Resource Center
When it comes to IT services, knowledge is power. The single most valuable thing we can pass along to our clients is our expertise.
The resources below are here for you. Please help yourself, absolutely no strings attached.
Whitepapers
Videos
Brochure
Ebooks
Info Sheets
Insider 94 Navigator 2023
Resources & Advisors for Buying & Selling a Business
Make sure to check out Page 28
Case Study – Healthcare – Skyway Behavioral Health
Start Up Requiring Robust Infrastructure – From Planning to Implementation
The 7 Irresistible Qualities of Cloud ERP
Learn why ERP tools are an critical component for many businesses.
Why a Business Continuity Plan is Essential
Learn why your company needs a business continuity plan.
Ransomware 101
If you’re looking for ways to stop ransomware dead in its tracks, the experts at CCS Technology are here to help.
How managed services make the difference
Learn more about the benefits of partnering with a managed services provider.
Cloud Services and the SMB Revolution
Learn more about how Cloud Services from CCS make your life easier.
Office 365 Migration Made Easy
Migrating over to Office 365 has never been easier with CCS Technology.
The Advantages of Working with I.T. Pros
Learn how working with a seasoned technology pro makes your work easier.
Closing Common Cybersecurity Holes
Learn several critical cybersecurity tips and tricks any SMB can use.
Providing technology support all around
Backup and Disaster Recovery
Cloud Services, to make your life easier
IT Consulting
Managed Services
Network Security
CCS Technologies company brochure
Learn more about the benefits of partnering with a managed services provider.
- Learn more about the benefits of partnering with a manged services provider.
- Learn more about the benefits of partnering with a manged services provider.
Our Services
We’re passionate about two things: keeping you ahead of the curve and delivering an unbelievable client experience. This is how we do it.
Cloud: Its Definition
/in Blog /by Chris HigginsWhen you hear talk about the cloud, it can be a little overwhelming to understand this unique technology. Cloud architecture offers a huge number of solutions, and cloud technology’s rapid development has ensured that it is a field with huge potential. However, many people are not aware of what it is.
As such, our team of IT consultants is on hand to help you understand what the cloud is. In this blog, we’ll tell you how people and companies are using it to enhance modern data management systems.
What is the Cloud?
Cloud technology and solutions are rapidly developing in our modern world. As such, you must understand what cloud infrastructure is and how the modern business world uses this architecture.
When it comes to understanding the cloud, many of us don’t know what to think about this unique tech solution. We know that our data is “in the cloud”. However, most of us don’t understand what this infrastructure is and where it is located.
We largely accept this as being some higher storage solution beyond the realms of our imagination. Many people consider the cloud as little more than an online storage platform. In reality, cloud infrastructure is far more complicated than that.
This Definition Isn’t Wrong – Just Not Entirely Right Either!
Assuming that cloud technology is just “storing data online” isn’t necessarily incorrect. However, if we are to have a solid understanding of it, it’s important to clarify what it is.
The cloud is made up of an incredible number of servers. All servers are hosted online, stored in global data centers, and managed by cloud storage providers. These expansive warehouses are full of the servers and computer software. This serves to provide the hardware and technology that runs the cloud. These computing servers are hugely important in our modern society. They make it possible for files to be shared between multiple devices. This feature is incredibly important to modern society.
How It Allows Businesses to Share Files
In the past, when a person created a file, they saved it on their device. That meant those files were only accessible from that user’s device. To share the data, it was sent directly to another device via email or file transfer. Not only did this present a potential cybersecurity challenge, but it was a hassle. However, cloud technology solutions have removed this roadblock.
With modern solutions, people can save files on this infrastructure instead of on a local drive. This means that you can access these files from anywhere. From the library, at your desk, or even on your mobile device – you can pull up the documents you’ve been working on any time you want.
How do Cloud Technology Solutions Work?
Cloud computing is an exceptionally complex field of computer science and information technology. Let’s touch on the basics of how it works.
Cloud computing relies on a process known as virtualization. With virtualization, cloud storage providers effectively create “virtual business computers and devices”. These virtual devices provide storage that anyone with an internet connection can access.
These are called “virtual machines”. Multiple machines are controlled by the same host. These virtual machines are considered separate devices. This means that data saved on one virtual machine is not immediately available to the other virtual devices on the same host network.
Backups for Cloud Servers
When normal devices go down, data will likely be lost. However, cloud computing companies have implemented many different techniques to avoid this with storage solutions. By backing up data on multiple virtual devices, even if one should fail, the others are still there to “pick up the slack” and ensure the files remain hosted on the network.
This is hugely beneficial for individuals and businesses alike. It provides extra protection for files and means that cloud solutions are more reliable than traditional device storage solutions. These servers not only make file sharing more practical, but they also provide an extra layer of protection.
Get Technology Support Today!
If you want to learn more about cloud architecture and the benefits it can offer for you or your business, our team is on hand to help. Contact us, we specialize in providing premium quality managed IT services for businesses. Our IT Techs are here to help your current computing services excel and meet your business needs. Whatever you need, don’t compromise – we can help!
Microsoft Exchange Server cyberattacks: who is behind it and why are they attacking?
/in Blog /by Chris HigginsA wave of data breaches and cyberattacks began in early 2021 when four zero-day vulnerabilities were found in Microsoft Exchange on-premises servers. These vulnerabilities meant that hackers had access to user credentials connected to network devices. As well as, admin privileges on servers affected by the zero-day exploits.
Typically, attackers install something called a ‘backdoor’, which is a covert way of bypassing encryption or authentication. With a ‘backdoor’, attackers can access impacted servers after updates to fix the exploits.
Why Microsoft Exchange?
Microsoft Exchange is seen as a good target for attackers who want to get into business networks. Microsoft says that their email server software is unique in its environment as hackers can carry out a multitude of tasks using the same scripts or tools that admin use for maintenance. “Credential stuffing” is the assumption numerous users will recycle passwords and usernames across an array of services.
Once attackers log in as a user; they perform actions that allow them to remotely connect to the server, assume the role of administrators with said privileges. With administrator rights, hackers can upload code to create a ‘backdoor’ so that they will have continued access. Even if patches are downloaded to protect Exchange servers, they won’t retroactively remove any installed ‘backdoors’. This means hackers can still access the server until these, and any additional user accounts are removed.
Who are the hackers?
Microsoft says that the original attackers were Hafnium, a group they say operates out of China. It is a cyber-espionage hacking group, often referred to as an APT (an advanced persistent threat). This type of group is often a state-sponsored, stealthy actor that goes undetected for a long time. Hafnium has alleged ties with the Chinese government, but they have denied all responsibility for this recent Microsoft Exchange breach. Microsoft has described this group as “highly skilled and sophisticated.”
Although Hafnium was the first hacking group to exploit the vulnerabilities, there are now thought to be over 10 different groups with each using a different style and procedures.
Who is vulnerable to attack?
Microsoft confirmed that their Exchange Server versions for 2010, 2013, 2016, and 2019 are susceptible. All cloud-based services like Office 365 and Microsoft Exchange Online are not affected.
So far, estimates suggest 250,000 servers have been attacked; including small or medium businesses, local governments and local institutions across the globe. These are the main victims of the attacks because they don’t have the necessary expertise to resolve cyberattacks.
Tom Burt of Microsoft wrote in a blog post that victims had included law offices, defense contractors, disease researchers, non-governmental organizations, think tanks, and universities. Other known victims include local governments and schools.
Latest developments
On March 12th Microsoft Security Intelligence announced that a ransomware called ‘DearCry’ was being used on the first servers infected. This made the servers unusable unless a payment was made to recover the files. Microsoft has said, however, that paying such a ransom won’t guarantee you access to the files.
What businesses and organizations should do?
There are several steps that can secure your Exchange server; a list of which is detailed in this blog post. Essentially, organizations at risk need to take the necessary precautions, ie downloading Microsoft patches. But they should also scan all networks for any threats and potential compromises. The most targeted countries currently are German, the UK and the US. Contact us for your cybersecurity concerns.
Microsoft Exchange Servers Hacked – Is Your Company Affected?
/in Blog /by Chris HigginsNo doubt that you have seen or heard the news about the latest hack and how serious it is. And if you are in the affected group, it is very serious, so pay attention.
Is Your Network Safe?
From CyberheistNews: “On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.
The Chinese hacking group thought to be responsible has seized control over “hundreds of thousands” of Microsoft Exchange email servers worldwide, at least 30,000 in America.
If you are not technical you are probably wondering……”What does it mean for me?”
Bottom Line – If you are running a MS Exchange Outlook Web Access (OWA)
server exposed to the internet; assume you have been compromised between
02/26-03/03 and your system is now infected – until proven otherwise.”
Is My System Infected?
It depends on whether your IT person is keeping your updates and patches up to date. If not,
you are in the group that needs to be alarmed and need to take action.
If you don’t know if that’s you or not, you need to reach out to your technical resource that setup your email, OR a knowledgeable IT firm like CCS Technology and ask them to review your system.
Microsoft says the affected versions are Exchange Server 2013, 2016, 2019. They left off the earlier version like 2003/2007/2010. Why? Because they are safe? No, because they are officially “not supported” by Microsoft anymore, and if you are on one of those versions you have even bigger problems because you’ve been ignoring advice about network security for a long while now.
If you use Microsoft Office 365 or some other hosted Exchange or other email product, you are not in the affected group. You should still use this as a warning. Make sure you have implemented or are implementing a sound security policy! CCS Technology can help you with the design and implementation.
If you want a more in depth explanation of the hack, we suggest: https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/
If you prefer webinar content: https://info.knowbe4.com/microsoft-exchange-mass-hack-chn
If You Might Be Infected
If You Have NOT Been Infected
While this hack is getting all the attention today, in reality, it is just another security flaw for cybercriminals to exploit and take over your technology assets.
It’s not going to slow down. Society in general, and business in particular are developing more apps, adding more features to existing apps, and all of those apps and features are being connected to the internet. It is to address people’s desires for communication and convenience.
Apps are created by humans, and unless the author has a NASA sized budget and timeline, the code in the apps is going to have security flaws. Every new app or feature that we use increases the possibility that the average person/company can be hacked.
At the same time, Cybercrime elements are gaining sophistication. There are criminal marketplaces on the dark web. These are places where criminals can contract for technology, Artificial Intelligence, robotic execution, and even special people skills. Then there are the massive crime syndicates that exploit human nature and the internet to make money. And let’s not forget the state sponsored cyber terrorists. And these are the threats that we know about. Like an iceberg, the part that we can see today is only a small portion of the real threat.
Denial?
It’s no longer a landscape where anyone can say they are not a target.
Take this specific case. The flaw was discovered by hackers and they attacked before Microsoft could fix the flaw. We call that Zero-Day exploits. Hackers likely used artificial intelligence robots that programmed to detect Microsoft exchange servers running the OWA. Any target found that was OWA, immediately carried out the instructions to exploit the flaw and hack their way into your system.
Once in, the hackers begin executing their playbook to completely penetrate and explore your systems.
With this robotic technology, everyone is a target, because it doesn’t matter if you’re big or small, if they can get in, they can exploit you or your data.
AND the cost of the robot attack is minimal. The real cost is the damage done to your network and your customers finding out that your system was hacked.
Why Does This Happen?
We, us humans, are in conflict. We want the freedom, the convenience and the benefits all this technology and the internet give us. However, there is an ever-increasing risk and potential cost to implement those benefits.
Do we invest in securing our networks or not? Does the convenience of having the smart garage door opener outweigh the potential that a criminal can open the door by hacking your wireless network?
There is not one answer that will fit every situation, but the time has come to think about the need to secure the infrastructure before deployment instead of after the damage is done. If you are a leader, you’ve got to change your thinking and place security ahead of function.
The bad actors only have to win once – Your cybersecurity has to win every time.
History Repeats Itself
It’s important to recognize that this has happened before. My grandparents did not lock their house, and I don’t even think there were locks on the doors. In my early adult years, it became normal to lock your house. Then we had to get better locks (deadbolt) to prevent the common thief from using the credit card trick. Now people have locks and security systems that sound an alarm when the door is breached or the window broken. And finally, many people are adding security cameras to record the activity going on at work and at home.
The cyberworld is going down the same path, except the rate of change is blazingly fast. A couple years ago a firewall kept you safe.
Now, multiple layers of prevention and detection are the minimum in order to protect our networks and our data. Even with all of this, we are still fighting an uphill battle.
Contact our team of experts to find out if your system has been breached.
Stay safe out there in the cyber world!