Tag: cybersecurity

Router malware worse than experts realize

In May, security experts discovered one of the most widespread malware infections in history. Now, they’re warning businesses and consumers that it’s even worse than their first assessment. The VPNFilter malware poses a threat to small businesses and requires immediate attention from anyone who hasn’t taken action against it.

VPNFilter recap

A team of security researchers from Cisco released a report that a strain of malware had been discovered on hundreds of thousands of routers and network devices. Originally, researchers believed it affected only Linksys, MikroTik, Netgear, and TP-Link devices.

Like many malware strains, VPNFilter infects devices that use default login credentials. But it’s worse than the average cyberattack because it can destroy router hardware and cannot be removed by resetting infected devices.

As if destroying 500,000 routers wasn’t bad enough, VPNFilter lets its creators spy on networks and intercept passwords, usernames, and financial information.

What’s new

Just two weeks after VPNFilter was discovered, security experts announced that it targets 200,000 additional routers manufactured by ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. Worse yet, VPNFilter can alter data passing through infected routers. That means when you enter a username and password into a banking website, hackers could steal that information and show you an incorrect account balance to hide fraudulent deductions.

How to stop VPNFilter

Rebooting a router won’t remove the malware, you need to factory-reset the device. Usually, all this requires is holding down the Reset button on the back of the device for 10-30 seconds. If your router has no reset button or you’re unsure whether pressing it did the trick, contact a local IT provider immediately.

Cybersecurity threats have become so prevalent that even large enterprises struggle to keep their digital assets safe. Outsourcing IT support to a managed services provider like us will give you enough capacity to deal with issues like VPNFilter as soon as they arise. Call us today to learn more.

Published with permission from TechAdvisory.org. Source.

How to defend against insider threats

First off, what is an insider threat in healthcare? An insider threat is an individual inside an organization discovered to have been accessing healthcare records without authorization. Healthcare companies must take steps to reduce the potential for insider threats, which is their top source of security incidents.

#1 Educate – The workforce (meaning all healthcare employees) must be educated on allowable uses and disclosures of protected health information (PHI) and the risk associated with certain behaviors, patient privacy, and data security. For example, when a celebrity is admitted to hospital, employees may be tempted, just out of curiosity, to sneak a look at their medical records, so this must be emphasized as a definite no-no.

#2 Deter – Policies must be developed to reduce risk and those policies must be strictly enforced. The repercussions of HIPAA violations and privacy breaches should be clearly explained to employees. They can be penalized huge amounts of money and violations can also carry criminal charges that can result in jail time.

#3 Detect – Healthcare organizations should implement technology to identify breaches rapidly and user-access logs should be checked regularly. Organizations need to have a strong audit process and ensure that they are regularly monitoring and updating access controls so only authorized personnel are looking at sensitive patient data, and that attempts by unauthorized personnel don’t go unpunished.

#4 Investigate – When potential privacy and security breaches are detected, they must be investigated promptly to limit the damages. When the cause of the breach is identified, steps should be taken to prevent recurrence.

#5 Train – Healthcare employees must undergo regular comprehensive training so employers can eliminate insider threats. From a privacy standpoint, training and education often start with the employees themselves; they learn all about data privacy right off the bat, from the first day of orientation. Still, organizations must remain vigilant and ensure that they are properly prioritizing privacy and security as cybersecurity threats continue to evolve. Healthcare organizations’ IT departments should send out different tips covering a variety of topics regularly throughout the year. And to keep these tips top-of-mind among employees, IT departments should send them via a variety of media, including emails, printed newsletters, and even memos.

Is your healthcare data secure? What other steps can you take to ensure protection for your healthcare provider from insider threats? Call today for a quick chat with one of our experts for more information.

Published with permission from TechAdvisory.org. Source.

Government agency finds way to unlock iPhones

Cellebrite, an Israel-based vendor that works with the U.S. government, has revealed that they’ve found a way to unlock practically every iPhone available on the market. It appears to be a significant milestone for law enforcement and forensic specialists, yet it’s also a potential privacy issue for Apple customers.

iPhone vulnerabilities leaked, is it true?

A couple years ago, Apple had a showdown with the FBI regarding data privacy, and this prompted them to develop exceptionally secure mobile devices. But Cellebrite has crashed the party, developing several methods to access iPhone operating systems, including the most recent version.

The engineers are now promoting their methods to private forensics and law enforcement professionals around the world who would benefit from this new service. In fact, in November 2017, the Department of Homeland Security successfully raided data from the iPhone X, most likely through the use of Cellebrite technology.

Secure your business at all costs

To protect you from this potential security issue, here are a couple suggestions from tech experts:

  1. Patching mobile devices is a crucial step for both businesses and consumers. For devices that cannot be patched, you must retire it to prevent risks.
  2. Adopting a disaster recovery plan is vital. This way, you can limit how much damage a breached gadget can cause.

Only time will tell whether Apple’s reputation and the iPhone’s security really has been weakened. Still, it doesn’t mean that you should hold off on protecting your business. Use this news to give your technology an overhaul, improve your business processes, and update your employees’ security training.

Even with all the ingenious ways to hack into systems nowadays, you felt you could count on Apple to be one step ahead of everyone — but that might not be the case anymore. Ensure that your privacy is secure and your files are still safe by strengthening your usual security practices. But if that’s too technical for you, just give us a call and we’ll take care of it!

Published with permission from TechAdvisory.org. Source.

Are hackers using your PC to mine Bitcoin?

Cryptocurrencies like Bitcoin and Monero are so popular because they’re secure and potentially worth thousands of dollars. But investors and consumers aren’t the only ones interested in them. Hackers are using malicious tactics to steal cryptocurrency, and they’re doing it with something called cryptojacking.

Hijacked hardware
Cryptojacking secretly uses your computer to calculate complex mathematical problems to generate cryptocurrency. They get inside by using phishing emails to lure victims into clicking on a link, which then runs malicious cryptomining programs on the computer. Any cryptocurrency produced then gets delivered to the hacker’s private server.

But hackers have developed an even more insidious tactic. By infecting websites with ads and plugins that run cryptojacking code, any visitor who loads the web page instantly gets infected with the malware, sending their computer’s processor into overdrive trying to generate cryptocurrency.

Unlike most malware, cryptojacking software won’t compromise your data. But it will hijack your hardware’s processing power, decreasing performance while increasing your power and cooling bills. So instead of paying for the computing power themselves, hackers can simply use thousands of compromised computers.

Surge in cryptojacking
It’s difficult to tell how much hackers are making with cryptojacking, but there’s a good chance that this type of attack will be as popular as ransomware was in 2017. In fact, for as little as $30, anyone can purchase a cryptojacking kit from the dark web to force other computers to generate Bitcoin or Monero for them.

According to several reports, even sites like The Pirate Bay, Openload, and OnlineVideoConverter are allegedly using cryptojacking exploits to diversify their revenue streams.

The biggest reason why this is becoming so popular is because it’s a low-risk, high-reward scheme. Instead of extorting money directly from the victim, hackers can secretly generate digital currencies without the victim knowing.

If it is detected, it’s also very hard to track down who initiated the attack. And since nothing was actually “stolen” (other than a portion of computing power), victims have little incentive to apprehend the culprit.

Prevention and response
To avoid cryptojacking, you need to incorporate it into your monthly security training sessions. Teach your employees to practice extra caution with unsolicited emails and suspicious links. Using ad-blocker or anti-cryptomining extensions on web browsers is also a great way to stay protected.

Beyond prevention, use network monitoring solutions to detect any unusual behavior with your computers. For example, if you notice a significant number of PCs running slower than usual, you should assume that cryptojacking is taking place.

If you’ve confirmed that it is, advise your staff to close browser tabs and update browser extensions as soon as possible.

Cryptojacking may seem less threatening than some malware we’ve discussed in the past, but it can incur real power, cooling, and performance costs to your business when several systems are compromised. To make sure you don’t end up enriching any hackers, call us today. We offer hardware solutions and cybersecurity tips to keep your business safe and sound.

Published with permission from TechAdvisory.org. Source.

Fighting ransomware with virtualization

Ransomware takes your data hostage and demands a payment for its recovery. While it may seem like there’s no other choice but to pay the ransom, you should never give in to the hacker’s demands. Before the next wave of ransomware comes around, it’s important to protect your business with virtual disaster recovery solutions.

Virtual DR
Virtual DR solutions allow you to create point-in-time copies, or “snapshots,” of operating systems, data, and virtual machines as they appear at a given point in time. These snapshots can then be loaded onto any workstation with everything still intact. In the event of a ransomware attack, administrators can essentially roll back the system to a point before the malware hit.

What’s great about point-in-time copy features is that they are automated. Just schedule the snapshots, and your virtual DR software will do the rest. And although virtual DR solutions vary, most of them have the capacity to store thousands of point-in-time copies, giving you plenty of restore points to choose from.

Why virtual DR trumps traditional DR
Traditional DR methods don’t have these features. Even though most computer operating systems have a system restore functionality, modern ransomware strains are designed to disable them. On the other hand, virtual DR software isolates point-in-time copies and restore functionality from virtual machines, which means they can’t be affected if one virtual machine was compromised with ransomware.

Another reason why traditional DR is not a great option is because there is a lot of manual labor involved. You have to copy all your data into a backup drive, reinstall applications, and reconfigure hardware. By the time you’ve recovered from the ransomware attack, the financial and reputational damage caused by downtime will have taken its toll on your business.

When recovering your system, you want as little hassle as possible. With virtual DR, you can load a clean, ransomware-free snapshot onto your system in less than 30 minutes.

However, implementing virtual DR can be complex, especially if you don’t have much IT expertise. But if you partner with us, this won’t be a problem! Call us today to get robust solutions that guarantee business continuity.

Published with permission from TechAdvisory.org. Source.

Data safety: The non-technical way

Keeping up with advancements in technology as a business owner is tough, especially when those advancements relate to information security. However, it doesn’t have to be. Here are a few physical security tips you can implement to protect your data before calling us!

Cover up your webcam

There must be some credibility to doing this if Facebook founder, Mark Zuckerberg, former FBI director, James Comey, and NSA whistleblower Edward Snowden all believe their webcams could be compromised. This is not just another paranoid celebrity reaction to ruthless paparazzi, there’s a genuine reason behind it. Kindly take a moment to consider the following scenario: hackers using your webcam to spy on you.

Though it might sound unrealistic, this actually happened on several occasions. Sometimes for purely voyeuristic reasons and sometimes what appeared to be espionage. This is a very real threat with disturbing repercussions. Hackers aim to gain personal information based on your surroundings, deduce your location, as well as spy on the people you’re with, ultimately using this information to hold you ransom, threatening to broadcast your most intimate and vulnerable moments if you don’t pay up.

Fortunately, guarding yourself against such danger is really easy and some painter’s tape over your webcam should do the trick. If you’re not confident about regular tape, you can purchase a cheap webcam cover online or at any hardware store.

Purchase a privacy shield

Think of privacy guards as those iPhone scratch protectors, but with an anti-snooping feature. These are thin covers you put on your computer, laptop or smartphone screen to limit viewing angles. Once installed, anyone trying to look at your screen from anywhere — except straight-on — sees nothing. Privacy filters are commonly used to protect work devices, particularly which display or contain critical files with sensitive data or confidential information. However, less sensitive, personal devices are still vulnerable to ‘shoulder surfing’ — the act of peeking at someone else’s screen, with or without ill intent, which is why we recommend using these protectors on all your devices.

Use a physical authentication key

Requiring more than one set of credentials to access sensitive resources is common sense, and has become standard practice for established online services. With something called two-factor authentication in place, you gain access to your account only after you’ve entered the authentication code, which the website sends to your smartphone once you’ve entered your account credentials. Until recently, two-factor authentication relied mostly on text messages that were sent to mobile phones. But professionals have now realised that phones can be hijacked to redirect text messages.

Moreover, authentication codes can be stolen, or users can be tricked into entering these codes via a convincing phishing website. If you’re looking for authentication services that cannot be hijacked, stolen or lost, your best bet is a USB or Bluetooth key you can carry on your keychain. This means nobody — not even you — will be able to access your account without the physical key. Ultimate security at your fingertips.

If you need help setting up two-factor authentication, or any IT security services, contact our experts and experience true peace of mind as we fortify your data to no end.

Published with permission from TechAdvisory.org. Source.

Think before saving logins to your browser

There are a number of reasons you should be wary of saving your password to a digital platform. Just look at Yahoo’s data breach in 2013, which leaked passwords for three billion people. Even when your password isn’t compromised, saving it to a browser could have serious implications for your privacy.

Why auto-fill passwords are so dangerous

In 2015, the average internet user had 90 online accounts, a number that has undoubtedly grown since then. This has forced users to create dozens of passwords, sometimes because they want to practice healthy security habits and other times because the platforms they’re using have different password requirements.

Web browsers and password manager applications addressed this account overload by allowing usernames and passwords to be automatically entered into a web form, eliminating the need for users to hunt down the right credentials before logging in.

The process of tricking a browser or password manager into giving up this saved information is incredibly simple. All it takes is an invisible form placed on a compromised webpage to collect users’ login information without them knowing.

Using auto-fill to track users

Stealing passwords with this strategy has been a tug-of-war between hackers and security professionals for over a decade. However, it has recently come to light that digital marketers are also using this tactic to track users.

Two groups, AdThink and OnAudience, have been placing these invisible login forms on websites as a way to track which sites users visit. These marketers made no attempts to steal passwords, but security professionals said it wouldn’t have been hard to accomplish. AdThink and OnAudience simply tracked people based on the usernames in hidden auto-fill forms and sold that information to advertisers.

One simple security tip for today

Turn off auto-fill in your web browser. It’s quick, easy, and will go to great lengths to improve your account security.

  • If you use Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords
  • If you use Firefox – Open the Options window, click Privacy, and under the History heading select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you use Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

This is just one small thing you can do to keep your accounts and the information they contain safe. For managed, 24×7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.

Published with permission from TechAdvisory.org. Source.

Big gains for small-business IT in 2017

How many new technologies did your business adopt last year? Too many? Too few? You’ve officially made it through 2017 and there’s no better time than now to review which IT fads were worth investing in, and which ones should be left in the past. Look no further than our recap of last year’s most valuable technologies for small businesses.

Small businesses love the cloud

According to research from IDC, more than 70% of businesses with 10-99 employees took advantage of cloud technology in 2017, and that number is expected to rise this year. This is largely due to IT providers demonstrating that the cloud is just as, if not more, secure than on-premises solutions. The list of possibilities for what can be hosted in the cloud on a small-business budget is getting longer every day — if you’re not devoting resources to this technology, it’s time to jump onboard.

Mobile payments earn users’ trust

Like the cloud, making credit card purchases using a mobile device suffered from a trust deficit in its early stages. For good reasons, consumers have been conditioned to treat IT security with caution, and storing financial information on a smartphone that could wirelessly transmit that information to cashiers sounded dangerous.

However, after two years of availability without any major incidents, the number of users who have used smartphone-based wallets like Apple Pay has doubled. Accepting these payments is relatively simple for small businesses and opens up new business opportunities.

Cybersecurity becomes affordable for SMBs

Ransomware had yet another year of explosive growth, and small businesses were a primary target. Thankfully, managed IT services providers met the increased demand for cybersecurity services with intelligent data backup and network protection solutions tailored for SMB budgets. There will be even more ransomware attacks in 2018, which means you should be investing in more cybersecurity services than you did last year.

The Internet of Things gains popularity

Just a couple years ago, Internet of Things (IoT) devices were novelty gadgets for people with money to burn. Everything was being connected to WiFi networks: egg trays, pet-activated video chats, belts, you name it. But due to more useful applications in 2017, nearly a third of US businesses are now taking advantage of IoT gadgets. Connected thermostats, door locks, and AI assistants make it easy to save money, increase security, and boost productivity.

“Artificial Intelligence” is widely adopted

Although we’re still far from building computers that can truly think for themselves, 2017 was the year that computers got much better at creatively organizing and interpreting data for us. From digital assistants that answer your phones to customer relationship management platforms that intelligently uncover sales opportunities, IT solutions for business are getting significantly cheaper and smarter. Experts predict that more than 30% of businesses will use AI by next year and we recommend you join their ranks.

Technology investments are no different from any other investment. There will always be risks and you should always consult with an industry expert first. When you’re ready to get more value out of your IT, give us a call and we’ll get started on your 2018 plan!

Published with permission from TechAdvisory.org. Source.