Our news page won’t only focus on technology. We will Let you know what products and special offers we have, and we will also share articles and information about the world of work and how people and technology can interact.

We hope you find some value here.

Three Ransomware Attacks Hit A Single Company In The Space
Of Two Weeks
(Connor Jones IT Pro Newsletter)

Three of the most prolific ransomware gangs currently in operation targeted the same company over a period of two weeks, according to cyber security researchers.

An unidentified automotive company was the victim of three separate ransomware attacks at the hands of LockBit, Hive, and AlphV – the latter sometimes referred to as BlackCat – almost simultaneously. 

Researchers from Sophos’ cross-operational cyber security task force X-Ops debuted the research at Black Hat 2022 Las Vegas this week after being called to investigate the incident in May 2022.

All three threat actors used the same entry point to initially gain access to the automotive company’s IT environment – abusing a misconfigured firewall rule that exposed remote desktop protocol (RDP) on a management server.

It’s the first time the security company has encountered a situation where as many as three ransomware attacks have hit the same company using the same entry point.

During the course of the investigation, Sophos’ Rapid Response team discovered RDP access had been established by an outside actor as far back as December 2021, despite the attacks all taking place in May 2022

SortedIT installs and manages a range of firewall solutions and  conducts regular staff training and cyber security briefing sessions for its clients and their staff.

We are available to help your company as well.

Contact us at:
sales@sortedit.co.za, or call 087 700 9912

Historically, managing teams was contingent on proximity. Without the ability to walk around and interact with employees face-to-face, many hybrid and remote managers were anxious about keeping tabs on output. Now we know that employee productivity has not dropped over the last two years,
despite management anxiety. In fact, according to a study from Stanford University, employees are actually more productive when they can utilize hybrid or remote work.

Special Offer From SortedIT

Computer components wear out and are subject to degradation over time, slowing the device down and causing data loss as the ability of the hard drive to store data deteriorates. For this reason and because times are tough, 

For Just R2999-00 (VAT Incl) SortedIT  Will:

  • Replace your current  hard drive with a 56 Mbps 500GB Solid State Hard Drive or a 1TB conventional hard drive
  • Give you an additional 4GB RAM
  • Re-Load and Update your Operating System, (Windows or Mac)
  • Give You an External USB3 Drive Enclosure for your Old Hard Drive (With your Old Hard Drive Installed).
  • Plus one free after sales support call

Terms and Conditions Apply
Contact Sales on 087 700 9912 (Office Hours)
Contact Support on 082 856 4399 (After Hours / Mobile)
Email: sales@sortedit.co.za

Images are for illustrative purposes only

 

Ransomware attacks are not something that happens to other companies anymore. Every business, no matter who they are and in which industry they operate is now a target. The following report extract from Fortinet sheds some light on the scope of the problem. 

Fortinet’s FortiGuard Labs 1H 2021 Global Threat Landscape Report and revolves around the currently-observed state of ransomware. According to the report, ransomware is increasingly being felt by more and more organizations:
⦁ The weekly average number of ransomware attacks detected in June of 2021 was more than 149,000. A year prior, it was only 14,000 – making an increase of 966%
⦁ Over one-third of businesses in the Automotive, MSSP, Government and Telecommunications industries and one-quarter nearly all other sectors experienced ransomware attacks
⦁ The report noted that “the key takeaway is that ransomware is a clear and present danger regardless of industry or size.”
This data not only corroborates previously observed increases this year in the number of ransomware attacks, but helps to substantiate the kinds of organizations (the Fortinet report list more than 20 industry verticals) that are consistently being targeted and – therefore – should be proactively putting protective measures in place.
Many thanks to KnowBefore and Fortinet.

SortedIT supplies, sets up and supports the iShield range of remotely monitored and managed firewalls, an essential first step in data protection.

Disgruntled (Former) IT Administrator

Last week we were called out to a new client. Users could no longer access their on-site server as all the user accounts had been disabled. The server administrator password had also been changed and no-one else on-site had administrator access. Apparently this was the action of a disgruntled former employee who also doubled as their IT administrator. While we were able to quickly resolve the password issue and restore user access, the incident highlighted the need for increased vigilance when it comes to data security and who has access to business critical data. The POPI act is all but a reality and companies are well advised to check their compliance status, especially when it comes to sensitive client and employee data.
For password recovery assistance and information on IT related POPIA matters, contact us on 27 87 700 9912 or email support@sortedit.co.za

A Data Centre Located Underwater? 

Here’s a novel idea. Put a data centre in a waterproof cylinder, render the environment inert (and cool) by pumping in nitrogen and then setting it up on the sea bed. Have a look.
https://news.microsoft.com/stories/360/?ocid=lock2
 

Data Storage, Networking and Computing in the (very) Near Future

We are generating exponentially more date every year and the storage media we use, the way we move this data around and the computing devices we use to manipulate that data have a finite life span. That there is a real possibility that years of accumulated data will be irretrievably lost in time is worth serious consideration. Microsoft seems to have a plan. Have a look.

Apply the 3-2-1 Rule When Backing up

The fire which destroyed a section of the OVH data center in France underscored the importance of maintaining an on-site back-up regimen. The 3-2-1 rule is this:
3 backup sets of the same data, 2 on premise stored on different media and 1 backup set in the cloud.
This article by the founder of OVH is worth reading.

        https://bit.ly/3eRYE8A

Cloud Data Centers Are Also Vulnerable

How to secure a remote workforce

Covid-19 forced many companies  to “work from home”. And while VPN and other collaborative technologies make this fairly easy to do, security risks multiply as a result because the home office is not nearly as secure as the office and whats more, companies can be held liable for data breaches that originate from their employees home offices (more info on risk to the employer is here)
This article from GFI provides advice on how to secure remote offices.
As always sortedIT can help with advice, end point protection and hardware that will enable company management to monitor all network traffic on the network. For more information, call 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.

VPN’s: Some aren’t as safe as you may think.

If you value privacy and want to ensure that your online business activity is secure there are some VPN’s that you should avoid.
A common myth is that free VPN’s are good enough, but the infrastructure and network services that they use need to be paid for somehow, often by selling user data and information. Here are two articles that all free VPN users should read.

For more information, call 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.

Firewalls – ever more necessary now

Ransomware and phishing attacks have risen sharply since the lockdown forced companies to send employees to work from home. By necessity, these employees need to VPN into on-premise and cloud servers and other resources to gain access to company and customer, client and patient data in order to do their work. While the VPN is “safe”, the home network is not and a malware infected home computer can provide a gateway for hackers to gain access to company servers and sensitive material.
And a company that does not have a firewall in place that can monitor and report on all network traffic won’t know that they have been compromised until too late. Managed Firewalls allow administrators to monitor and track data flows in and out of the network, giving them real-tie insight into employee and device activity.

For more information, call 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.

SortedIT Certified as an Essential Services Provider – Information and Communication Services

We are now able to provide on-site  IT/ICT support services to the business community – Home, Micro Enterprise, SMB and Corporate.

See the full range of our services by browsing to www.sortedit.co.za We can also be contacted on 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.

Clearance Certificate

Companies Can Be Held Liable For Data Breaches At Home Offices

Companies could be held liable if employees leak personal, private and/or confidential information while working from home. Employers need to ensure that remote workers can only access data that is pertinent to their job function and nothing else. That means that the VPN software they use must be capable of being configured to ensure that the employee can only access what they need to access and nothing else. Remember home offices are seldom security controlled.

For more information, call 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.

Malware and Home Office Networks – one of the risks of remote working

Research done by the security vendor Bitsight shows that 45% of corporate associated  home office networks contain malware.
And because devices on the home network VPN into the corporate network, the malware poses a distinct threat to data integrity, data security and could result in heavy penalties in the event of a data breach that exposes sensitive information.

For more information, call 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.

Remote Working

Due to lockdowns in place all over the world, nearly all companies that can, have employees working from home, And once businesses begin to realize that there could be cost benefits for them, remote working could become the new normal for many employees.

However, unless properly structured, remote working could be detrimental to efficiency at all levels. This “Blueprint for Remote Working” highlights the key considerations  for companies thinking of making remote working the norm.
For more information, call 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.

Covid-19 (RSA Government Portal)

We at SortedIT don’t believe that the world at large has any idea of how much Covid-19 has affected the world of work yet. One thing we do agree on is that the way we work and the way we are employed to do work, will change.

But what exactly is Covid-19 and how is it able to make people so desperately ill?

This informative video shows how the virus goes to work in our bodies.
The lockdown is there for a reason. No one is immune.

Zoom & Zoombombing

Zoom has become one of the most widely used collaboration applications world-wide.
However, it is no secret that Zoom has serious security issues which has led to a phenomenon called “ZoomBombing”

Well what is “Zoombombing”? This is when an uninvited person joins a Zoom meeting. This is usually done in an attempt to gain a few cheap laughs at the expense of the participants. To to the company’s credit, they are trying to address these security issues and we hope that they are successful.

In the meantime, click on the link alongside for tips on how to tighten up your security while using the application and for more information on “Zoombombing”

Half a Million Zoom Accounts Compromised by Credential Stuffing, Sold on Dark Web

It has been revealed that Zoom user records are circulating on the dark Web. The risk for many SME’s is that zoom is being used for remote conferencing and documents are transferred using this portal. User ID’s and possibly email addresses are also exchanged and this information can he used by hackers to send phishing emails hoping to compromise business systems and data.
We understand that Zoom are working to resolve their security issues and we hope they succeed. Until then, scroll to the bottom of this page. There is a link that shows which Zoom settings need to be changed to tighten security.

For more information, call For more information, call 087 700 9912 (office) or on 082 856 4399 or mail using our contact form and we will gladly assist.