Technology Alert Archives | Anderson Technologies

A New Browser from Microsoft

April 22, 2020/in Data Security, News, Technology Alert /by Marcia Spicer

Here’s what might make it worth the download.

Since Internet Explorer hit peak saturation in 2003 with 95% of market share, Microsoft has been in a bit of a browser rut. Mozilla Firefox usage hit its peak in 2009, and the other major competitor, Google Chrome, is the current favorite with 69% of market share as of December 2019. But Microsoft’s new Edge browser could stand to upset that balance.

Built on open-source Chromium (originally developed by Google for their Chrome browser, and also a base for Opera), the new Edge, released January 15, 2020, offers almost all of the benefits of Chrome, as well as a few additional features.

Initial user feedback is in, and the new Edge could be a game changer in the browser wars.

What Makes Edge Chromium Stand Out?

Speedy and Resource Efficient: Though Edge is built on the same open source code as Google Chrome, its speed is significantly faster, even with multiple active tabs. It uses less RAM than the notoriously resource-hungry Chrome. For users maximizing efficiency and speed, the new Edge could make a difference in workflow. Browsing the web shouldn’t slow down other functions, and Edge makes that absolutely clear. Even the initial setup (with a profile imported from Microsoft or another browser) is almost instantaneous.

Built-In Security: Microsoft has developed a new feature called SmartScreen to aid in protecting users from reported phishing and malware websites. The new Edge comes with SmartScreen enabled, which displays a warning when users try to navigate to dangerous sites or download suspicious files.

Privacy as a Rule: Have you ever visited a website and then been bombarded with ads for their services on every other site you visit in that session? Trackers make these remarketed ads possible, and the new Microsoft Edge is designed to block them. Trackers capture information about users and how they interact with sites. They then relay that information to the site, connect it to social media accounts, and loop in ad servers. Users can select their level of protection, but all levels also block harmful trackers, like those involved in cryptojacking. While Firefox already offers this service, Chrome does not.

With such a focus on privacy, it’s no surprise that Edge meets the new industry standard with their InPrivate windows offering the same functionality as Incognito in Chrome or Private Window in Firefox. Edge also comes with pop-ups, redirects, and ads all blocked as the default.

Compatibility: Edge offers integrations with Azure Active Directory and Office 365 by IT administrators. Granular control over updates and group policy objects customize the browser for business needs. This feature, if fully utilized, could enable users to search internal company servers through their Edge browser instead of Windows Explorer.

Extensions: In addition to the growing library of Edge-specific extensions in the Microsoft store, Edge also works smoothly with most, if not all, existing Google Chrome extensions. Users focused on privacy and security can add another layer of protection to those already built into Edge.

Applications: When run on Windows 10, the new Edge provides the option for users to run websites as apps. Once set up, these apps are accessible through the taskbar or as desktop icons, and they cut down on running multiple tabs within the browser. This feature is especially useful with sites that a user might want to keep running all day, like Twitter or a time tracking application.

For users tied heavily to Windows OS and other Microsoft services, Edge adds functionality without adding load time and RAM. Microsoft does warn that Chrome users who integrate with Gmail may experience some incompatibility in the new Edge landscape; however, users overwhelmingly report that this hasn’t been an issue. Ultimately, the use of one browser over another often comes down to preference, but there are no major flags that should prevent users from including Microsoft Edge among their options.

Need help choosing a browser to roll out for your employees or finding which privacy features will best enhance your work? Contact the technology experts at Anderson Technologies at 314-394-3001 or info@andersontech.com with all of your questions!

Cyber Security St. Louis Ransomware Small Business

Ransomware as a Service: When Criminals Mimic Corporations

February 20, 2020/in Data Security, Technology Alert /by Marcia Spicer

When you imagine cyber criminals planning ways to infect hundreds of thousands of computers, you probably don’t picture sophisticated marketing operations and software licensing, but you’d be surprised. The black market on the Dark Web is much like any other online store where you purchase goods, only its products are more nefarious. Cyber criminals copy the techniques used by corporations to increase profits by authoring and distributing ransomware-as-a-service (RaaS). RaaS enables less tech-savvy cyber criminals to quickly set up shop, and often includes “customer support,” easy-to-use dashboards, and guides on how to most effectively distribute ransomware onto victims’ machines.

The RaaS Business Model

This is not a recent development. RaaS has been used since 2016, and has proved to be a lasting business model for cyber criminal organizations. These organizations utilize modern marketing and corporate strategies to get their “customers” to choose their ransomware services over other offerings on the Dark Web.

How Does RaaS Work?

In a traditional software business model, a user pays a one-time fee to buy a license for a specific version of the software outright. There are no other costs throughout the life of the software, but if the user wants to upgrade to a newer version, the software must be purchased again. But being required to buy each new version that’s released can be financially impossible for some consumers. That’s where software-as-a-service (SaaS) comes in.

With SaaS, the user can “rent” the software for a monthly fee, giving the user the most current version of the software at a greatly reduced upfront cost. But unlike traditional software purchasing, if the user ends their subscription, they lose access to the software.

On the Dark Web, RaaS utilizes both these business models. Instead of a bad actor authoring and distributing their own ransomware onto victims’ computers, cyber criminals pay for someone else’s ransomware strain. This allows even those who don’t have the skills necessary to create their own ransomware strain to enter the ransomware market.

This arrangement is beneficial to the author of the ransomware, as well. In addition to the subscription price, the author often gets a cut of each ransom paid. The more subscribers who buy and distribute their ransomware, the more money the author makes without needing to infect a single computer themselves.

This is where RaaS mimics legitimate businesses. Some ransomware authors sell licenses using the traditional software business model. When a cyber criminal buys the ransomware license, they are free to use it as much as they want. Other ransomware authors have adopted the modern subscription model of SaaS. As a subscription, buyers have to continue to pay monthly or by number of infected computers. In return, the ransomware they “rent” receives updates and continued support from the author. To entice cyber criminals to choose their strain, some authors will offer discounts or adjust their cut of the ransom. Some even provide tutorials and customer support to buyers to help with distribution.

Ransomware Finds New Ways to Make Victims Pay Up

The authors of ransomware strains aren’t the only ones offering customer support. For several years now, criminal organizations spreading ransomware have provided customer support representatives to facilitate payments, such as helping victims buy bitcoin or walking them through the payment process. Sometimes these customer support reps even lower the ransom for victims unable to pay the requested amount.

While offering customer service may seem absurd for a criminal enterprise, the newest extortion method fits right in. The threat of ransomware includes not only the loss of data but also the weaponization of that data by bad actors. Until now, the risks associated with not paying the ransom have been limited to criminals farming the encrypted data for credentials or losing the data altogether. Now a new type of extortion is threatening to come to the forefront.

To thwart the growing number of businesses taking cyber security seriously and ensuring they have reliable backups in case of a ransomware attack, cyber criminals now threaten to release the unencrypted data they steal if the businesses choose not to pay the ransom. Those behind the Maze ransomware strain have a public website listing the names of businesses they’ve infected, as well as details about the attack and documents stolen from infected systems. The Allied Universal data breach and release was Maze’s first victim to be publicly exposed in this way.

What Can You Do?

When it’s not only loss of data but release of data that is the danger, the usual mantra of back up your data doesn’t cut it anymore. With this evolving threat landscape, prevention is the key to security.

In addition to basic security measures that all businesses should implement, intrusion detection is essential to modern cyber security. Bad actors are often in compromised systems for days or weeks before the actual ransomware attack happens. They can search files, disable security measures, corrupt backup systems, and more to make the business as vulnerable as possible. Identifying the problem when the intrusion first happens could save not only your money but your data and reputation as well.

Other precautions include encrypting all sensitive data so hackers can’t access it, having strong user access controls and passwords, and restricting administrator access to necessary IT personnel. This limits the amount of data criminals can access if they were to penetrate your systems.

Most of all, train your employees how to identify phishing methods and signs their computer may be compromised. Employees are the front line of defense against infection. Make sure everyone is trained at least annually to stay up to date with new ransomware strategies so that they and you don’t become unwilling customers of the ransomware business model.

If you need help shoring up your defenses against ransomware or need employee training, contact Anderson Technologies today!

Quotables: Why We Must Leave Windows 7 Behind (VAR Insights)

January 14, 2020/in Data Security, Quotables, Software, Technology Alert /by Marcia Spicer

A timely recommendation from Anderson Technologies’ Farica Chang provides education and advice regarding the January 14, 2020 Windows 7 End of Life date.

A few thousand dollars spent now is better than tens or hundreds of thousands demanded by ransomware and the loss of confidence your clients in the future.

Click here to read the full article!

Are you in need of expert IT consulting? Anderson Technologies is a St. Louis IT consulting firm that specializes in system administration for small businesses. Let us help you today! Give us a call at 314.394.3001 or email us at info@andersontech.com.

What are Quotables? This is a category in our posts to highlight any professional publications that benefit from our expert IT consulting advice and quote us in articles for their readers.

End of an Era: Saying Sayonara to Windows 7

January 14, 2020/in Data Security, News, Technology Alert /by Marcia Spicer

January 14, 2020. Today marks the end of an era. As of today, Microsoft no longer offers support for its Windows 7 operating system.

If you’re still hanging on to outdated hardware running Windows 7, you’ll no longer receive updates, attack countermeasures, and security patches.

Your Windows 7 machines—and entire network—will be vulnerable to new breaches, exploits, malware and viruses.

It also means that, starting today, no Windows 7 computer is HIPAA compliant. Using hardware that cannot be protected with patches and updates means the Security Rule is not being followed, and if a breach does occur, you’ll probably be liable.

Anderson Technologies recommends upgrading all Windows 7 machines and other Microsoft offerings that also reach End of Life today, including Hyper-V Server 2008/Hyper-V Server 2008 R2 and Windows Server 2008/Windows Server 2008 R2.

What’s the Big Deal?

Businesses and organizations in every field should take end of support for an operating system seriously. Cyber crime is on the rise, and while many criminals continue to target anyone who will click their bait, many more see the value in targeting vulnerable access points to a network, knowing that the data and additional connections they unlock can really pay off. Recently, hundreds of nursing homes and veterinarians lost access to patient data, and multiple municipalities in Texas were effectively shut down due to their software and cloud providers being compromised by ransomware.

It’s not a question of if you’ll be targeted, but when.

For any business, staying up to date on all security and software patches is an essential part of the electronic era. After today, anyone running Windows 7 is holding the door open for cyber criminals once the newest zero-day threat is identified and exploited. Don’t count on your cyber insurance to cover any ransom or damages you incur in the event of an attack. Many cyber insurance policies require businesses to have certain security measures in order to pay out, and an updated and patched OS is one of the most basic protections you can have.

If you operate in the healthcare vertical, staying up to date is not just important, it’s the law. Under HIPAA, any Covered Entity or Business Associate must comply with the same standards. Having patched and routinely updated hardware is part of HIPAA’s Security Rule, and failure to comply won’t just mean trouble from cyber criminals. The Office of Civil Rights can levy significant fines for businesses that knowingly ignore cyber security guidelines.

In the accounting vertical, operating from an unsecured OS could leave you in breach of the FTC Safeguards Rule, and your client data will be vulnerable.

Staying up to date on all security and software patches is essential when fighting cyber crime. After January 14, 2020, anyone still running Windows 7 is inviting cyber criminals in through an unguarded, open door.

What Options Do I Have?

Extended Support for Windows 7. Microsoft’s extended support plan is only available to users running Windows 7 Pro or Enterprise through volume licensing. Contact your IT provider or Microsoft representative to determine if you are eligible. If you are, you can purchase up to three years of extended Windows 7 support, starting at $50-$100 per computer for the first year and doubling in price each year following. This is not a long-term fix, but it could allow you to spread out your upgrades over several years instead of upgrading your equipment all at once.
Windows Virtual Desktop. Microsoft is also offering three years of support for free with Windows Virtual Desktop. If you’ve been considering moving to the cloud, this might be a good time to look into Azure and reduce hardware costs.
Update OS to Windows 10. If hardware costs are holding you back from getting a fully-supported machine, updating your existing computers to Windows 10 might be the most cost-effective option to remain secure. Unfortunately, many computers running Windows 7 are not capable of efficiently running Windows 10.
Upgrade Hardware for Maximum Security. The most secure option moving forward is a secure OS (Windows 10) paired with up-to-date hardware built to run modern software and protect data.

If upgrades just aren’t feasible—maybe essential software isn’t compatible with Windows 10 or you’re operating on Virtual Desktop—security should be at the forefront of your mind. Move forward with updates and upgrades when you can, and until then:

Do not connect Windows 7 computers to the internet.
Don’t store client data on unsecure systems.
Back up your business data daily and make sure these backups are configured to adequately protect them against cyber attacks.

The time to act is now. Don’t be caught with your IT systems wide open to the next cyber attack. Upgrade to Windows 10 before it’s too late. Anderson Technologies can help. Contact us at 314.394.3001 or info@andersontech.com.

Robots? Working with Me? It’s More Likely Than You Think

December 20, 2019/in Data Security, Managed Services, Technology Alert /by Marcia Spicer

Remember Roomba? Maybe you have one, zipping around your home, getting caught under furniture and amidst wires. That seemingly simple machine, armed with programming and dust-sucking, became seamlessly integrated in the lives of millions. But even at the height of the Roomba revolution, there wasn’t a lot of talk about smart vacuums stealing our jobs or taking over our homes.

Everyone is fascinated with artificial intelligence right now. It is hard to deny the buzzword power of the term. Tinged with fear or awe, AI often feels like the answer to everything—or our impending downfall.

The reality is far from either. As it stands now, AI like the programming in Roomba, or Roomba’s grown-up relatives found at Walmart and Giant Foods, is a powerful tool. Limited to specific tasks or deep learning, AI may just be the best coworker you’ve ever had.

Is AI Coming for Our Jobs?

Here’s the truth: For employees whose primary job function may easily be replaced by single-task AI, the job hunt may be on. Computer-screen ordering interfaces and shipment-sorters may in fact reduce hours for the humans who previously held those positions and others like them. Fortunately, many businesses are utilizing AI as an opportunity to free their employees for more complex and customer-facing tasks.

For every job that might be eliminated or reduced, there are many more that just don’t work without human hands and minds.

And because thankless tasks are becoming automated, human workers can now spend their time and energy immersed in the more creative aspects of their jobs.

AI and IT: Working Together for You

It may not surprise you to learn that IT is currently the field most welcoming to our AI coworkers. For IT managed services firms that balance the cutting edge with enhanced security, a cautious approach still finds that within specific, defined roles, AI provides valuable services.

Tools like firewalls, antivirus, and remote monitoring, among others, are IT staples that frequently employ AI. There is a firewall AI, for example, that can be programmed to track traffic patterns (volume, uploads and downloads, behavior on websites), and if something appears contrary to what has been deemed “normal” patterns, the associated software can automatically isolate a user’s workstation and alert a human team member that there has been a potential compromise.

Deployed on a larger scale, this type of monitoring and pattern-detecting AI frees IT professionals from manually watching the same traffic. This means billing hours go to solving problems and providing meaningful solutions instead of wondering if a large file download is suspicious.

AI also has the potential to detect patterns and flag issues that human experts can’t identify themselves. Given data sets and known problems, machine-learning AI may move the IT industry into truly predictive safeguards. If used widely, this could mean no more frantic break-fix calls after hours because AI team members have long since identified the developing issue, and human counterparts have already fixed it.

AI as part of a managed services offering doesn’t have to feel inhuman. As a tool utilized by humans in order to provide an enhanced, fuller package of IT services, AI improves experiences.

Do you have questions about AI and what it could do to improve your business’s IT systems and cyber security? Call Anderson Technologies today at 314.394.3001 or send us an email at info@andersontech.com.

Quotables: Windows 7 End of Life (E-Commerce Times)

November 25, 2019/in Data Security, Quotables, Software, Technology Alert /by Marcia Spicer

Mark Anderson’s expert advice is featured in E-Commerce Times, providing context for the upcoming Windows 7 End of Life date.

The most visible threat to an unpatched OS is ransomware planted on your computer or network in an effort to extort money for returning your data. If you’re an etailer or other electronic business, losing your customer list, vendor information, and invaluable store data could leave you out of business for days, weeks or permanently.

Paying the ransom doesn’t ensure all the data will return or that you can return to normal operations in time to mitigate the costs. If you don’t have recent, secure backups that didn’t get compromised, your recovery options are severely limited.

Click here to read the full article!

What are Quotables? This is a category in our posts to highlight any professional publications that benefit from our expert IT consulting advice and quote us in articles for their readers.

AI: Should We Fear the Demon? (Not Yet)

November 19, 2019/in Data Security, Technology Alert /by Marcia Spicer

The world of Artificial Intelligence (AI) may not have a more well-known figure than Elon Musk, entrepreneurial head of Tesla and SpaceX. In a 2014 interview, Musk stated: “With artificial intelligence we are summoning the demon. In all those stories where there’s the guy with the pentagram and the holy water, it’s like yeah, he’s sure he can control the demon. Didn’t work out.”

While Musk’s concerns haven’t been proven completely unfounded, AI today functions strictly within the realm it is programmed for. Becoming a “demon” with expanding abilities and intelligence out of our control is currently beyond its limited capacity. Even AI that is designed to “learn” only learns within the confines of what it has been specifically programmed for, and as driverless cars show us, learning and doing are two different things.

Driverless Limitation

One of the most glaring examples of AI’s current limitations is in the rise in autonomous vehicles. General Motors, Uber, Waymo, and Tesla’s Autopilot are only a few in the race to true self-driving cars. Driverless car software utilizes machine learning, and the software is far from perfect.

Recognizing a bicycle and then anticipating which way it’s going to go is just too complicated to boil down to a series of instructions. Instead, programmers use machine learning to train their software. They might show it thousands of photographs of different bikes, from various angles and in many contexts. They might also show it some motorcycles or unicycles, so it learns the difference. Over time, the machine works out its own rules for interpreting what it sees. – Zachary Mider, Bloomberg

But as much as a computer learns about what potential hazards might look and act like, computers still have no grasp of three basic concepts: time, space, and causality. This approach, while it does keep a self-driving car from becoming KITT or Herbie, also keeps self-driving cars from being truly 100% error free. Unlike human drivers, cars will never be able to fully understand consequences or anticipate randomized behavior that may be apparent from factors these cars haven’t been programmed to recognize.

And what about scenarios that self-driving cars aren’t being trained for? In October 2019, testing by AAA indicated that dummy pedestrians crossing the road were hit 60 percent of the time, even in daylight and at low speeds. Such obvious limitations should, and do, give users pause.

While self-driving technology may be improving in some ways, seven in ten Americans still have no interest in using—or even sharing the road with—driverless cars. Driver-assist technology, on the other hand, is far more popular. Human input and supervision, it seems, still offer something that machine learning cannot replicate. Driver-assist technology allows users to benefit from the areas where AI has excelled, such as alerting drivers when they veer from the center of a lane or back up too close to an obstacle, but humans still stay in control to make split-second decisions on the road.

Functioning in Limited Capacities

While driverless car technology dominates headlines, AI is being used successfully in more limited capacities. Where machine learning does excel is in analyzing data sets far too large for human processing.

Using publicly available data and AI, university student Anne Dattilo discovered two exoplanets. Footage from Kepler space telescope tracked “100,000 stars in its field of view.” Dattilo’s modified AI was programmed to identify and flag stars that, due to light fluctuations, appeared to have planets. Dattilo and human colleagues confirmed the findings.

Elsewhere, scientists are using AI to sift through audio recordings for the sounds of elephants in the rainforests. This data is then used to count the animals, helping to provide a more accurate picture of population and poaching rates.

These highly focused uses of AI have proven successful in accomplishing what humans alone could not. Success in the science field, however, doesn’t seem to translate to highways or a grander intelligence.

A Constrained Approach

Some researchers hold the belief that machine learning and AI as it exists now simply may not hold the keys to the change promised by innovators and fiction writers, and the ways AI has been used so far seem to support this.

According to skeptics like [Gary] Marcus, [professor of cognitive psychology at NYU,] deep learning is greedy, brittle, opaque, and shallow. The systems are greedy because they demand huge sets of training data. Brittle because when a neural net is given a “transfer test”—confronted with scenarios that differ from the examples used in training—it cannot contextualize the situation and frequently breaks. They are opaque because, unlike traditional programs with their formal, debuggable code, the parameters of neural networks can only be interpreted in terms of their weights within a mathematical geography. Consequently, they are black boxes, whose outputs cannot be explained, raising doubts about their reliability and biases. Finally, they are shallow because they are programmed with little innate knowledge and possess no common sense about the world or human psychology. – Jason Pontin, Wired

While AI may provide some incredible shortcuts in daily life and populate wells of information, these limitations mean that fears of an all-powerful, all-knowing “demon” remain far from tangible. The need for oversight and limits in AI is no joke, and Elon Musk may yet prove to be a technological prophet of sorts. But the truth is, we have no reason to fear our robot overlords today.

Are you interested in the ways AI can enhance your life and business? Are IoT devices creating gaps in your carefully maintained cyber security? Contact Anderson Technologies today for enlightened solutions to all your technological troubles. We can be reached by phone at 314.394.3001 or email at info@andersontech.com.

AI: Are We Planting the Seeds of the Robot Uprising?

September 10, 2019/in Data Security, Technology Alert /by Marcia Spicer

Computer technology moves at a blazing pace. Blink once and the world of tech steps forward a light year. Blink twice and suddenly what was once cutting edge is now commonplace. No day is the same in the tech world as the standards, methods, and products constantly change and improve.

We’ve written previously about how valuable human data is to the tech industry. Whenever you spend time on your internet-connected devices, virtual scouts track and collect your data to build human profiles. This data provides a wealth of information to companies, data brokers, and even potential cyber criminals, which is one of the reasons it’s so important to stay on top of the latest tech threats.

Artificial intelligence (AI) is a tech-industry term that’s been thrown around more and more when discussing cyber security—especially by industry innovators like Elon Musk. Depending on who you talk to, this futuristic-sounding technology is either the solution to every problem or the biggest threat to you and your business’s digital well-being. The best response to emerging technologies like AI is education, so let’s explore this concept and empower you to decide what to implement in your corporate and personal lives.

What Is AI, Anyway?

Artificial intelligence, also referred to as machine intelligence or machine learning, is a branch of computer science that pushes technology to learn and solve problems from sets of data. It’s a big part of what makes “smart” technology so smart. Systems that use AI analyze data patterns to develop algorithms that make programs work more efficiently. This “intelligence” mimics the human brain’s ability to learn and apply information to new problems.

These algorithms power the technology we use every day: inbox filters, social media feeds, predictive text, online shopping recommendations, and virtual assistants like Alexa and Siri. If you’ve used Google Home or iMessage today, you’ve already experienced AI technology. For example, iMessage’s predictive text algorithm analyzes the patterns in your text messages and uses it to suggest words and phrases as you type.

Artificial intelligence has so many different uses, and its breadth allows more than just the information technology field to benefit. Manufacturing companies, financial analysts, and even biologists use AI to process data and identify trends that would take human minds years of constant dissection to solve.

Is AI Dangerous?

AI has gained a bit of a negative reputation from sci-fi books and movies, often portrayed as a menacing force of infinite knowledge that aims to dominate humanity. Projects like Sophia the AI robot give a pretty face to this mimicry of human intelligence. However, these real and fictional depictions are far from the most common ways AI is applied. Real-life AI technology is, for the most part, innocuous without human motives behind it.

Pop culture has fun anthromorphizing AI, but in reality, AI machines are limited to the data sets they’re built to address.

Credible concerns about AI are rooted in its human weaknesses. The goal of AI research and development is to mimic human reasoning so problems can be solved faster than humans could physically achieve. Like any technology, AI requires real people to design, program, and evaluate it.

Self-driving cars have been in the news for the last few years, and despite several pedestrian and driver fatalities AI research preserves the dream of autonomous transportation. Imagery algorithms for drone technology and surveillance software (like the facial recognition you might use to unlock your phone every day) power these autonomous processes that read and react to data sets. But even with a human driver in the front seat, self-driving cars can’t realistically predict events they haven’t been programmed to respond to.

Imagery technology tends to make people apprehensive about their privacy as well as their safety on the roads. Beyond scanning your tagged Facebook photos or unlocking your iPhone, facial recognition software has the potential to elicit a global response. Government and immigration agencies are already using AI technology to implement policies, regardless of negative implications on citizens’ privacy. And the phenomenon of “deep fakes” has revealed a latent anxiety about taking online content of world leaders at face value. Regulation is still underway for most kinds of AI, leaving researchers and corporate funding to run rampant with a technology that’s growing faster than protective agencies can keep up with.

AI systems are susceptible to human biases, even if we don’t deliberately program them that way. Without actual human reasoning, perfect AI function takes a lot of trial and error. This is why spam email sometimes ends up in your inbox while an account verification email gets sent to the junk folder. AI needs constant human refinement. Pop culture has fun anthromorphizing AI, but in reality, AI machines are limited to the data sets they’re built to address.

What Should I Know About AI Technology?

As AI technology continues to develop, it provides exciting opportunities to strengthen cyber security. Managed service providers like Anderson Technologies integrate new AI-powered software into existing practices. AI technology can chew through mountains of seemingly unrelated data and uncover previously hidden relationships and patterns, allowing MSPs to bring to bear more robust solutions for their clients. For example, to address a universal threat vector, adding an intelligent email-filtering software like Proofpoint serves as a very strong first layer of defense against malicious emails.

Read more about cyber security!

As a business owner, it’s wise to stay on top of upcoming technologies, whether or not you decide to implement them in your daily work. AI enables more powerful systems—but the same applies to cyber criminals. Intelligent machines can learn which users and programs are susceptible to certain threats, and they’re also very skilled when working with patchy data sets. A human hacker might overlook patterns that an AI-powered program is designed to seek out and exploit.

Machines have strengths in areas where humans are weak, and vice versa. As AI continues to trickle into more of our everyday experience, concerns about privacy and regulation become more tangible. While AI itself has no virtue signal, the people directing it prove it has frightening potential. But, just like jokes from Sophia the robot, with cautious exploration AI seems set to do more good than harm.

Do you have questions about the application of AI for your business? Contact Anderson Technologies today and stay tuned for more articles discussing the emerging technology of artificial intelligence.

Office Depot Pays for False Malware Reports

May 21, 2019/in Data Security, Managed Services, News, Technology Alert /by Marcia Spicer

Do you trust your computer’s security to anonymous department store employees?

For many, the low price, high convenience, and ease of taking a home computer or laptop to a store like Office Depot or OfficeMax for maintenance or repair far outweighs any risk that would normally be associated with a stranger sifting through your files. A solid reputation for service makes a free scan from stores like Office Depot seem like the perfect solution to minor computer issues.

Unfortunately, between 2009 and 2016, one corporation violated the trust that comes with that reputation.

PC Health Check

During this time, Office Depot/OfficeMax utilized an application called PC Health Check and ran the program as part of its in-store computer services. The program’s free scan was marketed to check the “health” of PCs by scanning for malware. However, instead of actually checking the computer, if any one of four signs of probable malware were selected by the user, PC Health Check automatically reported the presence of malware and suggested the user pay for PC cleaning and repair.

PC Health Check was licensed to Office Depot and OfficeMax by Support.com, who received a percentage of each purchase. In late March, the FTC reported on their ruling that the companies will now be prohibited from making deceptive claims, and will pay $35 million in fines to the FTC, which the government will then distribute as refunds for fraudulently-triggered purchases.

Exposed!

Ars Technica reported that in November of 2016, this scam was exposed by Jesse Jones of news station KIRO 7 in Seattle. The investigations team ran six brand new computers through PC Health Check, and four of the six were flagged with symptoms of malware, even though the computers had never been connected to the internet. These same computers were found to be malware-free by an independent IT services provider!

After this report, Office Depot/OfficeMax pledged to take appropriate action and pay the agreed-upon fine. According to the FTC, that had not yet happened, though the PC Health Check program’s use was discontinued.

Read about Anderson Technologies’ approach to managed IT services here!

The Takeaway

This FTC ruling should serve as a warning to anyone soliciting unneeded maintenance and repair, but it’s also a warning for consumers. The security of your business machines and network shouldn’t be trusted to just anyone.

Ask questions. What evidence does the IT services expert have for the action they propose? Does the software they utilize for diagnostic purposes have a solid reputation? Have other individuals and businesses experienced positive results after working with the expert or team?

At Anderson Technologies, we recommend cultivating a relationship with your IT services provider over time. The best results come from managed services providers who interact with all levels of your network and computer systems. Of course, emergencies happen, often when we least expect it. In those cases, resist the temptation of a quick fix even from a brand name.

Could you be eligible for a refund from the FTC in this case? Click the Get Email Updates button on their announcement. Seeking an alternative to cookie-cutter IT support? Contact Anderson Technologies and see how we’ve earned our reputation over twenty-plus years.

Chrome Zero-Day Threat Exploit Found

March 8, 2019/in Data Security, News, Technology Alert /by Marcia Spicer

At Anderson Technologies, we take reports of zero-day threats very seriously. So when Google disclosed one in their popular Chrome browser, our IT experts moved swiftly to patch our managed IT services clients’ devices immediately.

We also want to spread the word on how to mitigate this threat.

The Exploit

Dubbed CVE-2019-5786, this zero-day Chrome exploit can bypass security measures and run a Remote Code Execution. This allows malware or other code to be loaded onto your computer without detection from the browser’s built-in security.

Read more about this threat exploit at Forbes.

The Solution

Update Chrome. It’s as easy as that. Google’s already fixed the problem and issued a patch.

Your Chrome browser may already be updated. To check, go into Chrome “Help” in the options button (the three vertical dots in top-right corner) and click “About Google Chrome.” The current version should be 72.0.3626.121. If you don’t have this version, you’ll need to update Chrome immediately.