Cybercriminals recently used Ryuk ransomware to collect at least $640,000 in Bitcoin from global organizations over a two-week span, according to master MSSP Perch Security.
Perch, backed by ConnectWise and Fishtech Group, develops various monitoring and early warning systems to help channel partners minimize security threats facing their end-customers.
Hackers launched a Ryuk ransomware campaign against global organizations in August, Perch indicated. They used network mapping, network compromise and credential theft in conjunction with Ryuk ransomware to encrypt victims’ PCs and storage and data centers and demanded Bitcoin ransoms.
Ryuk is used “exclusively for tailored attacks,” network and endpoint security software provider Check Point Software Technologies stated. It ensures that crucial assets and resources are infected in a targeted network; meanwhile, cybercriminals carry out the ransomware’s infection and distribution.
During a Ryuk attack, the ransomware sweeps every drive and network across a victim’s system, Check Point said. It then encrypts every system file and directory except for any file or directory that contains text from a hardcoded whitelist.
Cybercriminals have used multiple versions of ransom notes during Ryuk campaigns, according to Check Point. The highest recorded payment to date from a Ryuk attack was 50 Bitcoin (approximately $320,000), and other Ryuk attacks have resulted in ransom payments that range between 15 and 35 Bitcoin (up to $224,000).
How to Address Ryuk Ransomware Attacks
Cybercriminals have already used Ryuk to launch successful ransomware attacks against global organizations. As such, they likely will continue to use Ryuk to deploy ransomware attacks in the foreseeable future.
Perch offered the following recommendations to mitigate Ryuk ransomware attacks:
- Use an intrusion detection system (IDS) to monitor all network communications.
- Deploy email filtration technologies to identify malicious email attachments.
- Leverage file integrity monitoring (FIM) tools to identify downloaded executables related to Ryuk and other ransomware attacks.
- Use security monitoring tools.
The number of ransomware attacks tripled across all industries in 2017, according to artificial intelligence-based advanced threat prevention solutions provider Cylance. However, MSSPs can help organizations identify and address Ryuk and other ransomware attacks.
How Can MSSPs Help Organizations Address Ransomware Attacks?
MSSPs can help organizations address ransomware attacks and other cyber threats in several ways, including:
- Develop and launch an employee training program. Help an organization develop and launch a cybersecurity training program that teaches its employees how to identify cyber threats and limit their impact.
- Safeguard critical data against insider threats. Offer data security and identity and access management (IAM) solutions to help an organization protect its sensitive data and manage user access.
- Provide threat intelligence. Deliver threat intelligence in conjunction with unstructured data from blogs, websites and other relevant sources to help an organization evaluate security incidents.
- Implement an incident response plan. Help an organization create and deploy an incident response plan and update this strategy regularly.
MSSPs can help organizations minimize the risks associated with ransomware and other cyber threats. If you would like to protect your organization from ransomware contact us today.
Original post by: Dan Kobialka
You launch a major project at work, complete a complex task on deadline, or find a solution to an ongoing problem, but none of those accomplishments feel quite as rewarding as that rare moment when your email inbox is empty.
There’s good news: achieving Inbox Zero doesn’t have to be a rare occurrence. Take advantage of these sometimes-overlooked features in Outlook 365 to better organize your emails and start focusing on more important tasks.
1. Move Complex and Non-Critical Emails Into a To-Do Folder
In Outlook 365, you can create a structure of folders for organizing emails. Many people use the folder structure for archiving emails, but folders are also a great way to manage incoming emails as tasks and get them out of your inbox view. We’re going to use these folders to do email triage, organize the messy inbox, and overcome email overload.
To do this, create three new folders under your inbox folder. The first is a “To Do” folder, and the second and third are subfolders called “Follow Up” and “Someday.” These loosely follow the Getting Things Done® or GTD® methodology of organizing tasks.
To create these folders:
- Right-click your “Inbox” folder, and select “New Folder.”
- Title the first folder “To Do.”
- Click the arrow next to the Inbox folder to view your new To-Do folder.
- Right-click the To-Do folder, select new folder, and name this folder “Someday.”
- Repeat to create a “Follow Up” subfolder under the To-Do folder.
Now you have four folders for incoming emails, and you can use all four to manage your tasks and keep your inbox clear.
When new emails arrive, move them to the appropriate folder:
Inbox – The only emails that stay in your inbox are those that you should answer immediately. They’re either urgent or can be handled quickly (in three minutes or less).
To Do – Drag non-urgent emails and emails that will require more than a three-minute response into your to-do folder. You’ll follow up on these items later, but moving them immediately keeps your inbox empty while you process the emails.
Follow Up – Move emails to this folder that are put on hold. Things like replies you’re waiting to get or tasks that you’ve delegated.
Someday – Some emails don’t require a response. Instead, they’re things you’d like read/review one day when you have time. Drag those into the someday folder to review at some point in the future when work slows down and you need something to do. This might be the equivalent of an Archive folder, but you can use it for items that you’ll need to quickly access in the next few weeks.
After processing your email, schedule time on your calendar every day to review and handle the items in your to-do folder. This method has three benefits:
First, it keeps your inbox clear, allowing you to achieve inbox zero and avoid getting overwhelmed by a cluttered inbox. New emails that come in at a steady stream don’t get mixed up with existing emails you’ve already read, pushing all the important emails down.
Second, your emails are better organized! You have a set place to go now for emails that need your attention—just as many folders as you need to stay on top of your email, but no more than you need. Instead of creating countless folders (for different projects, clients, or other categories), you have just four to work with.
Third—and perhaps best of all—it allows you to manage your time better throughout the day, focusing on important tasks instead of getting distracted by constant email questions and requests.
2. Use Outlook’s Task List Instead of Clogging Your inbox
Some emails don’t require an immediate response, but they do need to be handled before the time you have scheduled to review items in your to-do folder. These items can still be moved to your to-do folder so they’re not clogging your inbox, but you’ll want to make sure that you have a reminder to take care of them before a deadline.
Create a reminder by adding these emails to Outlook’s task list:
- Drag the email and drop it on Outlook’s task list icon.
- Add a due date and set a date and time to receive a reminder. Save the task.
You can now hover your cursor over the task list icon to see a quick view of your task list, organized by due date. Click on the task list icon to open your to-do list and review the respective tasks.
If you set a reminder, the task will pop up like a meeting reminder at the specified time.
Once the task is complete, mark it as such to remove the task from your to-do list. Open the task by double-clicking it, and click the “Mark Complete” button—or just press the
Insert key to quickly mark the item complete.
Outlook’s task list is also useful if you’re in the habit of copying yourself on emails as a reminder to follow up, or if you’re emailing someone who is prone to ignoring your requests. Instead of keeping reminders as emails in your inbox, just move them to your to-do folder and add them to your task list.
3. Clean Up Your Inbox in One Click
Taking time off is wonderful until the moment you open your email after returning to work. If you work in an email-heavy company, you may have received hundreds of emails while you were out of the office, and now you’re faced with the difficult task of sorting through each one.
With Outlook’s clean-up function (introduced in Outlook 2010), you can drastically reduce the number of emails you have to deal with in just a few clicks—whether you’re coming back from vacation or you just have too many emails piled up. The clean-up function removes all email replies that are duplicated in a later thread, allowing you to read a single thread instead of dozens of individual emails.
To clean up your inbox quickly:
- While viewing your inbox, click the “Clean Up” button, and select “Clean Up Folder.”
- Click the “Clean Up Folder” button in the popup to confirm the action.
Outlook will automatically remove all duplicate emails, leaving you with significantly fewer emails to sort through.
The clean-up tool removed 29 duplicate emails from the inbox. If needed, those emails can be accessed in the trash folder.
The clean-up function can be a little disconcerting to use initially. What if it deletes something important like a reply that contained an attachment that was removed in a later thread?
Rest assured: the tool is sophisticated and will not delete any emails with attachments or text that aren’t exactly duplicated in later threads, and you can always review deleted items in the trash folder if needed.
4. Use Rules to Automatically Sort Emails and Stop Receiving Irrelevant Emails
Unfortunately, not all emails in the workplace come with an unsubscribe link. Day after day, emails arrive in your inbox that are just a distraction. Some common examples include:
- Automatic Notifications: If you’re assigned to a team on one of the platforms you use at work—such as customer relationship management (CRM) software—that platform may send an email every time a change is made in the system.
- “Fun” Emails: Sometimes a team leader or department will send daily/weekly emails with trivia, memes, or jokes designed to make work feel more fun.
- Threads You Shouldn’t Have Been Included On: Occasionally, someone will send a mass email that gets dozens of replies—none of which have anything to do with you or your job.
These emails keep you from focusing on your important work. Use Outlook’s rules function to skip the inbox and send those emails straight to the trash—or to another folder for review.
You can also use Outlook rules to automatically sort incoming emails to the appropriate folder, such as always sending emails that are from your boss with a certain subject line to the To-Do folder and emails from a newsletter you regularly read to the Someday folder.
- Right-click the email, hover over “Rules,” and select “Create Rule.”
- Choose the criteria for the rule:
- “From [Sender]” will execute the rule any time you receive an email from a specific email address or contact.
- “Subject contains” will execute the rule any time a specified subject line is used.
- Select what happens when the rule runs. To sort emails out of your inbox and into the appropriate folder, check “Move the item to folder,” and select the folder where you want the emails to be sent. You can choose the “Deleted Items” folder if you never want to see them, or you can create a separate archive folder if you may need to review the emails in the future.
Click “OK” to apply the rule.
Want to prevent getting future emails on a specific thread? In that case, instead of creating a rule, you can just use Outlook’s ignore function. Right-click the email, select “Ignore,” and confirm the action.
Ignore automatically sends future replies to that thread to your “Deleted Items” folder so you don’t receive them in your inbox.
5. Create Quick Parts for Default Responses to Common Questions
If you spend a lot of time typing the same answers to questions you get repeatedly, create Quick Parts to insert that text into email replies in just a few clicks. No need to keep typing the same thing over and over again or having to find an old response to copy and paste.
When you’ve finished typing a response that you expect to need to send again, follow the steps below to save the text as a Quick Part:
- Highlight the text you want to save in the email, and click the “Insert” tab.
- Within the “Insert” menu, click “Quick Parts,” and select “Save Selection to Quick Part Gallery.”
- Give your new Quick Part a descriptive name, and click “OK.”
With this Quick Part saved, you can now add that text to any email with just a couple clicks.
With your cursor in the body section of the email, click the “Insert” tab.
Click “Quick Parts,” and then select the Quick Part you want to insert.
The prewritten text will automatically appear in the body of your email, and you can edit and customize it as needed for your new response.
6. Use Quick Steps to Take Instant Action on New Email
If you’ve had success with the previous Outlook tips and are interested in getting into more advanced email management, it’s time to take a look at Quick Steps. Quick Steps allow you to automatically perform long strings of actions based on a trigger.
Say at the end of the month you receive a series of invoices from vendors or contractors. Your normal process is to review the invoices, forward the invoices to your accountant, and create a reminder to follow up with the accountant a week later to make sure the invoices were paid.
Quick Steps can take care of the last two steps for you with fewer clicks than if you performed the tasks manually:
- Click the “Create New” button in the Quick Steps section of the Home ribbon.
- Give the new Quick Step a descriptive name, and select the first action: “Forward.”
- Type your accountant’s email address into the “To” field.
- Click the “Add Action” button to select the second action: “Create a task with attachment.”
- Click “Finish” to create the Quick Step.
After you review an invoice, you can now execute the Quick Step to forward the email and create a reminder task. Select an email containing an invoice, and click the appropriate Quick Step in the Home ribbon.
The email forward and task windows will open automatically. Click Send to forward the email, and set a due date and reminder for the task before saving, if you’d like.
There are many different ways to use Quick Steps to speed up email processing. Spend some time thinking about the repetitive actions you take on emails, and set up Quick Steps to make managing your emails so much quicker and almost painless.
Original post by: Jessica Greene, Zapier.com
18 Cool Tips and Tricks on how to use Office 365
A few years ago, it took time to set up a PowerPoint presentation. You had to pick the layouts, backgrounds, fonts, and transitions. With pre-designed templates you cut the time spent looking for backgrounds and maximize your content output. Along with templates with customizability they’ve implemented a design feature that gives you suggestions as to how you should set up your slides after inserting an image. When you insert a picture a side bar appears to the left with a few options on how you could have it laid out, after selecting it your slide will be changed to reflect your choice.
Is a new transition that allows you to duplicate a slide and move around its components to make it look like they have shifted. This creates a sort of gif by changing their sizes, location, and rotation of the objects. Then when you start playing the slideshow you’ll be able to see the transition in motion. For example, these pumpkins look like they were thrown up high and are spinning as they fall.
Tell me what you want to do
This new helpful feature can help you find and execute quite a few actions. Insert pictures, share the document, insert a chart from excel, or even print. You’ll find this box next to the acrobat tab. To use it just type in simple text and it’ll bring up suggestions based on what you’ve typed to choose from. For example, if you needed to insert a check box you would type in and click on “check box” and it will insert it for you. If you’re looking for help on that topic, there is also an option at the bottom which will say “Get help on. . .” that you can get information from.
Now when inserting pictures or searching, you have this dandy option of using Bing. This way you can do everything right in the documents as opposed to opening a separate browser to find your information or pictures. There are two options on how you can do this. Either right click and select smart look up, or go into the “Tell me what you want to do box.” You can find images, define words, web search, and explore Wikipedia.
Out with Clutter, in with Focused
Clutter is being retired and replaced with a more efficent focused inbox. Already a feature on the mobile version of outlook it will soon be available on the desktop version, it works by concentrating what outlook thinks are your important emails while pushing unimportant emails into an “other” section. Leaving you with a neater inbox with only the important emails you want to see and less junk. It also allows you to schedule messages to dissapear from your inbox and appear at a later designates time.
Now in mobile versions of office is a new featured called “Ink” You can choose custom colors from a color wheel and use them to draw on the document using a pen or highlighter. Select the draw tab from the ribbon, where there are four preset colors and a color wheel. Selecting the color wheel allows you to move the tab around to find a color. Allowing for more customizable markups of documents.
Outlook has also added three new plug ins for use within the outlook app. Send e-gift cards and schedule meetings at a Starbucks location using the Starbucks plug in. Use the PayPal plug in to send money securely to people via email. Or order an Uber ride in association with an event on your calendar, which will send you a reminder to confirm your ride on the day of the event.
Enjoy a calendar assistant that can help you schedule meetings and share your availability directly through outlook. Also, get reminders to follow up on emails that haven’t gotten a response back and schedule your emails to go out at a later determined time.
A part of Microsoft business platform, it allows you to see what the people around you are working on (granted you’ll only see what you have permissions to). You can click a coworker’s name to see the list of documents they’ve worked on recently, or get an overview of the documents various people have been working on. It can be a helpful tool when keeping track of people working on specific documents, and since everything in synced to the cloud you can look at the different versions different people have edited.
Use planner to set up a to do list for your work group. Set due dates for completion, share files, collaborate, and check the dashboard for the progress of your team. It is a good tool for keeping track of goals or milestones your group has acheived and keeping everyone on track.
Setting up your team as a group for a specific project will allow you to share a collective space. You’ll be able to share an inbox, OneDrive folder, and group on planner to set up goals and deadlines. This can help with the seamless transfer of information between team memebers, you wont have to worry about forwarding an email to all your team memebers when you get an upate regarding a change in your project because everyone will have access to it.
Take a poll
Using Sway you can create interactive PowerPoints with pictures and videos galore which makes it more interacive. By embedding PollEverywhere.com into your presentation you can also create poll to engage your viewers and get them to interact with your presentation. Which is a great method of keeping their focus on you and interested in what you are presenting.
Gigjam is a sharing app for your phone that lets you share temporary snippets of your Office 365 products with others. Whether it is text or a photo it is a quick and convenient tool if you don’t want to send an entire document.
Instead of having four people working on the same document then trying to piece it all together when the time comes to combine it. Take advantage of Microsoft collaborative capabilities. You can have your whole team editing the same document and see the changes happening in real time. Which will get rid of the hassle of trying to mix three or more different copies of the document and have it make sense.
Skype and Edit
If you’re using Office 365 then you probably use Skype for business to communicate with your co-workers. With Office 365 you have two options on how to approach using the office products, the desktop app we all know and love or the online version. Both are acceptable options for you to use, though they have different advantages. The online versions has an automatic syncing system with your OneDrive folder, while on the desktop version you also have the option to saving it yo your harddrive(though that’s not recommended). It’s also introduced collaborative editing which allows you to view in real time what the other person is editing. But you may not know that you can chat directly in the document thanks to a skype plug in.
A new addition to Excel is a feature that can take the rows of data you have supplied and turn it into a map. It converts everything into images and organizes them into a state or country format based on the information you provide. You can find Power Map under the Insert/Map tab in your Excel document.
Reformat data in a snap
The fill down command used by hitting control-D, which populates a row based on the information you provide has helped people who fill out spreadsheets be more productive. Flash Fill on the other hand will learn what you’re doing and reformat itself to match it after you click accept. While this isn’t a new feature, it is a convieniet tool for those on a Windows computer.
Make the unreadable readable
Having to scan a document was something that took time and effort, now Office Lense turns your phone into a portable scanner so you can snapshot and go. You can quickly snap a picture of a receipt or contract then watch as it’s converted into a PDF, then it’s uploaded it into your One Drive folder in order to file it away or email it to the necessary party. Not only that but it will take illegible whiteboard text and make it legible by enhancing the image, something that could come in handy if you use them in meetings. Having all of this saved to the cloud means you don’t have to carry all that paper around with you, a very Green solution.
Here are eight best practices for enhanced email security:
- Move up the kill chain.
Phishing emails need to achieve several milestones in order to be successful. First, they have to be delivered. Second, they need to successfully deceive the user and get them to unwittingly act. Lastly, they must get the user to surrender personal information or download an attachment that contains malware. Many security solutions aim to stop criminals later in the chain, such as at the Click, Surrender, and Extract stages. But the earlier in the kill chain that controls can be inserted, the better the chance that organizations have of preventing their customers from being phished. Implementing a proactive DMARC (Domain-based Message Authentication, Reporting & Conformance) policy can break the chain at Delivery, preventing the message from ever landing in the user’s inbox.
- Enable two-factor authentication on all accounts.
Two-factor authentication (also known as two-step authentication) enhances the security of a user’s login process by requiring the entry of a secure code, which is either delivered by text message to the user’s phone or via a code-generating app such as Google Authenticator. When two-factor authentication is enabled, it is not enough for a hacker to obtain a user’s login name and password; they would also have to be in possession of the user’s mobile device.
- Keep informed.
New phishing scams are developed every day. By staying on top of these new phishing techniques, users are much less likely to fall prey to one. IT administrators should conduct ongoing security awareness training and periodically simulate phishing scams in order to keep security top of mind throughout the organization. Employees who receive suspicious emails should immediately share the technique with co-workers.
- Think before you click.
Before clicking on any link or attachment in an email it should be a routine practice to pause and evaluate whether that link or attachment appears to be legitimate. A phishing email may appear to be from a legitimate company and the hyperlinks they contain might link to what looks like a legitimate website, but users should always question whether the motivation behind the requested action seems valid. Never click on links in emails that ask you to change your password or otherwise log in to your account. Go directly to the website instead.
- Be a helicopter.
In other words, don’t be afraid to hover. Hovering your cursor over the sender’s name in an email will bring up the sender’s complete email address, including the domain the message is sent from. If the domain seems fishy, chances are the email is fishy.
- Don’t be shy—pick up the phone.
Personal information should never be given in an email and most organizations won’t ask for it. If you receive an email requesting personal or financial information that appears to be legitimate, don’t be afraid to call the sender and confirm that the request is authentic.
- Don’t get attacked by attachments.
Always be wary of emails that contain attachments and think twice before clicking on them. Legitimate companies, institutions, and brands rarely send emails with attachments, so attachments should always be a red flag. If the attachment seems authentic and the sender seems legitimate, it still might be a good idea to pick up the phone and confirm that the attachment is safe.
- Don’t reuse passwords.
Nobody likes to have unique passwords for every online account they have, but using the same password for multiple accounts can be dangerous. If you get phished or an online account is hacked, having unique passwords can limit the damage.
The complexity of today’s phishing emails makes it progressively more difficult for email users to distinguish between fraudulent and genuine correspondence highlighting the need for both preventative measures and end-user education. If malicious emails are prevented from reaching an organization’s servers in the first place then the threat is neutralized. But those that get through can also be rendered ineffective by users that know what to look for and think before they click.
If your organization is serious about preventing phishing attacks and protecting your customers as well as your brand reputation, you should be taking a two-pronged approach that includes both prevention and education. Contact us today for help.
Although email phishing scams have been around practically since the inception of the Internet, today’s scams are both more prevalent and more sophisticated. The rising prevalence of email phishing attacks is due in large part to the fact that they’re so successful. In fact, according to numbers published by the Canadian government, the success rates are alarming:
- 156 million phishing emails are sent every day
- 16 million make it through filters for a 10.2% delivery success rate
- 8 million are opened (50% success rate)
- 800,000 are clicked (10% success rate)
Not that long ago, phishing attempts were quite primitive and often riddled with typos and grammatical errors, so it was easier for consumers to identify when something was amiss. But those days are largely gone. Today’s phishing attempts are increasingly sophisticated, often almost exactly mimicking legitimate emails both in content and source.
Not only is spear phishing increasingly evolved, attacks are also proving to be incredibly costly. According to a report by the Ponemon Institute, the average 10,000-employee company spends $3.7 million a year dealing with phishing attacks.
According to the 2018 Hiscox Cyber Readiness Report released in February, 58 percent of U.S. firms with more than 250 employees have cyber insurance but only 21 percent with fewer than 250 are covered. What’s even more interesting is that more than half of U.S. small businesses have no intention of investing in cyber insurance.
The lack of complete buy-in is understandable. Although cyber insurance coverage can mitigate some of the monetary damages from data breaches, affected companies still incur large costs. For example, Equifax reported $275 million in costs from 2017 breach – insurance covered $75 million of those costs. Target data breach costs were nearly $300 million but $90 million was covered by their insurance.
One of the ways organizations can ensure they are getting the highest level of coverage possible from their policies is to ask the right questions and reduce risk through cyber security programs.
Do You Know What’s in Your Cyber Insurance Policy?
With the rise in importance of cyber insurance, I’m often asked to not only review client’s policies, but also provide them with feedback on how to include these policies into the organization’s cyber security incident response plan (CSIRP).
More often than not, I find my clients are not as familiar with the specifics of their insurance policy as I’d expect. You may share the same lack of confidence in articulating the coverage areas, limits, and requirements of your policy. It’s understandable. Cyber insurance policies can be intimidating. No offense to the gurus of the insurance world, but the policy language often comes across as legal jargon. For the non-insurance, non-lawyer types, these policies are often hard to read and difficult to understand.
To make things easier, let’s focus on the essentials of the policy you need to understand:
- Your requirements for initiating a claim (make sure to link this information to your CSIRP)
- The types of incidents that are covered and how they’re defined (as specific as possible)
- If you’re required to use a pre-approved list of providers for forensics, notifications, and legal services
Note, for the last essential, you should pre-vet the vendor list or get approval to use your own contracted service providers.
Who Reviews the Policy and Makes the Purchase Decision?
Another interesting thing I’ve noticed when reviewing policies is that they’re typically purchased by the folks in your risk management or financial services departments. These are the same departments that are normally responsible for a variety of business-related insurance policies designed to transfer risk.
The good news is that they understand the ins and outs of buying and renewing insurance policies. The bad news is that they aren’t including information security leaders and legal representatives in the policy review, selection, and negotiation process. It takes a well-rounded team of experts from risk, legal, finance, and security to make the best policy decisions for the organization.
How Much Coverage is Enough?
It can be very challenging to determine how much coverage is enough, and honestly, you may not really have enough information to make a well-informed decision until after you have lived through your first claim.
I suggest researching the use case history for comparable organizations in your industry that have been hit. What has it cost them? How much did their cyber insurance cover? Some Fortune 1000 companies are now looking for policies covering up to $500 million. Consider your most likely scenarios and assess these scenarios prior to renewals on an annual basis.
More Expertise: To learn more about important cyber insurance considerations you need for incident response, view our on-demand webinar, “Data Breach Survival Tactics: Building Actionable Incident Response Plans.” For policy concerns specific to law firms, check out our blog, “Pitfalls of Cyber Insurance Policies for Law Firms.”
Stephanie Ewing-Ottmers is a cyber security evangelist at Delta Risk LLC, a Chertoff Group Company that offers managed security services.