NetSquared

NetSquared brings together nonprofits and activists, tech leaders and funders, and everyone who’s interested in using technology for social change.

A keen passion of mine is nonprofits (NFPs). They are an important part of our civil society performing all sorts of functions. and meeting needs that the private sector and government overlook.  Sometimes with great volunteer workforces and sometimes professional staff. Quite often both!

In my working within the NFP sector in ICT, I often needed someone else to speak with as a peer and colleague. That’s a bit of a rarity. ICT is often sorely neglected in the space because of budgetary restraints or it simply isn’t seen as important to the ongoing function and viability of the organisation. Sometimes the organisation may not have a dedicated ICT person and relies on advice from consultants.

Here’s where NetSquared comes it. It’s a networking chance for anyone in the sector to learn more about how other NFPs are solving their ICT issues. It could be a simple chat about support or more in-depth troubleshooting.

There are NetSquared groups all around the world. Melbourne has had a NetSquared Meetup for a few years.

Melbourne has a strong NFP sector of all shapes and sizes. It makes sense to come together and spend some time talking about technology in your space, how you use it, what are the tricks, to find out how others are using it.

Sharing and exploring together is the way to continue to give technology for a civil society to enhance the impact of the NFP sector.

Details of NetSquared Melbourne meetings can be found on Meetup, follow us on Twitter and join the Facebook Group.

I hope to see you at an event sometime soon.

 

Searching the Web


Google has become the default search engine for most of us. It’s easy to find just about anything you want on the net.

If you’re not using Google you’re probably doing the Bing thing from Microsoft.

Google and Bing collect the information that you put into their search engines. As we’ve seen recently that information can be collected, stored and if needed to be passed on to government authorities. If you have a Google account and you’re logged in then they’ll store that against your name. There are of course times when that’s a great idea. I know that I use my Google Search history from time to time to relocate a searched page.

All the big guys use this information to track you and serve you ads based on what you’ve been searching for.

There’s not much privacy!

DuckDuckGo doesn’t track what you do. I use it as the main search engine on my home computer. At work, I’m happy to maintain Google as my main search engine.

It’s pretty easy to give DuckDuckGo a go – just visit their website, see the link in the bottom right-hand corner, click “Add as Homepage” or “Add to Browser”

I’m not overly keen on big companies like Google or Microsoft keeping tabs on me. Here’s one way that I can cut the tracking and increase my privacy!

DuckDuckGo is also open source friendly, they’re mostly built on free and open software

 

Being Anonymous on the web


For some people, being anonymous on the web is very important. For those in countries that may be restricting or monitoring internet activity protecting their identity can be a matter of life and death.

For people who live in free societies, you may also like to protect your identity and cover your tracks by using a browser on your computer that bounces your footprint around the world and makes it very difficult to trace you.

It’s pretty easy to do by downloading and installing the Tor Browser from here.

There’s a version for Windows, Mac and Linux. It’s pretty easy to get it up and running and the site has plenty of good information.

Of course, it’s not 100% safe, people who really want to know what you’re doing may still be able to find a way to do so. For most of us, however, it would cover our tracks fairly well. You do need to be aware of the information that you might leave on a web server if you are logging in using identifying information. Little point if you use your real name and address!

What You Can Do About Ransomware?

by Jim Lynch, TechSoup 16 May 2017 4:53 PM

Late last week, there was a huge ransomware attack called WannaCry that affected over 200,000 Windows PCs in 150 countries and is still going. The attack has hit businesses, universities, and hospitals so far. Nonprofit, church, library, and foundation offices are vulnerable to this malware, which can lock up your IT system until a ransom is paid. We thought we’d explain a bit how you can protect your office.

What Is Ransomware?

Ransomware is malware that comes into an IT network mainly when computer users open an unknown email attachment or click on a web link. The malware then locks up and encrypts the files in the IT system and holds them for ransom until a payment is made, usually demanded in Bitcoin. Ransomware became famous as a tool of cybercrime in 2013 with the infamous Cryptolocker attacks. The malware technique has actually been around since 1989, however.

WannaCry Ransomware

The WannaCry malware is the latest ransomware attack in a succession of them. This virus is also known as WannaCrypt, Wana Decryptor, or WCry. This particular type of ransomware exploits a vulnerability in the Microsoft Server file system. Apple products and systems based on the Linux/Unix operating systems are not at risk, unless running Windows System Emulator. Infected users are presented with a screen demanding a $300 to $600 payment to restore their files.

While the attack has hit more than 200,000 computers, only around 200 people are estimated to have paid the $300 ransom. In the U.S., Homeland Security says that the list of victims is very small. It is still relatively early in the WannaCry attack, however. The victims range widely, from small companies and organisations to large IT networks like the automaker Renault in Europe. Small offices, like those in nonprofits, are at risk in this cyberattack.

How to Protect Your IT System

Taking these steps will help keep you safe from ransomware attacks.

1. Take Advantage of These Microsoft Resources

2. Back Up Your Critical Data and Documents

If and when your organization is hit with a cyberattack, it is essential to have your mission-critical data and documents stored in the cloud or on a hard drive that is not connected to your IT system. After an attack, your computers or servers may require reimaging.

TechSoup offers cloud storage services like the Box donation program. Also, the Veritas donation program at TechSoup provides backup and restore software to eligible nonprofit organisations and public libraries.

3. Update All Your Windows Software and Enable Automatic Updates

Since WannaCry malware attacks Windows operating systems, a critically important thing to do is to run Windows Update on all Windows devices and also Windows Server software and enable automatic updates on all Windows devices. Microsoft’s Security Bulletin MS17-010 from March of this year provides details on all the Windows software versions that can be patched by running Windows Update. Since the attack, Microsoft has issued patches for previously unsupported versions including Windows XP, Windows 8, and Windows Server 2003. You can download these security patches manually from Microsoft’s Update Catalog. (Link might not work in all browsers.)

If your organization is running old versions of Windows like XP or Server 2003, or if you’re running nonlegal (pirated) versions of Microsoft Windows or Windows Server, you may well have trouble running Windows Update. Check your TechSoup eligibility to see if your organisation qualifies for Microsoft software donations.

4. Use Antivirus Software and Keep It Up to Date

Antivirus and malware protection software has become TechSoup’s most requested type of product donation over the last couple of years. This type of protection is designed to catch cyberattacks before they infect your IT system.

Popular product donations include

Find all of TechSoup’s security product donations here.

5. Be Really Careful with Email

Email is one of the main infection methods of all malware and specifically of WannaCry ransomware. Be wary of unexpected emails especially if they contain links or attachments. If you find a suspicious link, before you click on it, you can go to the free virustotal.com service. It will tell you whether or not it has been reported as a dangerous link.

Also, be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.

6. Enable the File Extensions Option in Windows Settings

There are particular file types that pose the greatest security risk to all users. It is helpful to see what kinds of files you’re trying to open. File extensions like .exe, .vbs, and .scr are the dangerous ones. To be able to see file extensions, enable them in Windows Settings. I like the Laptop.com directions on how to do this in Windows 10.

7. If You Do Get Hit with Ransomware …

If you do get infected, shut down your PC and disconnect it from the Internet and your network. This of course limits the spread of the infection. Also, cybersecurity experts say that paying the ransom should be a last resort. Avoid doing that if you can. The alternative of rebuilding infected machines is not great either, but it does discourage cyberblackmailers from coming back.

The sad news in all of this is that new WannaCry ransomware variants are expected to appear going forward for some time. And new malware of other types will also come calling to attack our IT systems. This will be the case no matter how small our offices are. The good news is that the seven points we’ve listed above will give you greater protection for your IT system against future online threats. At TechSoup, we want ya’ll to stay safe out there.

This article was first posted on the TechSoup website by Jim Lynch and published under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 International License.