JM Addington Technology Solutions provides managed services to Knoxville, Knox County, Lenoir City, Loudon County and surrounding regions

The News Sentinel is reporting that Knox County computer systems were breached the night of the primary. It was a two stage attack, complete with with a distraction. Here is the short version.

First, the website to report election results came under a distributed denial of service (DDoS) attack. The bad guys sent more traffic to it than it could handle. This is remarkably easy to do today, as multiple services on the dark web will allow you to purchase attacks against websites of your choice. This attack, while real, wasn’t the target, it was just meant to draw IT’s attention away from the core infrastructure and servers.

Sword and Shield, a Knoxville based security company, was contracted to investigate the incident. Their official report says that logs indicate an attempt to access the database sitting behind the webserver. Further testing revealed that there was a security hole that was active on election night, although it would not have been possible to tamper with the election results remotely.

Double staged attacks like this are very common today: as noted above it’s easy to start a DDoS attack against a website, which is highly noticeable. It quickly draws away the top level talent in an organization to deal with it while hackers attempt to quietly infiltrate in a different route. It’s the digital equivalent of setting a paper bag on fire on the front porch and then going and breaking in the basement window. The fire is meant to be noticed.

It’s fortunate that the election results were not tampered with, and the Knox County appears to have done a great job designing the voting system to make hacking it very difficult. This would be a good time for them to look at prevention on website attacks as well.

Further Reading

NPR

Sword and Shield Report

Huffington Post

WBIR

TechCrunch

Consumer backup provider Backblaze has released their quarterly hard drive performance report. This report is always notable because it is the largest ongoing study across a variety of non-enterprise hard drives. In other words: it measures what matters.

The #1 takeaway for us? HGST comes out looking really good compared to Seagate and Western Digital (even though Western Digital owns HGST). The 12TB Seagate and 8TB HGST have higher failure rates than we’d want to see for what we assume are newer drives.

Finally, these results are aimed at NAS drives, at JM Addington and Kairos Dynamic Digital we use SSDs nearly exclusively in day-to-day operations, such as workstations and laptops.

Managed services and technology can impact a business and allow for incredible growth

At JM Addington we’re all about making existing businesses better at what they do.

Read more

Costs for managed services providers are going up, that ultimately means higher prices for their customers.

Prices for managed services providers are increasing – that ultimately means higher prices for their customers. Read more

Atlanta, GA suffered a serious ransomeware attack in 2018 and it cost them.

ZDNet reports that Atlanta budgeted approximately $2.6 million to recover from their ransomeware incident earlier this year.

This is a small figure as far as ransomeware recovery goes. It excludes the cost of lost productivity, not just city employees but anyone who couldn’t get work done that day because of the incident. Think of contractors, plumbers, etc. waiting on permits, anyone trying to file business taxes, etc. The true cost of the incident to the city is something far north of the reported figure.

It’s also a clear example of why all organizations need backup now, not later, emergency plans for incidents like this, including how to recover when you get hit. Finally, until you’ve tested your backup and recovery procedures you can’t be sure that they work.

More from ZDNet, Atlanta procurement,

Even managed service providers run into scams, this is an article about such a scam

This afternoon one of our technicians was chatting with a legitimate support rep from a well-known vendor. The support rep correctly said that he could not help with the issue over web chat but to call 855-785-2511. When our technician called it was clearly a scam company behind the operation:

  • They wanted to charge for free support
  • They wanted to use remote tools that this vendor does not use
  • They didn’t have a clue on how to solve the issue

This post exists just to serve as a warning to others that 855-785-2511 is clearly a scam phone number.

Amazon just announced an expansion of their Amazon Key program, they will now deliver to your car, assuming that you car is compatible.

Currently, compatible 2015 or newer Chevrolet, Buick, GMC, and Cadillac vehicles with active OnStar accounts, plus 2015 or newer Volvo vehicles with active Volvo On Call accounts can receive in-car deliveries.

We’re not sure that we’re going to take Amazon up on their offer to deliver to our cars yet here, leaving the package on the doorstep is working just fine for now, however, this is a great example of a company combing existing technologies (online shopping, OnStar) to innovate in an industry that is considered “technological” (deliveries). These incremental innovations are how a company uses technology as a lever to compete in their field, not just to keep up.

Read more from Amazon, Ars Technica, or The Verge.

SunTrust Bank quietly announced Friday, April 20th, 2018 that a former employee was working with a “criminal third party” and may have passed along information from as many as 1.5 million client accounts.

Affected customers appear to be being notified by email with this message:

Dear <CUSTOMER>,

SunTrust cares deeply about your privacy and the security of your information. We became aware of potential theft by a former employee of information from some of our client contact lists, as we shared in a news release on Friday, April 20, 2018. We are still investigating in cooperation with law enforcement. We apologize that you are one of our clients who may have been affected, as your continued trust is critical to us.

Given this, we are proactively notifying you that certain information, including your name, address, phone number and certain account balances may have been affected. The contact lists did not include personally identifying information, such as your social security number, account number, PIN, User ID, password, or driver’s license number.

Your confidence is at the core of our purpose, and we want you to know that we have heightened our monitoring of your accounts and increased other related security measures. While we have not identified significant fraudulent activity, know that you will not be responsible for any fraud on your SunTrust accounts as a result of this incident.

At no cost to you, we recommend that you enroll in the IDnotify(tm) service provided by Experian(r) which includes:

*   A personalized Experian credit report at signup;
*   Experian Credit Monitoring for indicators of fraud;
*   Dark Web monitoring;
*   Identity Restoration specialists available for immediate help to address credit and non-credit related fraud; and
*   $1 Million Identity Theft Insurance reimbursement for certain costs associated with a stolen identity event, subject to the terms of the policy.

To enroll in IDnotify:

*   Log into your Online Banking account at www.suntrust.com and follow the instructions; or
*   If you do not have an Online Banking account, please visit https://www.suntrust.com/identity-protection and follow the instructions.

To best protect your information, we recommend you consider additional steps that can be found here<https://www.suntrust.com/fraud-and-security-department>. You also will receive more information from SunTrust in the mail.

Protecting your information is a top priority for SunTrust, and we appreciate the opportunity to serve you.

Mark A. Chancy
Vice Chairman

You can probably expect no to very little follow up on this, ever. As always, one of the best things you can do to protect yourself is to freeze your credit. In this case, we’d recommend checking your balance every day along with recent transactions as well.

Remember, ACH and checking fraud do not carry the same protections as credit cards. Also, while SunTrust says that personally identifying information was not leaked it’s nearly impossible to know after the fact, which this finding appears to be.

Apple just announced a battery replacement program for certain 13 inch MacBook Pro’s (non touch bar) manufactured between October 2016 and October 2017.

From Apple:

Apple has determined that, in a limited number of 13-inch MacBook Pro (non Touch Bar) units, a component may fail causing the built-in battery to expand. This is not a safety issue and Apple will replace eligible batteries, free of charge. Affected units were manufactured between October 2016 and October 2017 and eligibility is determined by the product serial number.

You can see if your laptop is affected here. All managed services customers of JM Addington and Kairos Dynamic Digital Managed Services have already had their serial numbers run across the the program by JM Addington staff.

Find more reporting by Ars Technica here.

We recently came across this error, “A critical software update is required for your Mac.” Attempting to install this update would result in another error, “A critical software update is required for your Mac, but an error was encountered while installing this update.”

Unlike some others on the web we found that simply reinstalling the OS did not resolve the issue. However, booting into safe mode (left shift button while powering on) would work. From there, one can create a Time Machine backup. After we successfully backed up the machine we went into the recovery console (Apple+R on boot), ERASED the “Macintosh HD” partition and then re-installed.

This still prompted for the update but we were able to successfully install it. After a fresh install, Migration Assistant loaded the fresh Time Machine backup back onto the machine.