In this blog, we do our best to give people the knowledge they need to protect themselves and their organizations while operating online. With all the digital tools that we all have come to rely on, it’s important to understand the result of a data breach on organizations and their customers. In today’s blog, we go through six of the most devastating data breaches that happened in 2023.
Coleman Technologies Blog
A New Year can be about self-improvement. Most of us make lofty goals to spend more time at the gym, or to stop sneaking spoonfuls of uncooked Pillsbury Cookie Dough right out of the tube from the back of the fridge at four in the morning. Some of us accomplish our goals, and some of us have gotten really good at hiding that Pillsbury Cookie Dough wrapper in the bottom of the trash so nobody realizes it’s gone. All joking aside, it feels good to make accomplishments, and I truly hope that anything you set your mind to is able to happen for you.
If you are looking for an easy resolution that will help you sleep better at night and is extremely easy to maintain, I’d highly suggest that you prioritize your own personal cybersecurity in 2024.
It will take a little effort, but trust me, it will save you a lot of headache down the road.
Every organization has a lot of things that could go wrong in the course of doing business. They can run into supply chain issues, employee turnover and poor performance, natural disasters interrupting your “business as usual”, but one of the most unassuming, yet worrisome threats to your business is the cyberattack. This month, we go into a few ways cyberattacks threaten your business and how they play out to give you an idea of how to prepare.
Your business’ computing infrastructure is a pretty resilient system. It has all types of tools added on to keep malicious code, bad actors, and even sabotage from ruining the good thing you have. This reliability has led to hackers changing the way that they go about their business. Nowadays, most of the attacks that affect businesses are phishing attacks. In today’s blog we will go through the elements of a phishing attack and how you can protect your business from them.
The Internet of Things is everywhere and that means that it’s important to understand how much of a potential security risk these devices can be. From smart speakers to smartphones, it's important that you understand how these devices can create problematic situations. In this week’s blog we will discuss how you can protect yourself against IoT vulnerabilities at home.
Threats are everywhere in business today. You can quite literally be sitting at your desk actively working in your email and be exposed to multiple scams. With this revelation, it is essential that every organization takes the steps necessary to secure themselves against the immense amount of threats that could put their network and infrastructure at risk, and do so without making it difficult on their staff. Let’s dig into what that takes in this month’s newsletter.
Security is extremely important for every single organization that uses IT. Like any other part of a business where practices and demands change frequently, there is bound to be significant innovation involved with the strategies built to protect users and the business as a whole. Let’s look at why it is important to continuously innovate your organization’s cybersecurity policies and procedures.
You know the old phrase, “A chain is no stronger than its weakest link?”
It’s a pretty good idiom, but when it comes to cybersecurity, I think the idea is worth revisiting. It’s not that you aren’t as strong as your weakest link, or in terms of cybersecurity, it’s not that you aren’t as secure as your most vulnerable endpoint…
You are less secure the more users you have.
Small businesses have a lot to worry about in terms of technology, but one of the things that often gets overlooked is network security. Some small businesses feel that they are too small to be considered a viable target for hackers, but they are wrong; all businesses have data valuable for hackers in some form.
When security breaches and data breaches are mentioned in the same breath so often, it’s easy to look at them as one and the same. However, we want to take a moment to explain the differentiating factors between the two, as it could be all the most important for protecting your business in the future.
The effectiveness of your business’ IT security is largely contingent on how your IT operates. As a result, it is extremely important to ensure that your staff understands the role they play in protecting your business’ assets. This month, we discuss what you should prioritize when putting together a security training platform; an essential part of any business’ attempts to keep their IT secure.
Do you know those horror stories you catch every so often where a huge business has their network hacked and millions of their customers and employees have their personal and financial information leaked onto the Dark Web? Your organization isn't likely as big as theirs, but regardless of how much money, people, and diverse revenue streams an organization has, having its network breached and its customers’, or its employees’, information strewn about over the Dark Web is not an ideal scenario.
Data Backup and Recovery
Data backup is a critical process that every business that depends on their IT needs to have. If data is the lifeblood of your business, then you need to protect it. Your business most assuredly has data that, if lost, would put you back. Why risk it when a solution for this problem is a simple fix? You need data backup.
Tesla’s Near-Sabotage
In August 2020, a Russian businessman was indicted on charges of conspiracy to intentionally cause damage to a protected computer after he attempted to recruit a current Tesla employee to install malicious software on the automaker’s Gigafactory network.
How a Company Acquires Your Data
For a company to get your data, all they really have to do is ask you for it. Think about what happens each time you make a purchase online, or even create an account—you’re handing over your contact information, and usually pairing it to one of your financial resources.
Obviously, you’re subconsciously entrusting them with this information, assuming that they will keep it sufficiently protected and secure.
Ransomware
Imagine trying to access your computer (or your network as a whole), only to find yourself locked out and presented with a demand for payment in exchange for your files to be decrypted. This is precisely the scenario that ransomware puts its victims into, usually with a deadline to pay up under threat of the destruction of the encrypted files. If you’ve heard about Cryptolocker, WannaCry, or Petya, they are what we are referring to.
In 2019, a business was infected with ransomware once every 15 seconds, racking up a total of $11.5 million in total losses. Spam and phishing attacks were responsible for infecting 66 percent of affected companies, and in 2017, almost half of companies surveyed were affected by ransomware.
Denial of Service
Denial of Service (DoS) attacks, and their more-popular offshoot, Distributed Denial of Service attacks are the most common form of cyberattack. Using automation, an attacker has resources batter a target with the aim of taking it down. The rise in Internet of Things-enabled devices now allows an attacker to take over these devices and turn them against a single webpage. Naturally, this takes the website down.
The biggest DDoS attack on record happened on March 5, 2018, but was fortunately unsuccessful in taking down the targeted ISP… despite clocking in at 1.7 TB/s. On average, one of these attacks costs somewhere between $20K-to-$40K each hour, or in other terms, just under the average American worker’s annual salary. In the UK, businesses lost £1 billion to cybercrime in 2019.
Man-in-the-Middle
A Man-in-the-Middle attack compromises any communications between a business and their contact. Any and all data can be interfered with, allowing cybercriminals to have their way with personal data, business correspondence, or financial data that is transmitted. It can be intercepted, altered, or redirected, potentially causing more problems than can be counted. The worst part: because Man-in-the-Middle attacks are relatively easy to carry out, they are rising in popularity on a daily basis. They are most commonly used to extract information, whether personal or professional, that otherwise wouldn’t be available. This includes things like login credentials, banking information, or payment card data.
Okay, that wasn’t the worst part. The worst part is that the majority of servers are still vulnerable. As in, 2016 saw 95 percent of HTTPS servers still at risk.
Phishing
Believe it or not, phishing attacks are ranked as the biggest threat to businesses out there today. Phishing is a kind of social engineering where an attacker will reach out to the victim through some format, from email to instant messaging and beyond, in order to gain access to a secure system by fooling their victim into erroneously trusting them. While phishing emails have been around the block a few times, today’s attacks have grown to be quite sophisticated.
Many statistics surrounding phishing emails demonstrate how effective this relatively simple attack has proved to be. Phishing is involved in 93 percent of all social engineering attacks, and was directly responsible for 70 percent of government network breaches. In the last 12 months, 64 percent of organizations had first-hand experience with phishing, notably, 82 percent of manufacturers. The aforementioned ransomware relies on phishing for 21 percent of its delivery. As recently as 2016, 30 percent of phishing messages were opened.
SQL Injection
Abbreviating a structure query language injection, an SQL injection attack does what it says on the box - it injects malicious code into a target’s SQL servers and feeds the database information back to the attackers. While this is another “golden oldie” of an attack, web-based applications that call for database access have given new life to SQL injection attacks and allowed attackers to extract very valuable info.
It should then come as no surprise that 65 percent of all web application attacks are performed through SQL injections. So, if your organization draws information from a database for an application, you could easily be victimized to a significant degree. Even gamers need to be concerned, as 12 billion out of 55 billion detected SQL attacks that Akamai security experts found were leveled at the gaming community.
Malware
If only these other attacks meant that attackers didn’t have time to try anything else, but unfortunately, that isn’t the case. Malware attacks still rank among both the worst, and most common, attacks against businesses. Of course, there are many types to consider, including:
- Trojan horses - Malicious code will be concealed within other files and applications and allow an attacker a point of access to a computing system or network.
- Worms - Malicious and self-replicating applications that travel along and infect networks and individual devices.
- Viruses - Samples of malicious code that infect applications for a variety of motives, including sabotage and theft of data and other resources.
- Spyware - Code that, while it seems harmless, piggybacks to software and gathers information about how a device or network is used.
There are many ways for malware to be introduced into a system. Again, phishing messages can be responsible, but many attackers will use something called “droppers.” Droppers are specialized programs that will install a virus after bypassing cybersecurity solutions. Since there is nothing inherently malicious about the dropper, protections usually don’t flag them.
Fortunately, there are ways to protect your business’ resources, network, and infrastructure from the millions of different versions of these attacks - and you need them, as your business is actively targeted by these attacks. To learn more about putting these protections into place, reach out to the professionals at Coleman Technologies by calling (604) 513-9428.
The past few years have seen some of history’s greatest data breaches. For instance, the most notorious of these attacks, the Equifax breach, Yahoo, and Marriott-Starwood, resulted in a combined total of 3.5 billion accounts breached.
This means, statistically speaking, you would have a pretty good chance of picking a data breach victim of the past few years by randomly selecting two human beings from the entirety of planet Earth’s population.
Crunching the numbers, there has been an increase of security breaches of 67 percent since 2014.
What Does this Mean? Is Anything Secure Anymore?
Interestingly, there is a plus side to these enormous data breaches happening in the public eye, thanks to a few key points:
- It brings attention to these kinds of crimes - Thanks to disasters like the Equifax breach, more Canadians are aware of the impact of cybercrime. This kind of awareness is crucial to encouraging improved security.
- There is too much data for cybercriminals to practically use. This one can be chalked up to statistics… the more data that a given cache has, the less of a chance that your data is pulled up in an attack.
To clarify, we aren’t trying to sugarcoat the severity of a data breach, but having said that, the past few years’ cybersecurity threats have really given us all an example to consider. With new compliances, regulations, and other mandates being put into play, businesses are certainly considering these threats.
What About Small Businesses?
There is a tendency to overlook small businesses when discussing data breaches. After all, the ones that have struck large targets (like Yahoo, Target, eBay, Sony, and many others) almost always get a headline, along with the attacks that focus on municipalities, like the ones that targeted Wasaga Beach, Ontario and Midland, Ontario with ransomware.
What aren’t heard about so much, unfortunately, are the attacks that lead to much smaller companies shutting their doors for good… a side effect of the limited number of victims per attack, and the relatively casual approach that many have towards security. Unfortunately, a Verizon survey shows just how misguided the assumption that a smaller business size will protect it from threats, when 43 percent of businesses breached would be classified as small.
Security Needs to Be a Priority
Fortunately, there are ways that you can reinforce your business’ cybersecurity, especially with the help of Coleman Technologies and our experienced cybersecurity professionals. Call (604) 513-9428 to get in touch with us, so we can help evaluate and fulfill your business’ needs.
One crucial component of any successful cybersecurity practices is the active effort to eliminate risk wherever possible. Here, we’ve compiled five practices that will contribute to your business’ capability to recognize where its threats come from. While these aren’t exactly policies to help protect your data, they can help you collect the data you need to form these policies.
1. Inventory All of Your Assets
When you resolve to protect everything, as many business owners do, it helps to know what exactly “everything” includes. Maintaining a comprehensive inventory of all of your technology-- each wire, additional peripheral, and software title your business has acquired--makes managing your technology far simpler and more efficient.
2. Push Cybersecurity Best Practices
Your staff, being the ones with their hands on your business technology, need to be trained on how to maintain its security. As it happens, this training should transcend just security and cover their cyber hygiene as well. The more they know about how to better secure their use of your technology and identify threats and issues, the more secure your business will be.
3. Address Shadow IT Head-On
Shadow IT is an insidious problem that many don’t even consider an issue. The phrase “shadow IT” basically serves as a blanket term for any software that an end user has downloaded without the knowledge and approval of the IT administrator. While there are many potential issues with shadow IT, the worst of them likely comes from the vulnerabilities that unapproved and unpatched software can bring into the network. By enforcing a policy of utilizing only the solutions that IT has vetted and approved, you can protect your business from one of the least expected threats there is: the employee who was just trying to do their job.
4. Ensure the Proper Tools are Implemented
Cybersecurity, on paper, isn’t such a difficult process. The issues come from the fact that everyone involved needs to understand the threats facing them and why the practices and tools they are expected to utilize are so crucial to security. Unfortunately, if the reasoning behind using antivirus and anti-malware, firewalls, spam blocking and content filtering (among other security tools) is never addressed, their use is more likely to be taken for granted, and ultimately neglected. Not only should these tools be in place, there needs to be an organizational commitment to using them… otherwise, threats are more likely to be an issue.
5. Keep IT Refreshed
As a general rule, the older your technology gets, the less effective it is at serving its intended purpose. This can be resolved by making a point of systematically and strategically patching, updating, and upgrading the technology you rely on to operate. More up-to-date solutions have better security and can better keep your assets safe, threats less of a consideration (but still one to be consideration).
Coleman Technologies can help you put these practices in place for the betterment of your business and its security. Reach out to our team for improved cybersecurity by calling (604) 513-9428 today.
The URL
Before we get into the manipulation of the URL, let’s define its parts.
The first part of the URL is called the protocol, which tells the computing network which language is being used to communicate on said network. Most of the time, the URL will use the protocol “HTTP”. The HyperText Transfer Protocol makes it possible to exchange web pages. Other protocols that are used include File Transfer Protocol, News, and Mailto.
The second part of the URL is the ID and password, which makes it possible to access secure servers on the network. This part is typically removed because the password will be visible and transfer unencrypted over the computer network.
The third part of the URL is the server name. It allows users to access information stored on specific servers whether through a domain or the IP address associated with the server.
The fourth part of the URL is the port number. This number is associated with a service and tells the server what type of resources are being requested. The default port is port 80, which can be left off the URL as long as the information that is being requested is associated with port 80.
Finally, the fifth, and last, part of the URL is the path. The path gives direct access to the resources found tied to the IP (or domain).
Manipulating the URL
By manipulating parts of the URL, a hacker can gain access to web pages found on servers that they wouldn’t normally have access to. Most users will visit a website and then use the links provided by the website. This will get them to where they need to go without much problem, but it creates their own perimeters.
When a hacker wants to test the site for vulnerabilities, he’ll start by manually modifying the parameters to try different values. If the web designer hasn’t anticipated this behavior, a hacker could potentially obtain access to a typically-protected part of the website. This trial and error method, where a hacker tests directories and file extensions randomly to find important information can be automated, allowing hackers to get through whole websites in seconds.
With this method they can try searching for directories that make it possible to control the site, scripts that reveal information about the site, or for hidden files.
Directory traversal attacks, also known as path traversal attacks, are also popular. This is where the hacker will modify the tree structure path in a URL to force a server to access unauthorized parts of the website. On vulnerable servers, hackers will be able to move through directories simply.
What You Can Do?
Securing your server against URL attacks is important. You need to ensure that all of your software is updated with the latest threat definitions, and keeping a detailed configuration will keep users in their lanes, even those who know all the tricks.
The IT experts at Coleman Technologies can help you keep your business’ IT infrastructure from working against you. Call us today at (604) 513-9428 for more information about how to maintain your organization’s network security.
Some of the best cybersecurity methods are practices developed over the past few years. This is because social engineering, specifically phishing, has become a major problem. There are billions of phishing emails sent each year, and some of those are so convincing that even people who have had some basic cybersecurity training fall victim to them. To fight this, security firms have started to look to tomorrow’s technologies to help them mitigate risk today.
Artificial Intelligence - The Future of Cybersecurity
One of the most effective ways of combating this rise in hacking is to use the most dynamic technology you have access to and make a tool that will help you mitigate the massive risks. One way is to reduce the effectiveness of these hacks. In this case the technology is artificial intelligence.
When we talk about artificial intelligence, we are talking about having a machine that learns as it is continually exposed to threats. This will work to solve common issues at first, but as these systems advance, and are exposed to user behaviors, they will be able to replace access management systems. Since the AI will be constantly monitoring systems, as well as user behaviors, workplace roles, and common actions, it will be able to recognize a person without, the need for password-protected accounts and creating ubiquitously secure endpoints. If the system recognized any deviations, an additional form of authentication such as biometrics would grant or deny access.
Cost will initially be a factor for businesses, especially small and medium-sized businesses, but as large companies begin to truly trust these platforms, they will have viable endpoint-protection systems for small businesses.
Cybercrime Accelerates with 5G
5G and beyond will bring a lot of changes to the user experience, of course, but it will also make huge changes to cybersecurity. Before long, the AI systems that are being developed to thwart today’s cyberthreats will become essential systems for the sustainability of mobile computing. Just think about how much cyberthreats have multiplied over the past decade after the jump from 3G to 4G. The jump to 5G isn’t going to any less dramatic.
It will be crucial for cybersecurity professionals to be able to leverage systems that are both ubiquitously available to search through large streams of data while also being capable of learning on the fly in order to ascertain what data is potentially malicious and what data is less so.
Luckily there are still years before these types of systems will be needed. Unfortunately, there are enough threats out there to be a major problem going forward. The IT professionals at Coleman Technologies can help you protect your hardware and data. Give us a call at (604) 513-9428 today!