Steer Clear of Coronavirus Scams

With the world grappling with a health pandemic, scams are shocking. Regrettably, bad actors are everywhere, always looking for opportunities, and they’re seeing one in the coronavirus. This article outlines what you need to watch out for and how to stay cyber safe.

The last thing you want to read right now is that there’s another threat out there – sorry, but it’s true. Cybercriminals take advantage of fear. They take timely concerns and use them to target victims. Using the anxiety and upheaval around coronavirus is their mission.

So far, several coronavirus-related attempts to cyberscam people have been reported. There are examples of:

  • emails that appear to come from government health departments;
  • offering a tax refund to get people to click on malicious links;
  • memos to staff that appear to come from large employers;
  • COVID-19 test offerings from private companies;
  • fake websites promising to sell face masks or hand sanitizer;
  • soliciting donations to help fund a vaccine.

What to Watch Out For

Another concern is the number of bogus websites registered with names relating to COVID-19. The site can look legit but is set up to steal information or infect the victim’s computer with malware.

You may get an email promising the attached information offers coronavirus safety measures, or information shared by the World Health Organization (WHO) if you click on the link, or a similar email pretending to be from a reputable news source, such as the Wall Street Journal (WSJ).

In another example, an email impersonating a healthcare company’s IT team asked people to register for a seminar “about this deadly virus.” Anyone who didn’t question why IT was organizing the meeting clicked to register. By filling out the form, they gave their details to hackers.

What to Do

Be cautious. It’s understandable that you’re anxious, but don’t let that stop you from taking cyber precautions. You should still:

  • be wary of anything that tries to play on your emotions and urges immediate action;
  • question where emails are coming from – remain vigilant even if the communication appears to come from a reliable source;
  • hover over links before clicking them to see where they will take you – for example, in the WSJ example, the Web address was for the “worldstreetjournal”;
  • avoid downloading anything you didn’t ask for;
  • doubt any deals that sound too good to be true (“a mask that stops the virus 99.7% of the time!”);
  • ignore any communications requesting your personal information;
  • don’t be suckered by fraudulent pleas for charity.

Global health organizations generally do not send out emails with advice. Instead, navigate directly to that reputable health institution for real news.

If you’re still not sure about the validity of the communication, check it out. Do so by calling or using another medium to get in touch with the “source” of the received message.

While there is not yet a vaccine for COVID-19, you can put anti-virus protection on your computer. Also, make sure that you’ve applied all available security updates to keep your software safe.

We hope you’ll take care and stay healthy both physically and online in these tough times.

Need help installing security software and keeping your technology safe? Our cybersecurity experts can give your home a tech immunization. 

Cyberattacks and data breaches: best practices for protecting your SMB

Cyber attacks and data breaches prevention tips best practices

Small businesses or SMBs are the lifeblood of any economy and Canada is no different. If you’re a small business owner thinking that you’re too insignificant for cybercriminals, you’re wrong. Experts believe that cybercriminals typically need very little resources for mass-producing attacks. SMBs tend to be more vulnerable to cyberattacks and data breaches since they generally spend less on cybersecurity.

This article explores the best practices you should consider adopting to protect your business from cyberattacks and data breaches. 

6 Best practices for preventing data breaches in your small business

Here are six of the simplest ways you can prevent data breaches in your business.

Improve user awareness

The first step towards protecting your business against cyberattacks and data breaches is improving user awareness about the cybersecurity landscape. With over a third of cyberattacks and data breaches involving internal threat actors, this cannot be overemphasized. Experts believe that improving user awareness within your organization can overall establish your employees as a human firewall.

By improving cybersecurity awareness within your business, you’d be ensuring that your employees understand the threats likely to affect them. They’d also be able to understand how to keep themselves protected or stay away from activities that are likely to prevent a breach. 

For instance, understanding how to spot phishing attempts or tackle business email compromise from vendors would be a great start. Improved awareness will also help your employees understand the need for strong passwords and the use of multi-factor authentication. You should also consider setting up Privileged Access Management to understand and manage all the user accounts within your enterprise.

Update all systems promptly

Leaving your systems and applications running with outdated firmware or software essentially make your business vulnerable to cyberattacks and data breaches. Remaining protected will involve you taking steps like regularly installing security updates, upgrading to newer software or discarding obsolete systems. By installing updates promptly, you’d be patching up any known vulnerabilities and preventing zero-day exploits by hackers.

A quick look into the WannaCry ransomware of 2017 shows that the majority of victims could have easily avoided the cyberattack by either updating their operating system or abandoning an obsolete version of Windows.

Backup your data frequently

However hard you prepare, there’s always the chance that something may go wrong. From hardware failure to ransomware attacks, backing up your data can help you ensure that you never have to start from scratch after an incident. However, you should aim to create backups the right way. Creating backups without validating them may give you a false sense of security if you’re unable to retrieve them.

Check out our detailed backup recommendations for small businesses here.

Use Intrusion Detection and Prevention (IDS/IPS) systems

Intrusion detection/prevention systems are an essential cybersecurity component for small businesses in the digital age. They generally listen to your network for bad traffic or potential attacks and prevent your systems from communicating with bad threat actors. If you’re looking to take your small business cybersecurity a notch higher, this is one practice you should adopt.

From preventing malware attacks across your network to stopping trojans and even phishing, IDS/IPS generally stop malicious activity against your business by dropping or resetting connections.

Furthermore, you should consider setting up firewalls with IDS/IPS rather than ISP-provided routers. Home-grade routers are built to allow users to connect easily and do not generally offer any firewall protection or monitoring. However, a firewall with built-in IDS/IPS can monitor your traffic to prevent malicious activity.

Consider getting cyber insurance

If you’re wondering why we’re talking about insurance as a way of protecting your business from data breaches, don’t fret. Cyber insurance can be a vital tool in your SMB’s cybersecurity arsenal. With 60% of businesses (mostly SMBs) closing within six months of a data breach, cyber insurance can be the difference between going bust or surviving in the unfortunate event of an attack.

Cyber insurance aims to protect businesses from the consequences of cyberattacks and data breaches. Some of these consequences can include fines, compensation and loss of business. As the cyber threat landscape continues to evolve, you’ll need to understand the benefits of cyber insurance as well as its limitations for your business and industry.

Boost your vendor and endpoint security

As you probably already know, no business can operate in this digital age without relying on support from third parties or vendors. Third parties like cloud service or application providers are typically granted privileged access to your IT infrastructure to enable them to support you seamlessly. 

However, this constantly increases the risk of a cyberattack or data breach of your business. The danger here is that if there’s a cyber attack on any of these vendors, the hackers may be able to access your systems using the privileged access already granted.

Similarly, the rise of BYOD policies and culture across Canada ultimately means that your small business now has to deal with more data endpoints than ever. Without adequate endpoint security and management, you may be leaving your business vulnerable to data breaches and cyberattacks. The average cost of an endpoint cyberattack in 2019 was $9 million and zero-day attacks show no signs of slowing.

Why MSPs and MSSPs are essential for preventing and recovering from data breaches in the digital age

The costs associated with getting numerous disparate cybersecurity tools is usually a discouraging factor for Canadian SMBs. MSSPs essentially overcome this problem by offering specialized services that meet the very needs of small businesses. They also provide solutions capable of overcoming the typical challenges that businesses face today. Overall, MSSPs can help your small business by reducing and managing their cyber risks as well as offering recovery support in the event of a cyberattack or data breach.

The bottom line

With SMBs making up 98% of all businesses in Canada, it’s fair to say that they will continue to be attractive targets for cybercriminals. The relatively limited budgets SMBs allocate for cybersecurity also means that they may be falling short. However, hiring MSPs and MSSPs can help bypass this challenge. 

Contact us today to discover how our small business cybersecurity solutions can help you with preventing, detecting or responding to cyberattacks and data breaches.

The biggest data breaches in Canada and their impact on businesses

Data breaches in Canada

The digital landscape is evolving faster than anyone could have predicted and so are data breaches. As newer technologies continue to emerge, hackers have steadily improved their sophistication. From the Equifax breach to the Yahoo saga, you can easily find numerous cases of data breaches on the internet.

This article offers you insights into some of the biggest data breaches in Canada so far. You can also find out how these businesses were impacted over time. You should also expect some useful tips on how you can prevent data breaches in your small business.

Top 4 data breaches in Canada

Before delving into the top data breaches in Canada, you should understand the law surrounding the issue in general. While it was legal to avoid reporting data breaches in the past, everything changed in 2018. The Personal Information Protection and Electronic Documents Act (PIPEDA) makes it compulsory for businesses to report breaches to the authorities.

Here are some of the top four data breaches in Canada and the impact it had on businesses.

Medicentres data breach

Founded in 1979, Medicentres Canada Inc is the largest group of clinics in the country. The company is trusted by millions of patients to provide reliable healthcare services. However, Medicentres disclosed in 2014 that some of their data had been exposed to cybercriminals. So how did this really happen?

In September 2013, a laptop belonging to a consultant who works with Medicentres was stolen. The laptop contained a database of 620,000 patients who had visited Medicentres clinics in Calgary and Edmonton. Patients were even more surprised that information about the breach only came to light about four months after in 2014.

Impact of the data breach on Medicentres

Years after the lost laptop and data breach, Medicentres continues to feel the impact of the incident. When some patients found out, a class-action lawsuit for $11 million was filed against the company. This case remained in the courts until July 2016 when a settlement was agreed upon. The courts decided that Medicentres should pay out just over $700,000 for credit repair services for those affected in 2016.

The deadline for claiming compensation from this settlement was November 2016. If you were affected by this breach, you’d be unable to make a new claim now. The damage to the healthcare provider’s reputation would remain at the forefront of patients’ minds for a long time.

Since this data breach, the government has made efforts to improve Canada’s health information act as well as its privacy law.

Desjardins Group’s credit unions’ data breach

You can generally consider the data breach against Desjardins as the biggest in Canada. The company was founded in 1900 and is the largest federation of credit unions in North America. The company announced that 4.2 million individual customers and 173,000 businesses were exposed in a data breach. This figure represented the credit union’s entire clientele base.

An employee unlawfully collected data from the company and leaked them to a third-party. When the data breach occurred, there was only one suspect – a former employee. Desjardins also confirmed that personal information like names, social insurance numbers, addresses and payment information was compromised in the breach.

The company claims that this wasn’t as a result of failure in their systems. Seeing that it was from an employee, we’ll let you be the judge.

Impact of the data breach on Desjardins Group

You’d have to be invincible to experience a data breach of this magnitude and not feel any impact. Since the breach, Desjardins has improved its identity protection and now offers all customers lifelong protection including access to Equifax. There’s also a class-action lawsuit in the works although it’s yet to be certified by a Judge. Certification by a Judge is a requirement before the case can proceed.

The increase in fraud lately has also been linked to this breach since the victims’ sensitive data were exposed. 

Lawmakers are yet to determine how to respond to this data breach. In response to the breach, some believe that more should be done and others claim that the group’s response so far has been satisfactory.

If you’re a Desjardins client, you can view the steps they’re taking to protect you and your data here. You can also find details on how you can access lifelong credit protection with Equifax there.

Capital One breach

Card services provider Capital One recently experienced a data breach that exposed sensitive information related to six million Canadians. The bank holding company disclosed the breach on July 30th, 2019 and noted that it includes one million social insurance numbers in Canada.

No login credentials were exposed during this breach. However, the kind of data compromised could be used to perpetrate havoc in the long term. The FBI subsequently caught the cybercriminal involved.

How did the data breach affect Capital One?

Apart from damage to reputation, the cost of managing the blowback from this incident would no doubt be heavy. For instance, all the customers involved have had to be notified since the breach occurred. The Card provider has also had to invest heavily in cybersecurity after the incident. 

Furthermore, there’s a class-action suit that was filed in Vancouver against Capital One. It’s still early days and the suit is yet to reach the settlement stage. If you’re a Capital One customer, you can check out all the facts related to this breach and what you can do to protect your data with them here.

TransUnion breach

Just like Equifax, TransUnion also recently experienced its own breach. The nature of the information compromised and the impact they could have on the victims’ lives in the long term are some of the reasons why this breach makes the list. TransUnion announced in October 2019 that an unauthorized party was able to access the credit information of around 37,000 Canadians.

The attacker used the login details of the Canadian Western Bank in accessing the data on TransUnion’s database. This is perhaps why you should consider stepping up your endpoint security efforts. To illustrate this, when Banks request your credit information from TransUnion or Equifax, they could potentially access your former addresses, social insurance number and even existing debt information. As a result, the type and amount of data exposed could vary greatly.

Impact of the data breach on TransUnion

While they claim the breach was not as a result of failure on the part of their systems, one can only wonder whether a firewall would have prevented the third-party from accessing the service even with genuine login credentials.

Although TransUnion continues to improve its security, there may still be some fines or penalties from the government or regulatory bodies. You can also expect their reputation to suffer greatly.

Overcoming data breaches in Canada with Abrisuite

If you own or run a small business, you’d agree that preventing data breaches is essential for your survival. With Abrisuite, you can expect cost-effective managed security services solutions that help protect your small business from data breaches. With or without an IT department, we can upgrade your security to enterprise-grade at a fraction of the cost.

Our ability to provide a security solution that includes endpoint protection and network monitoring easily sets us apart from others. Here’s an outline of some of the ways we can help you prevent data breaches in your small business.

  • Advanced firewall.
  • Intrusion detection and prevention services.
  • Endpoint protection via HIPS.
  • Security Operations Centre (SOC)
  • Network monitoring.
  • Anti-virus and Anti-malware. 

Closing thoughts

As you continue to guide your small business towards success, you’ll need to understand the importance of protecting your data. You’ll need to consciously aim to limit unauthorized exposure as well as understand the consequences of failing to do so. You’ll also need to recognize the value behind working with MSSPs to deliver a solution that’s custom-built specifically for you.

Why cybercrime is the new organized crime in Canada

Cybercrime is the new organized crime

One quick thought about organized crime and you’re likely to start thinking about the New York Mafia. This is no longer the case for businesses as cybercrime is rapidly overtaking conventional crime in reality. In the past, Canadian businesses typically sought after offices in the best neighbourhoods hoping it would keep criminals away. Back then, it was safe to leave your windows open all night and return the following day without any incidents.

This mindset overtime has forged an attitude that security isn’t a major concern. The business world has however changed rapidly and having such a mindset can be very costly nowadays. The business frontline has shifted online and so has the crime. Since the internet connects everyone together, cybercriminals can easily launch attacks at any business at will.

Regardless of origins, every type of crime eventually becomes organized and cybercrime is no different. The following shows how cybercrime against small businesses has shifted online and is now more organized and targeted than ever.

The impact of cybercrime on Canadian businesses in recent times.

In 2017, Canadian businesses officially spent around $14 billion in preventing, detecting and recovering from cybersecurity incidents. On average, businesses spent between $46,000 to over $900,000 depending on their size and nature of business. 

With 88% of Canadian businesses admitting that they experienced a data breach in 2019, the cybercrime challenge is huge. It’s fair to say its impact has been far-reaching. Although many of these breaches may have gone unreported, they haven’t gone unnoticed. They definitely influence your decisions and actions as a small business owner. For instance, 95% of Canadian businesses already have some form of basic cybersecurity protection in place. However, advanced measures like intrusion detection, firewalls, and even anti-malware are more prominent in larger organizations.

What does this really mean for your small business and how does cybercrime really affect you?

Without beating around, it now affects your small business in every single way. From how you secure your website to how you store data, there’s no limit to the influence that cybercrime has on your business policies. The overall consequence of the different breaches that have occurred in the past decade is that businesses now have to think about protecting their data and systems at every given moment.

The following are some cybersecurity stats you should be aware of as a small business owner in Canada.

  • 60% of small businesses will most likely shut down within 6 months of experiencing a cyber attack.
  • Only 13% of businesses have a written policy in place for managing and reporting cybersecurity incidents. However, organizations in the banking and transportation sectors averaged over 50%.
  • Only 10% of Canadian businesses that experienced a cyber attack went on to report to the Police.
  • Canadian businesses are already losing over $3 billion annually.
  • SMEs make up 98% of Canadian businesses.

How big is the cybersecurity challenge in Canada today?

The cybersecurity challenge is so huge that not even government institutions are left out. According to Accenture, the average cost of a cyber attack in Canada is just over $9 million. From elections and military operations to business email compromise, cybersecurity challenges can be felt in all corners. So much that many already believe it’s a bigger concern than even terrorism.

The increasing frequency of cyberattacks in Canada today consequently means that you or your CISO will need to do more. You’ll need to do more to proactively protect the business from potential attacks. As more businesses continue to go digital, so will cybercriminals who continue to find ways to breach your data.

Top cybersecurity threats affecting Canadian businesses

Here are the top cyber threats that are most likely to affect your Canadian business in 2020. 

Malware and Ransomware

Ransomware attacks are widely considered as the biggest cyber threat facing businesses today. Attackers would usually use software or malware to prevent victims from accessing the files on their systems. Since the WannaCry attacks of 2017 that affected businesses worldwide, there’s hardly any week without new attacks. 

In November 2019 for instance, the Nunavut government in Canada experienced a ransomware attack. Its security systems were not trained to detect hacks like this, forcing them to shut down parts of their network. In 2019, ransomware attacks reportedly resulted in damages of over $11 billion.

DDoS attacks

Distributed Denial of Service (DDoS) attacks are also very common nowadays. It can be especially problematic without the right tools and measures. DDoS attackers typically flood their victims’ websites or services with so much traffic until it becomes overwhelmed and crashes. Alternatively, cybercriminals may also use this type of attack to redirect your web visitors to other websites.

Endpoint attacks

As more businesses move to the cloud, they’ll need to grand third-parties privileged access. These additional data endpoints, however, come with associated risks. A breach in any of their systems will most likely leave your data exposed without the right tools in place. An example of this is the Marriot attack which was the result of a booking system breach. 

With so many businesses shutting down because of ransomware attacks, it’s important to understand the true extent of their impact. For instance, The Heritage Company in the US had to shut down in December 2019. The business had failed to sufficiently respond to a ransomware attack it experienced two months earlier. This closure meant that around 300 staff were suddenly without a job.

Business email compromise fraud

If you’re a Canadian business decision-maker, you can automatically expect that you’re a target for business email compromise fraud. This threat relies on gaining unauthorized access to a business email and intercepting financial transaction communications. According to the Canadian Anti-Fraud Centre (CAFC), businesses globally (including Canada) lose over $5 billion to this fraud.

One example to remember is the City of Burlington which fell victim after hackers posing as a trusted vendor sent new payment instructions. The City had already sent over $500,000 before it realized it was a scam.

Phishing attacks are becoming more targeted

Phishing remains the cheapest method for compromising business credentials and is the topmost cyberattack vector for hackers. It typically appears as an email with links that either deliver malware to a victim’s computer or network. Hackers can also use phishing attacks to lure you into giving them your credentials.

5 reasons why you need a Managed Security Services Provider (MSSP) to tackle cybercrime

With 43% of cyber attacks now aimed at small businesses, you should need no further incentives to protect your business. Managed Security Service Providers (MSSPs) offer unparalleled benefits when it comes to securing your IT infrastructure from cybercriminals. The following highlights the top five reasons why you need an MSSP for your small business.

Cost savings

The costs associated with deploying the relevant technologies and tools required for combatting cybercrime can quickly add up especially for small businesses. However, MSSPs ensure that you do not have to break the bank by getting all these tools on your own. Similarly, hiring a complete IT team may be unthinkable for a business that’s just starting out but MSSPs ensure that you can remain protected regardless of your size or budget.

Unrivalled expertise

The exposure that comes with providing protection for a wide range of clients means that you will ultimately benefit more from using MSSPs than an in-house IT team. Nevertheless, MSSPs are also known for being an extension of your IT team so if you have one already, they can seamlessly work closely together.

Reliable support and training

From providing technical support to organizing training for your staff or in-house IT department, MSSPs can be at your beck and call when you need them.

Improved cybersecurity insights

As your business continues to generate relevant data about its security, MSSPs can help you use SIEM to analyze the data gathered from a single point of view.

Customized security solutions

Rather than getting numerous disparate cybersecurity tools that may or may not be fully relevant to your enterprise, MSSPs generally ensure that you get a fully customized security solution that meets your specific security needs.

What’s the Future of Cybercrime?

As the threat landscape continues to evolve, so will hacker sophistication. You can expect that hackers will continue to adapt to newer technologies or innovations as they come up. For instance, as the adoption of machine learning and artificial intelligence become more universal, you can expect a shift. You should also fully expect cybercriminals to swiftly adapt and become even more organized and targeted in their approach.

Closing thoughts

As cybercrime continues to be even more organized, SMEs and all businesses at large must respond decisively. A good start is by being preemptive and calculative in your approach towards preventing, detecting and responding to these threats. Over the past decade, MSSPs have proven to be reliable allies for Canadian SMEs in the fight against cybercrime. Contact Abrisuite today to experience how our suite of solutions can help your business stay one step ahead of cybercriminals.

The Top 5 IT Security Problems for Businesses

The Top 5 IT Security Problems for Businesses

Companies that suffer security breaches nearly always have one of these IT security problems. Is your company guilty of any of them?

No Backups

A shocking number of businesses are not backing up their data properly.  According to market research company Clutch, 60 percent of businesses who suffer a data loss shut down within six months.

Not only should every business be fully backing up their data, but their backups should be regularly tested to work too.  It’s a step that businesses miss surprisingly often. Many businesses don’t find out that their backup can’t be used until it’s already too late.

Reactive and not proactive

The world is constantly changing.  The IT world doubly so.  Attackers are always figuring out new ways to break into businesses, hardware evolves faster than most can keep up, and old systems fail due to wear and tear far quicker than we would like. A huge number of businesses wait until these issues impact them directly before they respond.  The result is higher costs, longer downtime, and harder hitting impacts.

By responding to hardware warnings before it fails, fixing security holes before they’re exploited, and upgrading systems before they are out of date: IT can be done the right way. Being proactive about your IT needs means systems don’t have to break or compromised before they are fixed.  The result for your business is less downtime, fewer losses, and lower IT costs.

Weak Passwords

A surprising number of people will use the password “password” to secure some of their most important accounts.  Even more still will write their own password on a post-it note next to their computer.  In some cases, many will even use no password at all. Strong passwords act, not only as a barrier to prevent unwanted entry, but as a vital accountability tool too.  When system changes are made it’s often essential that the account that made changes is secured to the right person.

With an insecure password or worse; none at all, tracking the individual responsible for reports or accountability becomes impossible.  This can result in both auditing disasters on top of technical ones.

Insufficient Staff Training

Humans in the system are commonly the weakest point in IT security.  Great IT security can be a bit like having state-of-the-art locks on a door propped open with a milk crate.  If staff aren’t trained to use the lock, it’s worth nothing at all.

Often times businesses can justify spending big on security for the latest and greatest IT defenses.  The very same firms may exceed their budget and spend almost zero on training staff to use them. In this instance, a little goes a long way.  Security training can help staff to identify a threat where it takes place, avoiding and mitigating damage, often completely. 

Weak Data Controls

Some companies can take an ad-hoc, fast and loose approach to storing professional data.  Often crucial parts can be spread across many devices, copied needlessly, and sometimes even left unsecured. Client data can be found regularly on employee laptops, mobile phones, and tablet devices.  These are famously prone to being misplaced or stolen out in the field along with vital client and security data.

It can be easy for both employees and firms to focus on the costs of devices and hardware purchased for the business.  The reality is that the data held on devices is almost always worth many times more than the device that holds it. For many firms, their approach to data hasn’t been changed since the firm was first founded.  Critical data is often held on single machines that haven’t been updated precisely because they hold critical data.  Such machines are clearly vulnerable, outdated, and prone to failure.

Common problems with simple solutions

Each of these common issues have simple solutions to secure against IT failure.  With a professional eye and expertise in the field, every business should be defended against IT issues that risk the firm.

If you need help securing your IT to protect your business, give us a call.

Cyber Security: 4 Ways To Travel Safe For Business

So your desk is buried in paper, your shelves are overcrowded with stacks of documents, and you’ve carved out just enough space for your keyboard, mouse and coffee? It’s time to go paperless, not just for your own sanity, but to streamline the entire business. It’s the one move that saves time and space while gaining flexibility for your mobile workforce. When you’re ready to adopt paperless processes, consider these 4 steps:

Working from anywhere is now as simple as accessing the internet on your device. Managers, owners, and employees are all embracing the flexibility of working while traveling, making it the new global norm. But while you were in the office, you were protected by professionally designed firewalls, security infrastructure, and robust software. As soon as you step away from the building, those protections disappear, leaving your device and the data inside at great risk.

Cyber attackers love to collect any data they can obtain, often preferring to hack first, assess value later. It doesn’t help that almost all data can be sold, including your personal details, those of your clients and suppliers, as well as your proprietary business data. These days, the information stored on your device is usually worth much more than the device itself.

Here are 3 ways a hacker will attack:

Flaunting Opportunity: Whether your employee left their laptop at a café or a thief stole the phone from their pocket, the outcome is the same – that device is gone. Hackers will take advantage of any opportunity to gain access to a device, including taking them from hotel rooms and even asking to ‘borrow’ them for a few minutes to install spyware, before handing it back.

Spoofing a Wi-Fi Hotspot: We’ve all come to expect free Wi-Fi networks wherever we go. Hackers will take advantage of this trust to create their own free, unsecure network, just waiting for a traveler to check a quick email.

Intercepting an Unsecure Network: Hackers don’t need to own the Wi-Fi network to steal content from it. Data traveling across an unsecure network is visible and available to anyone with the right software.

It’s okay, you don’t need to lock all employees inside the building or cancel all travel plans. Taking these four precautions will increase cyber safety and help protect your business data while on the go.

  1. Make a backup before you travel: In the event your device is lost or damaged, you’ll be able to replace the device with a new one and quickly restore all the data from a backup, all with minimal downtime.
  2. Don’t use public Wi-Fi: Wait until you have access to a secure network before going online – even just to check email.
  3. Use passwords and encryption: At a minimum, make sure you have a password on your device, or even better, have full drive encryption. That way, even if your data storage is removed from the device, the contents are inaccessible.
  4. Act fast after loss: If your device is lost or stolen, immediately notify the appropriate people. This might include your IT provider so they can change passwords, your bank so they can lock down accounts, and any staff who need to be aware of the breach so they aren’t tricked into allowing further breaches.

Need help with mobile cyber security? Call us today!

LetMeIn101: How the Bad Guys Get Your Password

Passwords are essential to your cybersafety. You know it, but if you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take shortcuts. Taking advantage of your laissez-faire attitude is one way bad guys access your passwords.

Incredibly, there are still people out there using “password” or “123456” in their access credentials. Some people don’t change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.

Tip: Avoid the obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.

Cybercriminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.

Tip: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.

If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.

Tip: Use a complex password with numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it unique to you.

The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.

Tip: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.

Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.

Tip: Be cautious about your online activity on computers or networks you don’t trust.

Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.

Tip: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.

These tips can help you to protect your valuable passwords. Still, setting up a password manager and amping up your internet security can help too. Need support getting ahead of the cybercriminals?

Contact our experts today!

Don’t Get Hooked By a Whaling Attack

The executives of your company are the big fish in your sea. Yet cybercriminals think of them as whales. In fact, whaling is a new cybersecurity threat targeting the C-suite level.

You’ve likely heard of phishing attacks. Phishers use scam emails or spoofed websites to obtain user credentials or financial information. This might be an email that looks like it is from your bank asking you to log in and update your details, or a supposed tax alert needing immediate action.

A vishing attack is another fraudulent attempt to steal protected data, but the cybercriminals are going to use the phone to make contact. They might pretend to be a vendor needing to confirm account details for bill payment.

There’s also spear phishing. In these cases, the attackers do their homework first and target a specific company. They scour directories and employee social media to gather information to gain credibility.

Now, there are whaling attacks, too. The high-value target is a senior-level employee. The fraudster typically also impersonates one of the target’s C-suite counterparts.

What You Need to Know About Whaling

A whaling attack uses the same methods as phishing but focuses on top-level targets. The goal is to get “whales” to reveal sensitive information or transfer money to fraudsters’ accounts.

Whale attacks are intentional. Phishing can see attackers baiting hundreds of hooks to get nibbles. In whaling, information gathered in advance adds credibility to the social engineering. The target has higher value, so it’s worth their time to appear knowledgeable and make a request to and from someone important.

The sender’s email address will look convincing (e.g. from [email protected] instead of [email protected]). The messages will have corporate logos and legitimate links to the company site. Because humans want to help, the communications typically involve an urgent matter.

Whaling attacks are on the rise. In 2016, Snapchat admitted compromising employee data after receiving an email, seemingly from its CEO, asking for payroll information.

In another high-profile example, Mattel nearly transferred $3 million to a Chinese account. Company policy required two signatures, but the attackers (taking advantage of a recent shakeup) faked the new CEO’s signature. The second executive went ahead and added a signature. The only thing that saved the company was that it was a Chinese bank holiday.

Protecting Against Whale Attacks

As with phishing or vishing, the primary way to protect against whaling attacks is to question everything. Train your key staff members to guard what they share on social media. Encourage them to question any unsolicited request. If they weren’t expecting an attachment or link, they should follow up. If a request is unusual, they should trust their spidey-sense and proceed with caution.

It’s also a good idea to develop a policy for handling requests for money or personal information. By requiring that two people must always weigh in, you’re more likely to catch a scam before it’s too late.

Also, train all your employees to look carefully at email addresses and sender names. They should also know to hover over links (without clicking on them) to reveal the full URL.

Security awareness is crucial. It’s also a good idea to test your employees with mock phishing emails.

Need help training employees or testing social engineering? Contact our experts today, call us!

Island Hopping: Not Always a Good Thing

Island Hopping: Not Always a Good Thing

The phrase “island hopping” conjures up positive images. You might think of cruising beautiful sandy beaches on a tour of tropical islands. Too bad cybercriminals have given the term a new, less pleasant spin.

Island hopping is an increasingly popular method of attacking businesses. In this approach, the cybercriminal targets a business indirectly. The bad actors first go after the target’s smaller strategic partners. So, vendors or affiliates, who might not have the same level of cybersecurity, become stepping stones to hop.

Attackers might hack into smaller businesses handling the target’s HR, payroll, accounting, healthcare, or marketing. Then, they take advantage of the pre-existing relationship to access the final destination.

Humans are trusting. Cybercriminals exploit that. With island hopping, attackers leverage the trust established between strategic partners.

It’s quite simple: attackers gain access to Company A and send a counterfeit business communication to Company B. Company B, knowing the sender, is less likely to question a download link or opening an attachment.

After all, it’s not coming from a stranger; it’s a message from perfectly pleasant Jenny at Company A. You may have in the past already shared logins to various sites/portals, or passwords to unlock zip files.

The Rise of Island Hopping

This is not a brand-new form of attack. In fact, it’s named after a military strategy which the United States used in World War II to establish a stronghold in the Pacific Islands.

Perhaps the best-known island-hopping cyberattack was seen in the United States in 2013. Retail giant Target was the aptly named target of a point-of-sale system breach. Hackers stole payment information from 40 million customers. The first “island” in the planned attack was Fazio Mechanical Services. The heating and refrigeration firm suffered a malware attack shortly before Target’s breach. Fazio’s hackers stole email credentials needed to access the retailer’s networks.

As enterprises continue to strengthen their cybersecurity, it’s predicted that island hopping will gain momentum. According to Accenture’s Technology Vision 2019 report, less than a third of businesses globally know how strategic partners secure their networks. A majority (56%) rely on trust that business partners would uphold security standards.

Preventing Island Hopping

You may be one of the islands to hop or the attackers’ final destination. It depends on your business size and industry. Either way, your business is vulnerable to malware attack, infected systems, or a data breach. Plus, if you’re the stepping stone, you’re likely to lose the target company’s business, too.

How do you prevent island hopping? First, secure your own networks and systems:

  • Follow best practices to detect and identify vulnerabilities and reduce risk.
  • Educate your employees about the dangers of business communication scams.
  • Raise awareness of phishing schemes and social engineering.
  • Require two-factor user authentication.
  • Change all default, generic, or predictable passwords.
  • Keep security up to date (patching and system upgrades are mandatory).
  • Control who can access your networks and servers.
  • Protect all endpoints (including employee devices in a Bring Your Own Device workplace).

When it comes to cyber island hopping, your business doesn’t want to be a layover or the final destination. Keep your cybersecurity borders tight to avoid unwanted visitors.

Want to make your business inhospitable to island hoppers? Work with a managed service provider. They can help assess cybersecurity, provide a plan to reduce risk, and upgrade technology. Let us support your efforts to fend off unwanted tourists.

New Evil Corp malware campaign detected by Microsoft

The Microsoft Security Intelligence group in their tweet account has published a series of tweets regarding this new malware attacks using Excel documents that are loaded with a malicious macro.  Microsoft explain that the ongoing phishing campaign is using HTML redirectors that download the macro-laden MS Excel document that drops the payload.  It is interesting that they also use an IP traceback service to track the IP addresses of machines that has been compromised by their malware.   This is the first time that this group is using this technique with this purpose.

Malicious Macro Excel File dropping the payload

This Evil Corp group is being known since at least the third quarter in 2014 for their attacks on the retail companies and financial institutions using spam attacks that were leveraged by the Necurs botnet. 

This group is also known as Dudear, SectorJ04, TA505 and Evil Corp was using this attack in one of the biggest malware campaigns earlier this week.  They change some of the tactics used in the past, they are after the data and information of the targets using the Trojan GraceWire.   

Microsoft Defender ATP provides comprehensive protection against Dudear, the software detects and blocks the malicious HTML and Excel file and payload.  Office 365 by itself is capable to detects malicious attachments and URLs used in emails.   

Microsoft Defender ATP research Team Threat Report for Dudear

The Microsoft Defender ATP research team has released a Treat Analytics report that customers read to learn more about this threat.  Detailing there the techniques and tools used by the Evil Corp.  There is also some recommendations in the report about the threat.