“Florida city to pay $600K ransom to hacker who seized computer systems weeks ago”

One of the most terrifying new threats to organizations is ransomware. This type of digital attack is one of the most disruptive and costly things that can happen to an organization, as one city in Florida recently found out.

Rivera Beach, a small city of 35,000 people was recently targeted after an employee clicked on a malicious email link. After encrypting vital government systems like fire department and police computers, CNN reports that hackers demanded that the city pay a ransom of  $600,000. With no alternative, City officials recently voted to agree to the hackers demands which will be paid out of the city’s insurance money.  

Cybersecurity firm Recorded Future found that in the US alone, at least 170 county, city or state government systems have been attacked since 2013, including at least 45 police and sheriff’s offices. In 2019, there have been more than 20 major US public-sector attacks which typically force affected cities to quarantine their networks and provide most of their municipal services manually.

Attacks By Hackers Are On The Rise

You may be thinking that this is unlikely to happen to you or that your business’s data isn’t important enough to gather the attention of hackers. Sadly, this isn’t the case. Ransomware is so dangerous because hackers know how valuable your data is to you! Albertan organization are just as likely to be targeted for smaller attacks as any other place. We’ve recently helped a company in Edmonton recover from one such attack, which you can read about here. 

Many ransomware attacks start with an employee clicking a malicous link. We’ve created a helpful guide to share with your staff on ‘How to Diagnose a Phishing Email’. If you’re looking for help on how you can protect your business. Our IT team is happy to help you plan for the future.

Click the link below to book a meeting with our team!

Buying, Leasing, or Renting Computers: What Should Your Small Business Do?

Should You Rent, Buy, or Lease Your Company Computers

One challenging decision that new entrepreneurs or growing companies face is whether to buy, lease, or rent computers for your staff. 

It’s probably not a decision you realized you’ll need to make, but it’s an extremely important one to ensure the long-term productivity of your staff. 

In this guide, we’ll help you learn which option is right for you!

1. The Buying Option

Purchasing computers can be a big capital expenditure. In fact, it would be the highest upfront cost of the three options.  It also would give you a limited number of write-offs as a business.

On a positive note you would own the inventory and also be able to purchase extended warranty for the computers for 3-5 additional years just in case you need any parts or a complete replacement. 

Some business owners like to overlap this option, for example purchase 10 computers this year and 10 new computers next year to extend the upgrades. Typically, owners would do an image deployment of the operating system.  This involves customizing the operating system (OS), applications, drives and settings on a single computer and creating an image of it, then automatically deploying this image to all other computers. This usually saves time, effort and creates a standardization.

If this sounds like the option for you, our team can help you purchase computers at a discount and set them up. No long-term contract needed. Contact us to learn more.

“you may not realize that you’ll be required to undergo a credit check”

2.The Lease Option

Leasing computers allows you to have a lower upfront cost than option 1, but more ongoing costs. Typically leases are paid monthly or annually and you will continue paying until you have the option to purchase the machines at the end of the lease.

This option would also provide a 3rd party lease write-off as an operational expense.  Additionally, you would lease your computers from the manufacture and have their direct support. 

One thing you may not realize that you’ll be required to undergo a credit check. If you’re a new business, your company may or may not have established a credit rating yet, which could eliminate this option completely.

3.The Renting Option

Renting provides some comfort knowing that your provider is responsible for everything and the service and ongoing support will be provided to you for the term of your rental.  Renting is typically the same price as a lease option with a bit more overhead on each machine as they are loaded with all of the software, firewalls, and protection required. Additionally, this could be used as a business write off.

Renting has the additional benefit of allowing you to be nimble with your technology adoption. As your business changes, your technology requirements may change. Renting allows for a quicker change of your core systems. 

Managed Services providers like ARC typically provide access to all three options.

We hope you’ve found these tips helpful as you decide what to do. If you ever need any advice, our team is happy to help. We provide IT services for a wide variety of companies across Canada and over the last 21 years, we’ve seen it all. 

Contact us if you need a hand deciding on if buying, leasing, or renting computers is the right option for you! 

Case Study: A Firm Gets Attacked by Ransomware

Client Profile

The Organization:

Our client is an Edmonton-based design firm (for privacy reasons, we’re unable to share their name, just their story).  Their team of experienced architects specialize in many types of projects ranging from commercial retail and office, to national restaurant chains in Canada.

The Challenge:

When firm called us, they were in a full crisis mode. A hacker had installed ransomware on their company’s server and was holding their company’s data hostage. Their business was in grave peril.

"The hacker got through the unprotected firewall and installed ransomware and encrypted the firm’s data."

Some Background:

The firm called ARC Business Solutions previous to the security hack and requested an I.T. Audit.  We preformed the audit and identified the problem of an insecure firewall and provided solutions.  The firm at the time decided to hold off for the time being.  The security hacker got through the unprotected firewall and installed ransomware and encrypted the firm’s data.  The hackers held the company’s server hostage and requested ransom of $3000 worth of bitcoin.   The firm paid it in desperation and received nothing in return.

The Solution Highlight:

In situations like this, drastic measures need to be taken. ARC shut down and cut off all systems from the internet, and systematically cleansed the infection from the system. Although the situation was not ideal for the client to have all systems temporarily shut down, ARC was successful in preventing further threats. 

We isolated the server and were also able to recover valuable data and scrub the software from the database.  Lastly, the firm is now protecting against any future attacks as we have implemented security measures and modern firewalls. 

It is clear that the best way to respond to a ransomware attack is to avoid having one in the first place.  Other than that, making sure your valuable data is protected will ensure that your downtime and loss will be minimal or none. 

How to Diagnose a Phishing Email

All of us have received suspicious emails in our inbox.  Some of these messages can even fool our firewalls and anti-virus software.  It is very important that we know how to decipher these messages as a second line of defence from these security attackers.  In this post, we’ll show you what to look out for and how to protect your organization. 

Interested in a downloadable copy of this article? Click here.

An Example Of A Phishing Email:

1. Hover over from email address: John.Smith@abccompany.com

  • You can see what initially appears as an email address can be altered.  You need to hover over it to see the exact source. For example, it could actually be sent by hackeremail@differentdomain.com, rather than what it appears.
  • Ask yourself: is this email coming from a real sender?

2. Hover over the link: View project online link to see what the true URL link location is.

  • Ask yourself: is this is a trusted site?  Would the sender send me this email to direct me to another site? Is the domain trustworthy?

3. Be wary of links: “click here“, “your message is waiting“, “view project online“, these links are usually sending us to the outside world.  These links can be altered to read something other than the real link.  

4.  Main message – use common sense defensive questions: is this sender asking for money, passwords, or access, or viewing?  Would a real sender ask me this kind of message? (for example, if a phishing email is tailored well to have the Manager’s email address, would my Manager ask me to send him Bitcoins)?

How To Defend Against Phishing

  1. Spam filtering is the first line of defence. It will determine if the majority of the messages coming in are legitimate or not. If the email is well crafted it can fool spam filtering.

  2. If the email gets delivered to your inbox, then YOU are the second line of defence

    .
  3. If you mistakenly click an email or get sent to a site with malware, firewalls, anti-virus programs and a good IT team is your final defence.

If you do click on a link, a good firewall should be able to block the virus. The content would be blocked from being opened to your local machine.

Web filtering should also be enabled on your network. For example, if the link tries to take you to a website that is located in a suspicious country it should automatically be blocked.

A good Unified Threat Management (UTM) will determine if the source of the link is a good source or one that should be blocked.

It doesn’t matter if you have a very secure system in place. It only takes one untrained staff member to be fooled by a phishing attack. Make sure that both you and your staff understand the telltale signs of a phishing attempt.

How To Protect Your Business From Phishing Attacks

Download Free eBook

  • Learn what common tactics phishers use to trick employees
  • Learn what systems you can put in place to stop them before the inbox
  • Learn how you can protect your company today

Case Study: One of the Largest Theatre Companies in North America Needed More Than Managed Services

Client Profile

The Organization:

The Citadel Theatre is one of the largest not-for-profit theatres in North America, drawing over 130,000 patrons from a large geographic region. Their building features 5 performance spaces and  is home to three resident theatre companies: Catalyst TheatreRapid Fire Theatre, and Theatre Yes, in addition to creating partnerships with Edmonton theatre and dance companies, including Brian Webb Dance Co. and Firefly Theatre & Circus.

The Challenge:

When the Citadel came to us, they required much more than a typical managed services package. They needed to update the technology powering over 100 employees, implement a new network of digital signage throughout their facility, and introduce a company intranet to aid communications with staff, performers, and partners.

The Solution:

Due to the wide range of challenges the Citadel faced, we took a layered approach, rather than a one-size-fits-all solution.

Ticket Solutions – We sourced, installed, and trained the Citadel team on a new ticketing system that interfaced with website ecommerce, on-site printers, and financial systems

Staff Computers / Laptops – We provide desktop and laptop computers and service for over 100 employees 

Firewalls & Data Back-ups – We ensure employee data is secure and protected from hacking, phishing, data loss, and hardware failure

Customized Digital Signage – The Citadel team came to us with a challenge: they needed a new system of screens throughout their building to promote new performances, building announcements, and sponsor messaging. We sourced screens and developed a system to manage the screens centrally and within a user-friendly interface.

Day-to-day support – whenever a tech problem arises, our team is on site to help, day-in, day-out.

Mobile App / Light Intranet – The Citadel was looking to implement a company intranet to help communicate messages to employees, share internal events, book amenities, and coordinate company-wide news. We introduced them to our ARC Intercom system which was tailor-made to help groups of people, like organizations or communities, stay on the same page. Once they found out it could also save them thousands of dollars a year over competitive products, they jumped on board immediately!

In the ever-changing world of technology, solutions don’t always come in neat little packages. That’s why we’re here to help you find the best solution for your unique circumstances. We’re proud of our work at The Citadel, and we hope if you’re ever in Edmonton, you check out their excellent productions!

We’re here to help with your IT challenges. Contact us here and we can get started right away!

Why Your Company Needs An External IT Systems and Security Audit

Do you know if your firewall is up to date?

What about your network infrastructure? Ensuring that everything is current and secure takes up valuable time and resources. What you need is a clear picture of your existing technology environment, and where it should be, and a tech audit can provide that.

That’s why we offer a Free Tech Audit. Essentially, it’s an hour-long, on-site assessment of your environment. When you submit your request for an audit, we’ll contact you to set a date and time that’s convenient and give you a general idea of how the audit will be conducted. Then, one of our technicians will come on site to conduct the assessment.

The Process

While we do have a standard list of checks, our free tech audits are more personal and based on asking questions. We’ll start off with some basic ones to better understand your I.T. situation, such as:

  • Why did you request a free tech audit?
  • What are your current I.T. pain points/challenges?

Then, based on if your infrastructure is accessible, we’ll take a deeper approach and run through a list of specific audit questions to understand what your technology can handle. These include:

  • How many computers do you have?
  • How many servers and users do you have?
  • How old is your infrastructure?
  • Which applications and plugins do you use? Do you use any special software?
  • Are there any relevant policies or procedures we should be aware of?
  • Are there any relevant legal liabilities or government regulations we should be aware of?
  • Do you have a data backup process in place?
  • Do you have a disaster recovery process in place?
  • How detailed are your processes, and have they been tested?

After The Audit

Once the audit is complete, we’ll compile a report and series of recommendations based on our findings. Then, we’ll set up a meeting with you to go through the report. It’s important to us that you understand your current I.T. environment, and where it should be. Finally, we’ll put together a technology plan and proposal, and explain how they will address your I.T. problems. Simple as that.

You can think it over and decide whether our plan fits your needs. We won’t rush you. Contact us when you’re ready. The next step is up to you!

 

Are you interested in getting a free tech audit? Submit your request and get started today!