Even if you get an email and attachment from someone that you know, if you were not expecting it, contact that person and make sure it was sent by them. Many of these attacks utilize software that will attempt to impersonate an email user and send an email to everyone in their contact list.
Backups are still the best way to protect yourself. If you do manage to get encrypted with early variants of WannaCry, don’t reboot your computer as the recently-released Wannakey tool might be able to get the encryption keys. The early versions of the malware were poorly written and had a kill switch that slowed things down from becoming a lot worse than it was (new variants have since fixed those flaws).
If you are a HIPAA-regulated business or deal with HIPAA-regulated industries, you really have to trust your vendors. A security breach at a vendor’s office may as well be a breach in your office, as far as HIPAA is concerned. You need to have a business-associate agreement (BAA) signed with those vendors. And if that vendor has no idea what a BAA is, you might want to reconsider your relationship with them, for your own protection. In a recent news story, an Illinois-based clinic was fined $31,000 because they didn’t have a BAA signed with a vendor hired to store paper records containing patients’ protected health information (PHI) (that vendor is the focus of other investigations). You can read the full cautionary tale here. If you need any assistance with your vendors or other HIPAA regulations, don’t hesitate to contact your local Weston office today.
A vulnerability has been discovered in Microsoft Word that could allow malware to get into your system. Microsoft is working on a fix or this, but for at least the next couple of weeks be especially vigilant if you receive a Microsoft Word attachment from someone that you don't know.
If you get a document from someone that you do know that you were not expecting, it is a good idea to check with them and make sure that they sent it. It only takes a minute to check versus the hours to clean up and the possible loss of data if something gets through.
This is a good reminder that it's a cruel digital world out there so definitely don't click on links or attachments from anyone you don't know, and view with suspicion any links or attachments from someone you do know that you were not expecting (especially those that are asking for you to pay an invoice or transfer money). WestonBlock and our antivirus software should block most of these but nothing beats plain old vigilance.
More technical info on the Microsoft Word vulnerability for those of you interested can be found here.
Don't hesitate to contact us at if you have any further questions.
Weston has been a Microsoft-certified partner for many, many years. We’ve also achieved Microsoft-certified competencies. Basically, to achieve a Microsoft-certified competency, you have to have a minimum amount of techs that have passed certain tests and your organization has to submit verifiable references to Microsoft. Our techs have worked hard to learn and become masters in the technologies that drive your business. Because of that work, they have achieved several certifications this year in the following categories:
Silver: Midmarket Solution Provider
Silver: Small and Midmarket Cloud Solutions
What does this mean for you? It means that if you need experts in the Microsoft technologies that run your business, Weston Technology Solutions is the right choice.