Category Archives: Cyberawareness

cyberattacks

Understanding the Different Types of Cyber Attacks

 

There are three kinds of businesses: those that have been attacked, those that are being attacked and those that are clueless and don’t know anything about cyber attacks.

In today’s high-tech world, we are constantly vulnerable to cybersecurity threats. The ability to identify different types of cyber attacks is a useful way to protect yourself.

There are several types of attacks that commonly occur on the Internet. These attacks include Denial of Service (DoS), Man in the Middle (MitM), phishing and spearphishing.

Denial of Service (DoS) Cyber Attacks

A denial of service attack overwhelms a system’s resources so that it cannot respond to service requests. This type of attack is launched from a large number of host machines infected by malicious software and controlled by the hacker.

Unlike other types of attacks, DoS attacks do not provide hackers with access to personal information. Usually, they are done simply for the satisfaction of causing harm to a company. The may also be launched by a competitor trying to damage the company’s business.

Common types of DoS attacks include:

There are various ways to protect against DoS attacks and the method you choose will vary depending on the type of attack you want to avoid. Firewalls can be useful in TCP SYN and ping-of-death attacks, while various types of filtering can protect against botnets. To protect against teardrop and smurf attacks, you will have to disable various components of your computer system.

Man in the Middle (MitM) Attacks

These attacks occur when the hacker inserts himself or herself between the communications of a client and a server. Session hijacking and Internet Protocol (IP) spoofing are both forms of cyber attacks where the attacker mimics an IP address so that the victim believes that he or she is communicating with a trusted source. The attacker can use this method to gain access to valuable information.

With these types of cyber attacks, encryption can be used to protect yourself. Encryption ensures that any communications come from a trusted source.

Replay attacks are also common MitM attacks. A hacker will save old messages and try to resend them at a later time, once again mimicking a trusted source. These attacks can be avoided by using session time stamps or nonce (a random number of character strings that changes with time).

Phishing and Spearphishing

Phishing involves an email that appears to be sent from a trusted source. However, it is actually delivered with the intent of gaining access to personal information or to panic the user into opening an attachment or clicking on a link.

Often, the attachment or link loads malicious software into the computer. Spearphishing is a similar type of attack, but is personalized to the chosen victim.

Protect Yourself through Common Sense and Sandboxing

Luckily, many attacks can usually be circumvented by using common sense. If you see an email that looks suspicious, stop before opening it. Analyze the email and the header. Hover over links to see where they will take you before clicking on them.

You can also use sandboxing to protect yourself. Testing an email in a sandbox environment allows you to safely open attachments and click on links without making yourself vulnerable to an invasion. Another option is to forward a suspicious email to your IT department for analysis.

Protecting your personal information on the Internet is not easy, but it can be done if you are familiar with the various types of threats and know how to avoid them. Stay safe!


Keep your networks and users secure from internal and external threats

9 Signs That Your End Point Security is NOT up to Par

Take a look at this list. If any of these nine signs sound familiar, it’s time to re-evaluate your current endpoint protection.

1. Scans and updates slow your system to a crawl.
One of the leading complaints about endpoint
security is that it negatively impacts speed and
performance. Some endpoint security solutions
will indeed slow your systems and impact
productivity. When evaluating solutions, be sure
to check independent test results that measure
performance and system impact. Look for the lowest
numbers, which indicate light footprint solutions
that won’t affect speed or cause interruptions.

2. Employees complain about using
the antivirus solution.
If resentment builds up, employees will eventually
bypass the solution altogether on their
company-issued or bring-your-own devices,
which can affect both performance and
security for the whole network.

3. Your solution is underperforming.
It isn’t detecting viruses or other pieces of malware
or it’s flagging non-malicious files as malware; it
has a high footprint that equals slower scanning; it
creates AV storms on virtual machines or has high
bandwidth usage that bogs down the entire network.

4. Your solution alerts on too many files or
links that aren’t actually malicious.
Alerting on multiple files or links that are
not actually malicious results in a high
rate of so-called false positives.
Even one false positive can cause serious problems.
If an antivirus solution is configured to immediately
delete or quarantine infected files, a false positive
in an essential file can render the operating
system or crucial applications unusable.
Even if false positives don’t shut down your
system, each one requires an investigation
that wastes valuable IT resources.

5. Removing malicious files and dealing with false
positives is too complicated.
A 2017 study by the Ponemon Institute found that:
• Nearly half of all security alerts are false positives
• 3 out of 4 organizations report having more
difficulty managing endpoint security risks
• Organizations see false positives as the #1 “hidden”
cost of endpoint protection
You need a solution that delivers silent quarantines and
automatic removal of malicious files, not more work
for your IT team.

6. Infections come back after you’ve removed them.
This means the solution isn’t doing a good job of
cleaning or updating its detection often enough.

7. It’s difficult to manage the solution across all your
platforms and devices.
In today’s environments, you need a security solution
that’s easy to manage so the burden of protection is
minimal. Look for a endpoint security product that
includes remote administration, so you can control
your entire network of workstations, servers and
smartphones from a single location.

8. Security event alerts or pop-up prompts interrupt
presentations and sales demonstrations.
This impedes productivity. Every employee needs
uninterrupted computer access. This means having
a malware solution with a “silent” or “presentation”
mode that’s easy to use, as well as a dependable tool to
restore regular mode when the presentation is over.

9. Getting technical support and customer service is
inconvenient, or communicating with the vendor is
difficult.
If it’s challenging to get reliable, customer-oriented
support or you’re having any issues with call centers
outside the U.S., that will impact productivity for
IT teams and end users. It will also contribute to
frustrations that could lead employees to circumvent
your security solution, opening their devices—and your
network—to cyberattacks.

Sign up for a FREE Network Security Assessment

 

Are you at risk? Get a FREE Dark Web Search

 

Free Cyber Awareness Tool Kit

Airport computer use

Airport Travelers BEWARE of Data Security

This article appeared in Tech Republic. Since the summer is when a lot of people travel, a re-post and share is necessary.

Business travelers beware: Connecting your company device to airport Wi-Fi networks could open up a host of cybersecurity issues. While this is a risk on any insecure Wi-Fi network, some airports have more vulnerabilities than others, according to a Wednesday report from Coronet, and professionals should take extra caution when traveling through them.

It’s much easier for attackers to access and exploit data from devices connected to airport Wi-Fi than to do so within the confines of a well-protected office, the report noted. Hackers can use the poor cyber hygiene and insecure Wi-Fi at many airports to inject advanced network vulnerabilities like captive portals, Evil Twins, ARP poisoning, VPN gaps, honeypots, and compromised routers.

Any of these network vulnerabilities could allow an attacker to access credentials for Microsoft Office 365, G Suite, Dropbox, and other cloud apps, or to deliver malware to the device and the cloud, the report found. The attacks could also potentially give adversaries access to the entire organization, leading to damages like operational disruption and financial losses.

“Far too many U.S. airports have sacrificed the security of their Wi-Fi networks for consumer convenience,” Dror Liwer, Coronet’s founder and CISO, said in a press release. “As a result, business travelers in particular put not just their devices, but their company’s entire digital infrastructure at risk every time they connect to Wi-Fi that is unencrypted, unsecured or improperly configured. Until such time when airports take responsibility and improve their cybersecurity posture, the accountability is on each individual flyer to be aware of the risks and take the appropriate steps to minimize the danger.”

The report collected data from more than 250,000 consumer and corporate endpoints that traveled through the 45 busiest airports in the US over the course of five months, and analyzed the device vulnerabilities and Wi-Fi network risks to assign each airport a threat score. Coronet classified any score above 6.5 as unacceptable exposure.

Here are the least cybersecure airports in America, according to the report:

  1. San Diego International Airport, San Diego, CA (Score: 10)
  2. John Wayne Airport-Orange County Airport, Santa Ana, CA (Score: 8.7)
  3. William P Hobby Airport, Houston, TX (Score: 7.5)
  4. Southwest Florida International Airport, Fort Myers, FL (Score: 7.1)
  5. Newark Liberty International Airport, Newark, NJ (Score: 7.1)
  6. Dallas Love Field, Dallas, TX (Score: 6.8)
  7. Phoenix Sky Harbor International Airport, Phoenix, AZ (Score: 6.5)
  8. Charlotte Douglas International Airport, Charlotte, NC (Score: 6.4)
  9. Detroit Metropolitan Wayne County Airport, Detroit, MI (Score: 6.4)
  10. General Edward Lawrence Logan International Airport, Boston, MA (Score: 6.4)

In terms of the most secure airports, Chicago-Midway International Airport, Raleigh Durham International Airport, Nashville International Airport, and Washington Dulles International airport topped the list, the report found.

Do you want to see if your email credentials have been compromised? Get a free Dark Web scan from us!


Your employees

Why don’t your Employees Care About Cyber Security

Tags :

Category : Cyberawareness

Whether you realize or not, your employees are a critical part of your layered defense against phishing attacks, malware, ransomware, and more. So why aren’t they concerned?

In just about every news story you read today about another phishing attack, malware infection, ransomware attack, or data breach, there’s a part of the story that’s either covered or implied – a user was involved. The user – whether malicious, negligent, or unwitting – clicked on a link, opened an attachment, visited a webpage… something that allowed a cybercriminal access to execute their malicious actions.

And with attacks having devastating results, like the most recent ransomware attack on global shipper Cosco, that has brought operation to its knees, the question should be raised:

Why don’t employees care about CyberSecurity?

It all comes down to one reason: your company doesn’t have a security culture. In essence, they don’t care, because the organization hasn’t told them they need to care as part of their job. Hire someone to do accounts payable and what do they think their job is? To do accounts payable. That’s it, security is IT’s job, not theirs. But hire someone into accounts payable in an org that has a security culture, and they now do account payable, but are also constantly watching for cyberattacks, phishing scams, and the like.

So, what does it take to create a security culture?

I’m going to abbreviate the 10 tips to make your employees care about cybersecurity found over at TechRepublic down to just 3 high-level steps:

Make Employees Aware – The average employee doesn’t brush up on cyberattack methodologies on their own, you know. They need to be made aware that cyberthreats to the organization exist… and that they are the target.

Communicate Expectations – Beginning with their first day of employment, employees need to understand that the organization requires a level of employee vigilance when it comes to cyberthreats. Help employees to better understand how they are at risk at home and work – and how their actions can make the difference in both locations.
Train and Test Them – Using Security Awareness Training, employees need to regularly go through online training, with phishing testing used to identify where your organization’s weakest links are.

While there’s much more you can do to create a more formal security awareness program, the steps above provide the basics necessary to create a security culture.


What is Spear Phishing?

Spear Phishing is an email targeted at a specific individual or department within an organization that appears to be from a trusted source. It’s actually cybercriminals attempting to steal confidential information.

A whopping 91% of cyberattacks and the resulting data breach begin with a “spear phishing” email, according to research from security software firm Trend Micro. This conclusively shows that end-users really are the weak link in IT security.

You may be wondering what it takes to send this type of attack. This is not trivial, and can only be done by someone trained in advanced hacking techniques. We will first take a look at the steps required to send an attack, and then we’ll look at steps to mitigate this threat. For the (simplified) attack steps I am freely borrowing from a great blog post by Brandon McCann, a well-known pentester.

I will try to keep this as non-technical as possible, but there will be a few terms you may have to look up. Here are the steps to begin with. We will go into all of these one by one and explain what they mean.

  • Identify Email Addresses
  • Antivirus Evasion
  • Egress Filtering
  • Spear Phishing Scenario
  • Sending The Emails
  • Harvesting Treasure

Identify Email Addresses

There are two ways you can send phishing campaigns: the first is ‘spray-and-pray’ which is a shotgun approach. Get as many email addresses from the organization you can, and send them all an email that they might click on. The second approach is decide what data you are after, then figure out who has access to that data, and specifically target those people. That is the spear phishing approach, and for instance LinkedIn is extremely useful during this targeting step.

There are several ways to get your hands on the email addresses from an organization. The one favored by the bad guys is using scripts to harvest email addresses from the large search engines. You’d be surprised how many emails you can get your hands on and how big your phishing attack surface is. KnowBe4 has a free service called the Email Exposure Check that provides your list of exposed email addresses as a one-time free service. Once you have the email addresses of the few people you are targeting you are ready for step two.

Egress Filtering

You need to make sure that you can get the information out of the organization you are attacking, so the payload you are sending with your attack needs to allow traffic to exit the organization. A popular payload is called ‘reverse_https’ because it creates an encrypted tunnel back to the metasploit server, which makes it very hard for security software like intrusion detection or firewalls to detect anything. For those products your exiting phishing data all looks like normal https traffic.

Spear Phishing Scenario

There are many articles written about this by now, and it’s the essence of social engineering end-users. If they haven’t had high-quality security awareness trainingthey are easy targets for spear phishers. The attacker does research on their targets, find out who they regularly communicate with, and sends a personalized email to the target that uses one or more of the 22 Social Engineering Red Flags to make the target click on a link or open an attachment. Just imagine you get an email from the email address of your significant other that has in the subject line: Honey, I had a little accident with the car, and in the body: I made some pictures with my smart phone, do you think this is going to be very expensive?”

Sending The Emails

You can raise a temporary mail server and blast away, but that mail server will not have a reputation score which will block a lot of email from getting in. A better solution is going to GoDaddy, purchase a valid domain name, use the free email server that comes with the domain and set it up, so that you automatically have an MX record created for you by GoDaddy. While you are at it, also do a Whois lookup and change the GoDaddy Whois information for your phishing domain. All that helps mail getting through, which you can send with any email client, or with a script.

Harvesting Treasure

Let’s assume that your target clicked on the link, and you were able to place a keylogger on their machine. Now it’s a matter of waiting for the hourly burst of keyboard data back to your server, and monitoring for the credentials you are after. Once you have those, it’s a matter of getting into the workstation, get all network password hashes, crack them and get elevated to administrator access to the whole network.

Preventing Successful Spear Phishing Attacks

Now, how to mitigate against attacks like this? First of all, you need all your defense-in-depth layers in place. Defending against attacks like this is a multi-layer approach. Make sure you have in place the following: an Email Gateway Spam Filter and/or a spam filter in your Exchange Server. Turn on the Outlook ‘Junk Email’ Filter, run different antivirus products on the workstation and the mailserver, have an active Intrusion Prevention Systems, use Web Proxy Servers, and ideally have deep-packet inspection Egress filtering, plus there are some more things you could add. The trick is to make it as hard as possible for the attacker to get through.

And now let’s look at some other tactics that will help prevent a successful attack:

  • Do not have a list of all email addresses of all employees on your website, use a web form instead.
  • Regularly scan the Internet for exposed email addresses and/or credentials, you would not be the first one to find one of your end-user’s username and password on a crime or porn site.
  • Enlighten your users about the dangers of leaving all kinds of personal information on social media sites.
  • Last but not least, you could go through all the steps above and start sending simulated attacks to all your end users, but why not use our fully automated service and let us help you with that? We provide security awareness training combined with pre- and post simulated phishing testing to make sure end users stay on their toes with security top of mind. Since 91% of successful attacks use spear phishing to get in, this will get you by far the highest ROI for your security budget, with visible proof the training works!

Keep your networks and users secure from internal and external threats

Best Practices in Cyber Security 2018

The cyberthreat landscape changes on a daily basis.  There is no one size fits all solution and there are no magic bullets. It has been said that the price of liberty is eternal vigilance. The same holds true for cyber security. There are four pillars of security- end point protection, perimeter protection, monitoring and end user vigilance.

They say that those who don’t learn from history are doomed to repeat it, and matters of cyber security are no exception. Threats will often follow trends, and so by reviewing what has happened in the past, we may be able to glean some insight into what will be important in the future.

If the first half of 2018 was any indication, there are a few things that will be of most concern to IT professionals and end users.

Ensure All Endpoints Have Appropriate Security Measures

It’s staggering to consider how many end points any given business could have, each providing a route in for threat actors. Between company-provided devices, personal mobile devices, and Internet of Things devices, there are plenty of opportunities for a company to be attacked.

As a result, as 2018 progresses, businesses must be aware of what threats exist, as well as better prepared to protect themselves against them. This includes strategies that ensure your organization’s digital protections are properly maintained while remaining cognizant of physical security best practices. Pairing encryption and access control, as well as mobile device management, can create a much safer environment for your data.

Cover your 6’s

Your network needs to have not just the firewall appliance – but a comprehensive suite of tools that can help you recognize suspicious behavior. It is more than just a static device. It has to be paired with analytical tools that can give you insight into your network. Additionally, an external firewall or web filtering service can protect you from unseen threats on a multitude of levels. It is not just hardware and software anymore. You need to have the resources available to alert you to threats, cut down the noise from repeated alerts and investigate areas that you should not be in yourself – e.g. the Dark Web.

Get Back to Basics With Security and End User Education – Cyberawareness Training

While it may sometimes be tempting to focus on the massive attacks and breaches that too-often dominate the headlines, no business can afford to devote their full attention to those vulnerabilities and overlook the more common threats. This is primarily because once they do, they become exponentially more vulnerable to these attacks through their lack of awareness and preparation.

Part of being prepared for the threats of the coming weeks and months is to make sure that your employees are also up to speed where security is concerned. Educating them on best practices before enforcing these practices can help to shore up any vulnerabilities you may have and maintain your network security. This includes restricting employee access to certain websites, requiring passwords of appropriate strength, and encouraging your employees to be mindful of exactly what they’re clicking on.

Continuing to Improve Security Measures

Finally, it is important to remember that implementing security features isn’t a one-time activity. Threats will grow and improve in order to overcome existing security measures, and so if they are going to remain effective, these security measures must be improved as well.

While regulatory requirements can provide an idea of what security a network should feature, they shouldn’t be seen as the endpoint. Instead, those requirements should be the bare minimum that you implement, along with additional measures to supplement them.

We are here to help. If you would like to explore the options of a completely managed firewall, DNS filtering, or cyber awareness training- we can assist. First- get a baseline of where your organization is at. We have a suite of FREE tools that can help show you your susceptibility to phishing, spoofing and whether your organization’s credentials are for sale on the Dark Web.  We can also do an onsite security assessment to analyze your network’s vulnerabilities.

For your free tools, please visit:  http://downloads.primetelecommunications.com/CyberAwareness-Free-Tools or give us a call at 847 329 8600.

We are your managed technology solutions professionals and are here to listen!

 

 


Myth in technology

10 Everyday Technology Myths That Could Cost You Your Job

1.) MYTH: The more bandwidth I add, the better my voice quality and cloud performance should be… I will just change my COMCAST cable modem from 50 to 100 without spending a lot of extra money. It’s a cost-savings win.

If only we had a dollar for every time we have been told that a business decision maker (even in the IT department) decided to save money by relying on public cable (like COMCAST) to power their Internet and cloud applications by making a simple modem change from 50 to 100 without spending a lot of extra money. The problem with this thinking is simply that the quality of Internet that powers your business is often dependent upon the regulation of traffic on the network. In many of the situations, the first inclination is to go out and purchase the next tier of Internet speeds available. There are two fallacies with this statement:

  • Increased Internet speeds will improve your cloud and voice performance.
  • You will save money by using a public Internet provider in the process.

First, whether you are using 1 or 100 Megs of bandwidth, the call performance will be exactly the same regardless of the amount of speed you purchase. Why? Think of your Internet pipe as a street. There can only be so many cars on the street at one time or else the street becomes congested, bottlenecks occur, and everything comes to a halt. If your network is oversold—more Internet won’t help.

Secondly, once you hit the public Internet, all bets are off. While the public Internet can guarantee a certain Internet speed, those of you who rely on COMCAST during busy periods know that the speed of your Internet may vary by time of day and that’s simply because there are many users trying to access the same source. Comcast will claim that the speed is high, but the quality of your Internet is something different.

That’s when you head on over to Speedtest.net and run a speed test. Here’s another secret, if you are located near the source (data center) that Comcast uses to push out Internet, then your connection may be good. The farther you are from that source, or if there is other congestion on the Internet, your speed with vary.

You can solve this problem by implementing a traffic controller on the network that will monitor and maintain consistency for near and far locations and regulate the amount of bandwidth that your boss consumes while at work listening to Spotify. Let us know if you would like more information on how to do this. 

2.) MYTH: VoIP does not use a lot of bandwidth.

One of the first problems you will experience – out of the gates—if you choose to move your traditional PBX (on premises) phone system to the cloud is performance. Why? Because, contrary to widespread belief, VoIP does use bandwidth. One of the biggest challenges you will have to overcome is how to allocate the right amount of bandwidth to your Internet phone service.

But the real issue is not an abundance or deficiency in the quantity of bandwidth. The real issue is quality. When you are working with voice, it is important to prioritize quality over quantity. Adding more quantity will not change when what you are really looking for is a consistent, high-quality supply of Internet without interruption. Learn more.

Begin by asking any VoIP provider how they guarantee the quality of a call. Decide if you will have other services and applications running on the network that will require bandwidth and then work with a professional who can help you configure the right Quality of Service (QoS) settings so that you optimize your performance because VoIP uses a lot of bandwidth.”

3.) MYTH: I’m going to save money by ripping out my phone system and using a free version of Lync…

…My CFO and I both agree this is an effective way to save money.

While the individual price of products like Lync come in considerably lower than maybe a cloud-based phone system, performance of applications and voice calls over the Internet come at a price. To demonstrate, we recently worked with a client who had a solid network that was regularly monitored. The CIO wanted to reduce cost, so he/she decided to rip out the existing phone system and replace it with a less expensive version of Lync. What they did not account for was the Monday morning 1,000 employees who opened facebook right when the CEO was on an important call…long story short, the router could not save inferior quality voice performance; the network could not support and regulate the bandwidth to allocate the right amount to the CEO’s call. When the call is choppy or drops, the boss does not realize that its associated with the cloud performance because shortcuts and other inexpensive technologies cost you in performance when you least expect it.

4.) MYTH: Mac runs on a very secure operating system by Apple. For that reason, I don’t think I need any antivirus for my Mac.

The questions around whether Macs need antivirus software is not a new one, but the answer is changing. Long and short, while Macs are generally more secure than Windows, they are far from being immune to email and security hacks. Bottom line, there is no reason why a Mac cannot be targeted by cybercriminals.

The most obvious target is email. Cryptolocker and other cyber-attacks encrypt your system gaining access through (yep, you guessed it) email. Even more alarming is the fact that once access is gained, a cybercriminal can monitor your PC through your email and lock, steal or corrupt your data. At the end of the day, it seems smart to be safe rather than sorry.

5.) MYTH: I’m an Amazon Prime user, and I plan to save money by buying my computer from Amazon. I’ll just load my business applications on it when it arrives.

Unfortunately, it is not that easy. Daily we encounter smart technical people that purchase equipment like computers, routers, and firewalls at discounts shops like Best Buy and Amazon to earn points or save dollars. What those individuals don’t realize is that these items do not always come with the right version of Windows to work on your business network or lacks the ports and security software to ensure your system is secure. In fact, the money saved on equipment costs you down the road when you must hire an hourly IT professional to route VPN at home so that you can access QuickBooks on your server from the Internet. Technology must all work together.

6.) MYTH: Upper Management told us to migrate our servers and back-up to the cloud. That should be easy, right?

But here’s the rest of that statement: they don’t want to hear what infrastructure changes and cost are required to make this happen.

The cloud is cool, and it is a part of our future, but the cloud requires a retooling of existing infrastructure and systems to get top performance from high-quality Internet service, routers, and switches that can handle intelligent network management including things like bandwidth management, QoS, and proper security.

7.) MYTH: I work from home. I will just use my own WIFI router and provide visitors with the password only when needed…

…besides, it is such a pain to change the default passwords on routers, access points. It’s also worth remembering that the end user is always the weakest link. A hacked or compromised router (any device on the network) can be attacked in every known way. It can be used to spy, steal data, collect passwords and trick you into installing encrypted software. Now, image your companies network is being fed into your home WIFI router… just because something is working, doesn’t mean it is working right, or securely.

8.) MYTH: I got a great deal from COMCAST by adding security surveillance to the office.

In one innocent move, you have just made it more difficult for your IT guy to identify what not working when one of your many systems goes down.

For example, if you have Comcast managing the Internet, another resource managing your wireless, and yet another outside company managing your printers.

What happens when the printer stops working? Is it because…

  • …the printer is broken?
  • Maybe the Internet bandwidth is slow and that is impacting printing?
  • Maybe your Comcast service is allowing non-critical traffic that could be opening a security hole in your network?
  • Maybe you are experiencing DHCP conflicts on the network?

Whatever the case, this is no longer a quick fix. You have three different resources that must be called in and paid to troubleshoot the problem. We suggest you use one outsourced IT organization that can monitor, detect and prevent any and all the above from ever happening. Who wouldn’t want one call to make instead of three?  The best course of action is always to simplify with good products that are easy to use from a trusted provider.

9.) MYTH: I thought MPLS was included in the price.

Nope, you declined this offer when you changed your Internet providers and implemented your cloud network. This now means that once your Internet hits the public cloud, the performance of your cloud applications and all online systems are at the mercy of your local provider. If the network is overloaded, there is no quality assurance that the majority of your bandwidth will not be eaten up by employees using apps during working hours like Spotify, facebook, and Youtube. If you would have chosen the cloud Quality of Service overlay and added a cloud dashboard that monitors speeds and feeds, you would not be in this pickle. Going back to management and justifying costs because you declined an offer during implementation can be awkward.

10.) MYTH: I’m saving a lot of money by buying my printer and toner supplies at Office Depot.

Well… only at first. Consider this: If you buy a business printer at $1,200 with replacement toner at $300, you will not need to replace your toner until after 40,000 prints.

In option two, you buy the cheaper printer and toner at Office Depot, giving you 1,200 prints before you need to replace your toner at $99. Seems cheaper, right?

Wrong. After 120,000 prints, the Office Depot printer, while cheaper initially, would cost you a total of $7,899 over time ($99 printer; 100 toner replacements at $78 each). The business printer, for the same number of prints, will cost you $2,100 ($1,200 printer; 3 toner replacements at $300/each).

Do the math, the cheaper printer will eventually cost you $6,699 more. Your total cost of ownership should always be taken into consideration.

We hope you have found many of these myths useful in making your own future decision about technology. 2018 is right around the corner and if you would like to sit down with our team and plan your own 2018 Technology Roadmap, we are here to help. Many businesses find that the planning of resources and technology will save them thousands of dollars in unforeseen emergencies and unnecessary purchases.

Let us help you get the most out of your technology investment.


Meltdown and Spectre

How To Explain Meltdown And Spectre To Your C-Level and employees

OK, 2018 has just started and it has totally borked all networks in the whole world. That’s a fine mess we’re in to start off the year. 🙂

Meltdown and Spectre are CPU hardware design flaws that we techies understand. In a nutshell, Meltdown breaks the isolation between the user app and the OS, so the app can do a memory dump and steal any data in it. Spectre goes further. It breaks the isolation between apps. It’s harder to exploit but harder to mitigate.

However, how to explain this to your C-level and end-users is another story.

First thing to understand is that the vulnerable machine has to have malware running to exploit this vulnerability. And who are the most prone to let bad guys into their machine to start with? Right… users.

Another excellent reason to step them through new-school security awareness training immediately, because Meltdown and Spectre are going to be with us for a while.

We have just released our brand-new 2018 flagship 45-minute training module and a whole new batch of new videos from a new publisher.

I strongly recommend to not waste this crisis and require all staff to start the new year with a refresher awareness course, pretty much right away.

So now, how to explain this to everyone in your organization?

I suggest you send the following to your C-level execs and employees. You’re welcome to copy, paste, and/or edit:

“Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It’s really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer on our network, including your workstation and all our servers.

 

This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation.

 

So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.

 

So, What Are We Doing About This?

 

We need to update and patch all machines on the network. This is going to take some time, some of the patches are not even available yet. We also may have to replace some mission-critical computers to fix this.

In the meantime, we need you to be extra vigilant, with security top of mind and Think Before You Click.

 

[OPTIONAL] To help you stay safe online in the office and also at the house, please step through this new security awareness training module which will take you 45 minutes. Consider it an urgent “lunch & learn” because of this hardware bug.” (Thanks, Mr. Intel…)

Here is a good site with an FAQ and videos about this SNAFU, that you can refer people to if they want to know more. For instance, antivirus does not protect against this vulnerability.

This was written by Stu Sjouwerman, Founder and CEO, KnowBe4, Inc.

 


Phishing

86% of security pros worry about a phishing future where criminals are using Artificial Intelligence

A new survey by Webroot shows that 86% of security professionals worry that AI and ML (machine learning) technology could be used against them. And they are right, because it will and probably is already happening right now with fake celebrity sex videos.

The survey shows the US is an early adopter of AI for cyber security, with 87 percent of US professionals reporting their organizations are currently using AI as part of their security strategy.

Three quarters of cyber security professionals in the US believe that, within the next three years, their company will not be able to safeguard digital assets without AI. Overall, 99 percent believe AI could improve their organization’s cyber security.

Respondents identified key uses for AI including time-critical threat detection tasks, such as identifying threats that would have otherwise been missed and reducing false positive rates.

“There is no doubt about AI being the future of security as the sheer volume of threats is becoming very difficult to track by humans alone,” says Hal Lonas, chief technology officer at Webroot. More detail at Webroot’s Quarterly Threat Trendsreport.

AI is a game changer for better or for worse

This is the first time in history that AI has come up to the level predicted in Sci-Fi for decades. And some of the smartest people in the world are working on ways to tap AI’s immense power to do just that.

And some bad guys are using it to create fake celebrity sex videos. Yes, you read that right.

This is going to be the next wave of phishing emails that use social engineering to manipulate your users into opening an infected attachment.

With help from a face swap algorithm of his own creation using widely-available parts like TensorFlow and Keras, Reddit user “Deepfakes” tapped easily accessible materials and open-source code that anyone with a working knowledge of machine learning could use to create serviceable fakes.

“Deepfakes” has produced videos or GIFs of Gal Gadot (now deleted ), Maisie Williams, Taylor Swift, Aubrey Plaza, Emma Watson, and Scarlett Johansson, each with varying levels of success. None are going to fool the discerning watcher, but all are close enough to hint at a terrifying future.

After training the algorithm — mostly with YouTube clips and results from Google Images — the AI goes to work arranging the pieces on the fly to create a convincing video with the preferred likeness. That could be a celebrity, a co-worker, or an ex.  AI researcher Alex Champandard told Motherboard that any decent consumer-grade graphics card could produce these effects in hours. (THIS LINK IS NFSW!) 

So, picture this. (Or rather, don’t picture this!)

Your user gets a spear-phishing email based on their social media “likes and shares”, inviting them to see a celebrity sex video with.. you guessed it, their favorite movie star! Take it one step further and your user will be able to order fake celeb sex videos with any two (or more) celebrities of their liking and get it delivered within 24 hours for 20 bucks.

And a good chunk of these video downloads will come with additional malware like Trojans and Keyloggers that give the bad guys full pwnage. Yikes.

All the more reason to educate your users within an inch of their lives with new-school security awareness training that sends them frequent simulated tests using phishing emails, the phone, and txt to their smartphone.

We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks.


Oops

“123456” Remains Most Common Password Found in Data Dumps in 2017

For the second year in a row, “123456” remained the top password among the millions of cleartext passwords exposed online thanks to data breach incidents at various providers.

While having “123456” as your password is quite bad, the other terms found on a list of Top 100 Worst Passwords of 2017 are just as distressing and regretful.

Some of these include an extensive collection of sports terms (football, baseball, soccer, hockey, Lakers, jordan23, golfer, Rangers, Yankees), car brands (Mercedes, Corvette, Ferrari, Harley), and various expressions (iloveyou, letmein, whatever, blahblah).

But, by far, the list was dominated by names, with the likes of Robert (#31), Matthew (#32), Jordan (#33), Daniel (#35), Andrew (#36), Andrea (#38), Joshua (#40), George (#48), Nicole (#53), Hunter (#54), Chelsea (#62), Phoenix (#66), Amanda (#67), Ashley (#69), Jessica (#74), Jennifer (#76), Michelle (#81), William (#86), Maggie (#92), Charlie (#95), and Martin (#96), showing up on the list.

List compiled from five million leaked credentials
The list was put together by SplashData, a company that provides various password management utilities such as TeamsID and Gpass. The company said it compiled the list by analyzing over five million user records leaked online in 2017 and that also contained password information.

“Use of any of the passwords on this list would put users at grave risk for identity theft,” said a SplashData spokesperson in a press release that accompanied a two-page PDF document containing a list of the most encountered passwords.

This is because attackers use these same leaked records to build similar lists of leaked passwords, which they then assemble as “dictionaries” for carrying out account brute-force attacks.

Attackers will use the leaked terms, but they’ll also create common variations on these words using simple algorithms. This means that by adding “1” or any other character combinations at the start or end of basic terms, users aren’t improving the security of their password.”

Advising users on best password policies is simply stepping them through a good online training session like Creating Strong Passwords, and above all, staying away from the terms below.

1 – 123456 (rank unchanged since 2016 list)
2 – password (unchanged)
3 – 12345678 (up 1)
4 – qwerty (Up 2)
5 – 12345 (Down 2)
6 – 123456789 (New)
7 – letmein (New)
8 – 1234567 (Unchanged)
9 – football (Down 4)
10 – iloveyou (New)
11 – admin (Up 4)
12 – welcome (Unchanged)
13 – monkey (New)
14 – login (Down 3)
15 – abc123 (Down 1)
16 – starwars (New)
17 – 123123 (New)
18 – dragon (Up 1)
19 – passw0rd (Down 1)
20 – master (Up 1)
21 – hello (New)
22 – freedom (New)
23 – whatever (New)
24 – qazwsx (New)
25 – trustno1 (New)


Click hear fool

Request your Free Network Evaluation