An incident response plan is an organized approach to addressing the aftermath of a security breach or cyber-attack. Certain industries, like medical or financial institutions, absolutely should have one.

But even if you don’t have a lot of sensitive information, it’s best to have SOME idea of what you would do if a cyber-attack locked all your files or stole confidential information.

Things to consider when you’re planning:

• Physical access to your building(s)
• What to do with lost or stolen mobile devices
• PCI (payment card industry) compliance requirements
• Data-breach incident response
• Threat monitoring


That’s where we are here to help! Give us a call: 516-829-3687 and we’ll be glad to help you put together a cyber-response plan.

Fear is a fantastic way to spread malware, which is why hackers around the world are using the fear of a flu pandemic as a hook to install a nasty strain of ransomware.

Researchers at MyOnlineSecurity have detected a cunning email campaign which spoofs the Centers for Disease Control and bears headlines warning of a Flu Pandemic.

The message is short and to the point, explaining that a flu pandemic has been detected and urges recipients to read the attached document for further instructions to protect their families and help keep it from spreading.  The instructions also helpfully include the note that in order to view the document properly you’ll need to click the ‘Enable Editing’ button.

The attachment bears the name “Flu Pandemic Warning,” which reinforces the message itself. It’s an excellent choice from the perspective of the hackers, because they know that a relatively high percentage of those who receive this message from what appears to be a trusted agency will open it.

Unfortunately, the moment they open the file and click to enable editing, they doom themselves.  The word document is poisoned and contains scripts that will install the GrandCrab v5.2 ransomware on the victim’s machine, which will promptly lock their files and demand a hefty payment.

While this is a nasty and especially effective campaign, it’s not the only one that the creators of Grand Crab are engaged in.  Recently, the Chinese government issued their own alert, stating that beginning on March 11, various government departments were bombarded with phishing-style emails intent on installing ransomware on their servers.

All that to say, vigilance is more important now than ever.  There’s no telling how long this campaign will run, or what may come after it, but one thing you can be sure of.  They’re not going to stop.

If you do business with either American Express (AMEX) or Netflix, be on the alert.  Windows Defender Security Intel has recently reported the detection of two major new phishing-style campaigns aimed at the customers of both businesses.

Recipients have been receiving emails that appear identical to official Netflix and American Express communications.

In both cases, the ultimate goal is to convince customers to hand over their credit or debit card information. Microsoft has sent a couple of different tweets out about the issue.  One of them assures customers that “Machine learning and detonation-based protections in Office 365 ATP protect customers against both campaigns.”

And another warned that “The Netflix campaign lures recipients into giving away credit card and SSN info using a ‘Your account is on hold’ email and a well-crafted payment form attached to the email.”

The unfortunate truth is that emails like the ones currently in play are extremely easy to craft and very compelling.  The hackers simply play on the fears of the customer, making it sound as though if they don’t take immediate action they’ll lose access to a valued service they’ve come to rely on.

There’s essentially no cost to the hacker for pushing out hundreds, or even thousands of emails like the ones currently being used. For each victim that falls prey to the tactic, the costs can be enormous.

As ever, the first best line of defense is education and awareness.  In addition to that, if there’s ever any question at all about the status of your account, the best thing you can do is to address the issue via another channel.

In other words, don’t simply reply to the email you received.  Open a new tab, look up the company’s customer support number and call to verify.  Doing so will tell you in short order whether the email you received was legitimate, or someone trying to separate you from your hard-earned money.