A three bullet summary of your current e-mail threats

Proofpoint Threat Operations and Research recently published their quarterly threat report for July - September 2016, which includes key findings such as: 

  • Volume of malicious emails rose to their highest levels ever
    New campaigns bearing varied attachment types broke volume records set in Q2, peaking at hundreds of millions of messages per day. JavaScript attachments continued to lead these very large email campaigns, growing 69% this quarter.
  • Ransomware variants grew tenfold
    In particular, 97% of messages with malicious document attachments featured the popular ransomware strain Locky, while CryptXXX was the dominant ransomware delivered by exploit kit (EK).

Download the full report. Please let us know if you have any questions related to this report or how Alvaka Networks can protect your people and data from attacks.

A three bullet summary of your current e-mail threats2016-10-24T13:44:00-07:00

The coming of the Strategic Service Provider

Orange County, CA - Robert Faletra, CEO of The Channel Company, which publishes CRN, said the evolution toward the Strategic Service Provider model marks the fourth major shift in channel nomenclature since the publication's founding in 1982. When the channel was born its constituents were known as Resellers, a business model CRN declared essentially dead in 1990 in favor of VARs (value-added resellers). VARs evolved into Solution Providers, a term that incorporates both Managed Service Providers (MSPs) and Cloud Service Providers (CSPs). And now CRN heralds the dawn of the Strategic Service Provider era.”

That is what Steven Burke wrote recently in a story titled, The New Channel Model: Rise Of The Strategic Service Provider.

What is the “channel” and who is CRN? The channel is a term coined long ago by the folks at computer industry publication CRN back in the early 1980s when they were known as Computer Reseller News. The channel, as it is known, is the group of players that brings to you, the end-user, all the PCs, servers, monitors, Microsoft Windows, Adobe products, network cables, printers, scanners, et al that you buy constantly. The channel is your computer dealer and the...

The coming of the Strategic Service Provider2016-06-15T23:27:37-07:00

What is it like to upgrade to Windows 10?

I finally got around to upgrading my Lenovo notebook from Windows 8.1 to Windows 10. I can tell you in short it was a relatively fast and easy upgrade. My Lenovo is fairly quick and I have all solid state drive storage so that probably helped make things go fast.

Here is how my upgrade went:

  • I did the pre-download option of Windows 10 so all the files were already on my system when I started the upgrade.
  • Once launched the Lenovo ran for about five minutes with a green screen of...
What is it like to upgrade to Windows 10?2019-05-14T07:29:29-07:00

Be Ransomware Aware

Educate your users - Don’t let them be tricked into downloading malware

 Everyone should follow this advice:

  1. Be very cautious when opening an attachment or clicking a link in an email, instant message, or post on social networks (like Facebook)—even if you know the sender. If you are suspicious, call to ask the sender if they sent it.  If not, delete it.
  2. The attack can look like it is from an official sources like banks, UPS, FedEx, USPS, eFax, etc. This has been the most common attack method to date.
  3. If an e-mail gets blocked and quarantined by your spam filter...
Be Ransomware Aware2016-02-29T22:28:51-08:00

I Am a Non-Technical Executive: What Seven Things Should I Be Asking My IT Guys About IT Security?

Irvine, CA - Overseeing IT and security is a daunting task, even if you are an IT professional. If you are an executive to whom IT reports, then the task becomes near impossible. The list of following questions is designed to empower you to have a meaningful discussion with your IT team so you can be an informed and responsible manager pursuing your due diligence role in protecting the assets of your firm. If you are an IT professional, these are questions you should be prepared to answer.

1.       Q. When did we last do a risk assessment? Please share that document with me. I would particularly like to see the Risk Assessment Table.

A.      Make sure your IT team is periodically assessing the risks to your IT systems.  They should be recommending upgrades and new solutions for you from time-to-time, and you should be listening.  They need to be able to express the threat in operational and economic terms in order to justify the expenditure.  If your team can’t give you a clear and coherent answer on when and how they last did this, send them off with a task and a deadline.

2.       Q. When did we last do a Vulnerability Scan? What were the results of that scan? I would like to see the report.  Who did the remediation? When is our next scan planned?...

I Am a Non-Technical Executive: What Seven Things Should I Be Asking My IT Guys About IT Security?2021-01-28T18:23:01-08:00

New Virulent, Wide-Spread and Expensive Ransomware Outbreak Coming to You Soon

Orange County, CA - We have seen a surge in ransomware attacks in the past week.  While only two Alvaka clients have gotten hit, they are a tale of different system administration acumen. 

1.  A multi-state firm got hit with the latest breed of ransomware on Friday.  Where an otherwise non-event for the most part went wrong was that a key user insisted on having elevated administrative rights for their IT infrastructure.  Instead of using a regular user account, with very limited user rights for day-to-day activities, this more powerful account, when struck by the ransomware, infected all the important file shares of the firm, including the branch location file stores.  Fortunately they had good backups, but because of poor folder naming conventions and structures it took the guys in our Alvaka Networks’ Network Operations Center about 28 hours straight to get all the user permissions back in order for client to get back to work.  The lack of least-permissions as used by this client goes in direct opposition to what we recommend at Alvaka.  Least-permissions is the practice of using accounts that grant the user to only the locations on the network for which they have a business need to access.

2.  In another example, that struck today, a $200m manufacturer/distributor got hit by the same ransomware.  This time it was a Jr executive.  He saw some problems with his system, but did not report the problem not knowing what it was and went home.  The problem was detected after he left, but the outcome was very different than the prior scenario.  Why?  Because this user only...

New Virulent, Wide-Spread and Expensive Ransomware Outbreak Coming to You Soon2024-03-14T00:20:41-07:00

Where’s the Beef?

Irvine - I want to let everyone know that we are embarking on some new messaging at Alvaka Networks.  Our new home page (www.alvaka.net) features some new messaging and calls-to-action centered on statements that are common amongst our new clientele followed-up with the phrase “What do I do now?”

This new marketing effort has its genesis in our new marketing consultant, John Pietro.  You won’t recognize Pietro’s name, but you will recognize his work.  He is most famous for his Wendy’s “Where’s the beef?” campaign.  His work is not limited to that one campaign, but is likely his most famous and arguably the most famous, memorable and successful campaign in fast food history.  How is coaching will serve us in the tech services business remains to be seen, but I like where he is taking us....

Where’s the Beef?2016-02-10T01:03:52-08:00

Could Your Computer Breach Have Lasted Three Years?

Irvine, CA - Juniper had a flaw in their networking equipment that may have allowed breaches in government networks for as long as three years.  I would presume the same risk applies to Juniper users in private enterprises as well.The [...]

Could Your Computer Breach Have Lasted Three Years?2015-12-19T03:24:37-08:00

You’re the Non-technical Boss with Responsibility for the Network…

How do you know your most important functions of your network are working?  How do you manage technical people whose work you don’t fully understand?  This week I have seven simple questions to ask and I provide you some tips on what answers you should expect.

Backup and Disaster Recovery is one of the most important functions in Information Technology management to assure the future viability of your firm.  But backup and DR is a function you don’t really know is working until you really need it and that is not the time to find out it is not working as planned.  My recommendation is that you bring this topic up in your next meeting with your IT team.  Here are the questions I suggest you ask:

1.       How is our backup system running?  (Let your IT person talk.  Be patient and don’t interrupt.  Let them tell you all they can.)

2.       Are we getting any error messages from the backups? (Error messages are not....

You’re the Non-technical Boss with Responsibility for the Network…2015-10-07T22:13:17-07:00