Monthly Archives: May 2017

Lose my data? LOL. Not a chance!

Data is everywhere. And for many users, their data is everything. Documents, photos, videos, and other files cover years of life lived, experiences shared, and work completed. But recent research shows that the cost of lost or stolen data is on the rise. For businesses, the average cost per record rose $158 last year. For personal users, meanwhile, it’s easy to make the case that real “data loss” only happens to large companies and enterprises. After all, you’re careful with your data—always super cautious about saving information and even duplicating on to a USB stick or external hard drive. There’s no chance you could ever lose your data, right?

Right?

Data dangers

Let’s suppose you’re really careful. Like really careful with your data; you never shut down your laptop or desktop without making sure that files are properly saved, stored in the right directory, and time-stamped within the last few minutes. Plus, you’re regularly backing up everything to a USB stick or hard drive. What’s the worst that could happen? For starters:

Lost or stolen: You get distracted at the coffee shop and someone runs off with your laptop, or it gets lost in the shuffle when you move to a new apartment. Sure, you’ve got that memory stick, but when was the last time you backed it up?

Hard drive failure: Hard drives aren’t perfect, and a recent study found that some have failure rates pushing 10 percent. If your hard drive stops spinning, your data goes kaput.

Ransomware: Maybe you opened that email attachment marked “URGENT” or visited a shady website. And maybe your PC is infected with ransomware, locking you out of your files. Every. Single. File.

It’s funny, right?

And those are just the “ordinary” ways to lose all your data. We’ve all had days where Murphy’s Law seems out to get us. What about:

Pool party: Don’t laugh. It happens. You’re on vacation, bring the laptop for work or play and after a day of too much sun and fun someone bumps your device and…splash!

Scary spills: You’re up late or starting early, barely hanging on. Your cup of coffee somehow misses the mark or your kids burst in and…hisssssss. Computers and caffeine don’t mix.

E-rage: We’ve all thought about it: Tossing that laptop off a balcony or breaking it in two when it won’t cooperate. If you’re tired enough, stressed enough, or had the worst day, your device may not make it through the night.

Of course, none of these scenarios could happen to you. Right? But just to be on the safe side, it’s worth considering another line of defense: Cloud-based storage from Mozy that automatically replicates your data and can restore lost or stolen files if laptops go missing or physical drives bite the dust. Plus, it’s one less thing for you to worry about. Use your device, live your life, and let Mozy take care of the rest.

WannaCry? You will if you don’t back up!

This blog was written by Jerome Bachelet, Mozy Systems Engineer; and Ela Moraru, Mozy Associate Systems Engineer 1

You’ve no doubt heard about the “Wanna” ransomware virus. Known by various names—including WannaCry, WannaBe, and WannaCrypt—this ransomware outbreak has spread globally and rapidly, affecting more than 250,000 computers in more than 150 countries in just a few short days. Individuals and businesses have been infected by the virus in the UK, Spain, US, and Russia.

What’s it do?

The Wanna ransomware infiltrates Windows machines and encrypts files, changing the extensions (for example, .wnry, .wcry, .wncry and .wncrypt) and makes files inaccessible to end users and applications. It impacts all Windows operating systems, from Windows XP to Windows 10, including the Server editions. Wanna uses a worm executable to spread further through local networks and the Internet, infecting any other Windows computers it can reach via the network. The scale of the attack prompted Microsoft to take the highly unusual step of releasing patches for unsupported operating systems, including Windows XP.

The goal of any ransomware is to incapacitate as many files and applications as possible, thus most ransomware is designed to infiltrate IT systems at the end user and then penetrate application servers.

It’s widespread and ongoing—and it’s paralyzing

Wanna is so devastating because it paralyzes any computer it can access and then causes application failures for systems that have a dependency on Windows OSs—like phone systems, email servers, and Microsoft SQL based applications. As of this writing, Wanna has infected more than 230,000 computers and has been identified in 150 countries. Wanna is so widespread that it has been localized into 28 languages.

Hundreds of victims have paid various amounts of ransom to bitcoin wallets in exchange for a decryption key that might allow them to regain access to their files. Unfortunately, decrypting files does not mean the malware infection itself has been removed from the computer. Even if your files are decrypted, there is no foolproof way to remove the ransomware, other than wiping your hard drive and reinstalling Windows.

How does it work?

Warning! A ransomware disaster usually, but not always, starts with a user clicking something they shouldn’t be clicking; for example, a suspicious attachment in an email.

There is a debate about exactly how the Wanna malware first broke out, but what is undeniable is that once virus gains access to a system it spreads unwittingly across unprotected SMB ports. Frustratingly, there has also been a spike of email phishing attacks based on the panic caused by Wanna. In these cases, a user is directed to open an email attachment or visit a website where the ransomware is presented, masquerading as a legitimate attachment or download.

Upon execution, Wanna will kill several system processes that may be locking files and grants itself full permission to every user account on the system.

Wanna then scans all drives (local and network) for 170+ file types and encrypts all the files with a new extension. Next, Wanna hard-deletes all the original files (bypasses the Recycle Bin). Files that are stored in a share, or synchronized via Google Drive, OneDrive, Dropbox, etc., will also be encrypted. Sync tools will automatically propagate to the cloud storage and appear on any other devices linked to the sync service.

Wanna removes any Shadow Volume Copies, disables Windows startup recovery, clears Windows Server Backup history, and bypasses the Recycle Bin, thus preventing any recovery from the Windows systems itself. Wanna changes the end-user wallpaper and displays a pop-up dialog box with instructions to send $300 worth of bitcoin in exchange for a key that will theoretically decrypt the files. The ransom will increase at a regular cadence, and the end user has 7 days to pay the ransom.

How can Mozy help?

Although Mozy by Dell cannot prevent a ransomware outbreak, millions of customers rely on the Mozy backup service to help avoid ransomware disasters. When a ransomware infection occurs, restoration of an endpoint or server from a backup works best when you can easily select a moment in time from where to restore. Once you have identified the point of infection (user and file) and the time the malware was introduced to the machine, Mozy can restore all of the files for the given user from the point in time just before the malware was introduced.

It’s true that there are a few dollars to be made through ransomware exploiting desktop and laptop computers; however, the primary focus of hackers is to make their money at the application server level. More than 95% of all ransomware attacks occur at the edge (that is, desktop and laptop computers). That’s where Mozy can help victims become productive again.

In the case of the Wanna virus, once the ransomware infection has been removed, Mozy would be reinstalled and re-activated with the original account. From the Restore window, the user would use the calendar to select the last healthy version of the files, select all of the files, and then click Restore. Mozy will automatically restore all the files to their original location in their original state.

To learn how you can use Mozy as a second line of defense for your data and to prevent a ransomware disaster, visit Mozy by Dell.

Mozy at Dell EMC World

While in college, I was fortunate to have two internships with EMC. When I came on board to work the summer months, some of my co-workers were just returning from EMC World. I knew these conventions were a big deal, but how big? Last week I had the opportunity to attend the first joint Dell EMC World located in Las Vegas.

When I checked in for the event on Sunday afternoon, I was able to walk the show floor. I have never felt so small in a building! The convention was set to take place in the 1.5 million square foot Venetian convention center, which now looked much more like a construction site than a trade show. There were workers with hard hats, forklifts buzzing around like bees, and people running electrical wires from the rafters to light up the snazzy booths in the coming week.

I woke up Monday morning to attend the Michael Dell keynote that would officially kick off Dell EMC World 2017. I found myself surrounded by roughly 12,000 IT practitioners, business decision makers, analysts, and customers funneling into the conference hall to listen to what Michael had to say.

After the keynote and announcements of future technologies, it was time for the solutions expo to open. Walking on the show floor Monday afternoon was a much different vibe than Sunday during registration. There was booth signage hanging from the ceiling every direction you looked, bright lights flickering in the background, a BMW i8 in the middle of the show floor, and my favorite—an obstacle course for drones!

After quickly checking out the 150+ booths, it was time to staff the Data Protection booth and speak with customers and prospects. Because I work on the marketing team, I don’t speak with customers as often as I would like. However, while staffing the booth, I had the opportunity to speak with Mozy customers, prospects, analysts, and folks from all around the world. It was a very gratifying feeling to speak with Mozy customers and hear their stories about how Mozy has saved the day, or how Mozy is helping in their company’s IT transformation.

On Tuesday night, Mozy hosted a customer appreciation dinner at the Venetian. It was an excellent opportunity to get to know each other better.

All in all, Dell EMC World surpassed my expectations. I now have a much better understanding of Dell’s motto, “Go Big, Win Big.” Dell EMC World 2017 was just that. I’m already looking forward to next year’s Dell EMC World. Maybe I’ll see you at the Mozy booth!

Mozy Employee Receives Deloitte UCC Executive Graduate of the Year Award

It’s always good to hear about team members who have achieved something beyond the ordinary.

Recently, Kris Meulemans, a Mozy senior sales engineer based in Cork, Ireland, and servicing our EMEA customers, received an MBA from the University College Cork and was presented with the Deloitte UCC Executive Graduate of the Year award for finishing at the top of the class.

From left to right: Thomas Healy, Mozy Business Operations Director, Dell EMC; Honor Moore, Partner, Deloitte; Kris Meulemans, award recipient and Mozy Senior Sales Engineer, Dell EMC; Patrick O’Shea, President, University College Cork; and Joan Buckley, Academic Director UCC Executive MBA. Photo by Tomas Tyner, UCC.

The Deloitte UCC Executive Graduate of the Year award is presented to the outstanding student of each graduating class to acknowledge their academic achievement and overall contribution to the MBA program. This is the first instance of a Dell EMC employee receiving this prestigious award.

As part of the celebrations, Kris, his partner Katelijne, and Thomas Healy, a representative from the Dell EMC management team, met with UCC’s president, Professor Patrick O’Shea; Honor Moore, partner at Deloitte; and Joan Buckley, the academic director 2015/2016 of the Executive MBA.

Presenting the award, Moore said, “Deloitte is honored to be associated with this prize, which recognizes excellence in business leadership education.” She complimented Kris’ achievement on getting the highest marks in the class.

Dr. Buckley congratulated Kris for his academic achievements and overall contribution to the class. “With this prize we recognize an executive who has shown exceptional ability,” she said.

Asked about his experience working toward his MBA, Kris said, “The MBA taught me the frameworks and tools to tackle very diverse and complex situations and have proved immediately applicable within my role. But equally, if not more important, the MBA continually challenges you to think on a higher level and broaden your horizon through the interaction with a wonderful team of lecturers and co-students. And perhaps the most important, it makes you realize the value of your family and friends as a support network, without which this achievement wouldn’t have been possible.”

The senior sales engineer role includes consulting with customers on their SaaS strategy together with the sales team, interfacing with Product Management and Engineering functions on the future products as well as training new Sales and Pre-Sales team members. When asked about Kris’ accomplishments, Steven Wood, Mozy’s senior Pre-Sales manager, said, “Kris has an insightful appreciation of customer needs and the challenges they face with modern IT and cloud computing. His attention to detail and dedication to every goal is exemplified by this award.”

Congratulations, Kris, from all of us on the Mozy by Dell team!

Kris is one of the many professionals working at Mozy—and working for you!—to make Mozy online backup the most trusted name in cloud data protection.

2017 Ransomware Update

Ransomware, a specific form of malicious software that encrypts files on your computer until a ransom is paid, like other online scams ebbs and flows in fads. In 2017 the ransomware landscape has seen the return of some old tricks as well as the evolution of an old threat. Here’s a look at the current state of ransomware and what you can do to prevent it.

Open-source software

Most people know open-source software for helpful alternatives to Microsoft Office or a music player that reads a plethora of file types unlike iTunes. However, open-source ransomware has become a much more prominent issue in recent months. While most demand a monetary ransom be paid, the open-source nature of the code has given rise to stranger demands. For example, one iteration demands that you achieve a certain level on an online video game before your files are restored. Another recent version simply makes the victim watch a video educating the victim about what ransomware is.

Expanded distribution

Ransomware, like the ones mentioned above, is typically distributed through email with an attachment. The sender may be a cunningly disguised email address that looks like a friend, family, or colleagues address. Often the software is attached and disguised as a document. However, in April 2017, distribution changed shape. Companies in Europe received emails with an included hyperlink that took users to a Dropbox link with a file disguised as an invoice.

Locky returns and Cerber evolved

Locky was discovered in 2016 embedded in a Microsoft Word document. After its discovery users caught on quickly and the threat seemed to be mitigated by most moderately aware users. However, in May 2017, Locky got a makeover and was found embedded in a PDF that has a link that leads to a .docm. Once the .docm file is opened it sends an invisible connection to another server from which it downloads the ransomware.

In the same month Locky was reborn, Cerber evolved. Like its previous versions, however, it is disseminated via spam emails with an attachment. So what has changed? Once the file is open, Cerber 6 is able to download and run another virus that utilizes Windows Firewall’s technology and blocks any attempt at detection while the ransomware is downloaded. As firewalls have been equipped with machine learning, hackers have created new ways of circumnavigating cybersecurity.

Prevention and solutions

No matter the new form of ransomware, there is always one hurdle it must leap before your computer and files are infected, and that’s tricking you into clicking a malicious link or downloading a malicious file. Educate family, friends, and colleagues what scam email addresses look like. Usually, users whose computers became infected with ransomware did not invest any time or effort to verify the origin of suspicious emails or attachments. Furthermore, victims of ransomware also open macros or click on suspicious links. Refrain from opening files or links within unverified emails. If you’re a victim of ransomware, there are decryption tools that can decrypt some strands of ransomware or prevent screen locks altogether. However, prevention should be paramount.

Mozy by Dell knows how to beat ransomware

Data stored in the Mozy cloud is protected from ransomware. Learn why programs, including viruses, cannot execute or run in the Mozy cloud and cannot infect files stored there: Ransomware: Frequently Asked Questions.

You can prevent a ransomware disaster. Check out our white paper.

Is Your Data Protected?

Did you hear about the company that was fined $2.5 million by the feds as a result of a HIPAA breach penalty? A laptop with protected health information for approximately 1,400 patients was stolen. Unfortunately, the computer was not protected with the safeguards required by the Health Insurance Portability and Accountability Act (HIPAA). As a result, electronic protected health information (ePHI) was compromised.

Although threats to business data are everywhere—think ransomware, hard drive failure, theft, user error, and more—you can prevent data loss (and avoid fines for non-compliance!) by backing up your data and ensuring that your backups are occurring on a regular basis.

First, let’s consider some of the threats. Next, let’s briefly discuss how Mozy can help you prevent a data disaster.

What could possibly go wrong?

If any of the following questions cause you want to change the subject or you’re just not sure of a proper course of action, be sure to read the next section!

   •     What would you do if your laptop were stolen? Do you have a process in place that allows you to recover your data?
   •     What would you do if your hard drive failed and you could no longer access the data on your computer?
   •     What would you do if you spilled coffee on your laptop and it suddenly died as a result?
   •     What would you do if you logged on to your desktop and saw a ransomware message indicating that your files were          locked and demanding a bitcoin ransom in return for a decryption key to allow you to regain access to your data?
   •     Do you handle ePHI, and do you know if that information is in compliance with the HIPAA Security Rule?


Prevent a data disaster

I just didn’t expect that
Maybe your laptop was stolen during a business trip, or maybe you forgot you placed it on the roof of your car while searching for your keys and then drove off. Maybe you liquidated your laptop with a large latte. Or maybe your hard drive just failed. With the Mozy backup service you can use Mozy’s restore manager to download all of your files (to your new computer!) from the safety of the Mozy cloud.

“Your personal files are encrypted! Pay!”

The last thing anyone wants to see on their computer screen is a message like, “Your personal files are encrypted! Pay!” In the event that your computer is infected by ransomware, Mozy offers a second line of defense. Mozy ensures that backups are frequent and reliable, so in the event of a ransomware attack, you can recover data to a point in time prior to the attack.

ePHI and HIPAA

If your business handles ePHI, you have a legal obligation to keep that information confidential and protected from those not authorized to view it. Mozy safeguards ePHI with strong encryption (which includes a required encryption key); your data is encrypted during backup and at rest. Your corporate encryption key or personal encryption key is known only by you.

We’ve got your back (up)

Using enterprise-grade encryption, Mozy protects the data you rely on to keep your business up and running and allows you to recover lost, damaged, or stolen data quickly. (A note about ransomware: It’s important to remember that simple backup is not enough to ensure your files are protected from ransomware. Mozy keeps up to one year of file versions. If you have identified the point of infection and the time the malware was introduced to the computer, Mozy can restore all of the files for the given user from the point in time just before the malware was introduced.)

For more information, visit Mozy by Dell.