The latest ‘as a Service’ trend (and why you won’t want to buy it)

What’s the latest ‘as a Service’ trend for SMBs?

You can get anything ‘as a Service’ these days. Managed IT, cloud backup, infrastructure and even project managers. These subscription services are characterised by their flexibility to scale up and down, turn on or turn off as necessary. But what’s the latest trend in ‘as a Service’? It probably isn’t what you’d expect – and you definitely won’t want to be investing in it.

What on earth is it?

It’s Ransomware as a Service.

More commonly known as RaaS, it’s the cyber equivalent of ready-built furniture versus flat-pack. Instead of having to create a ransomware yourself – which involves a degree of programming knowledge – you can simply buy it, readymade and ready to inflict widespread panic on SMBs, enterprises and individuals across the globe.

This is a step-change in cybercriminal activity because until recently, ransomwares such as Cryptolocker have been the exclusive domain of well-organised criminal networks and individual skilled hackers. With the rise in RaaS, ransomware can now be purchased by anyone lacking a moral compass who has access to the Dark Web.

RaaS is a cheap product to download and an easy service to distribute. You don’t need any expensive infrastructure to launch an attack from either – a laptop and WiFi connection is all you need.

If you thought this might make it easy to catch these cyber criminals, you’d be sadly mistaken. Unlike credit card fraud or social engineering where there could be a paper, digital or CCTV trail, RaaS leaves no mark. TOR networks – IP address anonymisers – are commonly used to launch cyber attacks, and Bitcoin, the currency used for ransoms to be paid by the victim, are equally anonymous. Your attacker could be a serious organised criminal network, a bored and curious teen in his or her bedroom, or anyone in between. With RaaS, they now all have access to the same exploit kits.

The most commonly hit sectors are Mechanical and Industrial Engineering (15% were hit in 2016), Pharmaceuticals and Finance Services (13%) and Real Estate (12%) but it seems no industry is safe from Ransomware. Cyber attackers don’t window shop in a typical criminal fashion – their lens is a cocktail of port scans and security loopholes for the advanced, and a straightforward scattergun approach for the new breed of RaaS operators. This means anyone with an email address could well be a target, and because most ransomwares are so sneaky, you can be working away on an infected computer for days, weeks or even months before realising. Having said that, most RaaS attackers just want to be paid as quickly as possible, so are more likely to infect your computer and let you know straight away so they can collect the ransom.

RaaS seems scary – and definitely not a service you’ll be adding into your MSP bundle anytime soon. You can guard against a ransomware attack by following some basic Cyber Security measures and making sure you have a good quality backup in place. This, coupled with a disaster recovery strategy (yes, you do actually need one – backup services only STORE your data, they don’t recover it for you) will mean you can get your data back quickly if you are hit by a genuine attack, without having to pay the ransom.

Your best defence against RaaS? The people in your business – and a strong dose of common sense won’t do you any harm either.

You can request copies of our FREE Cyber Security posters for your workplace – just like and share this post to receive yours.



Microsoft Office 365 Top Tips: The Mentions Feature

In our personal lives we are used to preceding anyone's name with the @ symbol - to tag them in an Instagram or Twitter post, or even on LinkedIn. Along with numerous other features to make collaboration easier, Microsoft Office 365 introduces 'Mentions' so you can tag your colleagues or project teammates in an email. Find out how it works below - then comment below to tell us how you get on with it.

Microsoft Office 365 Mentions

The focus of Mentions is on specific individuals. When collaborating on email, it is common to call out a specific person for an action or request. Another scenario is adding a person to an existing thread for their attention—perhaps you are on a thread and know that the person who can answer a question was not initially included. Using the Mentions feature ensures that the person is not only aware of the request but is also included in the thread.

To use Mentions, simply add the @ symbol in the body of an email. This will bring up your frequent contacts as well as access to your directory. Select the person you want to highlight, and they will automatically be added to the To:line if they were not already included. In addition, their name will be highlighted in the message in blue and they will receive an @ flag in their inbox view next to the message. Furthermore, they can sort by their @ messages to ensure they respond to all messages in which they were mentioned.

Microsoft Office 365 mentions feature top tips


The Mention compose experience—highlight a person for action with the @ symbol.

Microsoft Office 365 Mentions feature collaboration top tip


When you’ve been mentioned, you will have an @ flag next to the message and can sort by Mentions.



Outsourcing your IT vs Hiring another IT Manager: which is best?

Today’s society is dominated by the online marketplace and most of us are guilty of utilising comparison websites when purchasing services. However when it comes to business are we really saving money by scouring the web for the lowest price and by refusing to replace out of date hardware?

In the UK alone, downtime costs SMBs £2bn each year in lost revenue. To put that into context that is £138,000 per hour that UK small and medium businesses are losing.

The true cost of downtime

The number one reason for downtime is hardware failure and number two is human error. The concerning fact about this statistic is that the cost of hardware has fallen substantially over the last ten years, yet during this same period staff salaries and cost of employment have risen drastically. This is where business owners need to look at IT as a commercial investment and utilise the Cost versus Value modelling tool.

In most SMBs, the IT department is the first line of defence against spending. Where possible they patch up damaged hardware and spend more time checking that they are getting the best possible price when it comes to purchasing new IT services or equipment. 

The question is: do your IT staff understand the commercial value of their time as an individual and the cost of downtime to your organisation? Is it really worth them spending two hours to save £5; does fixing an old PC really add value to your business? If one machine in your organisation is down for five hours then the cost to your business is often much more than the cost of a new machine.

The rise in Outsourced IT

The increase in outsourced IT has been driven by the needs of the business to have a partner who understands the commercial and technical element of your IT infrastructure. In the not-too-distant future having an IT supplier will be a thing of the past: with technology being at the forefront of the business, it is important that you choose the right partner to deliver your business needs.

IT Managers need Outsourced IT too

This is not to say that by outsourcing IT you have to make the role of the IT Manager redundant – it is important to understand there can be a need for both in order to maximise time and resource. The IT Manager can work with an outsourced technology partner to develop strategy and to deliver commercial improvements for your business thus increasing productivity and efficiency.

The number one reason for not outsourcing IT is that companies believe they cannot afford to do so. With the rapid increase in Cyber Crime and with the changes in The Data Protection Regulations - can you really afford not to?

A technology partner should be an investment and a way to improve the overall function of technology within your business, improving the efficiency of both the infrastructure and your employees. The decision you make on which partner you choose will define whether this is a cost to your business or a value.

If you would like any more information on Outsourced IT or the new Data Protection laws (GDPR), please contact AAG on 0114 303 0249.



Cryptolocker Fix: What do I do if my computer is hit by Ransomware?

Last Friday afternoon, at about 4 o'clock (why is it always Friday afternoons? Do computers somehow know we're about to head off for the weekend?), we received a hasty phone call from a hotelier in Belfast whose network was suffering under the weight of the third Cryptolocker attack in less than a week.

Having already fought off two attacks in the previous few days, it was clearly time to get an engineer out there. After advising the IT duo to physically unplug everything in the infected site - and cutting off the connections to the hotel's other premises - Service Delivery Manager Danny hopped on the next flight to go and bring the hotel's network back under its control.

So...what is Cryptolocker?

Just to set the scene in case you haven't heard of Cryptolocker, it's a seriously sneaky piece of malware that crawls your network, encrypts your files and can render your entire business defunct within a matter of hours. The perpetrator typically asks for a 'ransom' to be paid in order for your files to be restored - although whether they actually restore them or not is up to chance, and with RSA 2048-bit encryption often used, there's no hope of correctly guessing the key to unencrypt the files yourself. You can imagine the degree of panic if such a virus were to get onto your network, and that's why it was so important to get Danny there to do damage limitation as quickly as possible.

What can you do about it?

Step One: Containment

Once Cryptolocker is on your network, the first thing to do (immediately after not panicking!) is to contain the virus. Danny's suggestion to unplug every cable served the purpose of stopping the virus from being able to spread any further and by taking it all offline, it halted any chances of any other viruses getting in.


Step Two: Scan

Because most antiviruses won't identify an infected file as a threat, Cryptolocker is exceptional at hiding in plain sight. Once on your network it can deploy from any infected file and will always crawl as far as it can for maximum damage. Therefore, once Danny had contained the virus in a particular part of the network, his next task was to conduct a series of security scans to find traces of Cryptolocker. Although time-consuming, it's a sure-fire way to pick up every trace: essential to a clean, healthy network as it only takes one infected file to kick the whole thing off again!


Step Three: Remove

Danny kept the network offline throughout Saturday whilst he meticulously removed all traces of Cryptolocker. He was able to keep the hotel's booking and customer service systems online so from a hospitality point of view, there was little to no impact. By Saturday evening Danny had tracked down and removed all of the infected files. You can probably guess what he had to do next...and no, it doesn't involve getting much sleep!


Step Four: Reinstate

Step Four is just as critical as the initial containment: if you get this bit wrong, Cryptolocker can be back across your network in a matter of hours. After bringing the network back online - whilst keeping it isolated from the hotel's other sites - and restoring safe copies of all damaged files from the hotel's Backup as a Service provided by AAG Systems, Danny spent his Saturday night watching every aspect of the network to make absolutely sure it was clean. By Sunday afternoon (with a decent amount of coffee on board) Danny was able to reactivate the VPNs between the hotel's sites so they could operate almost at full scale once more, and give the in-house IT team sufficient knowledge to know what they needed to do over the following days to continue their network's safety.


Step Five: Monitor

Danny headed back to AAG HQ on Sunday evening after a full-on but successful weekend of Crypto-busting. He continued to remotely monitor their network to keep an eye on the situation and make sure there were no vulnerabilities that would allow Cryptolocker to return. This entire scenario played out with minimum disruption and loss to the business thanks to the quick actions of the hotel's antivirus provider ESET, the in-house IT team and Danny from AAG. Without the support of a tried-and-tested Backup and Disaster Recovery service and access to a skilled engineer, it could have been a very different story for this customer.

You can read more about our AAG Backup & Disaster Recovery Service here, or check out our poster for tips on how to avoid getting the Cryptolocker virus on your PC.