Published January 20, 2023
New River Computing recently hosted a panel discussion on security and cyber liability featuring the following panelists:
The panel was moderated by Jeff Nosenzo - Vice President of Brown Insurance.
If you missed out on the panel or want to revisit it, you can check it out in the video above!
Published February 05, 2021
Many recent news reports have come out regarding a massive hack of the Solarwinds Orion IT asset management system. This compromise is unprecedented in scale and reach, and the fallout from it will reverberate throughout the IT industry for years.
Solarwinds Orion is one of many IT asset management systems (New River Computing uses one called Connectwise Automate). This software is great for managing a large number of IT systems, with the ability to provide security updates, monitoring, and many other functions from a single console, with the click of a mouse. These abilities make it an ideal target for a malicious actor – By owning a software system such as this, the bad actor in turn owns every company or agency that uses the software.
Solarwinds Orion was hacked from the inside, most likely because of poor security practices at the Solarwinds company. Once the hackers had the ability to change the Orion software, they added backdoor code to it that was then distributed to Orion customers, allowing the bad actors access to every network that uses this management tool.
Starting in March, as many as 18,000 companies and government agencies downloaded the malicious software – 425 of the Fortune 500 companies, 10 top US telecoms, the Pentagon, Departments of State and Treasury, and many others. This malicious backdoor software remained undetected for months, allowing the bad actors access to the infected network resources, data, and almost anything on a network that you can imagine. The backdoor code is so stealthy that many organizations may not ever know that they were compromised.
The attack was almost certainly perpetrated by a government – Russia, China, and the US all have the capabilities to achieve an attack like this, as well as many other state actors. This attack will have long lasting impacts, taking years to clean up, and changing IT management behavior.
Luckily, New River Computing did not use any Solarwinds software, and so we and our clients were not affected by this attack. Early in 2020, however, New River Computing looked around and realized that security was the top priority for our internal resources. The IT industry as a whole has spent the last few years improving efficiency of and driving down costs for rigorous asset management. But Security has been lagging behind, as evidenced by this attack. New River Computing will be spending 2021 and beyond improving access to top-notch security tools and techniques.
Please feel free to reach out if you have any questions.
Published April 11, 2016
Have you ever been tempted to try to acquire expensive software without paying for it? It turns out that &quto;free" software can be more expensive than one might think!
Take Photoshop for example: Subscribers can sign up and start using Photoshop for as little as $10, a far cry from the high upfront cost that it used to be, in the range of $600+. Adobe’s move to this subscription model makes it easy for aspiring artists or even amateur photographers to use the professional software at a reasonable cost.
Don’t want to pay? Cracked versions of Photoshop are illegal, and trying to obtain them can lead to more than just legal trouble. A Google search for "Photoshop crack," "Photoshop key," or similar keywords can yield a wide array of results. It’s possible that some of these results will actually lead to a download of Photoshop. However, many of them can lead to pages full of malware, viruses, or worse.
When searching for a "free" version of copyright protected information or product, there is a high probability of coming across websites that are less than trustworthy. Often times, these sites have malicious advertisements or pop-ups that are created to harm the computer and the entire network that is connected to it.
New River Computing has seen quite a few “ransomware” infections in recent weeks as a result of Flash ads from searches, malicious email links, and more. Here’s an example of what can go wrong:
We received a call about some files not being accessible. Our engineers connected to the server and immediately noticed the issue—all of the client’s files had been encrypted by a malicious virus. Our team jumped into action right away and disabled access to the server to stop the encryption process. The next step was to identify the infected computer. After a bit of digging, the computer was identified and steps were taken to determine how it became infected. By stepping through the web browser’s search history, several sites associated with free software were identified. Many of these sites contained pop-ups and Flash-based ads. It was eventually determined that the infection came from a compromised Flash ad stream.
Here’s how the virus works:
After all is said and done, several engineers worked simultaneously in order to regain control and scrub the network, adding up to about 11 hours, with the cleanup cost totaling around $1500. Comparing the costs of a virus remediation vs the costs of paying for Adobe Photoshop: For the same price as the infection cleanups, the user could have had the full Photoshop subscription for 30 months (2 ½ Years) or just the photography suite for 150 months (or 12 ½ years.).
We should note that we were able to restore all files that had been encrypted, because there was a complete and current backup.
As Robert H. Heinlein once said, "TANSTAAFL!" (There ain’t no such thing as a free lunch.)
Published October 05, 2015
Supreme Systems IT put together this infographic about the “most destructive” computer viruses of all-time. It gives a broad overview and history of computer viruses and malicious software.
Published January 07, 2013
**ATTENTION**: If you are a current New River Computing client covered under our RMM Service Plan, you need not worry about this vulnerability. We have automatically deployed the fix to your computers.
Recently, there has been an Internet Explorer (zero-day) remote code execution vulnerability found being exploited in the wild which affects IE 8, as well as IE 6 & 7. Current exploitation is limited but it’s almost certain that a reliable exploit will soon find its way into at least one (if not all) of the many popular exploit kits being used by online criminals.
Microsoft Security Advisory (2794220 )
IE 9 & 10 are not vulnerable, so Windows 7 and 8 users are safe. However, users of the old (and almost obsolete) operating system Windows XP, need to take action since IE 9 & 10 are not supported. If you’re still using XP, it would be wise to install an additional browser such as Mozilla Firefox or Google Chrome. But, if that isn’t an option, Microsoft has a Fix it tool available.
For more details, head on over to Microsoft’s Security Research & Defense blog: Microsoft “Fix it” available for Internet Explorer 6, 7, and 8 . Hopefully this vulnerability will be patched tomorrow (January 8th) during Microsoft’s regularly scheduled update cycle.