records always being available, the fines for not having this data accessible would well outweigh any ransom for the data itself.

Its mere existence in the cybersphere should highlight the importance of security training and awareness. Simply knowing this malicious software is increasingly being used in phishing plots and web exploits can help prevent employees from putting their organisations in danger.
Like any other form of malware, the ransom-based variety looks to exploit outdated web browsers and plugins like Adobe Flash and Java. It also aims at unsuspecting users opening infected attachments harboured in spam emails.
While it continues to evolve and change, the best way to combat ransomware with maximum effectiveness is still as simple as prevention. Avoid any emails, links and plugins that you don’t recognise, and ensure you have regular backups of data that can be rolled back to should your systems become infected.

Talk to us about how we can help implement some contingency plans for your business.

In all likelihood you will know someone who has been a victim of a malicious piece of malware or had valuable data stolen through a well-orchestrated hack. Many organisations that suffer these and other attacks fail to take the proper precautions to prevent themselves from becoming victims.  Here are some of the precautions you can take.

Patching - Most attacks, whether they be malware or hacking attempts exploit weakness or vulnerabilities in Operating Systems and 3rd party applications. Normally, when an exploit is discovered, a publisher will release a fix to block it as soon as possible. If your system is maintained by our Managed Services, these patches will be applied automatically.

Mail Filtering - No small number of threats find their way into a network as an email attachment or link. Having a robust system to scan, scrub and quarantine these threats is essential. If you are not using Office 365 for your mail, we recommend Roaring Penguin for anti-spam protection.

Web Filtering - Blocking malicious websites from being accessed can go a long way to reducing the number of threats introduced to a network. 

Backups - A good backup and disaster recovery strategy should be in place to make sure that essential and business critical data is safe should the worst happen. Ideally, it should be located offsite. If you don’t already have an offsite backup solution, please call our sales team who will help you find a solution that meets your requirements.

Antivirus – We recommend our managed AV Defender to provide a strong defense against viruses.

Here are definitions for some of the terms relating to data and backups