newsletter connect - june 2016

• Our Inspiration

• Making News (Partners)

• Inbox

• Business Aligned IT (BAIT) Series

• LOL!

Our Inspiration From

Nelson MandelaCONTENTS

“It always seems impossible until it’s done.”

Chalo @ Tindivanam!

Recently Inspace Chalo – the school management software team bagged aprestigious order from Shri Ram School (CBSE) at Tindivanam.

Seen in the above picture is our Manager - Business Development –Mr. Manivasahan, collecting the PO from Mr. T.Ramu, Principal of Shri RamSchool.

We wish CHALO team more such success stories in future!

CONTENTS

• Our Inspiration


• Inbox


• LOL!

MAKING NEWS...

CONTENTS

• Our Inspiration


• Inbox


• LOL!

INBOX

WELCOME TO THE CLUB…

Recently Inspace secured few prestigious client and added them to theiresteemed list of clientele. Some of them are,

- Mumbai

- Mumbai

- Chennai

- Chennai

- Tindivanam

- Palladam

• Our Inspiration


• Inbox


• LOL!

CONTENTS

Welcome back to another edition of our BAIT Series, which aims primarily toalign business with technology. This month we would do touch upon a hot ITtopic across all industries – Ransomware!

The United States Department of Homeland Security (DHS), in collaborationwith Canadian Cyber Incident Response Centre (CCIRC), is releasing this Alertto provide further information on ransomware, specifically its maincharacteristics, its prevalence, variants that may be proliferating, and howusers can prevent and mitigate against ransomware.

Recently there has been a lot of clamour about data files being lost acrossmany companies. Users storing their files on their systems, find that one finemorning they are not able to open them (after hours of laborious work onthem). Imagine the plight of cumulate data and editing work carried out forweeks, months or even years’ together, especially for the accounting orfinancial purposes!

The background information is that, destructive ransomware variants such asLocky and Samas were observed to infect computers belonging to individualsand businesses. Basically, it restricts users’ access to it until a ransom is paidto unlock it.

Business Aligned IT (BAIT Series 15) By Samuel Raj Anbudaiyan (Technology Auditor)

PREPARE FOR RANSOMWARE

• Our Inspiration


• Inbox


• LOL!

CONTENTS Business Aligned IT (BAIT Series 15) By Samuel Raj Anbudaiyan (Technology Auditor)

So what is Ransomware?

Ransomware is a type of malware that infects computer systems, restrictingusers’ access to the infected systems. Ransomware variants have beenobserved for several years and often attempt to extort money from victimsby displaying an on-screen alert. Typically, these alerts state that the user’ssystems have been locked or that the user’s files have been encrypted.Users are told that unless a ransom is paid, access will not be restored. Theransom demanded from individuals varies greatly but is frequentlyRs.15,000/- to 30,000/- (and must be paid in virtual currency, such asBitcoin).

Ransomware is often spread through phishing emails that contain maliciousattachments or through drive-by downloading. Drive-by downloading occurswhen a user unknowingly visits an infected website and then malware isdownloaded and installed without the user’s knowledge.

Crypto ransomware, a malware variant that encrypts files, is spread throughsimilar methods and has also been spread through social media, such asWeb-based instant messaging applications. Additionally, newer methods ofransomware infection have been observed. For example, vulnerable Webservers have been exploited as an entry point to gain access into anorganization’s network.

Impact of Ransomware

Ransomware encrypt the target data files using an algorithm that is almostimpossible to crack (or it might take years to break the encryption). Oncethe files are encrypted without the “encryption key” the user cannot get thedata or information from the files as they are rendered unreadable by theprograms (like Documents or Spreadsheets).

• Our Inspiration


• Inbox


• LOL!


If the user tries to access the data or the files, they are asked to pay aransom amount to get data. These viruses spread through email, internetand also through local networks. Thus before the user realises, all areaffected. Thus to get the files or data back, either the user is forced to pay-up the amount specified or to lose their valuable data forever. Most usersend-up paying the amount, since they do not want to lose the data (withyears of work stored in them). The worst part is that even after paying theamount some users do not get the valid “decryption key” to access theirdata or files! And it is next to impossible to trace back the ransomingparties.

Ransomware not only targets home users; businesses can also becomeinfected with ransomware, leading to negative consequences, including

• Temporary or permanent loss of sensitive or proprietary information,• Disruption to regular operations,• Financial losses incurred to restore systems and files, and• Potential harm to an organization’s reputation.

As seen earlier, paying the ransom does not guarantee the encrypted fileswill be released; it only guarantees that the malicious actors receive thevictim’s money, and in some cases, their banking information. In addition,decrypting files does not mean the malware infection itself has beenremoved.

Proactive Solution for Ransomware

Infections can be devastating to an individual or organization, and recoverycan be a difficult process that may require the services of a reputable datarecovery specialist.

Many security agencies recommend that users and administrators take thefollowing preventive measures to protect their computer networks fromransomware infection:

• Employ a data backup and recovery plan for all critical information.Perform and test regular backups to limit the impact of data or system lossand to expedite the recovery process. Note that network-connectedbackups can also be affected by ransom ware; critical backups should beisolated from the network for optimum protection.

• Use application white listing to help prevent malicious software andunapproved programs from running. Application white listing is one of thebest security strategies as it allows only specified programs to run, whileblocking all others, including malicious software.

• Our Inspiration


• Inbox


• LOL!


• Keep your operating system and software up-to-date with the latestpatches. Vulnerable applications and operating systems are the target ofmost attacks. Ensuring these are patched with the latest updates greatlyreduces the number of exploitable entry points available to an attacker.

• Maintain up-to-date anti-virus software, and scan all softwaredownloaded from the internet prior to executing.

• Restrict users’ ability (permissions) to install and run unwanted softwareapplications, and apply the principle of “Least Privilege” to all systems andservices. Restricting these privileges may prevent malware from running orlimit its capability to spread through the network.

• Avoid enabling macros from email attachments. If a user opens theattachment and enables macros, embedded code will execute the malwareon the machine. For enterprises or organizations, it may be best to blockemail messages with attachments from suspicious sources. Follow safepractices when browsing the Web.

• Do not follow unsolicited Web links in emails.

• Individuals or organizations are discouraged from paying the ransom, asthis does not guarantee files will be released. Report instances of fraud toInternet Cyber Crime.

LOL!

Lets relax…

CONTENTS

Get in touch with us! All are encouraged to contribute towards the contentsof this newsletter. Please reach out to Editor’s Desk @[email protected]

(This newsletter is for private circulation only. The Editorial committeereserves the right to publish contributed contents).

• Our Inspiration


• Inbox


• LOL!