Security

Ransomware Shouldn’t Cost You a Thing

If fortune smiles on your company, you won’t ever have to deal with what we are about to discuss: ransomware. For the past several years ransomware has been a major issue for businesses, governments, and individuals. Today, we will talk about ransomware, how there are different strategies, and how some people want to put a ban on ransomware payments. 

Common Types of Ransomware

As with most cyberthreats, ransomware keeps mutating, flooding the market with all types of dangerous malware. It can often be difficult to keep track of the threats. One thing is for certain, ransomware often relies on similar tactics to ultimately hold the data hostage. Let’s quickly take a look at five of the most common types of ransomware right now:

● Cerber - Cerber targets Microsoft 365 users through the use of an elaborate phishing campaign. 

● CryptoLocker - One of the most famous ransomware strains that is now just a copy of the original that was shut down back in 2014. 

● CryLocker - CryLocker uses a personalized ransom note using the encrypted files on a person’s computer or server. This ransomware locks a person out of their computer entirely. 

● Locky - Spread through phishing, this ransomware instructs users to enable macros to read the message. Once that’s complete, the malware will start encrypting files, and demanding a ransom. 

● Jigsaw - One of the worst of a bad lot. When triggered, Jigsaw will delete one or more files every hour for 72 hours. If the ransom hasn’t been paid when the 72-hour window is up, all the files are deleted. 

Steps You Should Take

No business can afford to have their data encrypted, deleted, or worse. Fortunately, there are things you can do to avoid it. Let’s take a look at 10 steps that users can take to avoid dealing with any of the above threats.

1. Never click on unverified links

2. Do not open email attachments unless they are from a trusted source

3. Don’t download files from websites you don’t trust

4. Do your best to avoid giving out personal data

5. Don’t use USB or SD Card drives that you didn’t purchase yourself

6. Keep your software patched and updated, including security software

7. Utilize antivirus, firewall, and other security software

8. Use a virtual private network on public Wi-Fi

9. Backup your data onsite and in the cloud

10. Use a mail server with spam protection and content filtering software

But,  If You Do Get It…

The ten tips above will help you avoid getting ransomware, but all it takes is one time for the nightmare to happen. In the past 12 months, $380 million has been spent trying to buy back access to ransomware-infected files, computing systems, and servers. At COMPANYNAME, we are of the belief that there are no good reasons to buy back your data. In your haste to get control over your data, you may consider paying the extortion fee, but here are a few reasons why you shouldn’t:

● The attack might be fake

● You may not get all your data back

● The hackers could leave malware behind 

● You set a precedent that you will pay if attacked

● You are reinforcing the notion that hacking and scamming is profitable. 

In fact, there are some legislatures in the US that are looking to make paying scammers’ ransom illegal. Since multiple municipalities have already gotten ransomware and paid the fine, more hackers are targeting them. The U.S. Treasury has already stated that they are firmly against payments to any ongoing extortion, including ransomware; and, in some cases, doing so may be breaking the law.

If you would like more information about ransomware, or if you are looking to get a comprehensive backup and recovery platform in place to stay proactive against a possible ransomware attack, call the IT professionals at Jackson Thornton Technologies today at 334-834-7660.

 

COVID-19 Pandemic Exacerbating Cyberthreats

Keeping your network and infrastructure free from threats is always a priority, but with so many people working remotely, businesses have encountered problems doing so. In fact, hackers and scammers have come out of the woodwork to try and gain entry into unauthorized networks or to flat-out steal data. This month, we thought we would take a look at how the COVID-19 pandemic has exacerbated the threats out there. 

Unsecured Networks

A lot of people are working remotely. In fact, one study showed that 58 percent of all knowledge workers--which are workers that deal in information--are now working remotely. With so many people being asked to work remotely, and no time to plan out a strategy to get them secured, many employees are working with unsecured access to company resources. In fact, unsecured remote desktops have risen by over 40 percent. This is a major concern, because cybercriminals can use brute force methods to gain access to a desktop. If that desktop is part of a larger computing network, they gain access to that as well. Not a good situation. 

Speaking of Brute Force Attacks

With so many unsecured connections out there, brute force attacks are up nearly 400 percent over numbers in 2019. Kaspersky published a report stating as much, and it really isn’t a surprise. IT administrators were given very little or no advanced notice that they were to implement all the services employees would need. This created the current situation where there are many problems securing authentication points and keeping software effectively updated.

There Is Not Just One Virus Going Around

Hackers and scammers are using COVID-19, and the fact people are almost universally concerned about it in one fashion or another, to overcome people’s cyber awareness. This was seen almost immediately as COVID-19-related phishing attacks were deployed en masse. In fact, in April of 2020, there were nearly 70 times more COVID-19-related phishing attacks than the previous month. 

Success Rates for Hackers are Improving

Since people are constantly accessing Internet-based resources, and are getting messages from all over, many people are less deliberate in their ongoing scrutiny of incoming emails, the predominant vector phishing attacks come in. The truth is that people were the weakest link in a company’s cybersecurity platform before the pandemic, but it pales in comparison to how much of a liability some are today without constant oversight. 

COVID-19 is a Field Day for Scammers

As mentioned earlier and understood by many security-minded people out there, hackers are opportunists. A global pandemic is just the kind of situation that hackers look to take advantage of; and they have. There are literally billions of COVID-19 pages up on the Internet, so ascertaining which are legitimate and which are nefarious is going to be difficult. Additionally, thousands of domains are added each day, of which 90 percent are scams. Not a good look for humanity when the largest health crisis in decades is met with people trying to steal money and data from others. 

A Change in Perspective is Needed

Technology’s job is to support the way people work, and with today’s strategies in place, more attacks are resulting in more breaches. This is largely because -- even with a sharp change in strategy -- companies are still trusting their users to do the right thing. They know that most of them will, and some won’t. The only way to get ahead during these uncertain times is to move to a zero trust strategy.

That’s not to say that users aren’t still going to have to do the right things, but under the zero trust model, the user is allowed to access their work regardless of where they are or what machine they are using. It’s less critical because instead of monitoring user behavior the zero trust model relies on the constant monitoring of the machines being used. Zero trust strategies constantly interrogate the network signal, the machine they are on, the data that is being transmitted, and the health of the software that is being used. If something is off, it is noticed and remediated immediately. 

In the new zero trust perspective, risk is managed on a case-by-case basis, and that level of hyper awareness will go a long way toward mitigating further risk. During the COVID-19 pandemic, scammers have run rampant, video conferencing has been hijacked, phishing emails are more common and intricate than ever, but they don’t have to hurt your business. None of these circumstances matter when you seal up your network in a way where the most risk is mitigated. 

If you would like to know more about how the COVID-19 pandemic has affected business and technology, or you would like to learn more about zero trust strategies and how to coordinate your business’ cybersecurity initiatives to give your newly remote workforce the best chance to help your business grow and prosper, call the IT professionals at Jackson Thornton Technologies today at 334-834-7760.

 

When the People You Trust Phish You

Having success in business often relies on developing trustworthy relationships. You have to trust your vendors and suppliers to get you the resources you need, you need to trust your staff to complete their tasks without putting your business in harm's way, and you need to trust your customers to buy the products and services that you offer. Running counter to these necessary bonds of trust are people actively soliciting people’s time, energy, money, and attention for their own selfish purposes.

Cybercriminals don’t care what kind of good will you’ve forged, all they want is your data or access to your network. This blind determination is a major threat to businesses like yours. One of the most prevalent scams is what is called a Display Name Spoof. It isn’t just your regular phishing scam, and today, we’re going to teach you everything you need to know to ensure that you aren’t a cybercriminal’s next victim.

What is Display Name Spoofing?

Display name spoofing is a spear phishing tactic where hackers will target an individual—who typically has access to the network or resources that the hacker wants access to—and sends them a vaguely worded email that is seemingly sent from a trusted source, often an authority figure. Since the email address and title look legitimate, subordinates who forsake security for alacrity can put your whole business in jeopardy.

It works like this: Many professional emails will have a signature. Display name spoofers use  this to their advantage. What they will do is target a person, research them to find someone that could potentially get them to act impulsively, and use that information to phish the user. Below is an example of a display name spoof phishing attempt:

As you can see, the only thing that looks illegitimate here is the actual email address and since some email clients don’t actually show the address by default, you wouldn’t blame a dutiful employee for following the instructions in the spoofed email. 

What Can You Do to Combat Display Name Spoofing?

At your business, you have cameras, You have locks on the doors. You’ve developed secure access control procedures to ensure your employees have the authorizations they need to do their jobs. Why would your strategy change when aiming to protect your business’ most important asset? 

Just like with physical security, you need a strategy to protect your digital assets. Part of that strategy has to confront the fact that your business is going to get phished and that it is your responsibility to ensure that your employees are well trained, and therefore knowledgeable about how to identify and respond to these situations. 

Here are a few tips on how to ascertain if a message is legitimate:

● Thoroughly inspect both the name and sender’s email address before you take action.

● Check the content for misspellings or completely incorrect uses of grammar.

● Consider if the sender would send a message asking you to take cavalier action.

● Consider if the sender would ask you to send them authorization credentials through email.

If there is any reason that the recipient has a notion that the email is not legitimate, implore them to verify. Getting a verification of the email’s legitimacy typically takes minutes and can really help eliminate the risks that display name spoofing can bring to your business.

If you need help understanding how to identify phishing tactics, train your employees to do the same, and knowing what steps to take when you realize you are dealing with a phishing attack, contact the IT professionals at Jackson Thornton Technologies today at 334-834-7660.

 

 

 

Paying a Ransom Demand Could Get Even More Expensive

When it comes to ransomware, we have always stood firm in our recommendation not to pay whoever is responsible for locking down your systems. However, due to the globalized nature of technology and cybercrime, it is even more important that companies don’t attempt to placate their attackers with the demanded funds. Otherwise, warns the United States Treasury Department, these victimized businesses could very well pay severe fines for doing so.

What are the Costs of Ransomware?

Here’s the situation: in today’s increasingly connected world, cybercriminal activities can be conducted from essentially anywhere and target essentially anyone. It isn’t like the old-fashioned stick-‘em-up robbery, where the criminal had to be present to commit the crime. Now, someone in Portugal could presumably rob the Federal Credit Union of Poughkeepsie without getting up out of their poltrona.

One particularly effective tool that many cybercriminals will now use to do so is ransomware—a malware that encrypts a system and renders it effectively useless, only offering the user the means to pay the criminal responsible some fee in exchange for resumed access to their resources. Whether the cybercriminal holds up their end of the bargain is another, highly unlikely story.

As we’ve said, we recommend that you never pay these attackers… but we do understand why you may feel that is your best option. After all, it seems like the fastest way out of a bad situation and when your business is hemorrhaging money due to downtime, you’re going to want to fix the situation as quickly as possible. This is precisely what the cybercriminals are counting on.

Despite this, it really is a bad practice to pay for resumed access to your data for a number of reasons, not the least of which being the fact that you’ve no guarantee that your data will actually be returned and that the money you send will only fuel more attacks.

However, that’s just the start of your problems, should you elect to pay up.

Uncle Sam Wants to Dissuade Businesses with Different Tactics

To try and discourage ransom payments, the Treasury Department is doubling down on the advice that the Federal Bureau of Investigation has been giving for years. Rather than simply discouraging businesses from paying, the Treasury Department has warned that the federal government could severely fine the businesses that pay out these ransoms for violating terms laid out by the Treasury’s Office of Foreign Assets Control.

In their Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, OFAC outlines how many cybercriminal groups—including the North Korean Lazarus Group, the Russian cybercriminal syndicate Evil Corp, and individuals tied to SamSam and Cryptolocker—operate out of regions that are already subject to economic sanctions, or have had sanctions levied against them. These sanctions make it a crime to make any transactions with them…including ransomware payments.

After all, once that ransom is paid over, who’s to say that the money doesn’t wind up in the hands of some entity that poses a direct threat to security?

Unless given a special license by the Treasury, a business that facilitates ransomware by paying up could not only see losses in the amount of the exorbitant ransom demands, but also in the fines that could be levied up to millions of dollars.

Technically speaking, this advisory isn’t an outright ban on ransomware payments, per se. Instead, companies are encouraged to contact law enforcement to obtain clearance to pay the ransomware or to try to obtain an OFAC license to do so. However, these requests are more than likely to be denied.

There is also no telling how much these policies will be enforced, but it is almost certainly wiser to take them at face value and act accordingly.

Impact on the Insurance Industry

Adding to the complexity of the situation, this advisory flies directly counter to the advice that many insurance companies give their customers, as their advice is often to pay the ransom. The theory is that paying the ransom would ultimately be less expensive than recovering from a backup and undergoing the associated downtime—but ultimately adding to the growing ransomware problem.

These sanctions would effectively make it impossible for insurance companies to cover the costs that their policies guarantee, and it isn’t as though these companies will act in a way that violates these mandates.

Therefore, cyberinsurance policies will likely no longer include ransomware coverage. This may result in many businesses second-guessing if investing in insurance is worth the cost.

Regardless, for companies to protect themselves from the threat of ransomware, there needs to be a greater awareness of how to avoid the risks and the importance of doing so. This is especially the case right now as so many people are working remotely.

Ransomware attacks are commonly spread via phishing messages, often packaged in attachments or through disguised download links. Make sure your team members are all aware of this threat, and how they can better spot a phishing email as it comes in.

For more information on how to do so, and other security best practices and solutions, turn to us at Jackson Thornton Technologies. As a managed service provider, our mission is to help your business manage its information technology so that you can remain productive—which includes protecting it as best we can from a variety of threats. Learn more by giving us a call at 334-834-7660.

 

Reviewing Zoom’s Efforts to Improve Its Security

As a communication tool, the video conferencing app Zoom saw a considerable bump in its popularity with both personal and business users as the coronavirus pandemic made other means of meeting no longer viable. However, this sudden increase in its user base also revealed some serious security issues with the platform. Let’s examine what Zoom has done to resolve these issues since then.

Zoom’s 90-Day Security Plan

On April 1, 2020, Zoom announced that it had a 90-day plan to address the numerous security concerns and criticisms that had plagued many users. The crux of the issue was that Zoom links were commonly being shared on social media… effectively opening these meetings to anyone who could find that link. As a result, the concept of “Zoombombing”—unauthorized users hijacking meetings and sharing offensive content—was born.

After numerous attacks were waged against organizations of all kinds, Zoom saw that it needed to make some changes. Therefore, on April 1st, the company announced that it would be pausing any new features to focus specifically on those related to the platform’s security. These include:

● Passwords are now required to access all meetings

● Waiting Rooms (a space where a meeting’s guests had to wait to be approved by the host) are enabled by default

● The default settings only enable the host to share their screen

Furthermore, Zoom’s acquisition of Keybase has enabled them to incorporate end-to-end encryption. Other internal changes are also now in place including a bug bounty program, deeper penetration testing, and other security improvements.

Some Brief Controversy

However, Zoom has not escaped all criticism as it has made these changes. In June, CEO Eric Yuan shared that the end-to-end encryption feature would be exclusive to paying users. Once users and security advocates alike spoke out about this policy, Zoom quickly walked this policy back. While it is still rolling out this capacity, and it may interfere with some other features, Zoom is also actively planning for the future with its next improvements already planned out.

So, is Zoom Safe to Use?

Compared to where it was? Absolutely. However, you may still want to take what you plan on communicating into account when deciding whether to use Zoom for certain conversations, just to be safe. Erring on the side of caution is always the better option when your business communications are involved.

Whatever your business’ technology needs may be, Jackson Thornton Technologies can help you find and implement the solutions to fulfill them. To learn more about what we have to offer, give us a call at 334-834-7660 today.

 

How You Can Make IT’s Life Easier

Business relationships, especially between you and a service provider or you and a coworker, are crucial to a business’ success. However, maintaining these relationships can be challenging when there’s a good chance that your actions might create more work for another person. Let’s go over why your relationship with IT may be strained, and offer a few tips to help fix it.

Why Doesn’t IT Like Me?

If you’ve read this far, chances are that you are what an IT professional would call an “end user,” which is just someone who uses technology to accomplish their goals. Let me ask you something: how many end users would you assume have the same level of technology experience as an IT technician?

Naturally, very few end users have this level of familiarity… otherwise, there wouldn’t be any need for the IT department. As a result, the end user is more susceptible to security issues and threats—the very things that IT is trying to minimize. Looking at it this way, it is understandable that IT might occasionally be frustrated.

While we certainly know better than to try and make you an IT expert over the course of one blog, we can give you some advice to help you avoid such issues and thereby give your IT resource a bit of a break. This is a win-win, because the less time an IT professional spends cleaning up messes, the more time they can spend improving your business processes.

Seeing as it is currently Cybersecurity Month, let’s review a few troublesome tendencies that the average end user slips into that could create issues so that these habits can be broken.

Clicking on Everything

Links are a funny thing. If I were to include a link in this blog, there’s a fair chance that you might automatically click through it out of habit. Even if I expressly told you not to click through it, many end users would click through it anyways.

Let’s test this theory.

The danger here is simple: cybercriminals know how tempting it can be to click on a link, how automatically so many of us tend to do so. This is why the use of misleading links is such a major part of a phishing strategy—basically, the “made you look” of cybercrime. Rather than bringing you to the page you anticipated, a phishing attack might install malware, or create a fraudulent lookalike page to steal whatever data you input.

One of your users falling for a phishing attack is all it could take for a cybercriminal to bypass your network security, so it is important that your team knows why clicking links is more dangerous than they would expect. Make sure that, before clicking, your team members hover their cursors over any links to confirm where they will go, and when in doubt, to not click.

Installing Unapproved Software

Similarly, the “Install” button can be very tempting for an end user. The problem? That helpful-looking online application or browser add-on could easily subject your network to compatibility issues and security threats.

Considering this, you should insist that—unless a program is sourced from an operating system’s official marketplace, or your IT department has already vetted it—a user should never install anything. Ideally, they wouldn’t install it anyways, relying on IT to properly supply and configure the solutions needed for the job.

Poor Password Hygiene

Few other best practices are as frustrating for an IT technician to repeat as the guidelines for proper password creation and management. As the current standard in identity authentication, it is beyond important for you and your users to comply with assorted password rules and requirements, such as:

● Using a different one for each account

● Avoiding common password combinations and conventions

● Keeping them private, instead of sharing their passwords

● Memorizing them, instead of writing them down

If these practices are not followed, your business is essentially inviting in security issues, which IT then must deal with.

You may consider making IT’s job somewhat simpler by implementing a password management solution. This piece of software saves all a user’s passwords in an encrypted vault that is only accessible by using a single master password. This ensures that the user always has access to their necessary passwords when they need them, while also reducing the number they need to remember to one.

That way, there’s no longer any excuse for slacking in their password hygiene, and your business’ security benefits as a result.

A cyberattack is leveraged against a business just about once every 39 seconds, so you can’t afford to have your users short-change the defenses you have in place. IT has enough to worry about without this contribution. Jackson Thornton Technologies can help you out with our managed IT services, taking over some of their responsibilities and helping them to accomplish their goals.

To find out more about the managed services we offer and their operational benefits, reach out to us at 334-834-7660.

 

 

Are VPNs Really Secure?

We’ve not been shy about promoting the use of VPNs (virtual private networks) as a means of protecting your security while you are online. However, we wanted to take a bit of time to specify what a VPN can - and cannot - do to help you.

Understanding What a VPN Is

A VPN is a tool that enables you to encrypt your internet traffic.

An analogy that can be used to describe a VPN is that of a subway, as compared to a street on the surface. Let’s say that you’re traveling from point A to point B. If you choose to ride in a car on the surface, you are visible to anyone who might be on the street as well. Not only can people see who is in the car, they can see where the car is going. This is what the “typical” Internet connection is like, as far as your Internet traffic and information are concerned.

On the other hand, using a VPN is more like using the subway. When you ride the subway, someone on the surface may be aware that there is a subway traveling below them, but they cannot see it inside its underground tunnels. More importantly, they cannot see you in it. This lines up to how a VPN works: by encrypting your data and identity while in transit across the Internet, everything you do is hidden from hackers and even your Internet Service Provider.

This is commonly used, especially now, to enable secure remote work to take place. By using a VPN, an employee who is working from home can securely access resources that exist on the business’ private network. This helps to protect this data from snooping eyes.

How Well Does a VPN Protect Your Data?

Frankly, it depends, and it depends on a variety of factors.

The first factor is how you are defining the word “protect.” There are a lot of different ways that your business’ computing in general needs to be protected. A VPN’s purpose is to prevent your history and Internet connection from being snooped upon. That’s basically it. You can still download spyware, malware, and/or viruses while you’re using a VPN, especially if you visit a malicious website or allow in infected files.

There is nothing particularly secure about a VPN in its concept. Rather, the security behind the VPN’s protocols is where the real difference is. Some protocols, like the heavily exploited point-to-point tunneling protocol, just aren’t secure enough nowadays. Others, like OpenVPN or WireGuard, are considerably more secure, due to the ciphers that are in place to protect them.

Turn to us for assistance with your Virtual Private Networking.

Jackson Thornton Technoligies can assist you with your VPN, assisting you in selecting a provider and implementing the solution that best fits your business’ needs. There is far more to consider than what we’ve covered here, so make sure to give us a call and talk to our team. Give us a call at 334-834-7660 today.

 

Category: 

Tip of the Week: 5 Ways to Easily Identify a Phishing Attack

If you’ve been reading this blog for any length of time, you’ve seen us reference a phishing attack. Whether you are being asked by some supposed Nigerian prince to fork over money or you are getting an email by what seems to be your bank that directs you to download an attachment, you are probably a potential victim of a phishing scam. The difference between being a potential victim and a victim is knowing how to identify it. Today, we’ll give you five ways to identify a phishing message so that you—or your company—won’t be scammed.

#1 - Urgency

When you get an email and the verbiage is such that it immediately makes you panic a little, you are probably dealing with a phishing attempt. Email is a really useful tool for businesses and individuals alike, but it typically isn’t the medium where someone is going to give you news that will make your anxiety spike. The message can come from many different directions, but if its tone is one where it makes you think you have to act immediately, you should calm down and verify the message with a call or text. 

#2 - Attachments

Again, email is useful for interpersonal communication, but unless you are expecting an email, or you know exactly who is sending you a message, you should never click on an attachment. This goes double if it is from a financial institution. No reputable bank is going to send you a downloadable attachment unless you are in direct communication with them. Even then, these organizations have secure apps for these types of transactions. Do yourself a favor and don’t download attachments from emails unless you know exactly what the attachment is.

#3 - Spelling and Grammar Errors

Let me ask you this: In the course of doing business, when corresponding with people outside your organization, do you send emails with gratuitous spelling and error problems? No? That’s because you don’t want the recipient to be put off by your handle of the language. Phishing emails tend to be written by people whose first language isn’t English and they tend to make terrible spelling and grammar mistakes. If you are getting an email from your bank, but the content of the message is riddled with typos, you are dealing with a phishing email.

#4 - Your Personal Information

Any email that is sent to you that asks for personal information should be met with caution. Even if it looks authentic, when the email directs you to provide information that you don’t feel comfortable giving out—like a credit card number or your social security number—you’re almost always dealing with a scammer. If an organization needs your personal information, it will create an interface that will allow you to securely provide that information. They can’t afford not to.

#5 - Addresses Aren’t Legitimate

Finally, one of the telltale signs that you are being phished is the legitimacy of the links and addresses in the message itself. Firstly, you should be suspect of links in unsolicited emails anyway, but to be sure, you can mouse-over any links. If you don’t immediately recognize the web address, don’t click on the link. As far as email addresses go, it can often be difficult to tell if an email address is legitimate or not. One rule of thumb, if there is more than one period in the address, don’t click on it. It may be legitimate, but investigating it takes seconds and can help you avoid a lot of headaches. 

Here’s a quick, short guide to help you and your staff:

1.Everyone handles their domains a little differently, but use this as a general rule of thumb:

a.paypal.com - Safe

b.paypal.com/activatecard - Safe

c.business.paypal.com - Safe

d.business.paypal.com/retail - Safe

e.paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)

f.paypal.com.activatecard.net/secure - Suspicious!

2.paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!

3.Check the email in the header. An email from Amazon wouldn’t come in as noreply@amazn.com. Do a quick Google search for the email address to see if it is legitimate.

4.Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.

5.Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious. 

We hope that this short guide helps you avoid clicking on phishing attacks as they can have devastating and adverse effects on your computer, your network, and your business. For more great tips and tricks, return to our blog regularly. If you want to talk about how best to train your staff about phishing attacks, call us today at 334-834-7660.

 

 

Category: 

Security Best Practices that Get Overlooked

Security is a major part of any business, and if there isn’t a diligent approach to the implementation of it, you can be left with huge holes in your network. This month, we thought we would discuss some of the best practices you can take to make sure that your organization’s security is in the best possible position to protect your digital resources. 

Security Steps

Let’s face it, your business’ cybersecurity starts and ends with your staff. They need simple, practical directions to follow or they simply won’t pay any mind to it. You don’t want to be the business that deals with significant turnover because security tasks are so demanding that their employees would rather work elsewhere. You will want to take the time to go through every part of your IT and brainstorm potential problems. You will address situations such as:

● What qualifies as confidential data, when and how this data is to be shared, best practices and requirements for storage and access credentials

● How devices used for work are to be maintained and handled, which devices may be approved for use, how to get a device approved

● How employees are required to go about transferring data, remote work policies, threat reporting processes

Understanding the potential problems your business faces can go a long way toward dictating where you need to invest capital on the security side. 

Prioritize Training

Many businesses are still not training their employees even though up to 94 percent of all cyberthreats that come in are due to employee error, negligence, or sabotage. As a result, it’s extremely important to have a comprehensive security training platform in place. You need to teach your employees about phishing, about social engineering tactics, and about data care.

Use Innovative Tools

There are a lot of businesses that have a lot of security measures that they use to mitigate problems such as data theft, intrusion, and especially malware deployment. These solutions can be had in a comprehensive security suite that includes firewall, antivirus, content filtering, spam blocker and more.

To learn more about the powerful security tools your business can implement to keep malware and other threats off your network, call the IT security experts at Jackson Thornton Technologies today at 334-834-7660.

 

Phishing is a Threat, Even By Phone

Telework has become crucial for businesses to sustain themselves right now, as remote work became a hard and fast requirement in the face of the coronavirus. However, if businesses aren’t careful, they could trade one issue for another in exposing themselves to security threats.

Let’s take a few moments to discuss one threat that many are facing: voice-based phishing, or vishing.

Federal Agencies Have Sounded the Alarm

Both the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have called attention to this variety of phishing. By calling a targeted victim, rather than sending an email or another kind of correspondence, an attacker can potentially pull the wool over their target’s eyes by using a less-expected attack strategy.

Those who are working from home are being targeted by a vishing campaign intended to acquire the access credentials needed to get into corporate networks. Once these credentials are obtained, the cybercriminals responsible can turn around and sell this access to others for their nefarious use.

How These Attacks Are Presenting Themselves

By registering lookalike domains to pose as a company’s actual resources, cybercriminals set themselves up to steal company credentials. These domains can be extremely convincing, often structured in the following ways:

● support-[company]

● ticket [company]

● employee-[company]

● [company]-support

As these pages replicate a company’s login page to their virtual private network, unwitting users are more likely to enter their credentials. This means that the attacker is then able to capture these credentials—including multi-factor authentication codes—and use them to gain access to the targeted business’ network.

Once these facsimile pages are completed, criminals then do some digging into a company to learn more about their employees. A profile is constructed, with the name, address, phone number, job title, and even length of employment for each employee included. Using this data, a hacker can call their target through a spoofed number and send them to their fraudulent VPN webpage.

This gives the hacker the means to access an employee’s work account, enabling them to collect more data for further phishing efforts or other data theft efforts. These attacks are now being directed to the team members that are currently working from home, making it even more important for your employees to be able to recognize the signs of phishing.

How to Identify Phishing Scams of All Kinds

● Exercise caution when dealing with unsolicited calls, voicemails, and any other messages from those you don’t know. If you can, double-check that the person is who they claim to be through another means of communication.

● Double-check the number of a suspected vishing caller, as well as any Internet domains you may be told to navigate to.

● Avoid visiting any websites that a caller recommends without good reason to trust their legitimacy.

Jackson Thornton Technologies is here to help you with an assortment of your business’ IT needs and concerns, including your cybersecurity. Give us a call at 334-834-7660 to learn about the services and solutions we can put in place on your behalf.