Are You Having A Technology Emergency?

True North Networks Blog

True North Networks has been serving the Swanzey area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How to find capital to save your business during the COVID-19 pandemic

Covid-19-finance

Small businesses must act now to develop a plan to escape the grip of the deadly COVID-19 pandemic that is decimating lives and economies throughout the world. 

The stakes are high: your survival. Governors across the country have ordered schools and nonessential businesses to close their doors and told people to shelter in place. Companies are rapidly jettisoning workers daily, leading to 3.28 million people applying for unemployment benefits during the third week of March, 2020. 

To save the economy, Congress approved a $2-trillion relief package, which includes $370 billion in government-guaranteed bank loans that may be forgivable. 

As the new normal of social distancing sets in, small businesses, the 30-million strong that employ 47% of the U.S. workforce, must find a way out. 

Capital is the respirator to revive small businesses as they prepare for life after COVID-19. 

Former U.S. Small Business Administration (SBA) Administrator Karen G. Mills recently said the coronavirus would have a worse economic impact than the 2008 financial crisis. 

“Many small businesses will not survive more than a month,” she said. 

Here are some recommendations to find capital. 

Every small business that has been impacted by COVID-19 should apply for the SBA Economic Injury Disaster Assistance (EIDA) now. This program can provide up to $2 million to a business as a direct loan from the government to pay vendors, employees and other bills. Expect it to take at least a month to get approved and funded, due to the volume of applications. 

Visit SBA.gov to learn about all your options, including the 7(a), 504 program and microloans. 

HEDCO, a community development financial institution (CDFI) based in Hartford, is a mission-driven nonprofit committed to making access to affordable capital a reality for underserved businesses. Expect small community lenders to be overwhelmed with loan requests, so get your financial documents ready: three years of tax returns, current P & L and balance sheet, accounts receivable and payable aging report, debt schedule and a projected one-year cash flow. 

Consider the Community Economic Development Fund (CEDF) and Community Investment Corp. (CIC), two community-based lenders in Connecticut. The state of Connecticut recently announced it will offer low-interest loans up to $75,000 to small businesses. 

That program has already been inundated with applications and expanded

Visit the state of Connecticut Department of Economic & Community Development website (https://portal.ct.gov/DECD ) for the details.

Look everywhere for capital. GoFundMe is a donation-based crowdfunding platform where businesses can raise capital, usually small amounts under $10,000. Reward-based crowdfunding on platforms such as Kickstarter and Indiegogo are other options. Make sure you plan out the details and allocate your time wisely. 

Fundera is a financial advisory resource for small businesses, and includes a network of financial providers. OnDeck Capital, Kabbage, BlueVine and Lending Club are online lenders. Make sure you read the fine print and can afford the financing terms because the effective annual percentage rates can exceed 30% for some short-term loan products. 

Re-evaluate your own credit policies, including the types of businesses, amounts and terms. Cash rules. 

“Money in the door allows you to put money out the door ,” says Mills. To the large corporations reading this, pay small businesses immediately, versus your standard practices of 30 days and longer. 

Check your lease to see if the COVID pandemic qualifies as a force majeure event, which may temporarily excuse your performance under the terms of the contractual agreement. 
Be proactive. Seek advice from your attorney and accountant. Also, talk to your banker about payment deferral programs and other options. 

COVID-19 will not defeat the American spirit. Use this trying time to get your financial house in order.  

Resource: https://www.hartfordbusiness.com/article/how-to-find-capital-to-save-your-business-during-the-covid-19-pandemic

 

 

 

 

  0 Comments
0 Comments
Continue reading

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

zoom-coronavirus

As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices. According to a report published by Check Point and shared with The Hacker News, over 1,700 new "Zoom" domains have been registered since the onset of the pandemic, with 25 percent of the domains registered in the past seven days alone. "We see a sharp rise in the number of 'Zoom' domains being registered, especially in the last week," said Omer Dembinsky, Manager of Cyber Research at Check Point. "The recent, staggering increase means that hackers have taken notice of the work-from-home paradigm shift that COVID-19 has forced, and they see it as an opportunity to deceive, lure, and exploit. Each time you get a Zoom link or document messaged or forwarded to you, I'd take an extra look to make sure it's not a trap."

With over 74,000 customers and 13 million monthly active users, Zoom is one of the most popular cloud-based enterprise communication platforms that offers chat, video and audio conferencing, and options to host webinars and virtual meetings online. The popularity of Zoom has shot up significantly in recent weeks as millions of students, business people, and even government employees across the world are forced to work and socialize from home during the coronavirus pandemic.

The report comes following a significant increase in the number of malicious coronavirus-related domains, with bad actors finding new ways to profit off the global health concern to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps. What's more, the researchers said they detected malicious files with the name "zoom-us-zoom_##########.exe," which when executed, installed potentially unwanted programs (PUPs) such as InstallCore, a dodgy bundleware application that's known to install other kinds of malware. But Zoom is not the only app to be targeted by cybercriminals. With schools turning to online learning platforms to keep students occupied, Check Point researchers said they also discovered phishing sites masquerading as the legitimate Google Classroom (e.g., googloclassroom\.com and googieclassroom\.com) website to trick unwitting users into downloading malware.
 

Zoom Fixes Privacy Issue in Its iOS App

Zoom, for its part, has had its share of privacy and security issues too. Last year, the video conferencing app fixed a vulnerability that could let websites hijack users' webcam and "forcibly" join them to a Zoom call without their permission.

Then earlier this January, the company squashed another bug that could have allowed attackers to guess a meeting ID and join an unprotected meeting, potentially exposing private audio, video, and documents shared throughout the session. Following the disclosure, Zoom introduced default passwords for each meeting that participants need to enter when joining by manually entering the meeting ID. And finally, just over the weekend, Zoom updated its iOS app after it was caught sending device information and a unique advertiser identifier to Facebook using the social network's software development kit (SDKs) and concerns were raised over its failure to disclose the data sharing in its privacy policy. Highlighting some of the privacy risks associated with using Zoom's products, The Electronic Frontier Foundation (EFF) said hosts of Zoom calls can see if participants have the Zoom video window active or not to track if they are paying attention. Administrators can also see the IP address, location data, and device information of each participant. To safeguard yourself from such threats, it's essential that the apps are kept up-to-date, and be on the lookout for emails from unknown senders and lookalike domains that contain spelling errors. Besides this, also don't open unknown attachments or click on promotional links in the emails, the cure for Corona will not arrive via email, and also ensure you're ordering goods from only authentic sources.

Resource: https://thehackernews.com/2020/03/zoom-video-coronavirus.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29&_m=3n.009a.2195.hn0ao0e6il.1dho

 
  0 Comments
0 Comments
Continue reading

How to Protect Yourself And Your Family from COVID-19

CoronaVirusHeader-Final-3

Know How it Spreads

  • There is currently no vaccine to prevent coronavirus disease 2019 (COVID-19).
  • The best way to prevent illness is to avoid being exposed to this virus.
  • The virus is thought to spread mainly from person-to-person.
    • Between people who are in close contact with one another (within about 6 feet).
    • Through respiratory droplets produced when an infected person coughs or sneezes.
  • These droplets can land in the mouths or noses of people who are nearby or possibly be inhaled into the lungs.

Take steps to protect yourself

Clean your hands often

  • Wash your hands often with soap and water for at least 20 seconds especially after you have been in a public place, or after blowing your nose, coughing, or sneezing.
  • If soap and water are not readily available, use a hand sanitizer that contains at least 60% alcohol. Cover all surfaces of your hands and rub them together until they feel dry.
  • Avoid touching your eyes, nose, and mouth with unwashed hands.
 
 

Avoid close contact

Take steps to protect others

Stay home if you’re sick

 

Cover coughs and sneezes

  • Cover your mouth and nose with a tissue when you cough or sneeze or use the inside of your elbow.
  • Throw used tissues in the trash.
  • Immediately wash your hands with soap and water for at least 20 seconds. If soap and water are not readily available, clean your hands with a hand sanitizer that contains at least 60% alcohol.
 
 

Wear a facemask if you are sick

  • If you are sick: You should wear a facemask when you are around other people (e.g., sharing a room or vehicle) and before you enter a healthcare provider’s office. If you are not able to wear a facemask (for example, because it causes trouble breathing), then you should do your best to cover your coughs and sneezes, and people who are caring for you should wear a facemask if they enter your room. Learn what to do if you are sick.
  • If you are NOT sick: You do not need to wear a facemask unless you are caring for someone who is sick (and they are not able to wear a facemask). Facemasks may be in short supply and they should be saved for caregivers.

Clean and disinfect

  • Clean AND disinfect frequently touched surfaces daily. This includes tables, doorknobs, light switches, countertops, handles, desks, phones, keyboards, toilets, faucets, and sinks.
  • If surfaces are dirty, clean them: Use detergent or soap and water prior to disinfection.

To disinfect:
Most common EPA-registered household disinfectants will work. Use disinfectants appropriate for the surface.

Options include:

  • Diluting your household bleach.
    To make a bleach solution, mix:
    • 5 tablespoons (1/3rd cup) bleach per gallon of water
      OR
    • 4 teaspoons bleach per quart of water

    Follow manufacturer’s instructions for application and proper ventilation. Check to ensure the product is not past its expiration date. Never mix household bleach with ammonia or any other cleanser. Unexpired household bleach will be effective against coronaviruses when properly diluted

  • Alcohol solutions.
    Ensure solution has at least 70% alcohol.
  • Other common EPA-registered household disinfectants.
    Products with EPA-approved emerging viral pathogens pdf icon[7 pages]external icon claims are expected to be effective against COVID-19 based on data for harder to kill viruses. Follow the manufacturer’s instructions for all cleaning and disinfection products (e.g., concentration, application method and contact time, etc.).

Resource: https://www.cdc.gov/coronavirus/2019-ncov/prevent-getting-sick/prevention.html

 

  0 Comments
0 Comments
Continue reading

How Teams Can Stay Connected and Productive When Working Remotely

working-remote

It’s important to keep in mind the principles behind good teamwork. Agility is based on not only the capabilities of our processes and delivery pipelines, but also lives in Datto's Engineering cultural mindset and communication practices within our teams.

For example, Datto is in a good position to support the needs of fully distributed Agile teams and we’ve been around the block with this setup for a while. 

Whether you’ve worked on a team with members across different geographic locations, or if you have full remote employees on your team already, we have ways to work within the confines of temporary team member isolation.

Here are some tips and suggestions for how your company can stay productive and communicative during your time working from home:

  1. Communication tools need to be your go-to solution
    • Zoom will be your best friend. Ask yourself “is this conversation better-suited face-to-face?” If so, book 15 minutes with someone over Zoom instead of managing these communications over a tool like Slack. It will go the distance for keeping you and your teammates in sync.
    • Slack is a great way to continue moving through our processes and asking necessary questions to team members. This is a rapid way to get answers and to communicate small needs or changes with the group.
    • Jira should be treated as a log for all progress and impediments for your work. Please keep your tickets hygienic and utilize the commenting + user tagging features to keep your team members in sync on sprint items. If you’re struggling with managing tickets, please reach out to your Scrum Master for guidance and assistance.
    • Don’t be afraid to just pick up the phone and call someone. Share your cell number or a Google Voice number with your colleagues when you need to have a quick conversation.
  2. Block off “Do Not Disturb” time on your calendar each day
    • Slack and other communication tools, especially when remote, can become your entire day if you don’t manage your time appropriately. Establishing blocks of time where you request to not be interrupted so you can concentrate on your work are crucial.
    • Utilize the Slack “Do Not Disturb” feature to limit your notification overload. Getting constantly pinged can be overwhelming for anyone; do your best to reduce distractions when you need to go heads down on problem-solving for an hour.
  3. When you’re in a Zoom meeting, turn on your camera and pay attention
    • It’s easy to get distracted by Slack or other inquiries you’re receiving when you’re on a Zoom meeting, especially when you can’t just close your laptop like when you’re in a conference room with team members. The only way to avoid this is to turn off notifications and focus on the content in the session.
    • Turning on your camera allows people to read your expressions and interact with you more effectively. Additionally, it gives you the incentive to be present in the meeting instead of handling other issues during the call. No one wants to be called out for not paying attention.

Working from home is about balance. Make sure you take frequent breaks and monitor your working hours as you would if you were commuting. It’s easy to burnout when you work from home, so talk with your manager if you feel that you are struggling to be productive. Use the tools you have at your disposal to continue being effective contributors and collaborators with your remote team members.

 

Resource: https://www.datto.com/blog/how-teams-can-stay-connected-and-productive-when-working-remotely?utm_campaign=na-blog-how-teams-can-stay-connected-and-productive-when-working-remotely&utm_medium=Social&utm_source=203

  0 Comments
0 Comments
Continue reading

Ransomware Beware

Ransomware-attacks-2017

Ransomware is a hot topic in the business world today. Organizations continue to fall victim to hackers that send unsolicited phishing emails to employees that result in all files the employee has access to being copied, encrypted, and the original copy being deleted. As a result, the only way to get the data back is to pay the ransom, or at least that’s what the hacker claims. There’s no guarantee the data will ever be unencrypted, and there’s no guarantee the hacker will not ask for more money once the first ransom is paid.

Some companies rely on their backups to overcome ransomware attacks. If the data is backed up, the last backup can restore the data back to its previous state. That can solve the problem, but every time there is another ransomware attack, companies are just relying on their backups to save their data. This is just a band aid type of fix.

So how do you reduce your chances of a ransomware attack?

There are two ways malicious actors are getting access with phishing:

  1. Through a link that sends the employee to a malicious page that requires credentials for login. The login page is masked with a legitimate website skin to make the login page look real. On that page credentials are submitted from the user over HTTP and are accessible to the email sender. Once the malicious actor has credentials, they log in and upload the encryption software and it starts the copying and encryption process.
  2. Through a file attachment that when downloaded, it starts the copying and encryption process.

Let’s focus on Option 1 – The Link

If you train your employees to follow these basic checks, you will drastically decrease the chances of falling victim to ransomware.

  1. If the URL is http, do not enter your credentials and delete the email.
  2. Hover over the hyperlink in the email and look at the URL displayed for that link in the bottom left hand side of the email window. If the URL is not the same as the normal URL then it is a phishing attempt.
  3. Although not the best or recommended practice, you can copy the link from the hyperlink and paste it in the browser to see if it is legitimate.

Unfortunately, employee error is not bullet proof, so how do you protect from ransomware if someone gets access to your environment? Stay tuned for the next blog where I discuss, “How to set up access control permissions to your sensitive data”!

Resource: https://blog.pulsarsecurity.com/ransomware-beware

 

 

 

 

 

  0 Comments
0 Comments
Continue reading

How COVID-19 is Impacting the Cyber Security Framework of Businesses

covid-19-cyber

“Panic won’t get you through this, a clear head will.”

– Steve Morgan, Editor-in-Chief

Northport, N.Y. – Mar. 23, 2020

Founders and CEOs of U.S. businesses are paddling through an economic and workforce sea change. Robert Herjavec, a Shark on ABC’s Shark Tank and CEO at Herjavec Group, has brutally honest and compassionate words of wisdom for anyone that will listen.

How long can my business survive with our current cash reserve? Are we prepared to support and secure a 100 percent remote workforce?

We spoke to Herjavec about the grim reality of how the Coronavirus outbreak is affecting U.S. entrepreneurs, and what they should do — from an emotional standpoint, and technology-wise.

“Don’t Panic” is Herjavec’s overriding message. That doesn’t mean there isn’t a reason to worry. The truth is that employers are faced with the very real prospect of their businesses drying up quickly and layoffs.

 

Every company is different, and Herjavec doesn’t have a magic answer for anyone of them. But he does offer up a message for the psyche that can make a big difference — perhaps even the difference between going out of business and surviving: “Panic won’t get you through this, but a clear head will.”

If you can’t eliminate the panic, then limit it, advises Herjavec.

“Start to control the things you can. The biggest thing you can control is yourself. Limit the amount of negative news you are taking in.”

An equally important message from Herjavec to entrepreneurs is a sobering one — and it’s best received in a calm state of mind. He says right now it’s about survival for many businesses, especially smaller ones with little to no financial cushion. “Do what you can to stay in business.” He says that federal aid will take a little while to reach those in need, and you can’t bring a company back from the dead.

Our discussion with Herjavec is good for the psyche in more ways than one. He has a couple of quick stories that will make you laugh. Have you heard the one about the guy who was so lonely that he intentionally clicked on a phishing email from Apple tech support? Or the one about Herjavec getting pulled over by the police — while he was driving a golf cart? Listen here.

We all need to remember who we are, at our core. Herjavec reminds us. “Our primary baseline is hope. People are going to dream again and build and have hope.” There will be light at the end of the tunnel. Entrepreneurs never die, they start up again.

On the podcast interview, Herjavec has pointers on cybersecurity for newbies to the home work scene. His firm provides this advice for COVID-19 and secure remote access communications.

The Shark has generously agreed to give our listeners some more of his time. Stay tuned. We’ll be back with another discussion.

 

Resource: https://www.herjavecgroup.com/robert-herjavec-advice-us-entrepreneurs/

 

 

 

 

 

 

  0 Comments
0 Comments
Continue reading

Here’s what to look for in a work-from-home VPN

VPN

Virtual private networks, also known as VPNs, provide people who work from home extra online protection from hackers. The software creates a secure connection with another network and then encrypts traffic between those two points.

With many office workers and students required to “shelter in place” because of the coronavirus pandemic, VPNs are in much greater demand these days. But choosing the correct one can be complicated.

Many large employers provide laptops loaded with VPNs, which they pay for. There are also dozens of VPN services people can subscribe to on their own for around $10 per month.

But there are also a number of free services, which often come with a cost: Users give up some of their personal data.

“The great majority of free VPNs make money from intrusive advertising and selling your browsing data,” Simon Migliano, head of research at Top10VPN.com, a privacy research and VPN review site, tells Fortune. “Ironically, your privacy can be impacted more by using a free VPN than by using nothing at all.”

What to look for when shopping for a VPN

Experts say the choice of a VPN should be based on when, why, and where it will be used. Many VPNs perform well for one or two specific purposes, such as privacy, streaming, gaming, or accessing material in a country where the Internet is censored.

Robert Siciliano, CEO of security education company Safr.me, says it’s okay to download certain free VPNs that also offer a paid version. Examples include TunnelBear and Windscribe.

“They’re usually a little bit slower,” he tells Fortune about the free VPNs. “However by downloading the free version, one can get a general idea if they enjoy the product. Additionally once a user downloads the free version, after a short period of time they often receive multiple offers at a discount.”

Migliano, from Top10VPN.com, recommends that people avoid simply searching Apple’s and Google’s app stores for a VPN without doing prior research. He says app stores feature a “minefield of highly risky free apps” in their top search results.

“Instead, try Googling around, reading review sites, and getting an idea of who the established brands are,” he says.

He also recommends signing up on a highly respected VPN provider’s website and following its link to download an app. In that way, users can bypass the dodgy rivals in app stores. Furthermore, legitimate companies will have a policy that explains how they handle personal data. In some cases, the policies are quite readable, unlike many privacy policies online.

Bill Conner, CEO at SonicWall, a network security company, says smaller companies that typically haven’t had a need are now clamoring to set up VPNs because their workers are at home and need to access confidential company information.

“The mobile workforce is increasing, leaving many organizations scrambling for virtual private network licenses to ensure employees’ company-owned and personal tech products are secure,” he tells Fortune.

The stakes in choosing a VPN are high. An investigation by Buzzfeed News earlier this month found that a number of free VPN apps from analytics company Sensor Tower had been quietly collecting user data.

Those apps, including Free and Unlimited VPN and Luna VPN—were recently available for download in the Google Play store. Luna VPN is still available in Apple’s App Store.

The apps required users to install a root certificate, which enables the app maker to essentially follow users as they browse the Internet. A spokesperson tells BuzzFeed News the company collects only anonymized information about how these apps are used, however experts say the report is another example of why it’s important to do research before choosing a VPN.

The top reasons for using a VPN

As of January 2020, as many as 31% of Internet users worldwide use a free or paid VPN, according to Top10VPN.com. While growth has been slow but steady, adoption doubled last year to 7% from 3.5% in 2018.

Nearly one-quarter of VPN users in the U.S. and the U.K. also rely on a VPN to access streaming content that could be restricted in their countries owing to licensing agreements. (For instance, Americans in the U.K. who want to watch the latest episode of Saturday Night Live would need to use a VPN, since they’re outside the U.S.)

Failing to install a VPN has risks. With more people now working from home, there’s an opportunity for “wardriving,” a cybersecurity term for people who drive around and look for vulnerable Wi-Fi networks to hack.

“To a wardriver, an apartment block in a nice part of town now represents dozens of opportunities to access the data of residents working from home with potentially valuable data,” Migliano, from Top10VPN.com, says. “Again, anyone using a VPN would be protected in such a scenario.”

Resource: https://fortune.com/2020/03/20/vpns-what-to-look-for-work-from-home/

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  0 Comments
0 Comments
Continue reading

Core Internet players will 'easily absorb' COVID-19-induced traffic surge, Internet Society says

covid-19

Amid lockdowns, school closures and an influx of at-home workers as part of efforts to control the spread of COVID-19, questions are swirling about whether the world's Internet infrastructure will buckle under the stress of the anticipated surge in data usage.

While the impact and effects of those spikes will vary by region and by individual ISPs, one leading industry organization believes that the Internet core infrastructure is positioned to cope with what's to come.

"Many are wondering if the Internet can handle the strain of rapid traffic growth and increased latency," David Belson, senior director of Internet research and analysis at The Internet Society, wrote in this blog post. "Will it cause a catastrophic failure of the Internet? The answer: not likely."

"Core Internet infrastructure providers should be able to easily absorb the increase in traffic and demand, especially if the growth is gradual over a period of days, weeks, or months," Belson added. He noted that cloud infrastructures should have sufficient additional compute, storage and bandwidth capacity "to scale their systems as necessary."

While that view is largely centered on content delivery infrastructure players such as Akamai and Google, Belson adds that Internet Exchange Points will also help keep traffic local and the overall load in check.

But the "tools themselves" represent the more likely place for failure, he added, pointing to recent problems in China where streaming services and apps such as Baidu's iQivi, DingTalk (a videoconferencing service) and WeChat experienced crashes due to increased traffic following the spread of COVID-19.

ISP action
Meanwhile, closer to home (and the business), cable operators and telcos are also confident they can handle the coming load or have updated their individual services or policies to help prepare for it.

"Our network is built to sustain maximum capacity during peak usage, which is typically in the evenings, so a surge during the day would be well within our capabilities to manage," said an official with Charter Communications, which completed its DOCSIS 3.1 network upgrade more than a year ago. "We also offer a low-cost, high-speed broadband program for low income households to help them get online. Charter continues to closely monitor the situation and has business and workforce continuity plans in place and will adjust these plans as appropriate to best serve all our customers."

Update: Charter announced Friday that, starting March 16, it will commit over the following 60 days to offer free broadband and Wi-Fi access up to 100 Mbit/s to homes with students without a broadband subscription from the MSO (Charter will also waive install fees for new student households); to partner with schools about tools for remote learning; and open up Wi-Fi hotspots in its footprint for public use. Charter, which does not cap its residential broadband service, added it will continue to offer Spectrum Internet Assist, a low-cost broadband program delivering speeds up to 30 Mbit/s downstream.

Meanwhile, Comcast, in response to the COVID-19 pandemic, announced on Thursday that qualifying families can sign up for 60 days of complementary Internet Essentials service, an offering tailored for low-income households that regularly sells for $9.95 per month. Comcast also upgraded the speeds of Internet Essentials from 15 Mbit/s down and 2 Mbit/s up, to 25 Mbit/s down and 3 Mbit/s up on a going forward basis. That move also enables Internet Essentials to match the FCC's current speed definition of "broadband." Like Charter, Comcast has also completed its D3.1 network upgrade, enabling downstream speeds up to 1 Gbit/s.

Looking beyond the individual activities of cable operators, the NCTA–The Internet & Television Association, announced this week that, so far, its members in local areas most affected by the COVID-19 outbreak "have reported modest, but manageable changes in consumer Internet usage."

"We remain vigilant in monitoring and managing network performance around the clock and are confident that our networks will perform well in adapting to any changes in consumer behavior that may result as a consequence of a community's response to COVID-19," the organization added.

On the telco side, AT&T has also prepared for an expected surge in usage, announcing Thursday that it is waiving Internet data overages for customers on usage-based service plans and that it will continue to offer Access from AT&T, a service for qualified low-income households delivering up to 10 Mbit/s, for $10 per month.

As reported by Light Reading on Thursday, Verizon said it has increased network spending for 2020 by about $500 million – to a range of $17.5 billion to $18.5 billion versus earlier guidance of $17 billion to $18 billion, partly in response to the expected effects of COVID-19.

More feedback sought
According to Multichannel News, a dozen Democratic House members have contacted the CEOs of several major service providers (including AT&T, Comcast, T-Mobile, CenturyLink, Altice USA, Verizon and Frontier Communications) to explain how they are preparing to deal with possible closures and disruptions related to the COVID-19 pandemic.

That inquiry included a focus on millions of school-aged children without access to home broadband, how the service providers are preparing for a possible increase in customer calls, and how a shift from commercial traffic to more residential traffic over a long period could strain networks.

Additionally, FCC Chairman Ajit Pai spoke with broadband providers and trade groups on Thursday about plans related to the COVID-19 pandemic, including an expansion of discounted service for low-income people and the easing of data limits, according to Axios. The FCC is expected to share more details today, the report said.

 

Resource: https://www.lightreading.com/optical-ip/fttx/core-internet-players-will-easily-absorb-covid-19-induced-traffic-surge-internet-society-says/d/d-id/758202?es_sh=a27466d22bac753db5e6530c433fcda7&es_ad=238296

  0 Comments
0 Comments
Continue reading

Hackers are using coronavirus concerns to trick you, cybersecurity pros warn

coronavirus-march-2020

Hackers and cybercriminals have been leveraging the hype and fear connected with the growing COVID-19 pandemic as a tool to steal passwords and data.

Coronavirus-themed domain registrations are 50% more likely to be from malicious actors, Check Point Software Technologies Ltd. CHKP-2.93% found in a study. Since that report was released last week, there have been some high-profile examples, most notably an attack aimed at a popular interactive COVID-19 tracking map maintained by Johns Hopkins University.

Noted security blogger Brian Krebs reported Thursday that the map has been targeted by hackers who are selling malware claiming to compromise the map and infect users. Johns Hopkins spokeswoman Jill Rosen said the university is aware of the malware that impersonates its COVID-19 site, and warned users to only trust the maps at its own site and one maintained by ArcGIS. The malware requires users to download software to generate the fake map, Rosen told MarketWatch.

“If you receive an email containing a link to download such an item or come across the code for the malicious app please report it immediately to the Esri incident response team through ArcGIS Trust Center security concern page,” Rosen said in a statement.

Just as doctors say frequent hand-washing and respiratory hygiene is the best defense against the coronavirus, cybersecurity professionals stress that computer users need to be more wary of what they click, such as not downloading an email attachment from an unknown source, and other tips offered by the Cybersecurity and Infrastructure Security Agency.

These ploys of tricking computer users to download malware by tapping into fear and anxiety are as old as the internet, said Charles Poff, chief information security officer at SailPoint Technologies Holdings Inc. SAIL-21%  

“Despite international efforts to quell the virus, the World Health Organization recently classified this as a global pandemic; online scammers are trying to exploit this uncertainty through phishing attempts and bunk domain names,” Poff said.

“An email seemingly from the CDC is trying to lure vulnerable people into clicking links to learn more about the virus but ultimately leading them astray,” Poff said. “Not only am I recommending people to be cautious about opening email and files received from unknown senders, but also to beware of look-alike domains that are phony websites.”

SailPoint noted that students and staff from universities that were canceling classes were also falling prey to hackers. Discovered by San Francisco-based Abnormal Security, one attack uses an email that looks like it is coming from the school’s “health team” leading to a fake login page that tries to steal the victim’s credentials.

Similarly, Proofpoint Inc. PFPT+3.64%  has found attacks using emails promising coronavirus cures, or spoofing the World Health Organization.

Check Point researchers said Thursday that they found hackers based in China have been using rich text format, or RTF, coronavirus warnings against public-sector workers in Mongolia. If a target opens the RTF document, it attacks Microsoft Corp.’s MSFT-14.74%  Word application, and seeks to take screenshots, list files and directories and download files.

“In this campaign, we observed the latest iteration of what seems to be a long-running Chinese- based operation against a variety of governments and organizations worldwide,” Check Point researchers wrote. “This specific campaign was leveraging the COVID-19 pandemic to lure victims to trigger the infection chain.”

“The full intention of this Chinese [advanced persistent threat] group is still a mystery, but they are here to stay; updating their tools and it seems they will do whatever it takes to attract victims to their network,” the researchers wrote.

“We have observed espionage actors from China, North Korea and Russia exploit this topic in spear phishing campaigns,” Ben Read, senior manager of intelligence analysis at FireEye Inc. FEYE-18.98% wrote in emailed comments.

Read said that hackers based in China have tried to attack victims in Vietnam, the Philippines and Taiwan with lures using “legitimate statements by political leaders or authentic advice for those worried about the disease, likely taken from public sources” in late February and early March.

Also Read said “TEMP.Armageddon, an espionage group that acts in support of Russian interests, sent a spear phish with a malicious document themed around the coronavirus to Ukrainian entities,” and that North Korea hackers have also sent “a Korean Language lure titled ‘Coronavirus Correspondence’” to South Korean victims.

“We expect continued use of coronavirus themed lures by both opportunistic and targeted financially motivated attackers due to the global relevance of the theme,” Read said.

The unprecedented uncertainty created by COVID-19 has trashed stocks, which spent Friday the 13th paring Thursday’s losses. On the week, the Dow Jones Industrial Average DJIA-12.93%  fell 10.4%, the S&P 500 index SPX-11.98%  dropped 8.8%, the tech-heavy Nasdaq Composite Index COMP-12.32%  is off 8.1%, and the ETFMG Prime Cyber Security ETF HACK  fell 15%.

Resource:https://www.marketwatch.com/amp/story/guid/BE3AC068-6488-11EA-BBAF-956FCC553CE3

 

  0 Comments
0 Comments
Continue reading

Yet Another Utility Company Falls Victim to Ransomware Attack

ransomware-march-2020

The latest ransomware attack on yet another utility company echos the warnings from last year’s report on utilities’ readiness for a cyberattack.

Just two weeks ago, Massachusetts utility company, Reading Municipal Light Dept (RMLD), announced on their website that they had become the victim of a ransomware attack. Calling it a “targeted” attack, RMLD becomes just one of many utility companies to be the focus of cyberattacks by eleven different cybercriminal organizations.

Utility companies are known to be plenty aware of the threats, and are thinking about attacks in terms of both Information Technology and Operational Technology. But, according to Siemens, only 42 percent of utility companies rated their cyber-readiness as “high”, casting doubt on whether they are truly ready. This gives cybercriminals the upper hand, as they are ready and willing to go on the attack.

In the case of RMLD, no operational systems were impacted, and the attack was isolated. But attacks like these can go completely wrong, taking entire operations down. With Operational technology being rated as 10-20 years old, the possibility of vulnerable endpoints, applications, and browsers is high.

Utility organizations need to both work quickly to update any and all network endpoints, even if managing operational technology. For example, hosting an older OS as a VM rather than as a physical endpoint could be one way to remediate the risk older environments pose.

In addition, educating users through Security Awareness Training keeps them from engaging with suspicious and potentially malicious emails and web content – a leading attack vector for ransomware today.

It appears that RMLD got off lightly, the next utility may not be so lucky.

Resource: https://blog.knowbe4.com/yet-another-utility-company-falls-victim-to-ransomware-attack?utm_content=120256809&utm_medium=social&utm_source=twitter&hss_channel=tw-200211444

  0 Comments
0 Comments
Continue reading

Microsoft's solution for COVID-19 is a free Teams subscription for six months

teams

Microsoft has responded to COVID-19, also known as the novel coronavirus, and the increased number of work-from-home policies it's inspired, by making its paid collaboration tool, Microsoft Teams, free for six months.

Microsoft began making a free version of Teams available in 2018, but the company reserved certain features for its paid version, available with a license. It’s some of those paid features that will now be made available to customers for free for six months with a new license, according to JP Courtois, Microsoft’s executive vice president and president of Microsoft global sales, marketing and operations.

Courtois announced the changes via a tweet, referencing a blog post that talked about the need for a solution like Teams as employees increasingly work from home, self-isolating themselves from the coronavirus, especially in Asia. The news was reported earlier by Thurrott.com

The free Teams trial is actually part of a new six-month Office 365 trial for enterprises (an “Office 365 E1 trial,” specifically), according to a Microsoft representative. It includes “full meetings, collaboration and workflow capabilities,” Microsoft says.

“At Microsoft, our top concern is the wellbeing of our employees and supporting our customers in dealing with business impact during this challenging time,” Microsoft said in a statement. “For many individuals and organizations, Microsoft Teams video-conferencing, chat and collaboration are playing an important role in helping people continue to work and collaborate. By making Teams available to all for free for six months, we hope that we can support public health and safety by making remote work even easier.”

Though the free version of Microsoft Teams is remarkably full-featured for a free offering, there do remain some differences between it and the paid offering. Key paid features include a terabyte of storage per user (consistent with an Office 365 subscription) as well as scheduled Teams meetings, meeting recording capabilities and phone calls and audio conferencing. However, the first option, scheduling Teams meetings for audio calling, will also be permanently added to the free version of Teams on March 10, the spokesman said.

Google isn’t sitting idly by, either. Google said Wednesday that it is giving away free access to its advanced Hangouts Meet video-conferencing capabilities to all G Suite and G Suite for Education customers globally in response to the coronavirus, including larger meeting of over 250 people per call; live streaming for up to 100,000 viewers within a domain; and the ability to record meetings and save them to Drive. 

Clarification: Some of the paid Teams features will be available as part of the free license, but not all of them.

Resource: https://www.pcworld.com/article/3530374/microsofts-solution-for-covid-19-is-a-free-teams-subscription-for-six-months.html

  0 Comments
0 Comments
Continue reading

39 Percent of Organizations Were Victims of a Mobile Attack Despite Improved Security

mobile-attack

Brand new data from Verizon shows businesses sacrificed when it comes to mobile security; a decision that caused compromises with impacts well-beyond just a simple breach.

With so many possible attack vectors for IT to protect against, often times IT needs to cut corners in the name of simply “getting the job done.” According to Verizon’s newly released 2020 Mobile Security Index, 43 percent of organizations felt they sacrificed mobile security for reasons of speed, convenience, profitability, budget constraints, and lack of expertise. Despite this segment of organizations being lower than last year (48% in 2019), the percentage of organizations suffering a security compromise from their mobile and IoT devices increased 18 percent year-over-year (from 33 percent of organizations in 2019 to 39 percent in 2020).

These attacks weren’t minimally impactful either; according to Verizon, of those organizations suffering an attack, nearly two-thirds (66%) considered the compromise to have major impacts:

  • 59% suffered downtime
  • 56% suffered a loss of data
  • 46% saw the compromise of additional devices
  • 37% suffered reputation damage
  • 29% incurred regulatory penalties
  • 19% experienced a loss of business

So, where’s this all coming from? How are these bad guys getting in?

Easy. Mobile phishing.

The user’s oh-so-trusted mobile device increases their sense of security and lowers their sense of vigilance. And it’s not just email – in fact, it’s mostly not email that is the source of mobile phishing.

According to Verizon, 85% of mobile phishing comes from messaging, social networks, gaming, and other apps – with only 15% of attacks coming from email.

Your users need to be taught that anytime a device with access to any corporate resources is being used, they need to be security-minded. This can be achieved using continual Security Awareness Training, which teaches employees about the kinds of attacks, social engineering scams, and methods of trickery that are used to con them into engaging with malicious links and attachments.

Mobile looks to be a growing security concern – and the reason is your users.

Resource: https://blog.knowbe4.com/39-percent-of-organizations-were-victims-of-a-mobile-attack-despite-improved-security?utm_content=119103989&utm_medium=social&utm_source=linkedin&hss_channel=lcp-2225282

  0 Comments
0 Comments
Continue reading

Cut-and-Paste Phishbait

cut-and-paste-phishing

Naked Security describes a phishing campaign that’s convincingly spoofing emails from the online payment company Stripe. The email informs the recipient that an unknown device has logged into their account from an IP address in Tbilisi, Georgia, and it includes a link for the user to update their password. The attackers are using the same text and formatting contained in legitimate password reset emails, and there are few visible signs that the email is fake.

The phishing site looks slightly different from Stripe’s real login page, but most people wouldn’t notice the difference unless they looked at them side by side.

What’s significant about this campaign, however, is how quickly it was set up. Naked Security received the email just 39 minutes after the phishing site’s domain was registered. The site’s SSL certificate had also been obtained the same day. This means the attacker set up the entire site and began churning out phishing emails in under 40 minutes. Cut-and-paste phishbait, it seems, scales.

This is one of the areas where security technology can’t stay ahead of the criminals. In recent years, security companies have substantially improved their ability to detect and flag malicious sites, and many phishing sites are taken down within twenty-four hours after they go live. As this case shows, however, criminals have adapted and are now incredibly fast at standing up new phishing sites.

Naked Security says users can avoid this form of attack by never clicking on login links in emails. You should instead navigate to the site with your browser or app and log in to your account. If there’s really an issue with your account, you’ll be able to take care of it from there.

No matter how effective technical defenses become, criminals will always find a way to get to the human target. New-school security awareness training can address this problem by teaching your employees how to follow security best practices.

Resource: https://blog.knowbe4.com/cut-and-paste-phishbait

  0 Comments
0 Comments
Continue reading

Email still beats texts – for hackers phishing for your data

email-hacking

SAN FRANCISCO – Despite all the attention given to phishing attacks, and high profile hacks, email still remains the number one place where victims fall prey to bad guys. 

Business email getting compromised "is one of the oldest tricks in the book, and super effective," says Sam Small, the chief security officer for ZeroFOX, a firm that helps enterprises with security protection. 

"You get an email, it looks and feels authentic, from someone you trust and they're asking you to do something," he adds. "The next thing you know, you've sent out a bogus wire transfer and the entire organization is at risk."

Hillary Clinton's 2016 campaign manager, John Podesta, was hacked after an authentic-looking email sent to his Gmail account asked him to confirm a link. From there, the campaign's emails were given to WikiLeaks and released to the world. 

Earlier this year, we pointed out each telltale sign to look for in a phishing email, with a bogus one that arrived in our inboxes, supposedly from Chase bank. 

Baltimore-based ZeroFOX, which is funded by several venture firms, including Intel's investment arm and NEA, helps companies inspect links for phishing attacks and the like. Small is attending the RSA Conference in San Francisco, where some 40,000 plus attendees, over 625 exhibitors and many speakers are here talking digital security, passwords, biometrics and how to keep consumers and office workers safe.

His advice to consumers: Check every link before you click on it. Write to the company directly to confirm that they sent it, or call. 

We get more email than any other form of communication. "Think about it," he says. "You don't get as many texts or social media messages as you do with email. And it's really inexpensive to send them."

Services offer bulk email sends for as little as $65 for 50,000 emails, he adds. "Email addresses are easier to find than phone numbers. This is why they do it."

Your phone is the key – to everything

Mike Banic, the vice president of marketing for security firm Lookout is focused on protecting mobile devices, as opposed to laptops and desktops, since so much more of our work is being done on smartphones and tablets now. 

"On mobile, it's not just email, it's everything. Facebook Messenger, LinkedIn, WhatsApp," he says. "It's everywhere."

Indeed, the smartphone belonging to Amazon CEO Jeff Bezos was likely hacked in 2019 by the Crown Prince of Saudi Arabia via a WhatsApp direct message, according to a United Nations investigation. 

Lookout has a free smartphone app that says it automatically blocks phishing attempts and lets you "click confidently on links from Facebook, email, text messages and more." 

However, the free app is very basic. Features like safe browsing, theft alerts and customer service start at $2.99 monthly and go to $9.99 monthly. 

Ransomware attacks

Meanwhile, the other major security concern that's plaguing the nation, most notably cities, is ransomware. Cities like Baltimore, Atlanta and Greenville, North Carolina, recently found their public departments inoperable, when hackers got control of their systems and shut them down, demanding huge sums of money before they would agree to make them functional again. 

The culprit here: not phishing, but basic digital sense, says Small. Cities, companies and consumers need to update their machines with software patches and improvements to keep the machines safer. 

"This is a common problem a lot of organizations face," he says. "And it's totally avoidable."

Resource: https://www.usatoday.com/story/tech/conferences/2020/02/26/email-top-target-phishing-attacks/4867371002/?utm_content=119265587&utm_medium=social&utm_source=twitter&hss_channel=tw-200211444

  0 Comments
0 Comments
Continue reading

Experts: Expect Summer Olympics-Themed Cyberattacks in the Coming Months

olympics-2020

The business of the games will provide cybercriminals with countless options to scam participants, sponsors, and spectators using contextual details and social engineering.

So, you’re all set to go to the games this summer and then get an email about your hotel booking: the credit card came back invalid and you need to re-enter in a card number to keep your reservation. Whether your attending the Olympics as an attendee, participant, vendor, sponsor, or athlete, this simple scam could be all that needed to infect your computer with malware, steal your logon credentials to web-based email, or trick you into offering up credit card details.

"Events like the Olympics serve as an amplifier for cybercrime," said Emily Wilson, vice president of research at Terbium Labs. Everything from travel details, to ticketing, to winning a trip to the Olympics, to invoicing, and more are all viable scams organizations should be warning users to expect.

So, if your organization is planning on participating at the summer Olympics in some capacity, it’s imperative to educate users via Security Awareness Training of the possible attacks and scams that users may encounter in the coming months. Employees need to be "hypervigilant about any messages—whether email or text messages—anything you receive and be incredibly suspicious of that and assume it's fraudulent by default," Wilson said.

This security-conscious mindset is what’s needed not just as we approach the Olympics, but every day; the Olympics serve as just another storyline in a scammers arsenal. Users need the same levels of vigilance everyday, regardless of the underlying “story”.

We’ve seen very sophisticated phishing scams revolving around the Olympics in previous years; there’s every reason to believe we’ll see them again.

resource: https://blog.knowbe4.com/experts-expect-summer-olympics-themed-cyberattacks-in-the-coming-months?utm_content=119747100&utm_medium=social&utm_source=linkedin&hss_channel=lcp-2225282

  0 Comments
0 Comments
Continue reading

Verizon: More Than Half of Users Click on Multiple Phishing Links. Social Engineering, Innovation are Responsible

verizon-phishing

The latest data from Verizon’s 2020 Mobile Security Index report shows that both consumer and business users make it all too easy for cyberattackers to fool them into becoming a victim.

Think about the layered security you have in place today – each solution (whether hardware or software) uses protocol, process, rules, and workflow to ensure a consistent level of security. While not perfect, it still props up a dependable defense. With phishing attacks, this usually includes mail scanners, DNS scanning, antivirus, endpoint protection, and more – all in the name of spotting a malicious email.

Now think about your users; when a phishing attack finds a way to get around that layered security, your last line of defense is your user. Just like you do naturally when suspicious emails arrive in your Inbox, the hope is the user will easily see through the scam and will report and/or delete the email.

But, according to Verizon’s newest data, users simply aren’t helping.

  • Every day, 2 percent of all users will click on a phishing link.
  • Of those falling for phishing scams, over half (53 percent) of users fell for two or more phishing attacks, clicking on links each time.
  • Just over one-third (34 percent) of users fell for three or more attacks

With 32 percent of confirmed data breaches involving phishing, the data above should have organizations worried. Phishing remains one of the top attack vectors and, from the looks of it, users aren’t helping stop these attacks.

So, there’s one layer to add to your security strategy – Security Awareness Training. Educating users on the need to be security-minded when interacting with email and the web helps reduce the threat surface. KnowBe4 has found that industry-wide 37.9% of untrained users will fail a phishing test. Only 14.1% of those same users will fail within 90 days of completing their first KnowBe4 training. After at least a year on the KnowBe4 platform only 4.7% of those users will fail a phishing test.

From 37.9% of users to just 4.7% - that’s an 87.5% reduction in the phishing threat surface!

From what we’re seeing year after year, users are still one of the weakest links in an organization’s security chain. It’s time to take advantage of their ability to participate in the security of the organization through Security Awareness Training.

Resource: https://blog.knowbe4.com/verizon-more-than-half-of-users-click-on-multiple-phishing-links.-social-engineering-innovation-are-responsible

  0 Comments
0 Comments
Continue reading

Afraid You're Communicating Too Frequently? Rethink That.

communication-2020

This blog was co-written by Joanna Huismann and Aimee Laycock. Communication is not always easy (let’s be honest, we have all wanted to scream with frustration at our partner or a family member at some point or other). In business, we often hear about the need for effective and efficient communication. But when it comes to the goal of changing security behaviors, what does that actually mean? And, how can it be achieved?Scientists have found that the effectiveness of communicative processes plays a vital role in the prevention of security breaches and the affected organization's response to them. Frequent, collaborative and knowledge-rich communication, within and between departments, is important both for security prevention and response strategies to achieve desired outcomes (Arhin & Wiredu, 2018).

Here are some ways to ensure your security message is heard and remembered based on research by CLTRe, a KnowBe4 company, into communication and security culture: 

  1. Keep members informed. Share what steps are being taken, why they’re important, and what impact they will have, both on the business as a whole and on them individually. 
  2. Ensure that communication flows in both directions. Listen to their concerns, find out what is important to them and why. 
  3. Keep it relevant. Consider the target audience for your security communication. All employees do not need to receive all communications. Determine what level should be on the receiving end as to not dilute the effectiveness or interest. 
  4. Keep it short and sweet. Your message should be concise and easily consumable by your audience. Thanks to social media, humans have become conditioned to receiving information in small bite-sized chunks so make sure that your message is appetizer-like, not an entrée. 
  5. Up the frequency. Repeated messages are the ones most often remembered. If you are communicating quarterly, bi-annually or the dreaded… annually… it’s just not enough. Your message will be forgotten and ineffective. A good practice is to communicate weekly, and then reinforce those communications through follow-ups in the form of group discussions, 1:1’s, etc.
  6. Vary the channels. Consider how you cascade awareness messages. Is there a consistent process, tool or medium in place that encourages not only delivery of a message, but that offers a way of creating a two-way dialogue? If not, look for a way to enable this very necessary exchange. Your audience may have critical input and no way to provide it. 
  7. Encourage inter-departmental input. Where frequent communication is encouraged, employees who naturally would not communicate with others are presented with the opportunity to do so. Information security is an inter-departmental effort rather than an IT-department- only effort, and inter-departmental collaboration requires a good communication culture. Enable a way to communicate between departments and collaborate on outcomes. 

The research conducted over the past 4 years by CLTRe includes studies into communication, which consistently highlight the importance of communication quality and frequency.  Communicating the same message frequently, in unique ways, using repetition and creativity are the best ways to help ensure the message is heard and remembered. With new-school security awareness training, you can implement effective communication to your users and automate the delivery of frequent, short videos, quizzes, games or other types of engaging training content to targeted groups to keep your message fresh and top-of-mind.

In general, when explaining why certain security measures are important, we strongly recommend to also communicate why the measures are important for them. For example, explain how the measure will affect that employee’s work, how will they benefit, and what impact it will have on them. 

If addressing these points seems like an overwhelmingly large task, consider building a network of security champions or security ambassadors. Having a network of security ambassadors across different business areas can be very helpful to (a) help get the message out, and (b) have ears and eyes on the ground. For this network to be effective, though, be prepared to invest time and effort to encourage, support, and listen to your security ambassadors.

Attitudes towards security measures are more likely to be positive if members understand the necessity of the various steps that are made to secure the organization and its assets. Enlisting the help of security champions or security ambassadors can help ensure that the message is communicated using language that resonates with your target audience. New-school security awareness training can help everyone in your organization become a security ambassador for your company.

Resource: https://blog.knowbe4.com/afraid-youre-communicating-too-frequently-rethink-that

  0 Comments
0 Comments
Continue reading

US defense IT agency says data breach may have affected 200,000 people

US-defense-IT-agency-says-data-breach-may-have-affected-200000-people--990x661

The Defense Information Systems Agency (DISA), which handles IT and telecommunications support for the White House and U.S. military troops, has disclosed a data breach that may have affected 200,000 people between May and July 2019.

According to a letter sent by the U.S. defense agency to victims, Social Security numbers and other personal information stored on a system on their network might have been compromised.

 “While there is no evidence to suggest that any of the potentially compromised PII was misused, DISA policy requires the agency to notify individuals whose personal data may have been compromised”, according to the letter, dated Feb. 11, 2020.

The agency has also stated that new protocols and additional security measures have since been put in place to prevent future incidents and protect personal identifiable information.

Following the breach, DISA vows to provide free credit monitoring services to victims, and advises those concerned about identity-theft related crimes to visit the FTC’s website for additional information and prevention steps.

The agency has given no further information. Details such as who was responsible for the breach and what systems were compromised will most probably remain unknown.

The disclosure of this security breach further darkens the 2019 cyber landscape, which had already reached an all-time high in number of exposed records. The event shows that no system can be bulletproof and that sooner or later, anyone can fall victim to data breaches, even a Department of Defense (DOD) agency overseeing presidential communications.

Resource: https://hotforsecurity.bitdefender.com/blog/us-defense-it-agency-says-data-breach-may-have-affected-200000-people-22363.html?cid=soc%7Cc%7clkdn%7CH4S

  0 Comments
0 Comments
Continue reading

It Only Takes One Phish: Phishing Attack Results in Network Infiltration, IT Incompetence, and $217,000 in Paid Ransom Fees

phishing-cutch-ransomware

The recent attack on a Dutch university demonstrates much of what IT organizations shouldn’t do to avoid an attack.

According to Michiel Borgers, Chief Information Officer at Maastricht University, their network was the target of a phishing attack in October of last year that gave cybercriminals access to their network. The attackers “spent the following weeks exploring the systems and gaining credentials to access more secure parts of the infrastructure,” said Borgers. And in December, the university paid a ransom $217,000 to decrypt files.

Sounds like a pretty standard cyberattack story… until you hear all the things that went wrong.

  • Security solutions didn’t stop the phish – even with solutions in place, phishing emails made their way into a user’s Inbox, making the user the last (and, in this case, the least effective) line of defense.
  • Users played the role of the victim - as always, a user was tricked into clicking on malicious content within an email, setting the campaign in motion.
  • IT wasn’t paying close enough attention to detail – after the initial phishing email was discovered and the malicious link blocked, no additional steps were taken to ensure subsequent emails used the same URL and that the university wasn’t under a targeted attack.
  • There were too many alerts – Alert storms are all too common. Too many red flags mean IT teams are paralyzed, not knowing which alerts to follow up on. And with the bad guys apparently moving laterally around the network leveraging compromised credentials over a period of months, there must have been quite a few.

A report on the attack, what should have been done, and what the university plans on doing moving forward was published this month.

The challenges above experienced by the university demonstrate how the problem only gets worse over time. The place to stop an attack is where it’s easiest – when it’s a matter of a single email and a single user. No thousands of potential alerts, no campaigns of emails to deal with… just one user and the decision of whether to click on an attachment or not.

Security Awareness Training is one of the needs outlined in the report. The university sees this training as the key “to reduce the number of successful malicious attempts to attack.”

Lots of things can and will go wrong with IT’s ability to respond to a cyberattack.The one factor that IT generally has no control over is the user.By putting Security Awareness Training in place, IT organizations regain a measure of control by engaging with the user to play a role in organizational security.

Resource: https://blog.knowbe4.com/it-only-takes-one-phish-phishing-attack-results-in-network-infiltration-it-incompetence-and-217000-in-paid-ransom-fees?utm_content=117364333&utm_medium=social&utm_source=linkedin&hss_channel=lcp-2225282

  0 Comments
0 Comments
Continue reading

Texas Ranks Second in Number of Ransomware Attacks on Health Care Organizations

TX-ransomware-attacks

According to new data from Comparitech, since 2016 Texas has experienced 14 ransomware attacks impacting a total of 483,000 patients, and costing as much as nearly $20 Million in damages.

It sort of makes me wonder, would it make sense for bad guys to actually want to target a specific industry and geography? Would it benefit them in the form of bigger – and more frequently paid – ransoms over time? There’s a valid argument that this could be true, as no organization wants to be in the headlines as the “17th organizations this year” – it would imply the problem was obvious and they didn’t do enough to stop it.

Even if it’s pure circumstance, new data from tech researcher Comparitech shows health care organizations in the state of Texas are the second more prevalent ransomware victim. Second to California, this new data is bad news for other potential targets. We’ve seen what appeared to be a coordinated set of attacks on Texas municipalities last year. The fear in both cases is bad guys realize how “easy” it is to successfully attack these kinds of orgs, and make efforts to continue the pattern.

At the same time, there is something to be said for the unusual success rates – perhaps there is some truth in the idea that these organizations simply aren’t ready. Don’t get me wrong; I’m not saying Texans don’t know how to do cybersecurity, but I am saying there are too many cases of successful attack for any Texas-based healthcare organization to take the new data lightly and do nothing about it.

It’s time for every organization to implement proper security controls in the form of a layered security defense against malware, phishing, social engineering, etc., as well as using Security Awareness Training to educate users about attacks and elevate their ability to identify and stop phishing attacks.

Texas Healthcare is in the spotlight today. There’s nothing saying your state and industry won’t be the next trend.

Resource: https://blog.knowbe4.com/texas-ranks-second-in-number-of-ransomware-attacks-on-health-care-organizations?utm_content=117492830&utm_medium=social&utm_source=twitter&hss_channel=tw-200211444

  0 Comments
0 Comments
Continue reading
TOP