It’s an early Aloha Friday morning and for many it will be one to remember! We want to inform you about a recent series of significant outages impacting various industries across the nation, including hotels, banks, airlines, and other major services.
Overview of the Incident
In recent hours, a major global IT outage has affected several critical sectors, causing disruptions in services and operations. This widespread issue was primarily triggered by a faulty update from CrowdStrike, which led to numerous systems experiencing the infamous Windows “blue screen of death” (BSOD) error. The resulting downtime has caused significant inconvenience and operational challenges for many businesses.
Cowabunga! Computers does not deploy CrowdStrike to any of its computers or servers under management, so the impact to your computer and daily business should be minimal. Because of the sheer number of other businesses being disrupted as well as news reporting on this issue, we wanted you to simply be aware this should not affect any of Cowabunga! Computers managed services users.
Industries Affected
The impact of this outage has been extensive, affecting:
Airlines: Major airlines such as Delta, United, and American Airlines faced flight delays and cancellations due to communication system failures.
Banks: Financial institutions experienced interruptions in online banking services and ATM networks.
Hotels: Hospitality services saw disruptions in reservation systems and guest management processes.
Cause and Implications
The root cause of this widespread disruption was a problematic update from CrowdStrike, a leading cybersecurity firm. This update, designed to enhance security, inadvertently caused severe compatibility issues with Microsoft Windows systems, leading to widespread crashes and operational halts.
Our Commitment to Your Security
At Cowabunga Computers, we understand the critical nature of these outages and are committed to ensuring your business remains secure and resilient. Here’s how we’re supporting you:
Enhanced Monitoring: We are closely monitoring all systems to detect and address any anomalies promptly.
Proactive Measures: Implementing additional safeguards to prevent similar issues from affecting your operations.
24/7 Emergency Support: Providing round-the-clock support to assist with any concerns or technical issues you may encounter.
Are you using CrowdStrike? Have you been affected?
If you are not currently a customer but suspect you may be affected by these issues and cannot get a timely response from your current provider, we invite you to reach out to us. Our team is ready to provide the support and solutions you need.
Thank you for your continued trust in Cowabunga Computers. Together, we can ensure the security and resilience of your business.
We are reaching out to inform you about a significant security incident that has recently come to light. Ticketmaster, a major ticket sales and distribution company, has experienced a data breach that may have exposed the personal information and payment details of millions of users. This breach serves as a critical reminder of the importance of robust cybersecurity practices to protect your personal and business information.
What Happened?
In early May 2024, Ticketmaster confirmed that unauthorized access to its systems resulted in the exposure of customer data, including: – Names – Email addresses – Billing addresses – Payment card information – Login credentials
While the full extent of the breach is still under investigation, it’s crucial for all Ticketmaster users to take immediate steps to secure their accounts and mitigate potential risks.
Actionable Items to Secure Your Accounts
1. Change Your Passwords Immediately: – If you have a Ticketmaster account, change your password immediately. Ensure that the new password is strong and unique. – Avoid using the same password across multiple accounts. Consider using a password manager to generate and store complex passwords securely.
2. Enable Multi-Factor Authentication (MFA): – Where possible, enable MFA on all accounts, including Ticketmaster. This adds an extra layer of security by requiring a second form of verification in addition to your password.
3. Monitor Your Financial Accounts: – Regularly review your bank statements and credit card transactions for any unauthorized activity. Report any suspicious transactions to your bank immediately.
4. Be Wary of Phishing Attempts: – Cybercriminals often exploit breaches by sending phishing emails to gain further access to your personal information. Be cautious of any unsolicited emails or messages asking for sensitive information or containing suspicious links.
5. Update Security Software: – Ensure all your devices have the latest security updates and antivirus software installed. This helps protect against malware and other cyber threats.
6. Stay Informed: – Keep yourself updated on the latest news regarding the Ticketmaster breach and other cybersecurity threats. Knowledge is a powerful tool in protecting yourself against cybercrime.
Understanding the Risks of Password Reuse
In light of the recent Ticketmaster breach, it’s crucial to understand the risks associated with reusing passwords across multiple sites and services.
Why Password Reuse is Dangerous
Using the same password for multiple accounts significantly increases your vulnerability to cyberattacks. Here’s why: 1. Credential Stuffing: – Cybercriminals often use a technique called credential stuffing, where they take stolen usernames and passwords from one breach and try them on other websites. If you reuse passwords, a breach on one site can lead to compromised accounts on many other sites. 2. Chain Reaction of Breaches: – Once attackers gain access to one account, they can potentially access other accounts linked to the same email address. This can create a domino effect, leading to multiple accounts being compromised. 3. Increased Risk of Identity Theft: – With access to multiple accounts, cybercriminals can gather more personal information, increasing the risk of identity theft. They can exploit this information for fraudulent activities, such as opening new credit accounts in your name. 4. Loss of Sensitive Information: – Reused passwords can lead to unauthorized access to sensitive information, including financial data, personal communications, and private documents, causing significant personal and financial harm.
How to Mitigate the Risks
To protect yourself from the dangers of password reuse, consider the following best practices: 1. Use Unique Passwords for Each Account: – Ensure that every account has a distinct password. This way, even if one account is compromised, the others remain secure. 2. Implement Strong Passwords: – Create complex passwords that are difficult to guess. Use a combination of upper and lower-case letters, numbers, and special characters. 3. Leverage Password Managers: – Password managers can generate and store strong, unique passwords for each of your accounts. This makes it easier to manage multiple passwords without having to remember each one individually. 4. Enable Multi-Factor Authentication (MFA): – MFA adds an additional layer of security by requiring a second form of verification (such as a text message or authentication app) in addition to your password. 5. Regularly Update Passwords: – Change your passwords periodically, especially for sensitive accounts like email, banking, and social media.
Final Thoughts
The Ticketmaster breach is a reminder of the ongoing threats to our digital security. By understanding the risks of password reuse and taking proactive measures, you can significantly reduce your risk of falling victim to cyberattacks. If you need any assistance or have questions about enhancing your cybersecurity, please don’t hesitate to contact us.
It was a typical morning at Cowabunga Computers. Our team arrived at the office, ready to tackle the day’s tasks, when a critical alert from our Remote Monitoring and Management (RMM) tool caught our attention. Five user accounts at one of our client’s sites were reported as locked out. The affected users were Brian, Joseph, Jared, Mary, and Jacob. Our team knew that something was amiss, and quick action was necessary.
The Unexpected Alert
The alert stemmed from a security policy we had set up to monitor user accounts. It flagged that these accounts were locked out due to repeated failed login attempts. Immediately, our team dove into the logs and details of the alert. We discovered that the attempts were coming from a specific IP address, and the user accounts were under attack.
Digging Deeper
Further investigation led us to the IIS logs on the client’s server. The logs revealed a troubling pattern: someone was systematically trying to brute force their way into the system. The attacker was targeting the Remote Desktop Web Access (RDWeb) login pages, attempting to break through our defenses. Despite these efforts, none of the passwords were successful, thanks to the added layer of security provided by Duo 2FA. However, the repeated attempts were enough to lock out the accounts, disrupting the users’ access.
Swift Response
Recognizing the urgency of the situation, our team quickly mobilized. First, we unlocked the affected accounts, restoring access to Brian, Ryan, Paul, Nikki, and Sarah. Then, we turned our attention to stopping the attacker.
We identified the attacker’s IP address and immediately added it to our firewall blocklist. Not stopping there, we blocked the entire subnet to ensure no further attempts could be made from that range. A reverse GeoIP lookup revealed that the attacker was operating from the Netherlands. To bolster our defenses, we blocked access from the entire country.
Securing the Fort
To further secure the server, we made a critical configuration change. We removed the wildcard binding on the IIS server, ensuring that it would only serve login pages if the domain name was known. This move added another layer of protection, making it harder for attackers to find their way in.
The Aftermath
Thanks to our quick response and proactive measures, we were able to thwart the attack and restore normal operations swiftly. But this incident served as a stark reminder of the potential dangers lurking in the digital world. A brute force attack like this, if left unchecked, could have led to compromised accounts, data breaches, and significant operational disruptions.
Lessons Learned
Our team at Cowabunga Computers took this incident as an opportunity to strengthen our defenses and refine our procedures. We enhanced our monitoring systems, updated our security protocols, and conducted additional training for our staff and clients on recognizing and responding to security threats.
A Call to Action
For businesses, incidents like these underscore the importance of having a vigilant and responsive IT partner. Missing an incident like this could lead to severe consequences, but with the right measures and a proactive approach, the risks can be mitigated effectively.
At Cowabunga Computers, we are committed to protecting our clients from cyber threats and ensuring their operations run smoothly. Our swift action in this incident highlights our dedication to providing top-notch security and support. Let us help you secure your business and navigate the ever-evolving landscape of cybersecurity threats.
First, let’s define what “break-fix” means. In a break-fix approach, you only call for IT support when something goes wrong. Imagine if you only went to the doctor when you were very sick, rather than going for regular check-ups to stay healthy. This is how break-fix works: you fix things when they break.
What is a Maintenance Contract?
A maintenance contract, on the other hand, is like having a health plan for your computer systems. With a maintenance contract, you have ongoing IT support and regular check-ups to ensure everything is running smoothly. It’s a proactive approach rather than a reactive one.
Benefits of a Maintenance Contract
Prevention of Issues:
Regular Check-Ups: Just like regular medical check-ups can prevent major health issues, regular IT check-ups can prevent major technical problems.
Early Detection: Potential problems can be identified and resolved before they become serious, minimizing downtime and disruptions.
Cost Savings:
Predictable Budget: With a maintenance contract, you pay a fixed monthly fee, making your IT expenses predictable and easier to budget.
Avoid Costly Repairs: Preventing issues through regular maintenance can save you from expensive repairs or replacements when things break unexpectedly.
Increased Efficiency:
Optimal Performance: Regular maintenance ensures your systems are running at their best, which improves overall efficiency and productivity.
Minimal Downtime: By addressing potential issues before they cause failures, your systems experience less downtime, keeping your business operations smooth.
Access to Expertise:
Dedicated Support: With a maintenance contract, you have access to a dedicated team of IT professionals who are familiar with your systems and needs.
Proactive Advice: The team can provide recommendations on upgrades and improvements to keep your technology up-to-date and secure.
Security and Compliance:
Regular Updates: Maintenance contracts include regular updates and patches, ensuring your systems are protected against the latest security threats.
Peace of Mind:
Reliable Support: Knowing you have a team ready to handle any issues gives you peace of mind, allowing you to focus on running your business.
Emergency Response: In case of unexpected problems, maintenance contract clients often receive priority support, reducing the impact of any issues.
In summary, a maintenance contract is a smart investment for your business. It ensures your IT systems are well-maintained, secure, and running efficiently, while saving you money and giving you peace of mind. Instead of waiting for problems to occur, you can prevent them and keep your business operations running smoothly.
In today’s increasingly connected world, ensuring the security of your network is paramount. Recent reports have highlighted multiple vulnerabilities in common routers that can expose your network to significant risks. Here’s what you need to know about these vulnerabilities and why it’s crucial to upgrade to more secure, manageable devices.
Common Vulnerabilities in Routers
Netgear and Cisco SOHO Routers: The FBI recently removed malware from hundreds of end-of-life Netgear and Cisco small office/home office (SOHO) routers that were being exploited by Chinese state-sponsored hackers. These devices no longer receive updates, making them highly susceptible to reinfection and other cyber threats (Malwarebytes) (SecurityWeek).
TP-Link Archer AX21: A command injection flaw in TP-Link Archer AX21 routers (CVE-2023-1389) has been actively exploited by multiple botnets, including variants of the infamous Mirai botnet. Despite the availability of firmware updates, many devices remain unpatched, leaving them vulnerable to DDoS attacks and other malicious activities (BleepingComputer) (Penetration Testing).
Linksys Routers: Recent findings have revealed 10 vulnerabilities in 20 models of Linksys routers, including the EA and WRT series. These vulnerabilities range from denial-of-service attacks to unauthenticated command execution, which could allow attackers to take full control of the devices. While Linksys has released firmware updates to address these issues, many routers remain vulnerable due to users not applying these updates (Threatpost) (SecurityWeek).
Why Upgrade Your Router?
Outdated routers not only pose a significant security risk but also lack the advanced features necessary to protect against modern cyber threats. Here are compelling reasons to upgrade:
Enhanced Security: Modern routers come with improved security features and regular firmware updates to protect against new vulnerabilities.
Better Performance: Upgraded hardware ensures faster and more reliable internet connections, essential for both business and personal use.
Advanced Management: Managed routers allow for remote monitoring and maintenance, ensuring your network remains secure and efficient.
Consumer-Grade Firewalls vs. Enterprise Cloud-Managed Firewalls
Consumer-Grade Firewalls:
Pros: Affordable, easy to use, and provide basic protection suitable for home use.
Cons: Limited features, scalability issues, manual updates, and minimal support.
For businesses looking to protect sensitive data, ensure network performance, and scale their operations securely, investing in an enterprise cloud-managed firewall is a wise choice. Here’s why:
Enhanced Security: With robust security features, these firewalls provide comprehensive protection against sophisticated cyber threats.
Operational Efficiency: Centralized management and automated updates reduce the burden on IT staff, allowing them to focus on other critical tasks.
Future-Proofing: As your business grows, a scalable firewall solution ensures that your network security infrastructure can expand and adapt to new challenges.
Regulatory Compliance: Many industries require stringent security measures. Enterprise firewalls help meet these regulatory requirements, protecting your business from legal and financial repercussions.
Our Solution
At Cowabunga Computers, we include an enterprise firewall as part of our managed services agreement. Our comprehensive network management services ensure your routers and other network devices are always up-to-date and secure. Our services include:
Regular Firmware Updates: We ensure all your network devices have the latest security patches.
24/7 Monitoring and Management: Our team continuously monitors your network for any signs of suspicious activity.
Expert Support: Our technicians are always available to assist with any issues or queries.
Security Audits: Regular security audits to ensure compliance with industry standards and best practices.
Take Action Now
Don’t compromise your network security. Contact Cowabunga Computers today to upgrade to an enterprise cloud-managed firewall and safeguard your business against evolving cyber threats. Let us help you build a secure and resilient network infrastructure.
