Archive Monthly Archives: May 2017

Why The Recent WannaCry Ransomware Attack is Relevant to You

About two weeks ago, cyber-security made headlines yet again when the WannaCry Ransomware attack hit several large companies around the world. It affected companies globally, reportedly hitting 230,000 computers in 150 countries. It attacked computers running Microsoft’s operating system and asked for a ransom via Bitcoin payments. There were several reasons that this WannaCry Ransomware was so successful in its attack. And, even if you weren’t affected, here’s why the whole situation is relevant to you, anyway.

Have You Been Updating Your Software?

One of the reasons certain companies were vulnerable to this ransomware attack was because they had not updated their systems. Though Microsoft had advised their users to run an update a few months prior to the attack, we know that there are always those that pay no attention to the updates.

This is, of course, one of the factors that make this WannaCry Ransomware attack relevant to you. When it comes to your cyber-security, those updates may seem unimportant. But, they are actually very important. Software companies and operating systems generally do a lot to monitor their vulnerabilities. If they let you know about a potential risk and encourage you to make updates to protect yourself, don’t ignore it.

Are Your Files Backed-Up?

Luckily, the WannaCry Ransomware attack could have been a lot worse if experts hadn’t stopped it in its tracks. However, the virus was still able to get its hands on sensitive information by encrypting the computer’s data files which it had attacked. Of course, the main goal of any ransomware is to hold a ransom (hence the name). Agencies that work to fight against these kinds of attacks encourage victims not to pay up to the hackers. And, if you were proactive enough to have your data files backed up, you won’t have to pay up. Falling victim to a ransomware attack, even one as heavy as WannaCry, won’t be as much of a crisis if you have copies of your data. That being said, you still don’t want that data in the wrong hands.

Which brings us to our next point:

Pay Attention To Your Own Network’s Security

Though it’s important you stay on top of the news to see what new threats are out there, that’s not going to help you if you’ve already been hacked. And, when you’ve got a business to run, it’s not really easy to stay on top of your system all the time, monitoring and checking for risks and if there are risks, patching up your system.

That’s why it’s a good idea to have a third party assess your systems. Those companies affected by the WannaCry Ransomware that knew about the updates but neglected them, could face serious fines. Especially if the hackers got their hands on credit card information of those company’s clients, there could even be lawsuits in order.

Therefore, it’s essential that you have your systems constantly monitored by an unbiased third party. This way, you can not only make sure you and your customers are protected from hacks like ransomware but that you’re also protected against the questions of auditors and regulators.

Though you may wonder what such a large-scale cyber attack like this has to do with you, we promise you that it’s completely relevant.

5 Add-On Tips to Ensure Your Security is at Its Absolute Best

When it comes to securing your network, there is never really such a thing as “too much.” That being said, a lot of the time people who believe they have a stable security system will neglect it after a while, especially if they’ve hired someone to look after it.

But, security isn’t just something you install and leave. In order to get the most out of your security program, it must be constantly monitored. Whether you’re doing the monitoring or someone else is doing it, these add-ons will help ensure your security is at its absolute best.

1. Add More Authentication Stages

Most of us know that a two-step verification process is a smart way to keep your systems secure. Unfortunately, as much as people know the importance of this, they still are not implementing it where they should. These days, hackers are still finding success by stealing passwords or just by guessing them.

Adding a little more authentication, such as MFA (multi-factor authentication) will help you put up more of a wall on your systems. MFA makes users present multiple forms of evidence in order to gain access to the network. This could be anything from answering personal security questions to providing two separate and unique passwords.

2. Add a Web Application Firewall

Companies and individuals alike should not rely only on a firewall to secure their system. Firewalls are easy to surpass and don’t have the capacity to block out the really serious stuff. That being said, firewalls are still good to use as long as they are combined with other forms of security.

A web application firewall is a type of firewall that can help filter out common web application attacks that are affecting security systems, like SQL Injection attacks. Of course, the best way to be sure this firewall is working properly is to change your settings to only allow apps you trust, and by checking frequently to see if blunt force against an attack would be a necessary added component thereafter.

3. Add More Security Scans and Filters Overall

When you have a lot of traffic coming into your site, that’s a good thing for business. But, it’s not really a great thing for security. Bad sites have a way of sneaking into your regular traffic stats, posing as an ordinary user. The problem is, this won’t be an ordinary web user that you think it is, but some form of Malware that can be easily overlooked.

To help prevent this, you can first add a filter to block off the URLS of these bad sites. You also need to look beyond the traffic and proceed with caution when you receive emails that include suspicious-looking links.

4. Add an Approach That Works Worldwide

In this day in age, many companies have employees that work remotely. These employees need to have the ability to access your company’s network without any hassles. But, finding a solution that lets employees log on easily while maintaining the security of your network is a bit of a challenge. Fortunately, all you need to do, in addition to using a VPN, is make sure data is encrypted at every point of the network. And, make sure your employees are being careful if and when they ever use a public Wifi network.

5. Add On the Best Security Staff There Is

When it comes to your network’s security, you can’t do it alone. Even after you implement all these add-ons, the most important thing is that your security is left in the right hands. Having an educated IT team is a start, but IT, especially one IT guy, isn’t always as prepared for such a situation as a third party provider would be. Whatever route you decide to go, it’s essential that you leave your security with the experts if you’re not already doing so.

Phishing Scam: What to Ask Yourself Before Trusting That URL

These days, most people would say that they can tell the difference between a good URL and a bad one. In fact, most people may not even consider the fact that a URL could be ‘bad’ in the first place. The only time anyone might second-guess a URL is because it would have a lot of strange numbers or characters. However, hackers know that most people are aware of this, which is precisely why they’ve gotten more sophisticated on creating URLs that will trick people.

Whether you’re a personal user or you’re the CEO of a company, here’s why you should think twice before trusting a URL, and how to recognize the signs of a hack.

It All Starts with Language

The first step in being able to identify a bad URL is by understanding what a URL is. A URL is, of course, letters that are put together to make words (or made up words) to lead you to a place on the Web. Maybe you’ve never realized it before, but, almost all URLs on the web are made of English characters. That’s because the Internet was designed initially for an English-speaking audience.

The problem is (or, rather, the benefit for hackers) is that there are many letters in the English language that look exactly the same as letters in other languages. Although these letters don’t hold any of the same phonemic significance, they can be manipulated to make fake URLS that are a mix of letters in other alphabets and English letters. This is known as an “IDN Homograph Attack.”

How to Prevent a Homograph Attack

The reason these fake URLs are able to be created is because the phisher on the other side of the screen has found a website that has let he or she create a domain in which they can take characters from different languages. While a lot of these sites are cracking down on this behavior, it’s pretty much possible to find anything on the Internet. So, one of the easiest ways to stop an IDN Homograph Attack is by restricting IDNs under your browser settings. If this isn’t an option for your company, (maybe because you work with many international businesses) new technology is coming out in various browsers that when updated, will help protect you against such attacks.

Other Ways to Detect Danger

Homograph attacks aren’t the only ways in which people are tricked into opening bad URLs. As long as you know what to look for, you can detect danger and put a halt to it before being affected.

  • Is the Site You’re Going to Secured?: Most browsers will let you know if a website is “unsafe” before continuing. If you see a warning but you’re fairly confident that it is safe, check if the site has security seals. Something as simple as seeing that green address bar can help you be sure.
  • Are the Letter Cases Different?: Typically, letter cases don’t make much of a difference when you’re trying to visit a website. But, checking the letter case on a URL, especially if it was sent to you via email, can help prevent an attack. If something looks out of place, exercise caution, and instead, type in the URL on the address bar as you know it.
  • Is the SSL Certificate Up to Date?: If the website’s SSL Certificate is expired, this could be a red flag. It may not be that the website is being run by a hacker, but it could make the site itself more vulnerable to hackers who want to use it as a bridge to get to you.

Cyber scams can be hard to detect. If you want to protect your company, knowing the signs of such attacks like these are important. Next time you click a new URL, stop and follow these steps.

Will You Be Able to Recognize Executive Impersonation Fraud?

There are all different kinds of ways for a hacker to breach a system, and it seems like once we figure out how to prevent one of them, another one arises. Whether it’s Malware or Phishing scams, it’s hard to predict what the next one will hit and when it will be.

But, right now, there’s a new scam on the rise, and it’s just as concerning as it is clever. Executive impersonation fraud is becoming more and more prevalent and harder to catch. Will you be prepared if it’s used against you?

What is Executive Impersonation?

An Executive Impersonation is yet another type of Business Email Compromise scam. While it may seem like the type of hack anyone could attempt, it’s in fact, very sophisticated. Hackers who do this go to great lengths to pretend to be an executive of a company and seek the information they are looking for. Therefore, it’s one of the hardest scams to recognize.

In an Executive Impersonation hack, hackers target businesses that frequently do wire transfers. These hackers, or impersonators, “take the place” of a CEO, attorney, or trusted vendor with a leadership position; someone who has the power to initiate a bank transfer. Needless to say, these hackers can get their hands on all kinds of sensitive information and use it to their benefit.

Who are the Scammers?

Though many of us tend to fear the biggest threat actors when it comes to data breaches, an Executive Impersonation attack doesn’t need to be carried out by a whole country. Like many other scammers out there, it could just be a random individual. That being said, it does take a lot of research to impersonate a high-powered executive, and we can assure you that these hackers read up.

Which brings us to our next point…

Why Do People Fall For It So Easily?

These days, when you can hide behind a computer screen, you never really know who you’re dealing with. You may wonder how someone could so easily fall for one of these Executive Impersonation scams, but what you really should be asking is, “How can you not?”

First of all, when a CEO gives any type of order, it’s usually respected. Most people, when given a request by someone in power, will automatically say “yes.” The scammers make sure to use that factor to their advantage while replicating business practices unique to the company they’re hacking. To carry out this type of hack, they will ultimately conduct wire transfers on unauthorized funds by compromising email accounts.

Preventing Attacks

The first step to preventing attacks like these is simply being aware. The more your company is up to date with what’s out there, the higher chance you’ll have for keeping yourself safe.

Who is a Target?

If you think just because you’re a small business you won’t be a target for an Executive Impersonation hack, think again. Smaller businesses tend to be the most vulnerable since often times they’ll put their cyber security on the back burner. Therefore, making sure you take as many precautions as possible, like practicing two-step verification and strong passwords, will help you stay safe.

Know The Different Ways Hackers Carry Out the Attack

In Executive Impersonation attacks, there are three main ways in which the hack is carried out:

  • Executive/Attorney Impersonation: When the hacker pretends to be an attorney asking for money for a time-sensitive transaction for whatever reason. Usually, the “attorney,” or the account that’s hacked, is a person in which the company already knows and trusts, and would have no reason to question the request.
  • Data Theft via Human Resources: This is when the hacker impersonates the CEO by compromising his or her email, then contacting someone in HR, Finance, or any other department that deals with the payroll. That employee will then send the “CEO” the payroll or sensitive information requested without second-guessing it. Then, the hacker will use this info to get what they want.
  • Executive Money Transfer Request: This is when an Executive Money Transfer Request is put through when the hacker compromises the executive’s email. They will contact the person who handles money at the office (again, HR or Finance) to submit a direct transfer to a “vendor” or “customer” account.

No cyber attack can be a 100% prevented. However, if you know the signs of an Executive Impersonation attack while making sure your systems are secure, you should be in good shape.

 

>