Fix that lock…and get a spare key! Software updates, security patches

Reliable Networks on August 29, 2023

Fix that lock…and get a spare key! Software updates, security patches and data backups

If the lock to your home’s main door breaks, do you fix it or just let it be? My guess is, you would get a locksmith to fix it for you at the earliest. And, what do you do if you lose the key? Use the spare key, if you have one, to get into your home, right? The situation is kind of similar when it comes to security patches and updates for your software programs. Credible software manufacturers make sure the software programs they develop offer an acceptable level of data security. However, no software is perfect and knowing this well, cybercriminals constantly work to find vulnerabilities in popular software programs that they can exploit to gain access to your data. Security patches and software updates work to prevent this by fixing or patching the vulnerabilities.

So, you need to take the time to make sure that all of your software applications, including operating systems, and browsers are up-to-date. While it makes sense to start with the software programs you are using at work, do not forget your smartphone. It is important not to leave out your smartphone applications and mobile devices as well, because cybercriminals can find a way to invade your network and data from your smartphone. For example, you have your work email configured on your phone. Hacking into your phone can give them access to your work email and consequently to work data. Make sure all of your software programs, whether on computers or on mobile devices such as smartphones and tablets, are patched, updated and secured.

But what happens, if your cybersecurity mechanisms are breached despite your best efforts to secure them? This is where backups enter into the picture. Backups are like your spare key. They come in extremely handy, especially in the case of ransomware attacks. Ransomware attacks are where cybercriminals gain control of your network or data and lock you out of your own system preventing you from accessing crucial business data. Sometimes your data is encrypted, which means it won’t be legible. They then demand a ransom to unlock or decrypt your data. Unless you pay up, you won’t have access to your data or your data won’t make any sense to you as it is encrypted. Having up-to-date, quality backups ensures you don’t have to worry about losing access to your data or paying up the ransom, as you would have a most recent copy of your business data readily accessible. You can make backups on external hard disks, servers located at a place different from your place of business or even on the cloud (think Google Drive or One Drive or cloud servers).

Also, make sure you have clean and up-to-date backups. Just routine backups may not be enough to protect you. Contact an MSP to design workable backup procedures that don’t include copies of the ransomware.

Chris Provencher on February 19, 2022

Office 365 Hacking: What you need to know!

What is a Compromised Email Account in Microsoft 365?

Access to Microsoft 365 mailboxes, data and other services, is controlled by using credentials, for example a user name and password or PIN. When someone other than the intended user steals those credentials, the stolen credentials are considered to be compromised. With them the attacker can sign in as the original user and perform illicit actions.

Using the stolen credentials, the attacker can access the user’s Microsoft 365 mailbox, SharePoint folders, or files in the user’s OneDrive. One action commonly seen is the attacker sending emails as the original user to recipients both inside and outside of the organization. When the attacker emails data to external recipients, this is called data exfiltration.

 

How to secure and restore email function to a suspected compromised Microsoft 365 account and mailbox.

Even after you’ve regained access to your account, the attacker may have added back-door entries that enable the attacker to resume control of the account.

You must do all the following steps to regain access to your account the sooner the better to make sure that the hijacker doesn’t resume control your account. These steps help you remove any back-door entries that the hijacker may have added to your account. After you do these steps, we recommend that you run a virus scan to make sure that your computer isn’t compromised.

Step 1 Reset the user’s password

Step 2 Remove suspicious email forwarding addresses

Step 3 Disable any suspicious inbox rules

Step 4 Unblock the user from sending mail

Step 5 Optional: Block the user account from signing-in

Step 6 Optional: Remove the suspected compromised account from all administrative role groups

Step 7 Optional: Additional precautionary steps

 

Secure Microsoft 365 like a cybersecurity pro

Your Microsoft 365 subscription comes with a powerful set of security capabilities that you can use to protect your data and your users. Use the Microsoft 365 security roadmap – Top priorities for the first 30 days, 90 days, and beyond to implement Microsoft recommended best practices for securing your Microsoft 365 tenant.

The number one thing you can do to help prevent this from happening is to enable 2FA on every O365 account for your organization.

If your interested in securing your O365 tenant reach out to speak with one of our experts to see how we can help!

Contact Us