Whether karmic retribution over the minimum wage scandal, just another high-profile target chosen for its prestige or simply an opportunity to mess with a whole lot of half-awake people at the same time as they attempted to acquire their daily fix, somewhere between a hundred and a thousand Tim Hortons locations across the country were hit by a form of computer virus a couple of days ago. This one hit them right where it hurts – in the cash register. Literally.
According to the company, a substantial number of the chain’s Panasonic Point-Of-Sale systems were smacked with undisclosed malware, resulting in service delays and in some cases, the shutdown of entire restaurants. Sources say there was no threat to client data or other computer systems, but there are unconfirmed reports of lawsuits launched by the franchisees who argue their systems should have been better protected by the company’s IT support services.
Only time will reveal the amount of damage and lost productivity resulting from a major blip in the country’s primary caffeine supply chain.
Read more here.
It seems that being nice just isn't enough anymore. In today's world, sad as it may be, we need to be suspicious and cautious, especially when it comes to our digital presence. Of course, the open and friendly nature of the fine folks behind the firewalls helps define us as a culture and a nation, but the truth is, our shops, offices and industries face the same risks as even the most hard-hearted, cynical and mistrustful around the globe. Nice as we may be, we can no longer ignore the threats that loom large and threaten our privacy and security with every keystroke and finger swipe. I'm not saying this just to rattle cages or ramp up the fear factor - this is a reality.
Datto, a world leader in Backup and Disaster Recovery and Business Continuity technology has released its latest report on the state of Ransomware in the Canadian computer market. While this document is primarily targeted at service providers, it offers considerable insight into what's really going on and how this and related threats are impacting our livelihood and infrastructure. And they present it in the nicest way. We Canadians rub off on others, and that's a good thing. :0)
You can download the report here.
There is a new kind of very scary ransomware expected soon, which can do something that has not been done before, and the majority of folks who use cloud-based email services such as Office 365 do not have appropriate protections in place to recover from something like this.
Have a look at this video to see it in action, and ask for help to protect yourself today!
While patching related to the recent CPU vulnerabilities is critical, doing so on network devices is significantly lower in priority than with operating systems and computer CPUs themselves. Have a look at the article here for more information, and think about how you can prioritize patching your network systems.
You may have read in the press or seen our earlier announcement that it was recently discovered that practically all computer systems worldwide have a hardware bug called "Meltdown" and "Spectre". Hardware and software vendors have been working hard to create software patches to get around this problem and we are in the process to apply these patches on our whole network.
However, bad guys are using this major event to try to trick you into downloading malware that claims to be a patch for the "Meltdown" and "Spectre" hardware issue. Don't fall for it!
In the office, your IT partner or department will take care of all patching and will notify you about it. Do not act on any emails or popups that tell you to urgently update your computer. At the house, take the same precautions. Patches should only come from official sources like the manufacturer of your PC or the developers of your Operating System (Microsoft Windows or Apple Mac).
We sent out some warnings and advisories last week about Spectre and Meltdown, but we want to remind everyone again about some steps you can take to protect yourself.
Remember that the bad guys are also going to jump on this bandwagon with phishing attacks!
Here is a live phishing attack email, just picked from the wild:
For the most part protecting your network comes down to applying the many patches vendors have been rolling out since the bugs broke into public awareness.
There are three of these nasty bugs, and they essentially enable side-channel attacks and information theft as an unfortunate side effect of the chips having been engineered for speed and efficiency by performing speculative execution.
"Meltdown" (CVE-2017-5754) is a flaw that lets ordinary applications cross the security boundaries enforced at chip level to protect access the private contents of kernel memory. This bug has been found in Intel chips produced over the last decade.
The other two vulnerabilities are being called "Spectre" (CVE-2017-5753 and CVE-2017-5715), and these are more insidious and widespread, having been found in chips from AMD and ARM as well as Intel.
Spectre could enable an attacker to bypass isolation among different applications. Some early reports began to appear at the end of the first week in January, that Meltdown (at least) was being exploited in the wild.
It's also good to remember that an incident like this not only presents you with a challenge, but also with an opportunity to raise awareness and shore up your security.
Five things are worth noting:
- First, vendors are working quickly to roll out patches. Microsoft and Google did so last Thursday, and they're not alone. Patch quickly but with discretion: not all anti-virus programs are compatible with the updates.
- Second, your people may notice that some of the services they're accustomed to using seem to be moving more slowly. That may not be in their mind, and it may not be evidence of a problem, but rather a sign that those services, cloud providers in particular, are taking steps to mitigate the risk.
- Third, be alert for social engineering scams related to the bug announcements. These follow most major cyber incidents, and Meltdown and Spectre will be no different. Remind your employees of your patching policies and notification practices. Reinforce with your people that they're the last line of defense.
- Fourth, now that ARM and AMD processors are known to be afflicted with Spectre at least, remember that those chips are widely used in distributed, set-it-and-forget-it, Internet-of-things devices. The risk is likely to linger there longest.
- Fifth, the disclosure suggests a human problem. Google found the flaws last summer and vendors have been quietly working to prepare fixes since then. The news broke suddenly, and before fixes were entirely ready, because Google determined that someone, somewhere, had begun to leak the news.
The New York Times published an accessible overview of the issue here: https://www.nytimes.com/2018/01/04/technology/meltdown-spectre-questions.html?_r=0
Five Nines IT Solutions
1 (519) 893-3359
None. It's a hardware problem.
In response to the Meltdown and Spectre fiasco, Microsoft has been trying to stay on top of the recently discovered issues found in most mainstream processors from Intel, AMD and ARM. Now they've run into some snags and have backed off, stating that improperly documented features in the AMD offerings are hampering their efforts.
I must have dodged that bullet as I'm writing this on a six-year-old AMD-based PC. Has anyone out there run into issues in the last few days?
Read more here.