Tackle These Four False Assumptions about Cyber Attackers

by

There’s one big assumption about cyber attackers that we regularly refute: “It can’t happen to me.” At this point, most businesses do recognize the serious nature of the cyberattack threat. Yet other assumptions about cyberattackers may also make your business vulnerable. Educate your employees about these four main misconceptions. Raising their awareness can help secure your systems against social engineering attacks.

Start with the assumption that any technology is 100 percent safe. This is as misguided as the idea that your business won’t be a victim of a cyberattack. Some employees may believe that Google and Microsoft activity is always secure. That’s not the case.

Google and Microsoft have massive market shares, and it makes sense that bad actors target their cloud storage and content distribution. Once they’re in, they have ample opportunity to scam people.

Another false assumption is that threat actors go in blind with a scatter-shot approach. In fact, many social engineers do their research first. They learn what they can about your employees, your org chart, and what your business does. This helps them to develop more credible attacks.

Cybercriminals take the time to build rapport before initiating an attack. They may send unassuming conversational emails first, which helps them lull your people into seeing them as a trusted source. After establishing false security, criminals make an urgent request or plea for help.

Counter these misconceptions too

Cyberattackers may also make their play over the phone. So, don’t assume that your online interactions are the only thing to protect. There are hundreds of thousands of “vishing” threats every day. The bad actor may send an email without any malicious links or attachments, but there’s a number to call. If your employee calls in, they’ll talk with a convincing criminal. The bad actor might act as a call center or customer service agent.

Also warn employees against the assumption that responding to an existing email is always safe. It is much easier than they might think for someone to hijack a colleague or client’s email inbox. Then, the criminals use a pre-existing email thread to send a malicious attachment or URL, or use the connection to ask the employee to perform some action for the threat actor.

Finally, emphasize the point that anything is fair game. Cybercriminals will attack anyone, in any way they can. This includes leveraging current events, pop culture, and even international health crises. One campaign exploited victims by offering early access to Season 2 of the streaming success “Squid Game”, and during COVID lockdowns, hackers offered free masks or free tests to get people to download infected files.

There is money in cybercrime – a lot of it. The bad guys are highly motivated and always looking for new ways to exploit human weaknesses. Discuss cybersecurity assumptions with your employees and put protective measures in place to secure your IT. Our experts can help. Contact us today at (515)422-1995.

Don’t Give Up on Password Managers

by

Seeing a major password manager breached, it’s hard not to throw up your hands and say, “it’s helpless.” Still, don’t give up on all password managers. Used properly, they are still better than a password spreadsheet or sticky notes of your credentials. Plus, it’s definitely smarter than reusing the same password to access more than one account.

According to LastPass, the December breach affected 30 million users and 85,000 businesses. Threat actors stole a large amount of data, including encrypted customer vaults. Industry experts are not enthusiastic about the breach handling or why it happened. So, leaving LastPass may make sense.

Yet abandoning password managers may not help you secure your sensitive data. Instead, prefer a cloud-based password manager that has no way of decrypting your data. This is a zero-knowledge password management architecture, which means that you are one with the secret key needed to access your encrypted data. That way, if the data is stolen or lost, the threat actors would still need to decode your key.

This means, of course, that you need to protect your secret key. Also, you need to make it complicated enough that the bad actors can’t hack it. So, using “password123” as your secret key would not be secure. Many security experts now recommend using a passphrase instead of complicated passwords.

Enforce Multi-Factor Authentication

Multi-factor authentication (MFA) helps stop bad actors by making access more difficult. They can’t get in with a username and password alone. You add another variable for confirmation before they can compromise your account.

You’re likely already familiar with two-factor authentication. It’s typically done through a text message or an email to another account, but these can both be compromised as well.

Biometric MFA is typically best (e.g. fingerprint or face identification). If that’s not available, prefer an authenticator app (e.g. Microsoft authenticator) or a Fido 2.0 key (e.g. YubiKey).

A Fido 2.0 key is a USB device that you keep in your physical possession to provide passwordless MFA logins. Instead of having an authentication code sent to you, you press a button on your key. It sends your code to confirm your identity. When your unique code is received, the system logs you in.

Worried you’d lose the physical key? That’s not ideal. That’s why it’s a good idea to get two. Meanwhile, the Fido 2.0 key doesn’t store identifiable usernames or any of your passwords. So, anyone finding that lost key would have no way of knowing what you use it to authenticate.

Ultimately, it’s best to prepare for any service to be breached. Cut your risk by keeping up with the latest technology for protecting your data. We can help. Contact our experts today to help you put appropriate security measures in place. Call us at (515)422-1995.

Watch the Little Things in Cybersecurity

by

Author Richard Carlson tells the world, “Don’t Sweat the Small Stuff” in his popular book. Yet he’s not in the cybersecurity realm. When it comes to protecting your business, you do want to watch the little things. Avoiding small matters could bring big risks.

You’re already keeping an eye on the big things such as ransomware or data breaches, and you’ll also be ensuring have a data backup and disaster recovery plan in place. But don’t overlook the small issues that come up – they can be just as vital to your cybersecurity.

For one thing, don’t undervalue physical security for your business technology. In America, there have been reports recently of attacks on power stations, but these aren’t sophisticated cyber hacks. Attackers with guns are breaching the physical premises and shooting transformers. It goes to show that you focus on preventing cyber threats at the expense of perimeter protection.

This also means reminding employees not to let unknown personnel into the building and telling them to take down those post-it notes on their PCs with their passwords on them.

Allowing your people to work on software that’s past its support date could also be a bigger deal than you think. The “if it ain’t broke, why fix it?” mentality could leave you open to attack. Hackers seek out vulnerabilities tied to outdated systems. They can leverage small openings to wreak havoc on your business.

Small steps can make a big difference

Similarly, don’t fall for the idea that cybersecurity effort needs to be complicated to do the job. There are small steps your business can take to protect itself.

Cyber hygiene is a good starting point. Ensure your people aren’t reusing weak passwords across accounts. Make keeping track of complex passwords easier by using online wallets such as LastPass.

Keep computers updated and software patched. Manufacturers keep up with threats and upgrade their code to address known vulnerabilities. All you need to do is allow the update when it’s offered. It can be an inconvenience, but agreeing to that update can save you a big problem down the road.

Educate employees about using public Wi-Fi networks. They may think they are being productive by logging in while in line at the coffee shop, but that public access point could be putting your systems at risk. One big problem is that an attacker could be set up on that hotspot to intercept sensitive data.

Encrypt data. This helps you protect data wherever it may be, not just on-site. A hacker intercepting that data would still need decryption capabilities to get access.

Multi-factor authentication also helps to protect your business. After all, a criminal could get access to an employee’s username and password from a phishing attack. If you don’t add a second layer (at least) of authentication, they can easily log into your network and do damage.

Need help with cybersecurity issues? We can help you with the big and the small. Contact us today at (515)422-1995.

Leave that USB Drive Where You Found It

by

You come across a thumb drive, or USB drive that you don’t recognize. Maybe you find it in the car park of your building or by the copier in the office. You’re curious or you want to plug it in to identify where to return it. Don’t do it. Risks abound.

Consider this jaw-dropping example. That’s how the Stuxnet malware virus that hit an Iranian nuclear facility got its start. It’s believed employees at the facility plugged in a USB drive they found in the car park.

From there the virus could reach the computers controlling the centrifuges, causing them to spin too fast and become damaged. The attackers couldn’t get in directly, as the computers were on a disconnected network.

Risk of thumb drive attack

Now, you might be thinking, “but I’m not an Iranian nuclear facility.” But that doesn’t prevent cybercriminals from wanting to access your network and systems. USB drives are one more way that bad actors can do so. In fact, one study found that 60 percent of people were likely to connect random thumb drives found near their building. If the business logo was on the drive, the number went up to 90 percent.

USB stands for Universal Serial Bus. Even with cloud computing, we still see these small, portable drives used universally. They are compact and convenient. That also makes them an attractive target for bad actors.

Hackers can pre-program USBs to act maliciously once connected to the network. They might:

  • steal a user’s data;
  • gain access to the user’s keyboard;
  • monitor the user’s screen;
  • encrypt user data in exchange for a ransom;
  • spread infection.

Most of these can happen without the user even knowing it, as the malware runs in the background.

Avoid USB drive attacks

How do you keep your business safe from infected USB drives? First, don’t insert unknown flash drives. Hackers will try to take advantage of human curiosity or their desire to help.

It’s also good to use different flash drives for personal and professional computers. This helps cut the chances that you’ll spread an infection from one to the other.

You might also enable security measures on USB drives, such as fingerprint authentication. This, and keeping computer software and hardware up to date, can cut vulnerabilities. Also, keep your malware and anti-virus protections current, and patch regularly.

Windows users can also disable the Autorun function. This prevents Windows from automatically opening removable media immediately upon insertion.

We’re here to help. Call us at (515)422-1995 to contact our experts if you suspect a security threat or want to update your security posture.

Stop Using Windows 8.1 and Windows 7 – Do It Now!

by

Few of us are big fans of change. It can be easier to keep on going down that same path or use that same computer software; it’s comfortable and familiar. As of January 10, 2023, however, Microsoft has stopped providing support for Windows 8.1, which means you need to make a change.

It’s time.

If you’re still on Windows 7, it’s really time. Microsoft stopped providing security updates and technical support for that in January 2020. Microsoft did launch an extended service update (ESU) period for Windows 7, but that’s over, and there’s no ESU program for Windows 8.1.

Microsoft recommends moving to a new device that can run Windows 11. They warn against “performance and reliability issues” with older, unsupported operating systems. Another option? Upgrade your current device and install a newer operating system on it.

Now, you might be suspicious, thinking, “they just want more of my money,” but the manufacturer has already been providing support for both of these tools for ten years. Plus, computing is changing enough that they need to keep up with new iterations of Windows. Then, they focus their attention on keeping the latest releases updated and secure.

Benefits of upgrading to Windows 11

According to Statcounter data in 2023, Windows 11 is only on 15.44 percent of Windows systems right now. Windows 10 has the majority (over 70 percent), but if you’re one of just under 10 percent of users still on Windows 7, make the change now.

Cybercriminals know that people will wait to make the change, and they find ways to exploit the weaknesses of unsupported software. You are particularly vulnerable when relying on Windows 7 or Windows 8.1.

Windows 11 is the latest Microsoft offering. They have worked to reduce risk from the latest cybersecurity threats. With Windows 11 you can better protect your files and cut the risk of today’s viruses and malware.

The new operating system is built to be more efficient. Microsoft has tweaked the Windows layout and navigation to help users find what they need and perform tasks more easily.

Not sure what version of Windows you’re using? In the bottom left of your screen, click on the Start Menu and press the Windows button on your keyboard. Then, type “system”. Click either the System or System Information icon. You’ll see your Windows version listed at the top of the window that opens up.

Upgrading to Windows 11 from 7 or 8 isn’t free. Only Windows 10 users can upgrade at no cost. Also, to upgrade to a Windows 11-compatible device, you’ll need to make sure you get a security chip called TPM 2.0. It’s unlikely you’ll find that chip on a computer more than four years old.

Need help with your Windows software? We can help. Contact us today at (515)422-1995.

Is Your Data Breached? What To Do

by

News of data breaches is all too common. This company apologizes for six million accounts breached. That company acknowledges hackers accessed 35,000 users’ personal identifiable information. But the question that probably matters most: Is your data breached, too?

The company should contact you if your information is in a data leak, but you can’t rely on that. You can also find out if your phone number or email address has been leaked by visiting https://haveibeenpwned.com/.

HaveIBeenPwned has uploaded various breaches and consolidated the information to make searching easy. Enter your address and get a list of breaches that compromised that email. You’ll get a summary paragraph as well as a description of data compromised in each breach.

It is not uplifting reading!

Next, the question is what to do about your breached information.

Steps to Better Security

First, change your passwords for those breached accounts. If you use that same password to access other accounts, change those passwords, as well, even if they are not listed as leaked.

Always avoid reusing passwords. Yes, it can be a hassle to remember many different access credentials, but you risk exposing many accounts if you keep reusing one email address and password combo over and again.

Make using unique passwords for all accounts easier by using a password manager. A manager can store your many passwords in one place and generate strong ones to use. You can often download an app to your mobile device, which gives you the convenience of filling in your credentials when you’re on the go, too.

The next step is to use two-factor authentication (2FA).

Understanding 2FA

This adds a layer of difficulty for hackers trying to access your accounts. Even if they had your username and password, they would need a second way to verify your identity.

Using 2FA requires you to provide one of the following before you can gain access:

  • something you know (e.g. the answer to a secret question);
  • something you have (e.g. your smartphone);
  • something you are (e.g. your fingerprint).

A bad actor would need to have not only your leaked credentials but also your other “something.”

A common approach to FA is an SMS text message or voice-based authentication. You enter your credentials, then the site follows up with a text or phone call providing a separate code you must then enter. This is not the best method, however. Scammers can hack the SIM card associated with your device, and then use your number to make and receive calls and texts.

Software tokens for 2FA are a safer solution. You’ll download and install an application on your phone (e.g. Authy or Okta Verify). It can generate a unique verification code that is valid only for 30-60 seconds.

Want to learn more about password management and soft-token 2FA. We’re here to help. Contact us today at (515)422-1995.

Benefits of Monitoring the Dark Web

by

The Dark Web is a hub for criminal activity. Even if your business is legitimate, you can’t ignore the Dark Web entirely. This article will explain the Dark Web and the benefits of monitoring its thousands of pages.

The US government created the Dark Web in the mid-1990s for spies to exchange information. It is still visited today by journalists and law enforcement agencies. People in countries prohibiting open communication might also use the Dark Web.

Yet the Dark Web is also home to illegal activity. This is where users can find weapons, child pornography, and counterfeit money. Criminals can also access malware, leaked data, and stolen information (including access credentials).

Bad actors like the Dark Web because it isn’t something you can find on your typical browser. The Dark Web is hidden from standard search engines, and you need specific software, configurations, or authorization to access it. Users also hide their IP addresses and use encryption to mask their identities.

Why Monitor the Dark Web?

There’s a real threat of your business suffering cyber assault. This could result in brand damage, significant financial losses, and intellectual property theft. If your business isn’t monitoring the Dark Web, you won’t know what is on there that could harm your business.

Dark Web monitoring can help you find:

  • compromised usernames and passwords;
  • proprietary company information available online;
  • stolen customer lists;
  • evidence of employee identity theft.

With Dark Web monitoring, you can limit damage to your bottom line and brand reputation. Surveillance can also help you find weaknesses and plan to prevent future attacks.

How Does Dark Web Monitoring Work?

Dark Web monitoring checks chat rooms, blogs, forums, private networks, and other sites that criminals visit. Using human and artificial intelligence, scans search for stolen customer lists or data, staff login passwords, and business email domains and IP addresses. You’re notified if there are any issues. Awareness can reduce the time it takes to discover a breach and address weaknesses.

Protecting Your Business from the Dark Web

Monitoring is the only way to shore up your cybersecurity. Obviously, it’s better if the scans find nothing from your business. So, it’s a good idea to strengthen your cyber hygiene. You can do so by:

  • educating employees about secure passwords and how to spot a phishing scam;
  • investing in password managers and antivirus and anti-malware software;
  • keeping all hardware and software up to date.

Monitoring the Dark Web is not something every business can handle solo. Even though the Dark web is far smaller than the Web you’re on every day, there are thousands of pages to scan.

Our experts can boost your cybersecurity protections and set up Dark Web monitoring. Contact us today at (515)422-1995 to lower your risk profile.

What is SIM Jacking, and Why Should You Care?

by

If you play the popular SIMS life-simulation video game, you could think SIM jacking means someone takes over your characters, but the reality is even worse. SIM jacking is a type of identity theft targeting your real-life identity via your phone.

In SIM jacking a bad actor uses the subscriber identity module (SIM) card associated with your cellphone number to make calls, send texts, and use data. This has several potential negative outcomes:

  • Your phone bill goes off the charts with international calling and data usage fees.
  • They might impersonate you by sending texts to scam your friends and family.
  • They can sign up for new email and social media accounts using your phone number.

Most importantly? They can use your phone number and SIM card to sign into your personal accounts. Many of us use text messaging for authentication. That’s when a site, say your bank, sends a code to your phone to confirm it’s you.

Now, imagine the criminal has access to your bank account through a leaked password. Whereas they couldn’t get in before because of two-factor authentication, they now have your SIM card, too. That means the SMS to authenticate your account also goes to them. They’re in, and you’re out.

How Does SIM Jacking Work?

Typically it starts, as so many cyberattacks do, with phishing. You might get a text or email that looks like it is from the cellphone carrier that asks you to click on a link. It might tell you there’s been suspicious activity on your account or that your bill is past due. It’s usually something that will make you anxious and feel the need to act urgently.

You’re taken to a fake website where you provide your name, address, cell phone number, and date of birth. With the right information, the scammer contacts your phone carrier and asks for a new SIM card. Once they have that in hand, they access your account and take over your cellphone. If they pair that with leaked credentials, they can really do damage.

If you’ve been SIM jacked, you’ll find out after the fact. You will no longer have a signal connection, so you won’t be able to send texts or make or receive calls. You may also have difficulty signing into the hacked accounts.

If you do think you’ve been SIM jacked, contact your carrier ASAP. Also, change your passwords and let your friends and family know. Otherwise, they might fall victim to a malware attack that appears to come from you.

Protect Yourself from SIM Jacking

Be careful with your personal information. Be wary of any requests to share your sensitive information online. Avoid taking action based on text messages or emails from people you don’t know and trust.

Protect yourself by using an authentication app such as Google Authenticator or Authy. Do this instead of using text messages to authenticate yourself online.

Always update the applications on your smartphone. Yes, it seems like there are constantly new updates, but they can be protecting you from vulnerabilities.

You might also get a request to restart your phone. This is a common sign your SIM card has been hacked. If you do it, you’ll lose control of your SIM card. So, call your carrier first.

It’s also a good idea to regularly review your phone bills for any charges that you don’t recognize.

Want to protect your online activity? Our IT experts can help update your applications and identify any vulnerabilities. Contact us today at (515)422-1995.

What Is Microsoft Secure Score?

by

Security is a priority no matter the size of your business. Recognizing this, Microsoft has a Secure Score measurement in its 365 Defender dashboard. But what is Secure Score, and how does it help your business? This article explains the basics.

Secure Score measures your security posture. It reviews your activity and security settings against Microsoft’s best practices. The idea is to identify areas to enhance protection and provide suggestions.

In the dashboard, administrators can view the current state of their security score. It considers all Microsoft identities, apps, and devices. There is also a target score. The higher your target score, the more recommended actions you’ll get, although Microsoft cautions that you should balance increased security against user experience.

Secure Score Recommendations

Secure Score shows you possible improvements considering security best practices. Secure Store currently offers recommendations for:

  • Microsoft 365 (including Exchange Online);
  • Azure Active Directory;
  • Microsoft Defender for Endpoint, Identity, and Cloud Apps;
  • Microsoft Teams.

The score does not measure the likelihood of a system or data breach. Instead, it looks at system configurations, user behavior, and other security-related measurements. Then, it scores what you’ve done to offset security risk in real-time.

Microsoft not only lists security recommendations but also tracks your action plan. The implementation section shares prerequisites and provides step-by-step advice to complete improvement actions. You can report on status (e.g. planned, risk accepted, resolved through third party, and complete). Rankings also help you gauge implementation difficulty, user impact, and complexity.

Scoring Security with Microsoft

The more improvement action you take, the higher your score. For example, you’re given points for:

  • configuring recommended security features;
  • doing security-related tasks;
  • addressing suggested improvements with a third-party application or software, or alternate mitigation.

Microsoft Secure Score also compares your metrics with scores for similar organizations. The data is anonymous, but in the Metrics & Trends tab, you can view how your score compares to others over time.

Raising Your Secure Score

How can you have an immediate impact on your Secure Score? These three steps can boost your organization’s security:

  1. Enable multi-factor authentication on administrator accounts in case account credentials are compromised.
  2. Enforce password expiration policies to prevent the usage of leaked credentials.
  3. Set up Azure Active Directory to track, log, alert, and remediate and better protect sensitive data and information.

Our IT experts are here to help you understand Secure Score. We can help enact action plans to apply the recommendations. Contact us today at (515)422-1995.

What Does a Data Breach Look Like

by

Part of the problem with a data breach is that your business doesn’t know about it until it’s already happened – sometimes well after. Knowing the signs of a data breach can help you mitigate the damage.

Don’t get complacent about cybersecurity. There are many things competing for your attention. But cyber vulnerabilities can mean unexpected downtime, as well as loss of data or money, and more.

Of course, you’re already installing firewalls and securing all remote entry points. You’re updating your antivirus tools and software regularly. Plus, you’re keeping strong passwords and educating employees about social engineering.

Still, bad actors can attack. Be vigilant about looking for these common signs of a potential breach.

Computer slows down

If your computer appears to be taking longer than usual to do what you ask, pay attention. You may not be imagining it. This, or frequent crashes or screen freezes, could be a sign of malware. Unwanted viruses may be monitoring your activities, corrupting files, and consuming device resources.

A slow network is another indicator of compromise, as is losing control of your computer’s mouse or keyboard. Malware takes substantial network bandwidth and can slow computers and connected devices.

Passwords don’t work

You have set passwords or you’re working with passphrases. You know what you set as your access credential, but it’s no longer working. This could mean cybercriminals have taken control of your accounts and changed the passwords.

Emails back from contacts

If you’re getting emails from your vendors or customers responding to messages you didn’t send, that’s a bad sign. Either you’re overworked and forgetting what you sent, or hackers have taken over your inbox and are using your address to send messages. They might masquerade as you to send fake invoices or request access credentials.

Unknown files appear

It is not a good sign when files that you don’t recognize appear on your screen or in Task Manager. Installing malware often downloads extra files onto the target machine. So, new files you didn’t add could mean an attack has occurred.

Also, be wary if file names change or the desktop icons look different. Monitoring for changes can help you react before a large amount of data is compromised.

Ransomware request

This one’s obvious, but we can’t fail to mention it. If your accounts are locked or you face a screen you can’t get past, you may be a ransomware victim. When someone offers you an encryption key to access your accounts or files, it’s definite.

Help prevent a ransomware infection by keeping your operating system up to date. Also, avoid installing any software without knowing exactly what it is or what it does. Additionally, you’ll want to regularly back up your files. That way, if attacked, the damage may be less significant.

With 90% of small businesses impacted by cyberattacks, you can’t afford to ignore any of these symptoms. The best protection is to prevent any infiltration in the first place. Ensure you have the necessary protection in place. Contact us today at (515)422-1995!

Click to see our BBB Report

FOLLOW US

VISIT US

Privacy Policy