The Law Society of Saskatchewan says it has recovered after a ransomware attack in April.
The organization's computer system was infected by a ransomware attack that encrypted its files, corrupted its operating system and rendered its IT environment inoperable around April 3.
The April attack was not connected to the current WannaCry ransomware outbreak which has affected 150 countries.
As a result, the Law Society said it had to completely rebuild its IT environment with increased security after the cyberattack. ensure they aren't vulnerable to a second, more powerful version of the malicious software, dubbed "WannaCry."
Read the full CBC news article:
A hospital in Oshawa is among the tens of thousands of victims of an unprecedented "ransomware" cyberattack that's hit 150 countries in recent days. Lakeridge Health — one of Ontario's largest community hospitals — said it appeared the ransomware threatened its computer system, but a spokesman said the facility's system was able to deflect the attack.
"Our antivirus software contained the attack and so while we've had to reset some of our systems we weren't affected in the same way that other places were," said Lloyd Rang. "Patient care wasn't affected and neither were any medical records or health records breached in any way."
Read the full CBC news story:
Also posted on LinkedIn
As the recent event at the University of Calgary makes clear, ransomware is big business for organized crime. Low startup costs, big returns. Regardless the size of your business, you need a proactive strategy to protect yourself.
Do not for a moment think you are not a target, prepare for the worst. I have seen a number of businesses be attacked, no pattern, no reason, their number just came up.
A modern and well managed commercial UTM firewall, SPAM filter and Antivirus solution are a start, but rarely prevents this type of attack as you or your staff actively "invite" it in. Most businesses lack the rigid workstation lockdown policies and strong file share security to prevent an attack such as this from spreading. How tight are your policies and are they being followed? Who is making sure?
The best protection is a powerful and tested backup and disaster recovery solution coupled with an effective and practiced business continuity plan. If any of these terms are foreign to you, or you have any doubts AT ALL about your solution, now is the time to take action, once hit, it is too late and that hit could occur tonight, tomorrow, or at any time.
The alternative? A great Bitcoin account and lots of luck.
Photo Attribution: "Cryptolocker ransomware" (CC BY-SA 2.0) by christiaan_008
Going over the pros and cons of internal IT vs. outsourced services to support your computers and information technology? This is a difficult task as there are a number of factors that must be weighed when deciding which path to take on this important journey. Business size, growth, workflow, complexity of your IT infrastructure, the cost of down time and more must all be considered. With over 10 years selling computer support and managed services, I have gained some insight that I hope will help with your decision.
Let's look at the simplest scenario first. You are a new venture or a business that currently has no dedicated internal IT staff and are considering bringing someone on-board. In such a situation, I would strongly suggest you outsource to a managed services provider (MSP). Advertising, interviewing and selecting a staff member, when coupled with your time, employee overhead and other HR and training related expenses can be better spent elsewhere. Leveraging external expertise to help map out an IT plan and methods to effectively adopt Cloud technologies is a great way to ensure success.
Google “Managed Service Provider Toronto” substituting your town or city for Toronto. You should end up with 2 or more local MSP options to consider. Invite them in to do an assessment or audit, interview them as you would a potential hire and insist on a probationary period of 3-4 months when negotiating a contract with the one you choose. An effective provider will leverage technology to maintain your systems, provide fast and effective support and keep you informed with monthly reports of activity, ask them about this. Outsourcing will generally cost less than equivalent in-house resources and will effectively provide expertise and breadth of capabilities, with and added benefit of no training, sick or vacation leave.
What if you have in-house resources that are not performing to their maximum potential? There are many factors that can contribute to this, rapid growth, technology changes or lack of time for professional development and upgrading. While outsourcing is an option if the resource is not capable, in many cases, it is not an issue of skill, but instead a workload problem. In-house resources have the benefit of knowing your staff, workflow and systems in great detail, this is an advantage over an MSP. What they often lack is the technology MSP’s rely heavily on for success, the heart of any provider, namely a remote management and monitoring platform (RMM).
RMM systems allow for proactive maintenance and automation to reduce the risk of down time, lost productivity and security breaches due to poorly maintained systems. When coupled with an effective service desk tool to capture, schedule and track issues, an RMM can drastically reduce your team’s workload, help ensure systems are up to date and secure, allowing your team to focus on improvement projects that drive your business forward. Provided with an effective toolbox, your in-house team will have the same technological advantage as an MSP. Be careful however, cobbled together do-it-yourself solutions often fail due to improper configuration or lack of time to correctly deploy and optimize the platform.
In conclusion, effective IT support is critical for continued success and to meet business goals or objectives. There are many factors to consider and deciding on a direction can be difficult as it usually involves change to the status-quo. Reliable, secure, well maintained IT infrastructure and timely user support are important for continued success, critical if your business is growing. Regardless the direction you opt to move, outsourcing to an MSP or better enabling your in-house resources, the key to success rests upon effective, proven technology which should always include a monitoring and management platform.
Also shared on our Linkedin company page.
Photo attribution: "support technicians at work" (CC BY 2.0) by ukCWCS
I receive many questions about privacy and compliance as it relates to computer support. The following article on LinkedIn by Waël Hassan, PhD. does a great job of outlining what is required and expected of a business that deals with personal health information. He has a number of security related blogs that also may be of interest to business owners and IT personnel alike.
Does Privacy Compliance Translate Across Borders? Comparing HIPAA and PHIPA