With wildfires, floods and other emergencies all too common of late, it's worth asking, if you had to leave your home in a hurry, would your important documents be easy to grab and take with you?

Canada's Emergency Preparedness Guide recommends making copies of important documents, like birth and marriage certificates, passports, licences, wills, land deeds and insurance paperwork, and keeping them in a safe place both inside and outside of your home. You could put them in a safety deposit box or give them to friends or family who live out of town. That way, you have a backup in case the originals are destroyed, damaged or have to be left behind.

And in addition to having physical copies, you may want to make digital versions as they can be easier to access in an emergency. But let's face it, organizing and scanning all those papers can feel overwhelming, and it's tempting to put it off.

Use a scanner
While your phone camera and document-scanning apps may be convenient, both experts strongly recommend using a scanner for best results. A photo of a document is better than nothing, but could be missing important details due to resolution, tone or hue, and might not be sufficient for government bodies like the Canada Revenue Agency.
A flatbed scanner is a good investment, but you may be able to use one for free at a public library. You can specify the resolution, file type and other details for each document, and you won't have to worry about lighting issues like you would when you're taking a photo.  
Of course, if you're short on time or have boxes of documents or photo prints you want scanned, there are businesses that can do this quickly and accurately for a fee. 

Think about format and resolution
The first step is to determine if what you're digitizing is text or images — and if it's worth the time and effort to scan, store and manage the files.
Don't try to digitize everything just because the technology exists and is available.
Scanning documents at 300 DPI (dots per inch), and photos at 600 DPI. As far as legibility [for documents], if you go higher, you're just creating [a] larger file size, It gets a little bit better, but not enough to justify the higher file size.
Also, scanning your documents in black and white and saving the files as a PDF (recommended for most documents) or a TIFF using Group 4 compression will keep the original image data intact while often taking up less space on your hard drive. A lot of times people scan things in colour, and it's just then you're using JPEG compression, and it's not as good, [Group 4 compression] is also considered a lossless compression, which means … when you [open the file], there's no loss of the image quality.
Of course, it all depends on what you're using the digital files for. When we do digitization for preservation, it's done at high resolution [and] often results in TIFF file formats and very big files. But if you want a file that is quick to open and easy to share, consider saving your images as JPEGs, which are smaller and suitable for viewing on a screen.
Finally, if you're scanning a document that's several pages long, creating a multi-page PDF rather than scanning each page individually. Even the cheapie big-box-store scanners, they've got software that'll allow you to create a multi-page … file, Some scanning software uses optical character recognition (OCR) to make printed documents searchable handy when you need to find a specific receipt. 

Use logical naming conventions
However you are searching for your documents now — whether it's alphabetical order or numerical order or by subject or something like that in the digital world, you should save things pretty much the same way. Because when you end up with thousands of files or thousands of documents, you want to name them something logical so that you'll be able to find them later.
For example, if you're digitizing personal documents for your family, the names of the files for each person could start with their first name so that everything is automatically grouped together in the folder. Or for all paperwork related to a specific property, the file names could start with the address or street name.

Store your digital documents in a safe place and in multiples
Ideally, you want to make a few copies of each file and store them in different places and on different platforms. It's not an issue of storing files on the cloud versus your computer hard drive versus a CD it's actually all of them. It's an and-and-and relationship. Just be sure to use encrypted folders and require a password for sensitive documents.
Creating a digital copy protects valuable records and documents against loss or damage. But remember to update your digital records as your physical documents expire or are replaced. 

source: cbc.ca, Truc Nguyen

The "Your Computer Has Been Locked" fake alert is a scam that pretends to be from Microsoft, Apple, or any other company to trick you into thinking that your computer has crashed or a virus has been detected. It does this to try and scare you into calling one of the listed numbers to receive support. If you call these phone numbers, scammers will ask you to install a program that gives them remote access to your computer. Using remote access, these experienced scammers will try to gain your trust and trick you into paying for "support" services or even steal credit card account information.

The "Your Computer Has Been Locked" tech support scam will lock your browser by putting it in full-screen mode and displaying popup messages that won't go away.

The above alert is not real, and its purpose is to scare you into allowing the scammer remote access to your computer. If your browser has been redirected to the "Your Computer Has Been Locked" tech support scam, we recommend closing the page and NEVER calling the listed phone number.

For Windows:

For Mac:
​

1. On your keyboard, press the Command + Option + Escape keys simultaneously. This will open the "Force Quit" application window.
2. In the "Force Quit" box, click on Safari, Chrome, Firefox, or any other browser in which you are seeing the tech support scam page.
3. Click the button that says "Force Quit ". This will forcefully end your browser, thus closing this tech support scam page. If you cannot switch from the unresponsive app, press Command + Option + Shift + Esc for three seconds to force it to quit. This key combination tells macOS to force quit the front-most app. Alternatively, if you are using Safari or any other browser, you can disconnect your Internet, open the web browser, navigate from the malicious web page, and reconnect to the Internet.

Your browser window should now be closed. The next time you open your browser, do not allow the browser to open the last opened page and we recommend to delete your browser's history.

​Ransomware is no longer merely a threat; it has evolved into a pervasive plague, holding businesses captive and demanding exorbitant sums to release their vital data. As an MSP, you occupy a frontline position, safeguarding your clients from this digital scourge. This comprehensive guide outlines a strategic approach to preventing ransomware attacks, drawing upon industry best practices, compelling statistics, expert insights, and advanced capabilities.

Ransomware: How Cybercriminals Hold Data Hostage
Ransomware is malicious software that encrypts a victim's data, rendering it inaccessible. Cybercriminals then demand a ransom payment to provide the decryption key. This digital hostage situation can cripple individuals and businesses, causing significant financial and reputational damage.

MSPs: The Gateway to Ransomware
Managed Service Providers often serve as entry points for ransomware attacks due to their management of IT services for multiple clients. A compromised MSP can provide attackers with simultaneous access to numerous client networks, amplifying the impact of their attacks. This makes MSPs a critical target for cybersecurity efforts, as securing their environments is essential to preventing widespread ransomware incidents.

The Economic Impact of Ransomware
In addition to ransom payments, Managed Service Providers incur several significant costs during ransomware attacks, which can profoundly impact their operations and finances.

Here are some of the essentialists associated with ransomware incidents:

Downtime Costs
One of the most substantial costs for MSPs during a ransomware attack is the downtime experienced by their clients. According to recent research, the average cost of downtime has inched as high as $9,000 per minute for large organizations. For higher-risk enterprises like finance and healthcare, downtime can eclipse $5 million an hour precisely, not including any potential fines or penalties.

Recovery Costs
The recovery process from a ransomware attack can be extremely costly. According to IBM Cost of a Data Breach Report 2024, the global average data breach cost in 2024 is USD 4.88M—a 10% increase over last year and the highest total ever. This includes expenses related to restoring data, repairing systems, and implementing enhanced security measures to prevent future attacks.

Legal and Compliance Costs
MSPs may face legal liabilities and compliance costs following a ransomware incident. If sensitive client data is compromised, MSPs could incur legal fees, regulatory fines, and costs associated with notifying affected parties. These expenses can escalate quickly, especially if the attack involves lawsuits or regulatory scrutiny.

Reputational Damage
The reputational impact of a ransomware attack can lead to lost business opportunities and a decline in client trust. After a significant breach, MSPs may need help acquiring new clients or retaining existing ones, which can have long-term financial implications.

Increased Cybersecurity Insurance Premiums
Following a ransomware attack, MSPs may see their cybersecurity insurance premiums increase. Insurers often adjust rates based on the insured's risk profile, and a history of ransomware incidents can lead to higher costs for coverage in the future.

Investment in Enhanced Security Measures
Post-attack, MSPs typically need to invest in more robust security measures to safeguard against future threats. This includes upgrading software, implementing advanced threat detection systems, and providing additional staff training, which can be costly.

These cumulative costs highlight the extensive financial burden ransomware attacks can impose on MSPs, far exceeding the initial ransom demands.

Prevention is Key – Best Practices for Ransomware Prevention

Access Controls:

• Implement strong access controls, including role-based access and multi-factor authentication (MFA).MSPs must understand how cyber criminals bypass MFA and what they can do to stop them.
  
• Limit administrative privileges to essential personnel.
  

Regular Software Updates:

• Enforce automatic operating systems, applications, and security software updates across all endpoints.
  
• Prioritize patching known vulnerabilities quickly to prevent exploitation.

Strong Password Policies:

• Implement and enforce complex password requirements, including a mix of characters, numbers, and symbols.
  
• Encourage the use of unique passwords for different accounts.
  
• Consider password managers to help users create and manage strong passwords securely.

Employee Education and Awareness:

• Conduct regular cybersecurity training to educate employees about ransomware tactics, such as phishing and social engineering.
  
• Teach employees to identify suspicious emails, attachments, and links.
  
• Make sure to emphasize the importance of reporting any suspicious activity immediately.

Backup and Recovery Strategy:

• Implement a comprehensive backup strategy with regular testing and verification
  
• Store backups offline or in an isolated environment to prevent ransomware encryption.
  
• Develop a detailed recovery plan to minimize downtime in case of an attack.

Network Segmentation:

• Isolate critical systems and data to limit the spread of ransomware in case of a breach.
  
• Implement network segmentation to create separate zones for different functions.

Endpoint Protection:

• Deploy robust endpoint protection solutions with advanced threat detection and prevention capabilities.
  
• Ensure real-time protection against malware, ransomware, and other threats.

Email Security:

• Utilise email security solutions with advanced spam filtering and anti-phishing features.
  
• Train employees to be cautious of suspicious emails and attachments.

Incident Response Plan:

• Develop a comprehensive incident response plan outlining steps to take in case of a ransomware attack.
  
• Conduct regular tabletop exercises to test the plan's effectiveness.