What You Need to Know About Ransomware

There have been several outbreaks of “ransomware” over the past few months. This type of malware will encrypt all of your files, and then prompt you to send payment electronically to get your files back — holding them for ransom. The sources of these attacks are hard to track down, so if someone can successfully get their attack out there, they stand to make a fair amount of money. For that reason, I don’t expect that we’ll see an end to ransomware anytime soon.

The systems that are most vulnerable to these attacks are running older versions of Windows that haven’t been updated with all the security updates that Microsoft has sent out. There are a surprising number of these systems out there, in organizations that have chosen not to update, primarily because of the cost of maintenance.

Even though newer versions of Windows (Windows 8 and 10, specifically) are less likely to get infected by the recent ransomware, it’s extremely likely that someone out there is trying to find a new weakness in all the popular computer operating systems — both Windows and Mac — to exploit for this purpose.  If there’s money to be made, someone is going to try.

With that in mind, I’d like to suggest three things that can help protect your computers from these kinds of attacks. They’re not new ideas, and they’re not just related to ransomware protection, but if you haven’t given them some attention in a while, it’s time to do so.

System updates

Microsoft sends out regular updates to Windows via Windows Update, and it’s important that you make sure your system is set to download them, and either automatically install them, or notify you that it is ready to install them. Here is a short “how-to” on setting up Windows update.

Apple also updates macOS (or Mac OS X, prior to the “Sierra” version), and your computer can automatically download it, but it will always notify you when updates are available, so you can plan when to install them. Here’s a quick cheat-sheet on how to set it up.

Protect your system with antivirus/antimalware software

Built in to Windows 8 and 10 is Windows Defender, and while it’s nice to have a good free solution from the folks who make the operating system, I don’t think it’s good enough to be used by itself. But for that matter, I don’t think any antivirus program is. You need one antivirus program that is running all the time, watching your system for problems. Then you need a second one that you will use periodically to catch anything that might have gotten by the first one.

If you need to save money, get the free version of AVG antivirus; if you want great antivirus software, I recommend ESET Antivirus. And in either case, get the free MalwareBytes, and use it to scan your computer every week or so.

While Macs are far less likely to get viruses (for several reasons I won’t go into here), it’s not true that they never get infected by malware of various kinds. It’s worth your time to at the VERY LEAST, get the Mac version of MalwareBytes and use it on a weekly basis to make sure your system isn’t compromised. To make sure you have full-time protection, there is a free version of AVG for Mac, and ESET Antivirus is also available, for a great product, with excellent support.

Get your backups in order

Backups are insurance against the failure of your computers or their storage devices. Computers DO crash, and hard drives DO fail. Backing up your data makes copies in more than one location, so that when a crash happens, you can get your data back.

For Windows computers, use File History to actively back up files as they change. You connect an external drive or a network drive, and then set Windows File History to use a folder on that drive to keep your backups.

On Mac computers, use Time Machine to backup to an external drive or network location. Time Machine takes periodic snapshots of your files, keeping track of changed files as you go.

If you have several computers in an office, you can use a Network-Attached Storage device, or NAS, to create a location where everyone keeps their data files. Then you attach a large external drive to the NAS for local backups of that data. Synology makes their DiskStation line of NAS devices, and they work great as office file servers and as destinations for both File History and Time Machine, as well.

So that takes care of backing up locally, but you really need to have another copy of all of your files in another physical location, so that if your home or office has a disaster, your data is still safe. This is where “the cloud” comes into play. There are several great ways to back everything up to the cloud, whether your data is on a Mac, a Windows PC, or a NAS. Backblaze is one of the leading cloud backup services, and their technology can’t be beat.

It’s also important to know how to get your data back when you need to. Whatever system you use, get familiar with the process of restoring your data. And then periodically restore some data, so you can make sure the backups are doing what they’re supposed to.


What’s your strategy?


Do you have other ways that you protect your data, and keep your technology safe? Whether it’s for business or individual use, feel free to share it with me, or ask questions about any tech-related issue. Use the “Contact Me” link on this page to let me know.

Make a Backup Plan!

Happy New Year! Make a resolution to keep your data safe this year, by putting a good backup system into place! Here are some common backup mistakes I’ve run into:

1. You have no backup at all. Hard drives don’t last forever, and if you have any files (important documents, pictures, videos) you don’t want to lose, a dead drive can mean a total loss of those files.
2. Your external backup drive is plugged in, but no backup process is running. Just plugging in the drive isn’t enough.
3. Your backup software seems to be running, but you’ve never checked to see if it’s actually backing things up. Every now and then, try restoring something from your backup, just to make sure.
4. Your backup software is backing files up onto your primary hard drive. Not only does that fill up your hard drive with backup copies, but if the drive dies, both the original and the copies could be gone!
5. Only backing up locally. It’s a good idea to either swap backup drives with a friend from time to time, or use an online backup service, so that your data doesn’t just exist in one location.

If you need help figuring out what to do about backups, contact me via my website at http://www.castleitservices.net for a FREE system assessment.

The Next Windows

Screen Shot 09-30-14 at 03.48 PM

Today, Microsoft started showing off the next version of Windows, and they’ve decided to jump from Windows 8 to Windows 10. I guess 9 is the loneliest number this time. Are they skipping a number to try and get some distance from Windows 8? Do they not want Windows to be thought of as “odd” or “square?” (Get it?)

The numbering scheme is probably a marketing decision. Terry Myerson, the executive VP of Microsoft’s Operating Systems group, was quoted as saying “Because we’re not building an incremental product, the name will be Windows 10.”

Sorry, Mr. Myerson, but it IS an incremental product. Lots of neat things in it, sure, but it’s still built upon, and improving on, stuff we’ve seen before.

So what’s new about Windows 10?

BN-EU230_WIN10S_G_20140930151727The Start Menu is back – for real, this time. Windows 8.1 Update 1 has a Start Button, but it just takes you to the Start Screen. Windows 10 has brought back the basics of the Windows XP/7 Start Menu, and has also folded in the Live Tiles feature of the Windows 8 Start Screen. It’s not a bad idea: You can bring up all of those spiffy, updating tiles, without having to depend on them to launch your programs.

One possible downside I see to this is that it might delay opening the Start Menu, if your computer also has to display all of that extra stuff when you just want to run a program you have pinned to the Start Menu, or open the My Computer window. We’ll have to see how this runs, once the preview version of Win10 is available.

The full-screen, “Windows Store apps” that came along with Windows 8 will now run inside of windows, just like programs have done for a couple of decades. Instead of taking over your whole screen, you can size them down, move them around, and easily move between apps. I imagine you’ll still be able to maximize these windows, so you can go into full screen mode when you want to.

Microsoft is also adding a feature that some folks have been clamoring for – multiple desktops. This lets you keep from having a huge pile of overlapping windows on your screen, by letting you put individual programs or folder windows into focus, and hiding all everything else. For instance, you might have one desktop with only Outlook open, and another with only Firefox, and another with your Documents and Pictures folders, and another with only Microsoft Word and Excel.

tech-preview_virtual-desktop-500x281Multiple desktops is also tied into some changes in the way you switch between programs. While the long-standing Alt-Tab keyboard shortcut to change programs still remains, it will be taken up a notch, by giving you small previews of all your open windows across your different desktops. You’ll be able to drag windows from one desktop to another, and even to a new desktop.

Today’s announcement didn’t tell us everything about Windows 10, but it gave us a look at what to expect. Tech enthusiasts were invited to download and start trying out a preview version, and I expect that we’ll hear a lot from them over the coming weeks. In the meantime, if you’ve been avoiding Windows 8, you’ll have to keep nursing your Windows 7 system along for a while; Windows 10 isn’t expected to be released until well into 2015.

Passwords – The Smart Way

The recent Heartbleed bug has made everyone think about their passwords for different Internet sites, and while a lot of the tech news folks are in a lather about the ins and outs of password management, most of the folks I talk to just want to keep their information safe, while not adding too much work to be able to get to their information. Unfortunately, not doing anything and hoping for the best isn’t a good approach. So let’s take a few minutes to talk about a smart approach to your passwords.

RECOMMENDATION 1: Create different passwords for every site you use, especially on sites that hold important financial and personal information.

Using the same password for everything is a REALLY BAD plan. The ONLY thing that’s good about it is that it makes it easy for you to remember it. However, that’s small comfort if someone else gets hold of it. Since many popular websites use your email address as your account name, if you use the same password to read your email as you do for those sites, it makes it that much easier for a hacker to jump from your email to those sites. So take some time and create unique passwords for each site.

RECOMMENDATION 2: Create strong passwords

It’s also not a good idea to use simple passwords, with just a single word, or a string of numbers. Some hackers will use “brute-force” attacks to try and guess passwords, trying random combinations of letters or numbers. The more complex your password is, the harder it is to break. Complex passwords will have both upper- and lower-case letters, as well as some numbers, and perhaps a special character, like a dash, an exclamation point, or and ampersand. One common suggestion is to use three unrelated words, and separate them with a number or a punctuation mark (for instance “below!paper9mango”). This make the password somewhat more memorable for you, but less likely to be figured out by a hacker.

RECOMMENDATION 3: Periodically change your passwords

In order to keep malicious hackers from having an easy time of it, don’t let your passwords stay the same forever. From time to time, change the passwords for the sites you use most, and which have the most critical information — especially financial information. Pick a cycle — monthly, quarterly, annually, when Daylight Savings starts and stops, and generate new passwords.

RECOMMENDATION 4: Use a good password manager

You may have your passwords saved by your web browser, so it automatically fills it in on some websites. That has some value, but if your computer has problems, and you don’t keep track of your passwords elsewhere, then you may have trouble accessing your information. Keep track of your passwords using a password manager program, like 1Password, LastPass, or RoboForm. These programs store your login information for all your websites, and can also store other bits of info, like PIN codes, alarm codes, bank account numbers, etc. They protect your information with a password; essentially you only have to remember that one main password to unlock your list of all your other passwords. These programs can then fill in your login information as you go around the Internet. These programs also have features that will generate new passwords for you, and they can be as random and complex as you like.

If that’s not your style, you can put your unique, complex, and frequently-changed passwords into a notebook, as long as you keep that notebook in a safe place. It’s not very high-tech, I know, but for some people, it’s the most reasonable way to implement the first three recommendations above.

Questions? Feel free to contact me, using the form here on this page.