Major breaches always make the headlines, but there are increasingly more breaches that won’t make the headlines, and those are cyberattacks that target small and medium organizations.
Expectedly, large companies have the resources to implement complex IT security solutions, monitoring systems and high-tech equipment. Unfortunately for SMBs, the consequences of a breach can be severe because they are less able to handle the costs and damage.
Small businesses are vulnerable because they often do not have the budget for security measures and sometimes don’t understand the risk they face. Also, many small businesses overlook the value of the information they store, wrongly believing it to be of little interest to anyone.
Here are the main reasons why hackers prefer small organizations even more in 2021:
Untrained Staff
This is the most vulnerable and overlooked area for SMBs, especially in the pandemic when some industries were deeply affected, budgets were cut, people were laid off, etc.
However, some of the biggest hacks we have ever seen were not the result of expert hackers infiltrating complex security systems. Surprisingly, the cybercriminals simply tricked employees into handing over their sensitive information.
NOTE: According to a survey conducted by ConnectWise in 2020, over half of SMBs surveyed (57%) report lacking cybersecurity experts in their organization and 52% agree they lack the in-house skills necessary to properly deal with IT security issues.
There are often signs of social engineering and phishing attempts, but many people are not prepared to spot them. A little cybersecurity training can go a long way in keeping your organization safe.
At StratusPoinIT, we provide access to training videos and newsletters focused on numerous IT areas, we create and run phishing simulations to test your employees’ awareness to potentially harmful emails, from who opened, clicked, entered credentials, etc.
Lack of Cybersecurity Systems
Since the pandemic started, transactions, communications, data storage, etc. have taken an even more drastic shift into the cyber world, and hackers have taken notice.
It is time for businesses to react accordingly. Every small business should invest in a secure cyber environment. Without one, you expose your business to a huge risk.
So, consider improving the security of all the vulnerable connected elements such as: workstations, mobile devices, servers, and networks.
At StratusPointIT, we scan, analyze, and remediate network vulnerabilities. We ensure you have leading business-class firewalls installed with proper security controls, log-based intrusion detection supported by a Security Operations Center (SOC), active-device monitoring and alerting, etc.
Unsecured Accounts
In 2021, the email service remains a common way of spreading malware, and with more of us working from home, the risks are higher now. Therefore, you should implement an email protection solution to help your business and employees defend against the latest threats, from spear-phishing, ransomware, impersonation, and other targeted attacks.
NOTE: When setting up your passwords, do not use personal information or predictable combinations.
Passwords should not be the only line of defense especially for key accounts. Always enable multi-factor authentication (MFA) when possible. Even if your password is compromised, cybercriminals will have another, much more difficult defense line to breach.
No Action Plan
While hackers might not know whether you have a cybersecurity plan in place or not, they will find out soon enough.
Here are just a few of the questions you should ask yourself in the unfortunate event of a cyberattack:
How will you know your organization is being hacked?
How will you respond to your customers if their information is compromised?
Will you shut down your entire network if you discover a breach?
How will you mitigate the impact of a cyberattack?
Therefore, it is crucial to consult with a managed IT provider that bridges infrastructure and security services to provide you a complete solution and get your cybersecurity plan in place.
Insufficient Upkeep
Even if you install the latest and most effective cybersecurity system and train all your employees to spot phishing attempts, you are only covered for a limited amount of time.
Hackers are constantly discovering new vulnerabilities. Therefore, organizations should constantly train their staff and keep their hardware and software up to date.
Final thoughts
Small businesses can be easy targets for cybercriminals in 2021. Any personably identifiable information like phone numbers, email addresses, or credit card details is valuable to hackers who can use it to commit frauds or sell it on the dark web. Don’t let that happen and make sure your business is protected.
The Importance of Multi-factor Authentication
/in IT Security, Uncategorized /by MihaiProtect against credential theft.
NOTE: According to Verizon 2021 Data Breach Investigations Report, over 80% of hacking-related breaches are caused by stolen or weak passwords.
Business resources can be compromised by credential theft even if those resources have not been targeted initially. This might happen if a user utilizes a similar username and password (or a slightly different password) across multiple accounts. Even if their login information might be carefully protected at work, these could be stolen from a less secure account (e.g. free email service) and later used in a cyberattack.
Up to a certain point, password complexity does help combat brute force attacks and credential theft techniques in which a series of possible passwords are tested on a list of known usernames. But because modern authentication systems lock the user out after a few incorrect login attempts, attackers can only try a handful of passwords for each account. They usually succeed when they stumble upon an account whose extremely simple and popular password matches their guess.
Multi-factor authentication (“MFA”) helps make stolen credentials useless because MFA requires a user to enter a second form of identification for access, usually a temporary code sent securely to a separate device like the user’s smartphone, so under those circumstances a stolen password on its own is not enough to break an account.
Enabling MFA whenever possible is probably the most effective action IT departments can take to combat credential theft.
Achieve regulatory compliance.
The use of MFA is not yet mandatory for every industry. However, two-factor authentication (“2FA”) is a needed security measure to comply with restrictions in some key industries such as healthcare, finance, defense, government, and few other sectors.
Healthcare
The Health Insurance Portability and Accountability Act (HIPAA) was created to protect the privacy of individual healthcare information. According to HIPAA, healthcare organizations need to implement measures to enforce password security. The act does not dictate the implementation of 2FA but requires organizations to implement password security best practices.
Finance
The finance industry is using the 2FA technology for years. Each time you use an ATM, you are using 2FA – you need both your PIN and your credit/debit card to access your bank account. As more financial services are now online, financial organizations need this layer of security to protect their customers and their sensitive information.
Any organization that processes and stores card payment information also must comply with PCI-DSS. This means they may have to go a step further and provide more than just two authentication factors to ensure their security.
With millions of text passwords available online because of various data breaches, no organization should consider itself immune to a data breach, therefore 2FA, or even better, MFA, can mitigate the risk.
Defense
The US Military uses 2FA authentication via the Common Access Card (CAC) issued to active-duty military personnel, selected reserve, US Department of Defense (DoD) civilian employees and contractor personnel.
Law Enforcement
US Law Enforcement agencies who utilize the Criminal Justice Information Services (CJIS) require MFA to access the National Crime Information Center (NCIC). These examples further demonstrate the real-world application of MFA.
NOTE: Single-factor authentication systems are no longer able to provide the level of security needed to keep vital data safe and secure.
Reduce risk of data breaches.
MFA helps prevent some of the most common and successful types of cyberattacks, including phishing, credential stuffing, keyloggers, brute force and reverse brute force attacks, man-in-the-middle (MITM) attacks, etc.
By implementing MFA, you will be able to protect not only your sensitive apps, but also your virtual private network/s (VPNs).
Here are a few reasons why you should secure your VPN with MFA to ensure trusted access:
-for protection against credential theft
-for achieving regulatory compliance
-for enabling consistent access security for both on-premises and cloud applications
-for gaining visibility into all devices
-for enforcing granular access security policies.
At StratusPointIT, your business IT security is our top priority. Let us be your IT security partner.
Why cybercriminals target SMBs even more this year?
/in IT Security, Tech Tips /by MihaiMajor breaches always make the headlines, but there are increasingly more breaches that won’t make the headlines, and those are cyberattacks that target small and medium organizations.
Expectedly, large companies have the resources to implement complex IT security solutions, monitoring systems and high-tech equipment. Unfortunately for SMBs, the consequences of a breach can be severe because they are less able to handle the costs and damage.
Small businesses are vulnerable because they often do not have the budget for security measures and sometimes don’t understand the risk they face. Also, many small businesses overlook the value of the information they store, wrongly believing it to be of little interest to anyone.
Here are the main reasons why hackers prefer small organizations even more in 2021:
Untrained Staff
This is the most vulnerable and overlooked area for SMBs, especially in the pandemic when some industries were deeply affected, budgets were cut, people were laid off, etc.
However, some of the biggest hacks we have ever seen were not the result of expert hackers infiltrating complex security systems. Surprisingly, the cybercriminals simply tricked employees into handing over their sensitive information.
NOTE: According to a survey conducted by ConnectWise in 2020, over half of SMBs surveyed (57%) report lacking cybersecurity experts in their organization and 52% agree they lack the in-house skills necessary to properly deal with IT security issues.
There are often signs of social engineering and phishing attempts, but many people are not prepared to spot them. A little cybersecurity training can go a long way in keeping your organization safe.
At StratusPoinIT, we provide access to training videos and newsletters focused on numerous IT areas, we create and run phishing simulations to test your employees’ awareness to potentially harmful emails, from who opened, clicked, entered credentials, etc.
Lack of Cybersecurity Systems
Since the pandemic started, transactions, communications, data storage, etc. have taken an even more drastic shift into the cyber world, and hackers have taken notice.
It is time for businesses to react accordingly. Every small business should invest in a secure cyber environment. Without one, you expose your business to a huge risk.
So, consider improving the security of all the vulnerable connected elements such as: workstations, mobile devices, servers, and networks.
At StratusPointIT, we scan, analyze, and remediate network vulnerabilities. We ensure you have leading business-class firewalls installed with proper security controls, log-based intrusion detection supported by a Security Operations Center (SOC), active-device monitoring and alerting, etc.
Unsecured Accounts
In 2021, the email service remains a common way of spreading malware, and with more of us working from home, the risks are higher now. Therefore, you should implement an email protection solution to help your business and employees defend against the latest threats, from spear-phishing, ransomware, impersonation, and other targeted attacks.
NOTE: When setting up your passwords, do not use personal information or predictable combinations.
Passwords should not be the only line of defense especially for key accounts. Always enable multi-factor authentication (MFA) when possible. Even if your password is compromised, cybercriminals will have another, much more difficult defense line to breach.
No Action Plan
While hackers might not know whether you have a cybersecurity plan in place or not, they will find out soon enough.
Here are just a few of the questions you should ask yourself in the unfortunate event of a cyberattack:
How will you know your organization is being hacked?
How will you respond to your customers if their information is compromised?
Will you shut down your entire network if you discover a breach?
How will you mitigate the impact of a cyberattack?
Therefore, it is crucial to consult with a managed IT provider that bridges infrastructure and security services to provide you a complete solution and get your cybersecurity plan in place.
Insufficient Upkeep
Even if you install the latest and most effective cybersecurity system and train all your employees to spot phishing attempts, you are only covered for a limited amount of time.
Hackers are constantly discovering new vulnerabilities. Therefore, organizations should constantly train their staff and keep their hardware and software up to date.
Final thoughts
Small businesses can be easy targets for cybercriminals in 2021. Any personably identifiable information like phone numbers, email addresses, or credit card details is valuable to hackers who can use it to commit frauds or sell it on the dark web. Don’t let that happen and make sure your business is protected.
CEO Fraud Prevention
/in Tech Tips /by MihaiCEO fraud is a type of cyberattack in which the attacker impersonates a CEO or other executive. Hackers will most often use the CEO’s email account, or an email address that looks very similar to the CEO’s to trick a targeted employee into transferring them sensitive information or money.
Like other types of Business Email Compromise (BEC) attacks, CEO fraud attacks are very difficult for employees and legacy solutions to catch.
However, there are ways to prevent those sneaky attacks. The best plan is to combine training, cybersecurity policies, and technology.
Raise employee awareness.
Security is everyone’s responsibility. This means everyone regardless of department or role must understand how CEO frauds are pulled off by providing real-world examples to point out common red flags.
NOTE: A CEO fraud will always use seniority and urgency to motivate the target to make a certain action.
It is important to point out the lack of spelling errors. Poor spelling is usually a phishing indicator, but nowadays hackers pay more attention to details. They do a better job alluring their victims and hiding their tracks, so it is unlikely to make any spelling or grammar errors in the process.
Also, you may notice personal touches. Attackers go to great efforts to research their targets through hacking or simply by using publicly available information.
The following persuasive elements should always make you take a closer look.
The sender’s email address
Domain impersonation is a common tactic for CEO fraudsters. They shall use a very similar domain name. For instance, if the original is rsmbank.com, the one they will use is rsnbank.com in order to create confusion. Changing just one letter will be even harder to spot on mobile increasing their success rate.
The sense of urgency
The subject line, the ongoing meeting, the late invoice. Creating a sense of urgency is the general rule in social engineering attacks. Panicked people almost always will make poor decisions.
The authoritative tone
Expressions like “please send/pay immediately” are commonly used. There is a reason hackers prefer to impersonate CEOs. They are in a position of power, and people tend to do what they say without any prior check.
Playing on the target’s trust
“I am counting on you”. Everyone wants to be chosen to do a favor for a manager, director, etc.
Check the sender’s email address for inconsistencies and remember that corporate email addresses can also be hacked or spoofed.
Take a step back and think: is this really something the CEO is likely to request so urgently?
NOTE: Always verify the payment destination. Do not pay an invoice unless you know the money’s going to the right place.
While these are important lessons for your staff, training your employees regularly is paramount. Educating your staff on how to recognize CEO frauds and what to do in case they detect such attacks is therefore crucial.
Humans are often led by emotions, and they are not good at spotting the small clues that might reveal a fraudulent email. Sometimes, even security specialists can’t.
Implement best cybersecurity practice.
Beyond staff training, every thriving organization takes an all-round approach to cybersecurity that minimizes the risk of a serious impact from an attack.
Here are few very important security measures that will help protect company data from CEO frauds:
Create a system where employees can easily verify wire transfers, especially the large ones, ideally via phone.
Buy domains that are like your company’s brand name to prevent domain impersonation.
Protect all corporate email accounts and devices using multi-factor authentication (MFA).
Regularly test and patch all your software.
Ensure employees maintain strong passwords and change them frequently.
Closely monitor corporate financial accounts for any irregularities such as missing deposits, external payments, etc.
Deploy an email security solution.
All the above are extremely important cybersecurity controls, but let’s take a closer look at the final suggestion: email security solutions.
Deploy an intelligent email security solution.
Because CEO fraud attacks usually take place via email (about 90% of all phishing attacks follow this model), installing email security software is one of the most effective steps you can take to prevent this type of cybercrime.
Our solution provides real-time protection against social engineering attacks like whaling, CEO frauds, or W-2 frauds. Contact us today for more relevant information.
Data Privacy Trends To Expect In 2021
/in Tech Tips /by MihaiIn 2020, organizations faced some of the most drastic challenges to a business environment in the digital age. Companies were forced to quickly adapt, cultivate resiliency and creativity, beside focusing on meeting their customers’ expectations.
According to a study conducted by Gartner, just 12% of more than 1,500 respondents believe their businesses were prepared to face the disruption last year, but with tech adoption accelerating as a result, more businesses will turn to digital operations, products, and ecosystems to stay profitable and relevant.
Data privacy has become the #1 expectation for every consumer across the globe, growing into something more than a set of rules and regulations driven by compliance standards, but rather one of the main pillars of brand recognition and customer loyalty.
With digital adoption, more and more sensitive customer and business data are being generated, as a result, so the ramifications for data privacy can only rise.
The Context
The COVID-19 pandemic has had a major impact on data privacy and cybersecurity mainly because of the social distancing that has changed both our personal and professional lives.
One of the consequences of this pandemic was that more and more consumers opted out of in-person shopping, relying heavily on the digital marketplace. So, organizations will have everything to gain by ensuring proper data protection to maintain customer loyalty.
Nowadays, more healthcare data is being collected than before, in many cases by organizations who never have previously collected this type of information. Organizations are collecting health data to support public health outcomes, causing growing concerns in how this data is being used and hold.
More Privacy Laws
Most websites these days, and this is one of the first things you are likely to see when loading a website, will notify you about data cookies, aspects like how the website is collecting your data, what it intends to do with it, for how long your data is hold, etc. Also, you are given the option to accept or reject these data usage terms.
Those terms are a direct consequence of the EU’s General Data Protection Regulation (GDPR), which although drafted in the European Union, it imposes obligations to every organization in case it targets or collects data from people residing in EU countries.
So, expect far-reaching data privacy legislation like the GDPR and the California Consumer Privacy Act (CCPA) to come into force in more regions this year, responding to an ever-greater need of privacy protection.
Gartner data suggests that by 2023, 65% of the world’s population will have their personal data covered under some form of modern privacy regulation, up from 10% in 2020.
Data Privacy Automation
With new privacy laws coming into force, different legislation, and compliance procedures in different territories, will make it difficult for companies to keep track of which laws they must adhere to.
This has led developers to create software to automate data privacy. These can range from management platforms to handle privacy requests to filters and preference settings tools.
In 2021, we can only expect the trend of data privacy automation to become more widespread, with more software solutions being developed and more organizations purchasing automated data privacy and management solutions.
Better User Awareness
Cyber hygiene advocates have repeatedly highlighted how end users are often the weakest link in the chain allowing, either by accident or with intent, data security breaches at their organizations. This has further aggravated in 2020 as employees became familiar with the work-from-home processes.
Notorious cyberattacks such as the ones against SolarWinds and FireEye, also the Cambridge Analytica – Facebook scandal have brought the issue of data privacy to the public’s attention on a scale that has not been seen before.
Users are now actively concerned about how their data is being captured, how it is used and have even shown that they are willing to leave extremely popular platforms like WhatsApp if they feel their data is not safe.
Such data awareness is good for the user, but it could be bad for some organizations that are not transparent about which third parties are able to access sensitive data or refuse to give clients full control over what cookies they can enable.
Users are constantly discovering how much information is collected about them (spending habits, IPs, usernames, emails, etc.) how that data is used, and how cyberattacks put that information at risk.
More Data Security & Privacy Jobs
With the long-term changes brought on by the Covid-19 pandemic, along with new data privacy regulations, organizations will probably face several security challenges, driving the demand for cybersecurity talent even more.
The pandemic has changed the workplace, forcing companies to quickly adapt. The rush to support a remote workforce has led many organizations to take a leap of faith into the cloud and are now facing new security challenges having to support hybrid work environments.
Conclusion
While not all organizations are required to comply to certain data protection standards such as HIPAA, or data privacy laws like the CCPA, they should still follow data protection competencies as it is essential for them to build and maintain an environment of trust.
The Future of Cybersecurity
/in CxO Café, IT Security /by MihaiThe massive SolarWinds breach made it crystal clear that the cybersecurity threat only gets worse with time because the tools are more sophisticated, and the stakes are higher.
NOTE! According to Forrester, businesses are taking cybersecurity more seriously as enterprises are predicted to spend $12.6B on cloud security tools only, by 2023, up from $5.6B in 2018. The global cybersecurity market is estimated to grow to $270B by 2026, up from $173B in 2020.
Here is what to expect for the future of cybersecurity in the next 3-5 years.
Deep Fakes & CEO Frauds
We already know that complex voice generators can trick security software used to verify identity. A slow but steady rise in audio deep fakes that are being used in subversive activities (like CEO frauds) have also been reported. Given enough material, AI programs can learn and generate convincing fake pictures and videos that can be used to compromise organizations or individuals.
Over the next three to five years, we can expect for this to expand to video deep fakes. These tampered videos can be extremely disruptive to organizations especially from a PR angle. For instance, imagine your CEO saying something controversial that might impact how your organization is perceived.
By the time you make public that the video is fake, the damage done to your company’s reputation could be irreversible.
Protection from these fraudulent attempts will require security software to embrace AI and Machine Learning to help analyze and identify what is real and prevent leaking what is fake before it becomes an external threat.
Supply Chain Attacks
In the SolarWinds breach, the attackers were able to compromise the update process of a widely used piece of software: the Orion Platform. This was a supply chain attack – a devastating type of cyber aggression. Basically, by compromising the vendor, hackers may get access to all the vendor’s customers.
Any software company is a potential target. When it comes to hackers, especially state actors, they have the resources and skill sets necessary to orchestrate supply chain attacks, being able to penetrate even the most resourceful organizations.
Cybersecurity vendors can fall victim to such complex attacks too. In the SolarWinds case, beside about 100 organizations and 9 government agencies, another targeted company was FireEye, one of the most popular cybersecurity vendors in the industry. FireEye representatives said the attackers did not get into customer-facing systems, as they only got access to penetration tools used for security testing. But the fact that a company like FireEye got hit is disturbing because if these vendors are potentially vulnerable, most likely every vendor is.
In November 2020, another leading cyber security company, Sophos, suffered a data breach that exposed private customer information.
NOTE! Last year, security vendor ImmuniWeb revealed that 97% of the world’s top 400 cybersecurity companies had data leaks or other security incidents exposed on the dark web – and that 91 companies had exploitable website security vulnerabilities.
Supply chain attacks do not represent a new method. In 2011, RSA Security admitted that its SecurID tokens were hacked, exposing some of their customers including aerospace, arms, defense, security, and advanced technologies company – Lockheed Martin.
5G Networks
5G networks will take connectivity to the next level by increasing workforce mobility, enabling more robust automation, improving existing applications and unlocking others.
However, 5G technology will introduce advances throughout the network architecture, allowing new capabilities, but also expanding the threat surface opening the door to cyber criminals attempting to infiltrate the network. It also challenges cybersecurity teams with the issue of having to quickly learn how to identify and mitigate threats faster and without impacting the latency or user experience.
More Regulatory Complexity
As businesses are becoming increasingly digitized and more innovations come to market, regulators are going to have to respond and try to understand the impact of these technology innovations on both customer and business sides, and this will likely be expressed as laws.
Preparing for these types of trends is therefore crucial to gaining an advantage over hackers.
Finally
While 2020 has proved that we cannot predict the future, there are, however, strategic areas where organizations need to start looking at and preparing defenses. Use these trends as starting point to create a cybersecurity plan to best protect your organization. If you are not sure where to start, contact us today for professional IT security services.
StratusPointIT Recognized on CRN’s 2021 Pioneer 250 List
/in News /by MihaiCloud Overspend: Main Causes & Mitigation Solutions
/in Tech Tips /by MihaiAccording to Gartner, spending on cloud system infrastructure services is expected to grow from $44 billion in 2019 to $63 billion in 2020, reaching $81 billion by 2022.
The cloud offers a level of flexibility that companies cannot get by using in-house servers. Scaling up and down is almost always easy. Also, as we saw this year with the massive shift to working from home, if things suddenly change in the workplace, you can easily adapt by allowing people to work from wherever they need to.
Cloud computing can also be deployed faster, it can happen in minutes instead of the long time you usually need to add physical servers.
Nonetheless, the biggest difference is the cost. Not having physical servers that need maintenance will allow you to save money. Also, you do not need someone on-site to manage and maintain them. With the cloud, all of that is taken care of by the service provider.
What leads to cloud overspend?
Let’s see how that happens and what you can do to prevent it.
The Multi-Cloud Approach
Mid-size companies are using an average of seven different cloud providers for the applications and services they use. The multi-cloud approach is not bad on its own, but there are some associated costs that add up. Everything from security mitigation to reporting must be done repeatedly over your various cloud providers which is time consuming and finding someone to manage your cloud stack will generate additional costs.
Cloud Provisioning
Some executives, rather than waiting until their businesses need more capacity, they order more than needed. This usually happens because when you are running physical servers, adding more server capacity takes time. You cannot just double or triple the number of servers you are working with one week, then scale back the next week. You must order everything few weeks in advance. When you come to the cloud with the same mindset, you end up with lots of unused resources that most likely never get used but cost you money.
The real issue here is not that you end up with stuff you do not actually need, but you also lose sight of all the hidden costs associated with these services. API calls, vendor lock-in, and even premium support packages can all add to your costs if you do not pay close attention to what you buy.
Cloud’s Not Cheap
Cloud can be cheap. The problem is that it is easy to lose track of how much you are spending and where. There are many aspects that take the cloud from a reasonable expense to a considerable expense, but you can get those costs under control with the right approach.
Mitigation Solutions
Reducing cloud overspend is not quite as easy as wasting all that money was in the first place, so the effort you put into eliminating it is significant.
Pay Per Use
Firstly, conduct an audit to determine your usage habits. By analyzing your usage, you will probably discover some areas where you are spending more than needed. Things to look for include whether you are using all the features in the plan you have purchased. It is one thing to have the pro-level software suite that a company offers, but if you are not actually using a large percentage of the tools they offer, you should just drop down to the next level. The same thing goes with storage. If you have a lot of unused cloud storage space, get rid of it. In case you suddenly need more, you will not be in trouble, adding cloud resources is easy.
Audit Regularly
When you are auditing your cloud usage, verify details like the software you are using, how many people are using each tool, and how many cloud resources you are consuming. This will establish if you have got unused software licenses, if you are paying for instances that are not being used, etc. All these are areas where you are likely to find overspend. The golden rule here is to keep auditing to make sure you are not overspending again. You cannot just do it once and consider the problem solved. Auditing is going to save you a lot of money, especially in the long-term.
Cloud Optimization
Optimization will always reduce spend. A lot of what you are going to find in terms of optimization will be aspects we have already discussed in this blog, but there are other, more technical aspects you can look at to lower your cloud spending, things like: workload modeling, workload automation, and rightsizing services.
The main goal is to get the cloud working as smoothly as possible and get rid of anything that is not configured, to maximize your organization’s benefit.
Partner with Experts
Businesspeople do not have the time nor the expertise to really manage cloud spend within their organization. Therefore, partnering with a team of cloud experts can help. Not only we can provide you with a reliable team of experts to help you manage your cloud, but we can do it cost-effectively. If you are ready to reduce cloud overspend and fully optimize your business, let’s talk. We love helping our customers use the benefits of top-notch technology without breaking the bank.
StratusPointIT and Avail Technology Group combine to further expand presence in New England
/in News /by MihaiBusiness Email Compromise Attacks
/in CxO Café, IT Security, Tech Tips /by MihaiThe Business Email Compromise (BEC) attack is an increasingly popular type of cyberattack because the success rate is quite high. A BEC attack impersonates a familiar person, such as a business partner or an employee, tricking the victim into buying gift cards or transferring expensive items to the hackers orchestrating the attack.
Gift cards have become a common way for cybercriminals to steal money as they do not require bank accounts, identification documents, etc. These cards can easily be sold online for at least 60% of their initial value. Gift card scams are particularly popular around the holiday seasons.
The Context
Like the traditional phishing campaigns, BEC attacks often take advantage of topics in the news. These days, one of the main topics is the novel coronavirus. According to Check Point researchers – their team collects and analyzes global cyberattack data, SARS-CoV-2 related cyberattacks jumped by more than 30% in May 2020 alone, many of which involved email scams.
The outcome?
Several government agencies and medical facilities looking to purchase equipment unknowingly transferred money to hackers, eventually have discovered that the requested equipment does not exist and that their money was gone.
Also, in 2019, a group of attackers infiltrated and monitored the Office 365 accounts of three financial organizations. After creating fake domains for these firms and for their partners, accounts, and banks, the criminals diverted certain emails to these fake domains. Using this type of “man-in-the-middle” approach, the group behind the attack managed to request and receive money transfers worth more than $1.2 million.
BEC campaigns typically use three different methods for impersonating legitimate email accounts:
Usually, the attackers spoof real email addresses, which can be done quite easily as the SMTP protocol offers no efficient way to validate the sender. Hackers either use dedicated or public SMTP servers to deploy emails with a spoofed address.
Secondly, the attackers register and send email from a domain name like that of the actual domain they intend to spoof. For example, the registered domain may be example.co in contrast to the legitimate domain name of example.com.
Thirdly, the attackers use phishing techniques to gain control of the email accounts of the people they want to impersonate. They can then send emails from the actual account for legitimacy which facilitates their success in requesting and receiving money.
Stopping BEC attacks
Firstly, train your staff regularly about modern fraud techniques like BEC. The best training is brief, frequent, and focused. Organizations need to constantly retrain and keep security awareness messages front and center through multiple channels, including newsletters, web pages, online lessons, webinars, or presentations.
Every time irreversible actions such as money transfers are initiated, details of the transaction must be verified through additional methods such as voice communication and must not exclusively rely on email correspondence.
Review the existing protocols, and separation of duties for financial operations. Add extra controls, if needed. Remember that separation of duties and other protections may be compromised by insider threats, therefore risk reviews may need to be rechecked as well.
Create new policies related to “out of band” transactions or urgent executive requests. An email from a fellow worker’s Gmail or Yahoo account should automatically raise a red flag to staff members, but they need to understand the latest techniques being deployed by hackers. You need authorized emergency procedures that are well understood by all team members.
Review and test your incident management and spam reporting systems. Also, test your staff with simulations of incident scenarios.
Protect your email traffic with a layer of advanced email security. Make sure the email security solution you use blocks sophisticated phishing attacks like BEC. Viable email protection solutions would prevent those attacks from reaching employee mailboxes.
Protect mobile and endpoint browsing with advanced cybersecurity solutions, which among others, prevent browsing phishing websites.
Check the full email address on any message and be alert to links that may contain misspellings of the real domain name.
Regularly monitor financial accounts for suspicious transactions.
Use two-factor authentication every time you attempt to login to key applications.
Do not provide login credentials or personal information in response to an email.
In case you or your team members have encountered any suspicious activity, please let us know here. We are ready to offer your organization the professional support that it needs.
Business Data Security And Remote Working
/in Tech Tips /by MihaiLocation flexibility is one of the benefits of telecommuting, but as remote working becomes standard practice, information security becomes more of a concern.
From employees using unsecured Wi-Fi networks to workers bringing their own unsecured devices, remote work has added additional levels of security related concerns for organizations and their data.
71% of business decision makers believe that the shift to remote working during the Covid-19 pandemic has raised the likelihood of a cyber-attack.
– According to new data released by independent polling company Censuswide.
Organization leaders and their employees need to accept mutual accountability in doing what they can to protect sensitive data.
To start, business leaders should allocate funds to educate employees in regard to data security and how everyone is responsible for protecting it. They also need to initiate certain practices and procedures that will strengthen data security within their organizations.
Remote workers must also prioritize data security education and best practices, then commit to those measures.
So, what can companies and their remote workers do to protect their data? Here are few aspects to consider.
Have a BYOD Policy in place
To avoid any unnecessary disputes and the costs associated with them, it is recommended to have a carefully drafted BYOD policy in place with employees. Not having a structured policy may create disputes over what data is what and it may also compromise intellectual property protection.
Endpoint Security
Installing an endpoint agent with the ability to perform data and malware protection will provide greater assurance into securing the endpoint especially if corporate data resides on the employee’s device.
Keep Passwords Strong | Use a Password Manager
Password protection is another fairly easy way to protect your organization’s data. Some people tend to underestimate the importance of password access, using the same password from device to device- account to account. Educating remote workers about password protection is crucial to securing sensitive data. Start with the basics of how to keep passwords strong and why it is so important to not use the same one over and over.
Another way for organizations and employees to alleviate this risk is by using a password manager that will allow users to randomly generate passwords and store them safely. This way, employees can focus on their daily tasks without needing to remember all their passwords for different accounts. Also, data will remain secure and uncompromised.
Plan for authentication and authorization
Act as if a breach is inevitable to further improve the security of your company. Multi-factor authentication (MFA), monitoring access controls, and creating strong passwords are important hacks that every smart company should know by now.
Many organizations are moving to two-factor authentication (2FA) for their data security management. This method confirms a user’s identity by first requiring a username and password, as well as another piece of information, whether it be an answer to a “secret question” or maybe a PIN sent to the user’s cell phone.
Having the right authorization levels is crucial. Especially for remote workers, having access only to the necessary applications and features is the best way to go. Companies must develop the habit of granting ‘least privilege’ access rights. This means giving only the minimum permissions required by an end user.
Watch out for phishing threats
Phishing threats that target remote workers are on the rise. Usual phishing strategies include getting employees to engage with suspicious content through what seems to be essential notifications. Phishing threats often include obvious errors such as bad grammar and spelling. Well-trained and aware remote workers will be able to spot these signals.
Consider running simulated phishing campaigns to test your employee’s awareness to potentially harmful emails, from who opened or clicked shady links to who entered credentials or submitted suspicious forms.
Therefore, it is important to develop a remote working culture that takes IT security best practices as a top priority. When it comes to cyber security, organizations should plan for every possibility and leave nothing to chance. Remote workers must be trained to avoid and report any suspicious activity.