All Posts By

webmaster

WannaCry – The infection that exposed 2 problems

Since the news of a “cyberattack” on IT systems across Europe broke on Friday companies have been racing to engage with their IT providers and staff to try to fix the problem. The bigger problem is that it’s too late. This type of attack was always going to happen sooner or later as it has exposed the two real problems – training and investment.

What is a ransomware attack?

Its a computer virus that is usually activated when someone clicks on an email link that they think is ok but is actually sent by a hacker. The link activates the installation of a nasty computer program on your computer which locks down (encrypts) your computer so that you can’t access it without a special key. The hacker them demands a “ransom” to  provide you with the key. The key is totally unique so your IT dept will not be able to get this key for you or fix the infection. Once the infection has taken hold its a case of paying up (we wouldn’t recommend this), going to a backup (if you have one) or starting from scratch (eeeeeek!). The only strategy is not to get the infection in the first place by educating your staff and protecting your computers systems.

What is all the fuss about?

So if we take the UK Health Service attacks as an example – they are not really attacks at all. They are the exposure of out of date computers and employees who didnt know how to recognise suspicious emails. There is nothing new in that – these type of “phishing attacks” as they are known are simply dodgy emails sent on mass with the hope that employees with click and infect their computers. They did and the problem was multiplied up when those computers were connected to other out of date computers and suddenly you have thousands of emails circulating infecting exposed computers and it brings organisations to a halt. When this type of infection strikes the first thing you will see is a message that your computer has been hacked and a message to pay the ransom to (€300 – €600) per computer to have control of your computer back.

How can companies protect themselves? 

Simple – update your computer systems and educate your staff. I am sure if any company didnt have an intruder alarm and a receptionist these days you would think they are daft. It seems like  a sensible idea to have both of those precautions to prevent a total stranger from walking in and stealing goods – wouldnt it? Well, its the same for computer systems and yet companies are unwilling to invest in protection even though some form of computer will be at the heart of EVERY business … even though it might be just one p.c. Here are some essential tips :-

  • Install good antivirus software – ditch the free ones – pay to install the best software on your computers.
  • Upgrade your computers – ditch your old computers – they are wide open to security risks.
  • Educate your staff – take time out to tell your staff how to recognise threats. Find out about email phishing, provide training  and follow up to make sure the message is getting through.
  • Assign an IT contact – Give someone the responsibility for updating your computer systems. Even in a smaller company make sure that someone is updating your computers even if its an external company.
  • Backup you data – Rule 1 is to always have a backup of your data which you can restore in the event of a fire, floor, theft or computer infection.

Who can help?

There are lots of computer companies who specialise in providing computer security services – but we are not one of them. We can keep your websites secure so if you are looking for help with your computers just Google ’em.

 

 

 

 

So which country is trying to hack my website?

Just to give you an idea of the average monthly hack attempts on a website –  we have publishing this security report for April 2017 for our own website – (www.jascom.ie) Thankfully our website has security protection enabled but not all websites do and they need constant monitoring. Think of it as a security team watching your property.  These attacks are automated and are not usually specified against smaller companies but they are organised and do happen in swarms where a website will be suddenly probed for known vunerabilities and weak passwords.

If your website hasnt got the very latest updates then it is vunerable to a hack and by the time you realise it – it is usually too late. Make sure your website is protected with the latest updates and you have a maintenance contract in place with your supplier covering backups and monitoring.

 

Top 10 IPs Blocked

IP Country Block Count
185.159.36.6   RU 32
104.140.15.87   US 30
5.56.58.240   ES 10
156.202.150.163   EG 8
200.29.147.60   CL 7
88.207.187.122   LU 5
41.250.221.226   MA 3
221.149.187.56   KR 3
58.182.36.56   SG 3
181.73.13.232   CL 3

 

Top 10 Countries Blocked

Country Total IPs Blocked Block Count
  US 5 38
  RU 2 35
  ES 5 22
  IN 7 21
  CN 19 20
  CL 4 14
  TR 9 13
  AU 5 13
  RO 4 12
  ID 5 10

 

 

How to spot a scam email

There is alot of talk lately about “phishing scams” and most people dont really know what they are so we have decided to show you one … a really good one … and tell you how you can spot a fake email from a real one.

Q: What is a phishing scam?

A: Simply put – it is when a hacker sends you a genuine looking email from a fake email address in the hope that you will click on a link and make nasty things happen to your computer, tablet or phone.

Q: How can tell if an email is fake or genuine?

A: To be honest – its getting more difficult. But the basic rule of thumb is that if you were not expecting an email asking for money or information then be suspicious. If in doubt then contact the company directly  – never click on any links in the email – type the website address in directly.

Q: Are there any tell tale signs of a fake email?

A: Yes – here are the ones to look out for :-

  1. General email greeting – If the greeting comes with “Dear Customer” or “Hi There” instead of your actual name.
  2. Sense of urgency – Look out for wording that is calling for you to “act quickly” or “time is running out”.
  3. Bad grammar – Look out for simple spelling mistakes or errors in grammar.
  4. Dodgy links – Move your mouse over the link (never click) and if the address of the link is different from the company website.
  5. General salutation – Look out for a very general sign off from “Customer Support” with a specific persons name who you could contact.

Q: What else can I do? 

A: Two things – keep your antivirus right up to date – use a paid instead of free version especially for business computers. Secondly – if in doubt just delete the email. If its genuine and the company want to get back in touch with you – then they will.

Q: What happens if I have already clicked on a suspicious link?

A: At best you antivirus software might alert you that you are going to a suspicious website. At worst – it’s too late and hackers may have compromised your computer and you will need to run a full security scan and you should change any passwords.

So knowing all that here is a recent example of a phishing email that looked like it came from BT …. (but was 100% fake).

The above email is  an actual phishing email from a hacker is  not genuine. But emails from BT or any other company may be genuine – so look closely before clicking on any links. 

 

Top 5 Website Resolutions for 2017

So the New Year has just kicked off and here are our top 5 Online Resolutions for your website for 2017.

  1. Take Security Seriously – Website hacking is now a serious problems for all websites (big and small) so be sure to keep your website patched and updated. (Contact us )
  2. Get A Website Makeover – Does your website look jaded and out of date? It’s time to give your website a virtual lick of paint. (Get A Quote)
  3. Take Online Payments – You could be selling online direct to your customers as well as taking payments, deposits or selling vouchers. Make it easier for customers to do business with you. (Visit Our Portal)
  4. Improve Customer Service – Havent enough time or staff to man the phones? You could be providing better low cost customer service via  FAQs, Helpdesks or Livechat apps that can be added to your existing website. (See Our Helpdesk)
  5.  Go Mobile – Over 75% of all web traffic is now via mobile devices to you could be loosing out on sales by  not having a mobile compatible website. (Test Your Site)

5 Louth Companies Selling Online

Are you one of the hundreds of Irish companies selling online and generating 37% of or their turnover on the web? Well here are a sample of companies from the North East of Ireland who are using online shopping carts to reach their customers :-

1. Felda Gym and Spa

felda3

2. Dundalk Wines

dundalkwines2

3. Singli Foods

singli

4. Maisy Boutique

maisy1

5. Ace Environmental

ace1

Jascom launches VPE Fantasy Six Nations Competition

vpe_fb_600We are proud to continue our support of the Laura Lynn Foundation in conjuction with Vaughan Project Engineering via the VPE F6NF website competition which launched this week. This online Fantasy Six Nations Rugby competition has been running for well over 15 years and has evolved from the “paper and pen” model to a full online mobile website with payments integration. The website has an entry form based on a home points spread prediction of score in the Six Nations Rugby competition which kicks off on Sat 6th Feb 2016. The top scorer will take home a grand prize of €1000 with the remainder going to Laura Lynn House. Good luck and get entering via www.vpe.ie

Portit mollis vitae

Nullam ornare, sem in malesuada sagittis, quam sapien ornare massa, id pulvinar quam augue vel orci. Praesent leo orci, cursus ac malesuada et, sollicitudin eu erat. Pellentesque ornare mi vitae sem consequat ac bibendum neque adipiscing. Donec tellus nunc, tincidunt sed faucibus a, mattis eget purus. Continue Reading