• Posted on September 20, 2017 9:35 am
    Joseph Forbes
    No comments

    Whether you're a home PC user or a network administrator, you always need a plan for when the unexpected happens to your computers and/or network. A Disaster Recovery Plan (DRP) is essential in helping to ensure that you don't get fired after a server gets fried in a fire, or in the case of the home user, that you don't get kicked out of the house when mamma discovers you've just lost years worth of irreplaceable digital baby photos. A DRP doesn't have to be overly complicated. You just need to cover the basic things that it will take to get back up and running again if something bad happens. Here are some items that should be in every good disaster recovery plan: 1. Backups, Backups, Backups! Most of us think about backups right after we've lost everything in a fire, flood, or burglary. We think to ourselves, "I sure hope I have a backup of my files somewhere". Unfortunately, wishing and hoping won't bring back dead files or keep your wife from flogging you about the head and neck after you've lost gigabytes of family photos. You need to have a plan for regularly backing up your critical files so that when a disaster occurs you can recover what was lost. There are dozens of online backup services available that will backup your files to an off-site location via a secure connection. If you don't trust "The Cloud" you can elect to keep things in-house by purchasing an external backup storage device such as a Drobo. Whichever method you choose, make sure you set a schedule to backup all your files at least once weekly, with incremental backups each night if possible. Additionally, you should periodically make a copy of your backup and store it off-site in a fire safe, safe deposit box, or somewhere other than where your computers reside. Off-site backups are important because your backup is useless if it's burned up in the same fire that just torched your computer. 2. Document Critical Information If you encounter a major disaster, you're going to loose a lot of information that may not be inside of a file. This information will be critical to getting back to normal and includes items such as: Make, model, and warranty information for all your computers and other peripherals Account names and passwords (for e-mail, ISP, wireless routers, wireless networks, admin accounts, System BIOS) Network settings (IP addresses of all PCs, firewall rules, domain info, server names) Software license information (list of installed software, license keys for re-installation, version info) Support phone numbers (for ISP, PC manufacturer, network administrators, tech support) 3. Plan for Extended Downtime If you're a network administrator you'll need to have a plan that covers what you will do if the downtime from the disaster is expected to last more than a few days. You'll need to identify possible alternate sites to house your servers if your facilities are going to be unusable for an extended period of time. Check with your management prior to looking into alternatives to get their buy-in. Ask them questions such as: How much downtime is tolerable to them based on their business needs? What is the restoration priority (which systems do they want back online first)? What is their budget for disaster recovery operations and preparation? 4. Plan for Getting Back to Normal You'll need transition plan for moving your files off of the loaner you borrowed and onto the new PC you bought with your insurance check, or for moving from your alternate site back to your original server room after its been restored to normal. Test and update your DRP regularly. Make sure you keep your DRP up-to-date with all the latest information (updated points of contact, software version information, etc). Check your backup media to make sure it is actually backing something up and not just sitting idle. Check the logs to make sure the backups are running on the schedule you setup. Again, your disaster recovery plan shouldn't be overly complicated. You want to make it useful and something that is always within arms reach. Keep a copy of it off-site as well. Now if I were you, I would go start backing up those baby pics ASAP!

    Blog Entry, DATA, Data Recovery
  • Posted on September 2, 2017 9:36 am
    Joseph Forbes
    No comments

    Whether you're a home PC user or a network administrator, you always need a plan for when the unexpected happens to your computers and/or network. A Disaster Recovery Plan (DRP) is essential in helping to ensure that you don't get fired after a server gets fried in a fire, or in the case of the home user, that you don't get kicked out of the house when mamma discovers you've just lost years worth of irreplaceable digital baby photos. A DRP doesn't have to be overly complicated. You just need to cover the basic things that it will take to get back up and running again if something bad happens. Here are some items that should be in every good disaster recovery plan: 1. Backups, Backups, Backups! Most of us think about backups right after we've lost everything in a fire, flood, or burglary. We think to ourselves, "I sure hope I have a backup of my files somewhere". Unfortunately, wishing and hoping won't bring back dead files or keep your wife from flogging you about the head and neck after you've lost gigabytes of family photos. You need to have a plan for regularly backing up your critical files so that when a disaster occurs you can recover what was lost. There are dozens of online backup services available that will backup your files to an off-site location via a secure connection. If you don't trust "The Cloud" you can elect to keep things in-house by purchasing an external backup storage device such as a Drobo. Whichever method you choose, make sure you set a schedule to backup all your files at least once weekly, with incremental backups each night if possible. Additionally, you should periodically make a copy of your backup and store it off-site in a fire safe, safe deposit box, or somewhere other than where your computers reside. Off-site backups are important because your backup is useless if it's burned up in the same fire that just torched your computer. 2. Document Critical Information If you encounter a major disaster, you're going to loose a lot of information that may not be inside of a file. This information will be critical to getting back to normal and includes items such as: Make, model, and warranty information for all your computers and other peripherals Account names and passwords (for e-mail, ISP, wireless routers, wireless networks, admin accounts, System BIOS) Network settings (IP addresses of all PCs, firewall rules, domain info, server names) Software license information (list of installed software, license keys for re-installation, version info) Support phone numbers (for ISP, PC manufacturer, network administrators, tech support) 3. Plan for Extended Downtime If you're a network administrator you'll need to have a plan that covers what you will do if the downtime from the disaster is expected to last more than a few days. You'll need to identify possible alternate sites to house your servers if your facilities are going to be unusable for an extended period of time. Check with your management prior to looking into alternatives to get their buy-in. Ask them questions such as: How much downtime is tolerable to them based on their business needs? What is the restoration priority (which systems do they want back online first)? What is their budget for disaster recovery operations and preparation? 4. Plan for Getting Back to Normal You'll need transition plan for moving your files off of the loaner you borrowed and onto the new PC you bought with your insurance check, or for moving from your alternate site back to your original server room after its been restored to normal. Test and update your DRP regularly. Make sure you keep your DRP up-to-date with all the latest information (updated points of contact, software version information, etc). Check your backup media to make sure it is actually backing something up and not just sitting idle. Check the logs to make sure the backups are running on the schedule you setup. Again, your disaster recovery plan shouldn't be overly complicated. You want to make it useful and something that is always within arms reach. Keep a copy of it off-site as well. Now if I were you, I would go start backing up those baby pics ASAP!

    Blog Entry, DATA, Data Recovery
  • Posted on July 9, 2017 10:48 am
    Joseph Forbes
    No comments

    A Guide to the iPad Recovery Mode Resetting the iPad to its factory default settings is the nuclear option when it comes to troubleshooting.  For most issues, simply rebooting the iPad will fix the problem.  It's amazing what a simple reboot will do for the iPad, although it is important to follow the right procedure when rebooting.  When that fails, choosing to erase all settings and data and start from scratch becomes an option.   But what happens when you can't even reset the iPad?   If the iPad is locked or continually gets stuck at the Apple logo, you'll need to go beyond nuclear and force the iPad into recovery mode. The iPad's recovery mode is a process that uses iTunes on your PC or Mac in order to bypass the normal operation on your iPad.  If the iPad has been disabled or something went wrong with a previous update and it now freezes at the Apple logo, this process can force the iPad to reset to its fresh-out-of-the-box factory default settings. Remember, this should only be used when you cannot get into the iPad to operate it.   If your iPad boots up but freezes often while you use it, you can use some basic troubleshooting steps to help fix the problem. And before you try this option, make sure you have tried forcing a reboot.  If you iPad is merely frozen, even if it is at the Apple logo, try holding down the Sleep/Wake button for a full thirty seconds to see if it will power down.   Once the iPad's screen goes completely dark, wait a few seconds and then press the button again to power it back on.  If the iPad reboots but gets stuck at the Apple Logo again, or it simply won't reboot, you will need to continue with these instructions. If you do not already have iTunes installed on your PC or Mac, you can download it from Apple's website. How to Enter Recovery Mode on the iPad: Connect a USB cable to your PC. The cable that comes with the iPad can be used to connect it to your PC. Only connect the USB cable to your PC, not your iPad. Connecting the cable to your iPad must be done in the proper order. Turn off your iPad. You can accomplish this by holding down the Sleep/Wake button at the top of the iPad until a red slider appears on the screen. Activate the slider to turn the iPad off. Hold down the Home Button. The Home button is the round button at the bottom of the iPad, below the screen. While holding down the home button, connect the USB cable to the iPad. Your iPad should power on at this point. Keep holding the Home button down until you see the iTunes logo appear on the screen. If you see a battery on the screen, you will need to let the iPad charge for a bit and then repeat these steps. You are now in the iPad's recovery mode. You will receive a message on the screen alerting you that you have entered recovery mode. At this point, you can restore the iPad through iTunes using these instructions. This process will work from any computer, so if you don't own a PC and never turned on Find My iPad, you can go through this process using a friend's computer.  If you have backed up your iPad using iTunes or iCloud, you should be able to recover everything up to the point of your backup. But even if you haven't backed up your iPad, you can still recover any apps that you have previously purchased by downloading them from the App Store. What if you don't have access to a computer? If your iPad is locked and you don't have access to a computer, you can use Find My iPhone/iPad to wipe it remotely. You can either use the Find My iPhone app on your iPhone or you can go to www.icloud.com from any device that can connect to the web and then simply log on using your Apple ID. To wipe your iPad remotely, choose your iPad (click the blue button if you are on the map screen) and then choose "Erase iPad".  Get more help erasing the iPad remotely by getting in touch with us through our contact form.

    Blog Entry, Data Recovery, Hardware
  • Posted on May 31, 2017 10:54 am
    Joseph Forbes
    No comments

    Ransomware cyber attacks are quickly becoming the preferred method of attack by cybercriminals. WannaCry, the latest global incident, is particularly damaging because it is also a worm—not just a ransomware program. As a result, it looks for other computers to spread to. When it infects a new computer, it encrypts the data and locks out the owner until a minimum of $300 in bitcoin is paid. To achieve its unprecedented rate of circulation across networks, WannaCry ransomware utilizes a Windows OS vulnerability that was recently exposed as part of the leaked NSA hacker tools. Microsoft has released a public bulletin along with patches for Windows XP, Windows 8, and certain server platforms that did not receive the original MS17-010 update. You may view their announcement in full here. Whether you call it WannaCry, WannaCrypt, WCrypt, Wanacrypt0r, WCry, or one of the other names currently vying for the “call me this” crown, the ubiquitous ransomware which brought portions of the UK’s NHS to its knees over the weekend along with everything from train stations to ATM machines is still with us, and causing mayhem Worldwide. As a result, our regular roundup has been replaced with what will hopefully serve as a useful place to collect links related to the attack. First thing’s first: this was a big enough incident that Microsoft created a special patch for Windows XP users, some three years after it had the plug pulled on support. Regardless of Windows OS, go get your update. Now that we have that out of the way, here’s some handy links for you to get a good overview of what’s been going on: A rundown by our good selves, detailing the spread and tactics used by this worm to deposit Ransomware globally. A deep dive into the Malware by one of our Malware research specialists. Watching the infection bounce around doctor’s surgeries. How the purchase of a URL dealt a massive blow to the previously unstoppable spread. What happens when the URL purchasing White Hat is doxxed by the press. People are paying to retrieve files, but it seems they’re taking quite a gamble. The Malware authors are processing decryption manually. If you pay, but they can’t be bothered / their PC explodes / they’re hauled off to jail, you’re definitely not getting files back anytime soon. More problems: fake decryption tools. Misery begets misery. It may be down, but it most certainly isn’t out with fresh infections still taking place. Accusations of an amateur hour operation, despite the problems caused so far. Another “kill-switch” domain has been registered, hoping to slow the follow-up tides of Ransomware related doom. The hunt is now on for the people behind it all. They’ve managed to annoy at least 3 major spy agencies, so good luck I guess. And finally… This is a rapidly changing story, with a lot of valuable follow-up data being posted to haunts favored by security researchers such as Twitter, and we’ll likely add more links as the days pass. Update your security tools, patch your version of Windows and stay safe!

    Blog Entry, Data Recovery, Hacking
  • Posted on February 8, 2017 11:55 am
    Joseph Forbes
    No comments

    Do you suspect your email account has been hacked? Can't login to your email account? Are you getting undeliverable and bounce messages for email you never sent? Are friends and family complaining of receiving email you never sent? Is it malware? A hacker? Here's how to tell. Undeliverable and Bounce Messages Spammers frequently spoof the From sender on the email they send. They just substitute their real email address with a random email address found on a mailing list or one just randomly made up. Some poorly configured email gateway products don't distinguish between the manually editable "From" address and the actual sender origin, so they simply send any undeliverable messages to the spoofed From address. To better understand how this works, and help you track down the real origin of an email, see: Reading Email Headers. Best defense: Simply delete the undeliverable/bounce messages. In other cases, email worms will send themselves disguised as an undeliverable/bounce message. The bogus email contains either a link or an attachment. Clicking the link or opening the attachment leads directly to a copy of the worm. Your best course is to learn to overcome curiosity. Best defense: If you receive an undeliverable or bounce message for an email you know you did not send, resist the temptation to open the attachment or click the link. Just delete the email. Unable to login to your email account If you are unable to login to your email account due to an invalid password, it's possible that someone has gained access and changed the password. It's also possible that the email service is experiencing a system outage of some sort. Before you panic, make sure your email provider is functioning normally. Best defense: Prevention is key. Most email providers offer a password recovery option. If you have even a hint of concern that your email password has been compromised, change your password immediately. If you specified an alternate email address as part of the password recovery, make sure that address is active and be sure to monitor the account regularly. In some cases, you may need to call your email provider and request a reset. If you go that route, be sure to change your password from the one provided during the phone call. Be sure to use a strong password. Email appearing in Sent Items folder If copies of the sent email are appearing in your Sent Items folder, then it's likely that some type of email worm might be involved. Most modern-day malware won't leave such tell-tale signs behind, so it, fortunately, would be indicative of an older, more easily removed threat. Best defense: Update your existing antivirus software and run a full system scan. Email is sent to address book, does not appear in the Sent folder, and it's a webmail account The most likely cause is phishing. Chances are at some point in the past, you were tricked into divulging your email username and password. This enables the attacker to login to your webmail account and send spam and malicious email to everyone in your address book. Sometimes they also use the hijacked account to send to strangers. Generally, they remove any copies from the Sent folder to avoid easy detection. Best defense: Change your password. Make sure you've checked the validity of any alternate email addresses included in the password recovery settings first. Symptoms don't match the above Best defense: Make sure you do a thorough check for a malware infection. Fully scan your system with installed up-to-date antivirus software and then get a second opinion with one of these free online scanners. Receiving complaints from friends, family, or strangers One of the problems with spoofed, hijacked or hacked email is that it can also lead to responses from angry recipients. Stay calm - remember, the recipients are just as much a victim as you. Best defense: Explain what happened and use the experience as an educational opportunity to help others avoid the same plight.

    Blog Entry, Data Recovery, Hacking