Unverified sender is a new Office 365 feature that helps end users identify suspicious messages in their inbox. In order to help customers identify suspicious messages in their inbox, Microsoft added an indicator that demonstrates Office 365 spoof intelligence was unable to verify the sender.

To prevent phishing messages from reaching your mailbox, Outlook.com and Outlook on the web verify that the sender is who they say they are and mark suspicious messages as junk email.

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/unverified-sender-feature 

 

On October 16, 2019, Network Solutions determined that a third-party gained unauthorized access to a limited number of our computer systems in late August 2019, and as a result, account information may have been accessed. No credit card data was compromised as a result of this incident.

The best precaution is to change your Network Solutions login credentials.

Read more: [Click Here]

 

Dorian has passed Miami… did you feel your law office was prepared?

Early hurricane preparation will improve your firm’s ability to get back to business.

Tips you can do before a hurricane strikes:

  • Develop communications procedures to inform staff of office closure status.  Create a “phone tree” to communicate when the office will re-open.
  • Test forwarding the firm’s main phone number to a cell phone or using a mobile phone app from your telephone provider.
  • Confirm you are properly insured.  Consider business interruption insurance that covers loss of income because of a disaster, such as closed roads or loss of power.

When a Hurricane Warning is issued:

  • Properly shut down and turn off computers, monitors and printers.  Unplug hardware, including printers, that do not have an Uninterruptable Power Supply (UPS) from the wall.  A server can stay running to enable remote access if it is properly shielded using an appropriate UPS.
  • Store computer equipment away from the windows and off the floor.
  • Safety is the highest priority.  Heed official evacuation warnings and find the safest location to ride out the storm.

What to do after a hurricane:

  • The electrical supply may be unstable and have unusual surges and flickers.  LCC recommends U.P.S. equipment to protect sensitive hardware.

LCC can assess your firm’s readiness for the next natural disaster.

We hope you and your family stays safe throughout this hurricane season,

Dade: (305) 371-4522

Broward: (954) 680-3760

WPB: (561) 296-4522

peterr@legalcomputer.com

www.legalcomputer.com

Legal Computer Consultants (LCC)provides comprehensive technology solutions exclusively for South Florida attorneys and their staff.   

NYTimes OPINION

They Stole Your Files, You Don’t Have to Pay the Ransom

The F.B.I. should follow the example of European law enforcement and help victims of ransomware decrypt their data.

By Josephine Wolff

Dr. Wolff is a professor at Tufts University.

Aug. 14, 2019

No More Ransom initiative, announcing that the public-private partnership had helped more than 200,000 ransomware victims recover their files using its library of freely available online tools instead of giving in to hackers’ demands to pay a cryptocurrency ransom. All told, the recovered files saved victims some $108 million in ransom, according to Europol, the European Union’s police agency.

 

The No More Ransom tools are available to everyone, not just those in the European Union. People from 188 countries have visited the project’s website in three years, with nearly 10 percent of that traffic coming from the United States, according to data collected by the European Cybercrime Center. But here in the United States, where ransomware is on the rise and increasingly targeting both local governments and private companies, law enforcement has been strangely quiet about promoting alternatives to ransom payment.

 

Lack of public awareness may be one reason that victims of ransomware in the United States are often willing to pay their attackers in order to regain control of their files and computer systems. In June alone, two cities in Florida — Riviera Beach and Lake City — agreed to make Bitcoin ransom payments worth roughly $600,000 and $460,000, respectively. In both cities, most of the payments will be covered by their insurers.

 

But every time a victim pays hundreds of thousands of dollars to a cybercriminal, the payment reinforces the criminals’ faith in their business model. For this reason, it’s essential that victims stop paying these ransoms: Making ransomware unprofitable is effectively the only way, short of coordinated global regulation of cryptocurrencies, to stop these criminals.

 

The F.B.I. has struggled to send a clear message to ransomware victims ever since 2015, when an agent told the audience at a computer security conference in Boston, “We often advise people just to pay the ransom.” The F.B.I. later corrected its position: that victims should not pay ransoms.

 

“The F.B.I. doesn’t support paying a ransom in response to a ransomware attack,” the website states, adding that paying a ransom does not guarantee victims will get their files back and may serve to fund other criminal activity. But most of what the F.B.I. recommends are preventive measures, such as patching software or backing up data — which is good advice, but it won’t help victims whose computers have already been infected by ransomware.

 

But ransomware victims who don’t have offline backups of their data do have options. Many common strains of ransomware have, in fact, been reverse engineered by software engineers and security firms that provide decryption tools, including the ones aggregated in the No More Ransom project. These tools won’t work for every victim, but there are more than 100 decryption tools, each targeting a specific strain of ransomware, available free on the No More Ransom site. As a victim, of course, you may not be sure whether you’re infected with the Marlboro or the Pylocky or the Popcorn or the BigBobRoss strain, but if you upload any of the encrypted files created by the ransomware on your computer, or any email, website or Bitcoin address left behind by the attackers, No More Ransom will let you know if it has any tools that can help.

 

In order for these tools to be effective, victims have to know where to find them in the first place, and so far, American law enforcement has done much less than its European counterparts to publicize the existence of these options. For example, the strain of malware that infected the Lake City systems was called Ryuk, and Emsisoft, a security firm, says it is can decrypt Ryuk malware using its free tools in 3 percent to 5 percent of the cases. But it’s unclear whether Lake City knew about any of these tools and tried to decrypt its data before acquiescing to the ransom demands.

 

If the victims had sought advice exclusively from United States law enforcement agencies, like the F.B.I., the Department of Homeland Security’s Computer Emergency Readiness Team or the Secret Service, they certainly would not have found any mention of the No More Ransom project or other resources for decrypting infected files, such as the website ID Ransomware, which an Emsisoft employee created to help victims identify the ransomware they are facing. The most the federal government has done to support these efforts is give an F.B.I. Director’s Community Leadership Award to the creator of the ID Ransomware site.

 

Contrast that with Europol, which has partnered with private companies researching and building decryption tools to combat ransomware. It promotes the No More Ransom tools on its website and encourages their use by victims who might otherwise be reluctant to trust a strange website at a moment when they are feeling particularly gullible and vulnerable.

 

This silence on the part of the American government is baffling. The recommendations these agencies offer about creating regular backups and not clicking on suspicious email attachments are valid and useful prevention tips, but none of them help the thousands of people who are most likely to be looking at their websites — the people whose hard drives are already infected and encrypted.

 

The best way that the F.B.I. could celebrate three years of No More Ransom is to finally get involved and partner with its counterparts in Europe and around the world to create, and promote, trustworthy resources for ransomware victims who want to do their part to stop ransomware by cutting into cybercriminals’ profits.

 

Josephine Wolff is assistant professor of cybersecurity policy at the Tufts Fletcher School of Law and Diplomacy and the author of “You’ll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches.”

 

 

The New York Times

A new phishing scam is threatening law firms.  We are reaching out to our clients to help them avoid becoming a victim.

Please instruct staff handling inbound calls to hang up on callers claiming to be from Microsoft stating that your Windows license key will be deactivated.  The caller ID may appear to be coming from your own phone number.  This is NOT how Microsoft communicates with their customers and this is a scam!

  • Never give up any confidential information over the phone.
  • If you have any concern about an inbound call, hang-up and initiate the call back to the company on your own.
  • Legal Computer Consultants will never ask for passwords or other confidential information over the phone. 

Follow this link to learn more about this new and dangerous scam:

Microsoft License key/IP address scam

Here is a link to a draft Cyber-Security policy for your firm to edit and distribute:

https://www.legalcomputer.com/cyber-security-policy-template-for-law-firms-and-legal-professionals/

If you have any questions, please do not hesitate to call us directly.

Microsoft’s Intelligent Cloud Segment produced more quarterly revenue than the segments containing Office and Windows for the first time in more than three years. Azure’s grew 64% on an annualized basis.

See: Azure Cloud is now Microsoft’s largest business

 

 

 

The last hurdle to utilizing multifactor authentication (MFA) for Office 365 has been resolved: IOS devices.  Iphone and Ipad users can now setup their accounts with MFA.   Up until now users were forced to use long “app passwords” to enable their Outlook, IOS or Android Office 365 email because the standard password and MFA text, email or call would not execute on these devices.   App passwords are less secure than MFA as they are prone to “brute force attacks” in which hackers use computer automation to try thousands of passwords.

Previously, Outlook users were also forced to use app passwords but versions 2013 or later have been able to utilize MFA for months.

 

Here are some tips to get Office 365 to work with Outlook and IOS devices, as well as MACs and Android devices:

“Modern Authentication” is needed for Office 365 deployments to utilize MFA.  All new Office 365 deployments have “modern authentication” enabled by default but older tenants do not.  To enable it see Enable Modern Authentication in Office 365.

After enabling Modern Authentication, in Outlook,  change your app password to the regular password and then respond to the MFA .   On IOS and Android devices you need to completely remove the Exchange account and reinstall using your regular password and then respond to the MFA prompt.  On IOS devices go to settings, passwords and accounts.

 

One  last important step: after enabling MFA on all the user’s devices, revoke all app passwords.

Go to your administrative portal for Office 365, select “Active Users” and then click on the user.  Then click on “manage multifactor authentication” on the bottom right.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Click the check mark to the left of the user’s name.  Then click “manage user settings”.

 

Click “delete all app passwords….”. Finally click on “save”.

 

For any assistance on setting up your devices for MFA, enabling modern authentication in Office 365 and revoking app passwords, call Legal Computer Consultants at 800.646.9199.

 

 

 

 

On January 14, 2020, Microsoft will stop offering security patches and dates for Windows 7.  After January 14, 2020, Windows 7 will continue to operate but without support or new security updates.  Your Windows 7 operating system will continue to operate after support ends. However, your business will be highly susceptible to cyberattacks.  Hackers are aware of the January 14, 2020 deadline and will target Windows 7 PCs for their attacks.

Microsoft has fixed multi-factor authentication (MFA) for Office 365 on iPhones!

Law offices that were early adopters of Office 365 did not have a reliable way to enable multi-factor authentication for iPhones.  Subsequently, these customers were given very long ‘app passwords’ to be used as a ‘backup password’ and maintained by the Office 365 administrator.  This strategy has inherent security concerns.

Microsoft resolved the issue for deploying Multi-Factor Authentication on iPhones (and Outlook 2013 and later)!  Now, after enabling ‘modern authentication’ in the admin console on older accounts, users simply need to remove and re-add their Office 365 email accounts.  The process will employ multi-factor authentication and the old App Password can be deleted.  This strategy significantly enhances security and is recommended.

Contact LCC to enable ‘modern authentication’.