Page 16 – Community Security Initiative

September 14, 2017September 14, 2017

Quick tips for security guidance

September 14, 2017

Many people wonder, as the High Holidays approach: Have they taken adequate steps to protect their institutions. If you’re looking for guidance, here are some resources:

JCRC-NY materials

Are you prepared? 5 steps to make your facility safer and more secure A quick overview of the items (with links) to consider at the beginning of the year.
Security & Emergency Resources Page. Find a wide range of resources on security and emergency planning.
Active shooter resources. Consolidating materials from DHS, the FBI , the NYPD and JCRC-NY.
Cybersecurity Resources Page

ADL materials

Here are some materials from our partners at the ADL.

August 30, 2017July 29, 2019

Are you prepared? 5 steps to make your facility safer and more secure

August 30, 2017

(Click here to download a PDF of this webpage)

Organizational leaders should work to strike a balance: to offer a warm and welcoming facility, while at the same time ensuring that their members, students, staffs, clients and building are safe and secure. Leaders concerned with everybody’s safety and security should prepare to deal with emergencies, because “on the fly” reflexes might not be as effective as a pre-determined and rehearsed plan. While your “to-do” list at the beginning of the academic and program year is long, consider these tips to help you prepare for emergencies and ensure you can protect your constituencies.

1. Control access to your facility

No unauthorized person should be allowed to enter your facility. Every person entering your facility should be screened by security (or other) staff.

Limit entrances and exits. Limit access to your facility to monitored entrances.
Don’t slow down regular users. Create a system to identify regulars (e.g., staff, members).
Screen irregular visitors. g., people with appointments, contractors, etc. See more at Sample Building Access Policies & Procedures.
Divide your building into sectors. Should people authorized to use one part of the building be able to wander into another? If you have an access control system, take advantage of its capabilities to allow specific access. Alternatively, use color-coded badges, wristbands or ID cards as a low-tech solution.

2. Plan your emergency response

Stuff happens. Emergencies are not events that you can handle on the fly. Consider having plans, procedures and designated teams empowered to make decisions during emergencies, and trained and prepared to respond to events.

Develop and train an emergency response team. Designate someone to be in charge during an emergency and someone else as backup. Build a support team. Have the team work together on your response plans.
Build a relationship with your local police.Work with your local police throughout the year and give them the opportunity to get to know your programs, your rhythms, your people and your building. Ask them for suggestions as to how to make your people safer.
Know what to do if you receive a threat. Get some ideas about preparing for phone, email or social media threats and evacuations and sheltering at: /2017/02/to-evacuate-or-not-to-evacuate-that-is-the-question/.
Have an “active shooter” Do the people in your facility know what to do if a person with a gun or sharp-edged weapon shows up? Find more information at: www.jcrcny.org/activeshooter.
Be ready to tell people what’s happening. Don’t let your stakeholders learn about an emergency at your facility from the media. Be prepared to communicate. Have some pre-written messages: be first; be right; be credible. Consider options including hardware and web-based emergency notification systems that will simultaneously email, text and phone pre-prepared lists, dedicated social media groups or free apps such as WhatsApp or GroupMe that will send texts (including a link to your website with more info and updates). Now is the time to collect the cell numbers of your stakeholders.
Involve your board in the security and preparedness process.

3. Develop a routine

Security, done well, must be done daily and involve everybody.

Create a culture of security. Everyone should feel responsible to report suspicious activity. “If you see something, say something” should be part of your culture of security.
Be aware of hostile surveillance. If you see something, say something. If it is not an emergency, call the NYPD at (888) NYC-SAFE, outside NYC (866) SAFE-NYS. For more information download Indicators of Terrorist Activity from the NYPD, Guide to Detecting Surveillance of Jewish Institutions from the ADL at adl.org/security and Security Awarenessby Paul DeMatties at Global Security Risk Management, LLC.
Schedule regular walkarounds. Designate an employee to complete a “walkaround” of your building and your perimeter on a daily basis, if not more often. They should be looking for suspicious objects, items blocking evacuation routes and anything else that “Just Doesn’t Look Right.”
Make sure you’re getting the right information. Sign up for alerts to learn when the local and/or global security threats conditions change. Sources: JCRC-NY Security Alerts at jcrcny.org/security, https://www.nypdshield.org/public/signup.aspx, emergency alerts from Notify NYC or your local emergency management office and have a weather app on your smartphone to warn you about severe weather.
Work with your security provider and your staff to write, “post orders”. Your guards should not merely decorate your entrance. They should know what you expect them to do daily and in emergencies.

4. Don’t forget to train

Major leaguers take batting practice before every game. True, they started batting in the Little Leagues, but drills help people to know, instinctively, what to do. Emergencies that turn to chaos become crises. People know what to do during a fire drill, because they have participated in fire drills since grade school.

Use tabletop exercises involving a wide swath of stakeholders to help you to determine policies and procedures. Once you have determined your plans and procedures, schedule evacuation and lockdown drills. And remember … once is not enough.

5. Explore your security hardware options

Your security hardware should support your security procedures. There are federal and New York State grants available for many organizations (see: www.jcrcny.org/securitygrants for more details). Consider obtaining the funding for:

Your main and secondary doors should lock securely and be able to withstand an attack by a determined intruder.
Do your windows lock securely? Reduce the risk of break-ins, vandalism and even mitigate the extent of injuries from bomb blasts by properly installing security/blast-mitigation film on your current windows or replacing them with windows with those properties built-in.
Access control systems. The electronic possibilities are endless: access cards, biometrics, alarms and more. Get professional advice (see JCRC-NY’s guidance on Security vendors), figure out a hardware plan that is expandable and adaptable.
Video monitoring. Deploy CCTV systems in various ways. First, as part of a video intercom system to identify people seeking to enter your facility. Second, to monitor secondary entrances (you can add alarms that warn you that a door was opened, alerting someone to check the monitor), and finally, to help to detect hostile surveillance.

David Pollock and Paul DeMatteis
security@jcrcny.org | August 30, 2017

August 28, 2017February 12, 2019

Hurricane Harvey Relief Funds

August 28, 2017

Note: There are fraudsters who are known to take advantage of the tendency to generously respond to disasters.The FBI’s New York Field Office reminds the public to apply a critical eye before giving contributions to anyone soliciting donations on behalf of Harvey victims. In the past, tragedies and natural disasters have inspired individuals with criminal intent to solicit contribution while falsely representing a charitable organization or good cause.

Therefore, before making a donation of any kind, the public should adhere to certain guidelines, including the following:

Donate to charities you know and trust.
Designate the disaster to ensure your funds go toward disaster relief.
Never click on links or open attachments in unsolicited e-mail.
Don’t assume that charity messages posted on social media are legitimate. Research the organization.
Verify the legitimacy of any e-mail solicitation by contacting the organization directly through a trusted contact number.
Beware of organizations with copycat names similar to but not exactly the same as those of reputable charities.
Avoid cash donations if possible. Pay by credit card or write a check directly to the charity. Do not make checks payable to individuals.
Legitimate charities do not normally solicit donations via money transfer services. Most legitimate charity websites end in .org rather than .com.
Make contributions directly, rather than relying on others to make a contribution on your behalf.

“As we continue to keep those affected by Hurricane Harvey in our thoughts, we must also remember how tragedies like this often serve as a breeding ground for those who want to take advantage of people’s generosity. It’s heartwarming to see the outpouring of support from people across the country who are eager to donate to the relief cause, but we urge everyone to be smart and exercise their due diligence in researching the organizations they intend to donate to. As always, it’s essential that every penny donated goes into the pockets of those who are most in need,” said Assistant Director in Charge William F. Sweeney Jr.

See Potential Hurricane Harvey Phishing Scams published by DHS’ Com.

The following organizations in our network are responding to Hurricane Harvey (this is a partial list which will be updated as we receive more information):

UJA-Federation of NY Hurricane Harvey Relief Fund
Jewish Federations of North America Hurricane Harvey Relief Fund
NECHAMA: Jewish Response to Disaster
A special shout-out for the singular, coordinated efforts by Amudim, Season’s Kosher Markets, the Orthodox Union, Achiezer and Evergreen Kosher Supermarket. A website directs donors to drop off specific items at various sites.
Orthodox Union
Agudath Israel

As Hurricane Harvey continues to batter Texas (see the JTA article and here) , the Jewish Federations of North America (UJA-Federation is a member) opened an emergency relief fund to support communities and individuals in Houston, San Antonio, Galveston, Corpus Christi and other areas that have been hammered by Hurricane Harvey. With record breaking volumes of rain having fallen through the weekend and expected to continue through tomorrow, extensive damage is continuing to mount.

Lee Wunsch, CEO of the Houston Federation, reports that the amount of rain and resulting flooding has surpassed that of the massive storm two years ago. Bayous and tributaries are flooding beyond their banks and roads are impassable. People whose homes are flooding are being advised to go up to their roofs so they can be evacuated; emergency workers were evacuating stranded residents through the night.

We know that several Jewish communal institutions that flooded two years ago have flooded again, but communities in the affected areas won’t be able to start assessing the scope of damage to institutions and members of their communities until the rain stops and roads become passable.

Note: There are fraudsters who are known to take advantage of the tendency to generously respond to disasters. See Potential Hurricane Harvey Phishing Scams published by DHS’ Com. The following organizations in our network are responding to Hurricane Harvey (this is a partial list which will be updated as we receive more information):

UJA-Federation of NY Hurricane Harvey Relief Fund
Jewish Federations of North America Hurricane Harvey Relief Fund
NECHAMA: Jewish Response to Disaster
A special shout-out for the singular, coordinated efforts by Amudim, Season’s Kosher Markets, the Orthodox Union, Achiezer and Evergreen Kosher Supermarket. A website directs donors to drop off specific items at various sites.
Orthodox Union
Agudath Israel

June 19, 2017June 19, 2017

Dismissal time alert: Threat for Severe Thunderstorms and Flash Flooding

June 19, 2017

The New York area office of the National Weather Service forecasts the possibility of severe weather late this afternoon and beyond. In some areas the heavy rains might arrive at 2-3PM. We suggest that you closely monitor the weather reports for your area and be prepared to institute alternative dismissal plans if necessary.

Exercise caution when walking, driving, or biking. Winds at these speeds can cause flying debris, turn unsecured objects into projectiles, & cause power outages. Charge cell phone batteries, gather supplies, & turn refrigerators/freezers to a colder setting. Stay clear of downed power lines. If you are affected by an outage, turn off all appliances & keep refrigerator/freezer doors closed to prevent food spoilage. Do not use generators indoors. If you lose power & have a disability/access needs, or use Life Sustaining Equipment (LSE) & need immediate assistance, dial 9-1-1.

June 9, 2017

Nonprofit Security Grant: Last minute FAQ’s

June 09, 2017

Applications Due by June 12, 2017, 11:59 pm. We know that many of you are busy trying to finish up the work while facing a crazy deadline. Here are some last minute tips:

Technical problems

Prequalification/Document Vault. To those of you who are still trying to upload everything into your Document Vault: If you get a message that says that your Document Vault was sent back for modifications, that something is wrong with it. Check it out the report and fix whatever is missing or incomplete. Too many people are just resubmitting it “as is”. The Grants Gateway staff is working overtime to try to prequalify everyone who completes the work. Please don’t waste their time.
Faulty Investment Justification template. Our friends in Washington, DC initially sent Albany a problematic file. If you downloaded a form Monday morning and are having trouble entering information, simply download another here.

Investment Justification FAQ’s

Tips. Don’t know how to answer a question? See our suggestions here and from JFNA here.
Threats. Remember, you are told to “discuss findings from risk assessment, police findings, and/or insurance claims at the location where the physical security enhancements will be installed.”
- Cite you risk assessment and the author’s credentials (e.g., an industry certification like CPP, police department, etc.).
- Mention mail, telephonic or electronic threats, negative graffiti or vandalism at your facility or those nearby.
- If your risk assessment doesn’t cite the key threats, note that the updated National Terrorism Advisory System (NTAS) Bulletin concludes that “specific attack tactics have included the use of vehicle ramming, small arms, straight-edged blades or knives, and homemade explosives, as well as other acts such as taking hostages.”
Tell a story.
- Vulnerability. Your risk assessment informs you about what can go wrong. Your risk assessment should itemize your vulnerability. For example: “The main entrance, fire egress doors and internal doors will not withstand a forced entry attack or limit unauthorized persons from accessing interior areas of the building” or “Electronic access control systems are not utilized to support authorized-only accessibility within and throughout the building and the system does not have an emergency lockdown feature. Much of the building is interconnected and once entry has been made into the building, an attacker can reach most other areas of the facility.” Choose to address your high priority vulnerabilities with this grant.
- Target hardening. Your improvements must address identified threats or vulnerabilities. So, using the “Door” vulnerability the recommendation is: “To limit unauthorized persons from pushing in and/or breaking through the main entrance, it is recommended that these doors and their related framings, hinges, closing hardware, glass panels, walls, ceiling and locking systems be modified to be forced entry resistant. The installation and proper use of impact resistant doors might deter an attack, might deny an intruder entry, should delay his/her entry, thereby mitigating the injuries and damage from an attack.” The second section of Target Hardening requires the AEL code and description (14SW-01-DOOR | Doors and Gates, Impact Resistant), a simple reference to your vulnerability section (e.g., Vulnerable Doors), and a cost estimate.
Costs. You don’t have to get bids during the application process. However, if you are awarded a grant and find that you need to modify your plan you must receive permission from NYS DHSES and they must have it approved by DHS.
Impact. Confused about “measurable outputs and outcomes”? See our tips or our webpage.

Finishing up

EGrants. Remember, your entire application package must be submitted via E-Grants.
- Don’t wait for the last minute! If you have questions (If you have a problem: DHSES can be reached at 1-866-837-9133 or Grant.Info@dhses.ny.gov) you might not be able to get an answer right away due to the onrush of questions. Allocate enough time for things to go wrong.
- Use the E-Grants tutorial. We open the E-Grants document in one window and the tutorial in another. Then, we simultaneously scroll through the tutorial and the E-Grants forms and fill in the blanks with whatever the tutorial recommends.
Checklist. Sorry, we’re too busy to produce our fancy checklist this year. The RFA explains “To be considered for funding, eligible nonprofit organization must submit a complete application using the State’s Electronic Grants (E-Grants) System (Click on the link if you don’t have an E-Grants Registration account).
- Investment Justification Template (Submitted as an attachment in E-Grants)
- Contact Information (Section of E-Grants)
- Proposed Project Workplan Information (Section of E-Grants)
- Budget Request Information (Section of E-Grants)
- Certification to Accept the Assurances (Section of E-Grants)
- Status History report from Grants Gateway website showing prequalification status (Submitted as an attachment in E-Grants)
- Signed and notarized Vendor Responsibility Questionnaire (Submitted as an Attachment in E-Grants)
- Mission Statement (Submitted as an attachment in E-Grants)
- Threat and/or vulnerability assessment, if installing equipment at more than one location, assessments must be submitted for each location (Submitted as an attachment in E-Grants)

June 2, 2017June 6, 2017

The Nonprofit Security Grant is here and due in NY June 12

June 02, 2017

Nonprofit Security Grant Program 2017 June 3, 2017 \| This year DHS is providing $25,000,000 for target hardening activities to nonprofit organizations that are at high risk of a terrorist attack and located within one of the specific UASI-designated urban areas (click here for the complete list). New York’s Division of Homeland Security and Emergency Services Request for Applications (RFA) is posted here. The due date in NY is Monday, June 12, 2017. Yes, everyone knows that this is a crazy schedule, but there’s no choice. If your *Grants Gateway Document Vault* is not pre-certified (or well under way) you are running out of time. Organizations that are not pre-certified cannot apply for the grants. Click here for more information. A PDF of the Investment Justification is available here. The actual spreadsheet will be available on the NY DHSES webpage. You will notice that the questions remain the same, but that there are some formatting improvements. The *New York State Hate Crimes grant* applications will probably be released towards the end of the month. As soon as we see the RFA we will publish additional materials to help qualified groups apply for that grant.
*Powerpoint presentation*	Our apologies to those who couldn’t join the webinar. Download a PDF from our 2017 webinar here. View the recording: Part 1, Part 2. Check out our 2017 Investment Justification tips here and tips from JFNA here. NEW
*New Jersey presentation*	Want more? Check out this workshop presented by David Fields of the New Jersey’s Office of Homeland Security and Preparedness (NJOHSP).
*Prequalification*	NY nonprofits should register at https://grantsgateway.ny.gov/ & complete their Document Vault . See JCRC-NY’s additional information at: /document-vault-faqs/ .If your nonprofit was previously prequalified, you will still have to update certain documents or your document vault is expired. Check our your document vault for more information.
*NY nonprofit grants webpage*	If you’ve never applied before, click here for New York’s nonprofit webpage, with the E-grant application. If you have an existing account (and remember the username/password), you’re fine.
*Risk assessment*	You can do conduct a self-assessment, have your local police do a crime prevention survey or get an independent professional. Find guidance and contacts here and JCRC-NY’s guide to security consultants here. There are some good self-assessment tools available. Check out: NJ: Facility Self-assessment Tool (updated) See more NJ house of worship tools here.) CA: Protective Measures for Enhanced Facility Security
*Investment Justification*	Download the PDF of the 2017 Investment Justification here to see what the application looks like. Make sure to submit your information on the 2017 forms are released.
*Threat scan*	Stymied by the “Risk” section of the Investment Justification? Download our Selective Threat Scan for documentation and help with the “Threat” and “Consequences” questions. You will need an assessment to identify your vulnerabilities.
*NY State funding for nonprofit security.*	This year’s New York State budget included funding for “safety and security projects at nonpublic schools, community centers and day care facilities at risk of hate crimes or attacks because of their ideology, beliefs or mission.” Obviously, the details are still pending. Click here to subscribe to the JCRC-NY Security and Emergency Preparedness Alert list, which will notify you about the details when they become available.
*For the most up-to-date info*	/securitygrants

May 30, 2017May 30, 2017

Been waiting? Two security grants are coming soon

May 30, 2017

We now expect FEMA will release the FY 2017 Nonprofit Security Grant Program guidelines next Friday, June 2nd to the states. New York’s Division of Homeland Security and Emergency Services has been working hard and they will have their Request for Applications (RFA) ready ASAP. However, they must have their documents approved through the various channels as required by NY State law. If all goes well the RFA will be available soon after the federal guidance. The application deadline in NY depends on the DHS/FEMA deadline. Remember, they have to score the applications and comply with federal guidelines for submission. That takes time, especially when they must process 200 or so applications. Please don’t contact us to ask about the due date… no one will know it before DHS/FEMA publishes their guidance. Expect a quick turnaround. The *New York State Hate Crimes grant* applications will be released within the same timeframe. As soon as we see the RFA we will publish additional materials to help qualified groups apply for that grant. NY applicants: If your *Grants Gateway Document Vault* is not prequalified (or well under way) you are running out of time. Organizations that are not prequalified will not be allowed to submit for the grants. If you previously prequalified, certain documents may need to be updated. Check your Document Vault to verify that it is up to date. Click here for more information.
*Powerpoint presentation/video*	Download a PDF from our 2017 webinar here and view the recording: Part 1, Part 2
*Organization type/Definition of Mission*	As many have learned, the grant guidelines make “Organization type” a factor in the scoring. Our attempts to formally change the guidelines language faltered during the change of administration. We were advised by House Homeland Security Chairman McCaul’s team to neutralize this arbitrary scoring measurement self-identify as “Ideology-based/Spiritual/Religious”. This would apply whether your organization is a religious corporation or simply religiously-affiliated (e.g., JCC, Jewish Family Service, etc.)
*NY nonprofit grants webpage*	Click here for New York’s nonprofit webpage. When available it will have the RFA (application package), all of the forms necessary for the submission of your application and the E-grant application and tutorial. (If you have an existing account — and remember the username/password — you don’t have to reapply.)
*Risk assessment*	You can do conduct a self-assessment, have your local police do a crime prevention survey or get an independent professional. Find guidance and contacts here and JCRC-NY’s guide to security consultants here. There are some good self-assessment tools available. Check out: NJ: Facility Self-assessment Tool ((updated) See more NJ house of worship tools here.) CA: Protective Measures for Enhanced Facility Security Many crime prevention surveys do not give the information necessary to complete the “Threat” section of the Investment Justification? Collect information specific to your organization (e.g., phone threats, graffiti) to document your threat and then download our Selective Threat Scan for documentation and help with the “Threat” and “Consequences” questions.
*Investment Justification*	Download the 2016 Investment Justification here to see what the application looks like. Make sure to submit your information on the 2017 forms are released.
*For the most up-to-date info*	/securitygrants

May 17, 2017February 12, 2019

More tips on Ransomware

May 17, 2017

It seems that WannaCry is sputtering out. Unfortunately, the experts predict that similar attacks could resume at any time, so it’s best to be prepared.

Here’s a great article from Techsoup, a great nonprofit that helps other nonprofits access donations and discounts from more than 60 donor partners, including Microsoft, Adobe, Cisco, Intuit, and Symantec. Their suggestions are, almost always, low or no cost solutions. Nonprofits should visit their site and sign up. Your nonprofit will save money on hardware and software.

What You Can Do About Ransomware

Jim Lynch, TechSoup

16 May 2017 4:53 PM

Late last week, there was a huge ransomware attack called WannaCry that affected over 200,000 Windows PCs in 150 countries and is still going. The attack has hit businesses, universities, and hospitals so far. Nonprofit, church, library, and foundation offices are vulnerable to this malware, which can lock up your IT system until a ransom is paid. We thought we’d explain a bit how you can protect your office.

What Is Ransomware?

Ransomware is malware that comes into an IT network mainly when computer users open an unknown email attachment or click on a web link. The malware then locks up and encrypts the files in the IT system and holds them for ransom until a payment is made, usually demanded in Bitcoin. Ransomware became famous as a tool of cybercrime in 2013 with the infamous Cryptolocker attacks. The malware technique has actually been around since 1989, however.

WannaCry Ransomware

The WannaCry malware is the latest ransomware attack in a succession of them. This virus is also known as WannaCrypt, Wana Decryptor, or WCry. This particular type of ransomware exploits a vulnerability in the Microsoft Server file system. Apple products and systems based on the Linux/Unix operating systems are not at risk, unless running Windows System Emulator. Infected users are presented with a screen demanding a $300 to $600 payment to restore their files.

While the attack has hit more than 200,000 computers, only around 200 people are estimated to have paid the $300 ransom. In the U.S., Homeland Security says that the list of victims is very small. It is still relatively early in the WannaCry attack, however. The victims range widely, from small companies and organizations to large IT networks like the automaker Renault in Europe. Small offices, like those in nonprofits, are at risk in this cyberattack.

How to Protect Your IT System

Taking these steps will help keep you safe from ransomware attacks.

1. Take Advantage of These Microsoft Resources

Windows Defender is the free antivirus tool on Windows 10.
Microsoft Safety Scanner is a free downloadable security tool for all Windows versions that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software.
Microsoft Safety and Security Center has a free Security Risk Assessment that will provide recommendations for protecting your network and IT infrastructure.
Microsoft customers who believe they are affected can contact Microsoft Customer Service and Support.

2. Back Up Your Critical Data and Documents

If and when your organization is hit with a cyberattack, it is essential to have your mission-critical data and documents stored in the cloud or on a hard drive that is not connected to your IT system. After an attack, your computers or servers may require reimaging.

TechSoup offers cloud storage services like the Box donation program. Also, the Veritas donation program at TechSoup provides backup and restore software to eligible nonprofit organizations and public libraries.

3. Update All Your Windows Software and Enable Automatic Updates

Since WannaCry malware attacks Windows operating systems, a critically important thing to do is to run Windows Update on all Windows devices and also Windows Server software and enable automatic updates on all Windows devices. Microsoft’s Security Bulletin MS17-010 from March of this year provides details on all the Windows software versions that can be patched by running Windows Update. Since the attack, Microsoft has issued patches for previously unsupported versions including Windows XP, Windows 8, and Windows Server 2003. You can download these security patches manually from Microsoft’s Update Catalog. (Link might not work in all browsers.)

If your organization is running old versions of Windows like XP or Server 2003, or if you’re running nonlegal (pirated) versions of Microsoft Windows or Windows Server, you may well have trouble running Windows Update. Check your TechSoup eligibility to see if your organization qualifies for Microsoft software donations.

4. Use Antivirus Software and Keep It Up to Date

Antivirus and malware protection software has become TechSoup’s most requested type of product donation over the last couple of years. This type of protection is designed to catch cyberattacks before they infect your IT system.

5. Be Really Careful with Email

Email is one of the main infection methods of all malware and specifically of WannaCry ransomware. Be wary of unexpected emails especially if they contain links or attachments. If you find a suspicious link, before you click on it, you can go to the free virustotal.com service. It will tell you whether or not it has been reported as a dangerous link.

Also, be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.

6. Enable the File Extensions Option in Windows Settings

There are particular file types that pose the greatest security risk to all users. It is helpful to see what kinds of files you’re trying to open. File extensions like .exe, .vbs, and .scr are the dangerous ones. To be able to see file extensions, enable them in Windows Settings. I like the Laptop.com directions on how to do this in Windows 10.

7. If You Do Get Hit with Ransomware …

If you do get infected, shut down your PC and disconnect it from the Internet and your network. This of course limits the spread of the infection. Also, cybersecurity experts say that paying the ransom should be a last resort. Avoid doing that if you can. The alternative of rebuilding infected machines is not great either, but it does discourage cyberblackmailers from coming back.

The sad news in all of this is that new WannaCry ransomware variants are expected to appear going forward for some time. And new malware of other types will also come calling to attack our IT systems. This will be the case no matter how small our offices are. The good news is that the seven points we’ve listed above will give you greater protection for your IT system against future online threats. At TechSoup, we want ya’ll to stay safe out there.

Image: portal gda / CC BY-NC-SA

May 15, 2017February 12, 2019

Microsoft Customer Guidance for WannaCrypt attacks

May 15, 2017

MSRC Team May 12, 2017 | https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft solution available to protect additional products

Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. This blog spells out the steps every individual and business should take to stay protected. Additionally, we are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today.

Details are below.

In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider, that they are protected.
This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks).

We also know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download (see links below).

Customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March. If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible.

This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind.

Some of the observed attacks use common phishing tactics including malicious attachments. Customers should use vigilance when opening documents from untrusted or unknown sources. For Office 365 customers we are continually monitoring and updating to protect against these kinds of threats including Ransom:Win32/WannaCrypt. More information on the malware itself is available from the Microsoft Malware Protection Center on the Windows Security blog. For those new to the Microsoft Malware Protection Center, this is a technical discussion focused on providing the IT Security Professional with information to help further protect systems.

We are working with customers to provide additional assistance as this situation evolves, and will update this blog with details as appropriate.

Phillip Misner, Principal Security Group Manager Microsoft Security Response Center

Further resources:

Download English language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64

Download localized language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64

General information on ransomware: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

MS17-010 Security Update: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

April 28, 2017

Still no budget, but get started