Petya Ransomware

Not two months ago, the world fell victim to the largest malware attack in history. This week another attack threatens the data of the world. 

The Petya ransomware restarts computers and encrypts all data on computers. The malicious software the demands $300 in the digital currency Bitcoin. 

The Petya spreads rapidly across a network after a single computer becomes infected. It uses the EternalBlue vulnerability in Windows or through one of two Windows administrative tools; Petya attempts to use one tool and tries the next tool if the first is not successful.

EternalBlue is the same exploit used by WannaCry ransomware in May. The exploit is believed to have been developed by  the NSA and released to tje world  by hackers. On March 14, 2017, Microsoft issued a security bulletin detailing the flaw and announced that patches had been released for all Windows versions that were currently supported at that time. In May, Microsoft released a patch for older operating systems in response to the Wanna cry attack. Unfortunately, not everyone will have installed it the patches.


Petya ransomware infects computers and waits about an hour before rebooting the imfected computer. While the compuyer reboots, a user should turn the computer off to prevent the files from being encrypted. Afterward, a tech can rescue the umemcrypted files from the hard drive. 

If your computer reboots to display the ransom note, DO NOT pay the ransom. The “customer service” email address used by the criminals behind this attack was shut down by the service proviser. As a result, no one will send the decryption key to unlock your files. 

Disconnect your computer from the internet, and bring it to Digital Age Solution.  Our techs will reformat the hard drive, reinstall Windows, and recover your files from a backup

If you have not done so already, sign up for DAD Safe and Secure. We automatically back up your files with version recovery constantly, protect your system with up to date Internet security and anti-virus software, and install updates and patches yo keep your computer up to date.

Safe World

Summer vacation begins next week for most students in Frederick County. This summer, kids have access to more information than ever before with technology.

It can be a scary and dangerous place in the world wide web.

Digital Age Solution can help make it a “Safe World” with our services and recommended hardware and software.

We make on-site service calls to secure your world: At Home, At Work, Anywhere you need us.

DAS VOIP Saves Doctor’s Office Money and Increases Efficiency

Digital Age Solution brought one local pediatrician’s office into the Digital Age with DAS VOIP and an upgraded network this week.

“Our bill went down and this system is so much more powerful,” the office manager exclaimed as we demonstrated their new DAS VOIP Cloud PBX.

DAS VOIP’s Cloud PBX provides a robust phone system that is housed on our servers. This allows customers to free up space, save on electricity, and not worry about equipment in their office. The system includes voicemail, virtual attendants, time-based routing, caller id routing, unified communications, and so much more.

It also provides disaster recovery and flexibility. Our customers can connect their phones to any Internet connection and get online, or use our ClickConnex App on their smartphones.

The pediatrician’s office staff quickly learned how efficient the system is in their daily routines. Transferring calls, accessing messages, and visualizing phone calls on the DAS VOIP web site are very easy. Time-based rules eliminated having to transfer calls to the phone service, or switching messages at lunch time and the end of the day.

If you’d like to see how we can save you time and money, contact us for a Digital Age Solution!

WannaCry Ransomware Strikes Worldwide

Computers and networks around the world fell victim to WannaCry ransomware over the past two days. The attack successfully shut down hospitals, transit systems, and businesses in every point of the globe. The threat significantly affected the United Kingdom, Taiwan, Chile and Japan.

Last year, hackers announced that they had hacked and downloaded tools from the NSA. One of the tools acquired utilizes a vulnerability to attack (code named EternalBlue).

The vulnerability drops a file on the vulnerable system which executes as a service. The service then drops the actual ransomware file onto the affected system, encrypting files with the .WNCRY extension. A separate component file for displaying the ransom note would also be dropped.

The ransomware encrypts files with a total of 166 extensions, including those commonly used by Microsoft Office, databases, file archives, multimedia files, and various programming languages.

To spread to other systems, it uses the file that was dropped and runs as a service. The service uses the name “Microsoft Security Center (2.0)“. This service scans for other SMB shares on the network, and uses the EternalBlue vulnerability to spread to other systems.

Figure 3. Added service

Microsoft already patched supported Windows operating systems to address the SMBv1 vulnerability used in this attack in March. Even before that, in September 2016 Microsoft strongly urged users to migrate away from SMBv1, which dates back to the early 1990s. US-CERT issued similarly strong recommendations as well. Organizations that had followed best practices—both in patching and in proper configuration of SMB services—would not be affected by this attack.

The infected machines either do not have the patch installed or still operate the Windows XP, Vista, or Windows 8 operating systems.

In the wake of the largest ransomware attack in the history that has already infected over 114,000 Windows systems worldwide in the last twenty-four hours, Microsoft just took an unusual step to protect its customers with out-of-date computers. Microsoft just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions.

Digital Age Solution customers with DAS Safe & Secure contracts do not have to worry!

Our security software identifies and blocks this threat and file encryption regardless of your operating system.

DAS Sync protects against ransomware by keeping file history back-ups on our cloud servers. We can easily recover files for customers.

DAS Remote Monitoring and Management also applies patches to protect our customer’s computers. For outdated systems, we have already pushed the new update to computers.

If you want to be sure your systems are protected with DAS Safe & Secure, contact us to get Safe and Secure.

Bringing 21st Century to Old Space

We’ve been working with one of our customers and our partners to update a very old space in Downtown Frederick for use in the Digital Age! The space features great old lumber, art deco metal work, and tons of character.

Now, the space is ready for meetings, trainings, and conferences with wireless network access, Voice Over IP phones and conference phones, 70″ monitors on the walls, and wireless HDMI to allow anyone to quickly connect from laptops, tablets, and even smart phones.

We’ll post some more photos of the Digital Age Solution for this retrofit of an amazing space soon!

Here’s How Easy It Is to Get Trump Officials to Click on a Fake Link in Email

With the recent Google Docs phishing scheme and all the hacks of politicians, one would hope for a higher level of suspicion when it comes to emails with links. 

Gizmodo demonstrated the lack of suspicion within one group who should really be on heightened awareness,  White House officials and advisors.

http://gizmodo.com/heres-how-easy-it-is-to-get-trump-officials-to-click-on-1794963635

These phishing attacks represent a large percentage of security hacks. It is much easier to trick users into giving access than actually hacking devices or networks.

Remember to always err on the side of caution. If someone wants to share a document with you, verify the email address, the link’s URL, or ask Digital Age Solution. We are happy to help protect you and your information.

Be Prepared for Storms

This week, we’ve seen our first computers of the season to be damaged by lightning!

As the weather gets warmer, thunderstorms crop up a lot more often. With them, damaging lightning strikes wreak havoc on sensitive electronics, like your valuable information technology systems.

Often, Digital Age Solution technicians can swap out a power supply and get you back up and running. Other times, the electrical surges rush through to the motherboard or other parts of the computer equipment.

These can be costly repairs.

Help protect your technology with a Digital Age Solution. Our technicians can help you choose the right equipment for your situation. From surge protectors to unlimited power supplies, each has a specific use and provides a different level of protection.

If you’ve already fell victim of the storms, give us a call and we’ll get you back up and running!

Google Phishing Attack

If someone invites you to edit a file in Google Docs today, don’t open it — it may be spam from a phishing scheme that’s been spreading quickly this afternoon. As detailed on Reddit, the attack sends targets an emailed invitation from someone they may know, takes them to a real Google sign-in screen, then asks them to “continue to Google Docs.” But this grants permissions to a (malicious) third-party web app that’s simply been named “Google Docs,” which gives phishers access to your email and address book.

The key difference between this and a very simple email phishing scheme is that this doesn’t just take you to a bogus Google page and collect your password — something you could detect by checking the page URL. It works within Google’s system, but takes advantage of the fact that you can create a non-Google web app with a misleading name. Here’s what the permissions screen looks like, for example:

Google Docs phishing screen

If you check the title for developer information, though, you’ll get something like this:

Gdocs Phishing attempt

  •  If you’ve clicked the link, your account may have already sent spam messages to the people in your address book. But you can revoke future access through Google’s “Connected Apps and Sites” page; where it will appear as “Google Docs.”
  • Google Docs phishing access

Laundry . . . There’s an App for That!

With Samsung’s newest washer and dryer, you can control your laundry with an app. The Internet of Things is here in the Digital Age.

Want an App to Load Instantly instead of Installing It?


Google announced on Monday that Android Instant Apps are available on a “limited test” basis for users.

Instead of browsing to the Google Play Store, users will click a link and instantly have the app running. It will be like opening a web page.

Apps availabe instantly today are BuzzFeed, Wish, Periscope, and Viki.