Your business’ computing infrastructure is a pretty resilient system. It has all types of tools added on to keep malicious code, bad actors, and even sabotage from ruining the good thing you have. This reliability has led to hackers changing the way that they go about their business. Nowadays, most of the attacks that affect businesses are phishing attacks. In today’s blog we will go through the elements of a phishing attack and how you can protect your business from them.
Coleman Technologies Blog
The Internet of Things is everywhere and that means that it’s important to understand how much of a potential security risk these devices can be. From smart speakers to smartphones, it's important that you understand how these devices can create problematic situations. In this week’s blog we will discuss how you can protect yourself against IoT vulnerabilities at home.
The Less Intrusive Your Cybersecurity Plan Is, the More Effective It Will Be
Threats are everywhere in business today. You can quite literally be sitting at your desk actively working in your email and be exposed to multiple scams. With this revelation, it is essential that every organization takes the steps necessary to secure themselves against the immense amount of threats that could put their network and infrastructure at risk, and do so without making it difficult on their staff. Let’s dig into what that takes in this month’s newsletter.
Security is extremely important for every single organization that uses IT. Like any other part of a business where practices and demands change frequently, there is bound to be significant innovation involved with the strategies built to protect users and the business as a whole. Let’s look at why it is important to continuously innovate your organization’s cybersecurity policies and procedures.
You know the old phrase, “A chain is no stronger than its weakest link?”
It’s a pretty good idiom, but when it comes to cybersecurity, I think the idea is worth revisiting. It’s not that you aren’t as strong as your weakest link, or in terms of cybersecurity, it’s not that you aren’t as secure as your most vulnerable endpoint…
You are less secure the more users you have.
Small businesses have a lot to worry about in terms of technology, but one of the things that often gets overlooked is network security. Some small businesses feel that they are too small to be considered a viable target for hackers, but they are wrong; all businesses have data valuable for hackers in some form.
What’s the Line Between a Security Breach, and a Data Breach?
When security breaches and data breaches are mentioned in the same breath so often, it’s easy to look at them as one and the same. However, we want to take a moment to explain the differentiating factors between the two, as it could be all the most important for protecting your business in the future.
The effectiveness of your business’ IT security is largely contingent on how your IT operates. As a result, it is extremely important to ensure that your staff understands the role they play in protecting your business’ assets. This month, we discuss what you should prioritize when putting together a security training platform; an essential part of any business’ attempts to keep their IT secure.
Do you know those horror stories you catch every so often where a huge business has their network hacked and millions of their customers and employees have their personal and financial information leaked onto the Dark Web? Your organization isn't likely as big as theirs, but regardless of how much money, people, and diverse revenue streams an organization has, having its network breached and its customers’, or its employees’, information strewn about over the Dark Web is not an ideal scenario.
Data Backup and Recovery
Data backup is a critical process that every business that depends on their IT needs to have. If data is the lifeblood of your business, then you need to protect it. Your business most assuredly has data that, if lost, would put you back. Why risk it when a solution for this problem is a simple fix? You need data backup.
In August 2020, a Russian businessman was indicted on charges of conspiracy to intentionally cause damage to a protected computer after he attempted to recruit a current Tesla employee to install malicious software on the automaker’s Gigafactory network.
How a Company Acquires Your Data
For a company to get your data, all they really have to do is ask you for it. Think about what happens each time you make a purchase online, or even create an account—you’re handing over your contact information, and usually pairing it to one of your financial resources.
Obviously, you’re subconsciously entrusting them with this information, assuming that they will keep it sufficiently protected and secure.
Imagine trying to access your computer (or your network as a whole), only to find yourself locked out and presented with a demand for payment in exchange for your files to be decrypted. This is precisely the scenario that ransomware puts its victims into, usually with a deadline to pay up under threat of the destruction of the encrypted files. If you’ve heard about Cryptolocker, WannaCry, or Petya, they are what we are referring to.
In 2019, a business was infected with ransomware once every 15 seconds, racking up a total of $11.5 million in total losses. Spam and phishing attacks were responsible for infecting 66 percent of affected companies, and in 2017, almost half of companies surveyed were affected by ransomware.
Denial of Service
Denial of Service (DoS) attacks, and their more-popular offshoot, Distributed Denial of Service attacks are the most common form of cyberattack. Using automation, an attacker has resources batter a target with the aim of taking it down. The rise in Internet of Things-enabled devices now allows an attacker to take over these devices and turn them against a single webpage. Naturally, this takes the website down.
The biggest DDoS attack on record happened on March 5, 2018, but was fortunately unsuccessful in taking down the targeted ISP… despite clocking in at 1.7 TB/s. On average, one of these attacks costs somewhere between $20K-to-$40K each hour, or in other terms, just under the average American worker’s annual salary. In the UK, businesses lost £1 billion to cybercrime in 2019.
A Man-in-the-Middle attack compromises any communications between a business and their contact. Any and all data can be interfered with, allowing cybercriminals to have their way with personal data, business correspondence, or financial data that is transmitted. It can be intercepted, altered, or redirected, potentially causing more problems than can be counted. The worst part: because Man-in-the-Middle attacks are relatively easy to carry out, they are rising in popularity on a daily basis. They are most commonly used to extract information, whether personal or professional, that otherwise wouldn’t be available. This includes things like login credentials, banking information, or payment card data.
Okay, that wasn’t the worst part. The worst part is that the majority of servers are still vulnerable. As in, 2016 saw 95 percent of HTTPS servers still at risk.
Believe it or not, phishing attacks are ranked as the biggest threat to businesses out there today. Phishing is a kind of social engineering where an attacker will reach out to the victim through some format, from email to instant messaging and beyond, in order to gain access to a secure system by fooling their victim into erroneously trusting them. While phishing emails have been around the block a few times, today’s attacks have grown to be quite sophisticated.
Many statistics surrounding phishing emails demonstrate how effective this relatively simple attack has proved to be. Phishing is involved in 93 percent of all social engineering attacks, and was directly responsible for 70 percent of government network breaches. In the last 12 months, 64 percent of organizations had first-hand experience with phishing, notably, 82 percent of manufacturers. The aforementioned ransomware relies on phishing for 21 percent of its delivery. As recently as 2016, 30 percent of phishing messages were opened.
Abbreviating a structure query language injection, an SQL injection attack does what it says on the box - it injects malicious code into a target’s SQL servers and feeds the database information back to the attackers. While this is another “golden oldie” of an attack, web-based applications that call for database access have given new life to SQL injection attacks and allowed attackers to extract very valuable info.
It should then come as no surprise that 65 percent of all web application attacks are performed through SQL injections. So, if your organization draws information from a database for an application, you could easily be victimized to a significant degree. Even gamers need to be concerned, as 12 billion out of 55 billion detected SQL attacks that Akamai security experts found were leveled at the gaming community.
If only these other attacks meant that attackers didn’t have time to try anything else, but unfortunately, that isn’t the case. Malware attacks still rank among both the worst, and most common, attacks against businesses. Of course, there are many types to consider, including:
- Trojan horses - Malicious code will be concealed within other files and applications and allow an attacker a point of access to a computing system or network.
- Worms - Malicious and self-replicating applications that travel along and infect networks and individual devices.
- Viruses - Samples of malicious code that infect applications for a variety of motives, including sabotage and theft of data and other resources.
- Spyware - Code that, while it seems harmless, piggybacks to software and gathers information about how a device or network is used.
There are many ways for malware to be introduced into a system. Again, phishing messages can be responsible, but many attackers will use something called “droppers.” Droppers are specialized programs that will install a virus after bypassing cybersecurity solutions. Since there is nothing inherently malicious about the dropper, protections usually don’t flag them.
Fortunately, there are ways to protect your business’ resources, network, and infrastructure from the millions of different versions of these attacks - and you need them, as your business is actively targeted by these attacks. To learn more about putting these protections into place, reach out to the professionals at Coleman Technologies by calling (604) 513-9428.
The past few years have seen some of history’s greatest data breaches. For instance, the most notorious of these attacks, the Equifax breach, Yahoo, and Marriott-Starwood, resulted in a combined total of 3.5 billion accounts breached.
This means, statistically speaking, you would have a pretty good chance of picking a data breach victim of the past few years by randomly selecting two human beings from the entirety of planet Earth’s population.
Crunching the numbers, there has been an increase of security breaches of 67 percent since 2014.
What Does this Mean? Is Anything Secure Anymore?
Interestingly, there is a plus side to these enormous data breaches happening in the public eye, thanks to a few key points:
- It brings attention to these kinds of crimes - Thanks to disasters like the Equifax breach, more Canadians are aware of the impact of cybercrime. This kind of awareness is crucial to encouraging improved security.
- There is too much data for cybercriminals to practically use. This one can be chalked up to statistics… the more data that a given cache has, the less of a chance that your data is pulled up in an attack.
To clarify, we aren’t trying to sugarcoat the severity of a data breach, but having said that, the past few years’ cybersecurity threats have really given us all an example to consider. With new compliances, regulations, and other mandates being put into play, businesses are certainly considering these threats.
What About Small Businesses?
There is a tendency to overlook small businesses when discussing data breaches. After all, the ones that have struck large targets (like Yahoo, Target, eBay, Sony, and many others) almost always get a headline, along with the attacks that focus on municipalities, like the ones that targeted Wasaga Beach, Ontario and Midland, Ontario with ransomware.
What aren’t heard about so much, unfortunately, are the attacks that lead to much smaller companies shutting their doors for good… a side effect of the limited number of victims per attack, and the relatively casual approach that many have towards security. Unfortunately, a Verizon survey shows just how misguided the assumption that a smaller business size will protect it from threats, when 43 percent of businesses breached would be classified as small.
Security Needs to Be a Priority
Fortunately, there are ways that you can reinforce your business’ cybersecurity, especially with the help of Coleman Technologies and our experienced cybersecurity professionals. Call (604) 513-9428 to get in touch with us, so we can help evaluate and fulfill your business’ needs.
One crucial component of any successful cybersecurity practices is the active effort to eliminate risk wherever possible. Here, we’ve compiled five practices that will contribute to your business’ capability to recognize where its threats come from. While these aren’t exactly policies to help protect your data, they can help you collect the data you need to form these policies.
1. Inventory All of Your Assets
When you resolve to protect everything, as many business owners do, it helps to know what exactly “everything” includes. Maintaining a comprehensive inventory of all of your technology-- each wire, additional peripheral, and software title your business has acquired--makes managing your technology far simpler and more efficient.
2. Push Cybersecurity Best Practices
Your staff, being the ones with their hands on your business technology, need to be trained on how to maintain its security. As it happens, this training should transcend just security and cover their cyber hygiene as well. The more they know about how to better secure their use of your technology and identify threats and issues, the more secure your business will be.
3. Address Shadow IT Head-On
Shadow IT is an insidious problem that many don’t even consider an issue. The phrase “shadow IT” basically serves as a blanket term for any software that an end user has downloaded without the knowledge and approval of the IT administrator. While there are many potential issues with shadow IT, the worst of them likely comes from the vulnerabilities that unapproved and unpatched software can bring into the network. By enforcing a policy of utilizing only the solutions that IT has vetted and approved, you can protect your business from one of the least expected threats there is: the employee who was just trying to do their job.
4. Ensure the Proper Tools are Implemented
Cybersecurity, on paper, isn’t such a difficult process. The issues come from the fact that everyone involved needs to understand the threats facing them and why the practices and tools they are expected to utilize are so crucial to security. Unfortunately, if the reasoning behind using antivirus and anti-malware, firewalls, spam blocking and content filtering (among other security tools) is never addressed, their use is more likely to be taken for granted, and ultimately neglected. Not only should these tools be in place, there needs to be an organizational commitment to using them… otherwise, threats are more likely to be an issue.
5. Keep IT Refreshed
As a general rule, the older your technology gets, the less effective it is at serving its intended purpose. This can be resolved by making a point of systematically and strategically patching, updating, and upgrading the technology you rely on to operate. More up-to-date solutions have better security and can better keep your assets safe, threats less of a consideration (but still one to be consideration).
Coleman Technologies can help you put these practices in place for the betterment of your business and its security. Reach out to our team for improved cybersecurity by calling (604) 513-9428 today.
Before we get into the manipulation of the URL, let’s define its parts.
The first part of the URL is called the protocol, which tells the computing network which language is being used to communicate on said network. Most of the time, the URL will use the protocol “HTTP”. The HyperText Transfer Protocol makes it possible to exchange web pages. Other protocols that are used include File Transfer Protocol, News, and Mailto.
The second part of the URL is the ID and password, which makes it possible to access secure servers on the network. This part is typically removed because the password will be visible and transfer unencrypted over the computer network.
The third part of the URL is the server name. It allows users to access information stored on specific servers whether through a domain or the IP address associated with the server.
The fourth part of the URL is the port number. This number is associated with a service and tells the server what type of resources are being requested. The default port is port 80, which can be left off the URL as long as the information that is being requested is associated with port 80.
Finally, the fifth, and last, part of the URL is the path. The path gives direct access to the resources found tied to the IP (or domain).
Manipulating the URL
By manipulating parts of the URL, a hacker can gain access to web pages found on servers that they wouldn’t normally have access to. Most users will visit a website and then use the links provided by the website. This will get them to where they need to go without much problem, but it creates their own perimeters.
When a hacker wants to test the site for vulnerabilities, he’ll start by manually modifying the parameters to try different values. If the web designer hasn’t anticipated this behavior, a hacker could potentially obtain access to a typically-protected part of the website. This trial and error method, where a hacker tests directories and file extensions randomly to find important information can be automated, allowing hackers to get through whole websites in seconds.
With this method they can try searching for directories that make it possible to control the site, scripts that reveal information about the site, or for hidden files.
Directory traversal attacks, also known as path traversal attacks, are also popular. This is where the hacker will modify the tree structure path in a URL to force a server to access unauthorized parts of the website. On vulnerable servers, hackers will be able to move through directories simply.
What You Can Do?
Securing your server against URL attacks is important. You need to ensure that all of your software is updated with the latest threat definitions, and keeping a detailed configuration will keep users in their lanes, even those who know all the tricks.
The IT experts at Coleman Technologies can help you keep your business’ IT infrastructure from working against you. Call us today at (604) 513-9428 for more information about how to maintain your organization’s network security.
How is Artificial Intelligence Changing the Face of Cybersecurity?
Some of the best cybersecurity methods are practices developed over the past few years. This is because social engineering, specifically phishing, has become a major problem. There are billions of phishing emails sent each year, and some of those are so convincing that even people who have had some basic cybersecurity training fall victim to them. To fight this, security firms have started to look to tomorrow’s technologies to help them mitigate risk today.
Artificial Intelligence - The Future of Cybersecurity
One of the most effective ways of combating this rise in hacking is to use the most dynamic technology you have access to and make a tool that will help you mitigate the massive risks. One way is to reduce the effectiveness of these hacks. In this case the technology is artificial intelligence.
When we talk about artificial intelligence, we are talking about having a machine that learns as it is continually exposed to threats. This will work to solve common issues at first, but as these systems advance, and are exposed to user behaviors, they will be able to replace access management systems. Since the AI will be constantly monitoring systems, as well as user behaviors, workplace roles, and common actions, it will be able to recognize a person without, the need for password-protected accounts and creating ubiquitously secure endpoints. If the system recognized any deviations, an additional form of authentication such as biometrics would grant or deny access.
Cost will initially be a factor for businesses, especially small and medium-sized businesses, but as large companies begin to truly trust these platforms, they will have viable endpoint-protection systems for small businesses.
Cybercrime Accelerates with 5G
5G and beyond will bring a lot of changes to the user experience, of course, but it will also make huge changes to cybersecurity. Before long, the AI systems that are being developed to thwart today’s cyberthreats will become essential systems for the sustainability of mobile computing. Just think about how much cyberthreats have multiplied over the past decade after the jump from 3G to 4G. The jump to 5G isn’t going to any less dramatic.
It will be crucial for cybersecurity professionals to be able to leverage systems that are both ubiquitously available to search through large streams of data while also being capable of learning on the fly in order to ascertain what data is potentially malicious and what data is less so.
Luckily there are still years before these types of systems will be needed. Unfortunately, there are enough threats out there to be a major problem going forward. The IT professionals at Coleman Technologies can help you protect your hardware and data. Give us a call at (604) 513-9428 today!
Microsoft Releases Rare Bug Fix Off of Regular Patch Schedule
The two vulnerabilities were patched off of Microsoft’s typical “patch Tuesday” due to the urgency. Most Microsoft patches are released on the second Tuesday of the month. The fact that these two were released ahead of time might seem like an insignificant occurrence, but the reality is this event is a major red flag.
Internet Explorer Zero-Day
The most significant patch was for a zero-day vulnerability that was found in Internet Explorer. It may be hard to believe, but people are indeed still using this antique browser to surf the web. The term zero-day suggests that the vulnerability that was discovered, had already been exploited by ill-minded cybercriminals.
While not much information has been released on the event, Microsoft did call it a remote code execution exploit that, if accessed, could have given a user control of another user’s account. The attack requires phishing someone who is exploring the internet on Internet Explorer, and luring them onto a malicious website. Once there, an attacker would be able to gain access over the victim.
Internet Explorer is such a forgotten browser that the event did not spark a lot of controversy. This is largely due to the fact that Internet Explorer makes up just two percent of the active market share. However, for the relatively small amount of users that continue to surf, an event like this is still a huge disaster.
Microsoft Defender DOS Bug
The second patch that Microsoft expedited was a denial of service vulnerability in Microsoft Defender. The antivirus program comes standard in all Windows 10 PCs, and truly is the core of Windows 10’s sterling security record.
The bug that was discovered wasn’t necessarily obvious, or easily exploitable. In order to do so, the attacker would need the ability to read, understand, and write code. Doing so would allow them to disable Windows Defender components, giving the attacker access. This would give them free rein to do whatever malicious act they chose to deploy.
Patches aren’t optional. If you are worried about your business’ vulnerability, speak to one of our experts at Coleman Technologies. We have the know-how to keep your software up to date. Give us a call at (604) 513-9428 today!
Leverage Authentication Measures
One of the first steps to securing your network against threats is to create strong authentication procedures. Most of the devices with permission to access your network will already have an authentication system in place, based on a password. If the passwords used are strong enough, this can actually mitigate most threats - but you still have to worry about the ones that this doesn’t discourage. Leveraging something called multi-factor, or two-factor, authentication can help minimize the chance of something slipping past your security.
Two-factor authentication works in a relatively straightforward way. As with most login systems, a username and password are entered - but instead of being granted access, the user is asked for another credential. This is usually a randomly-generated code that a specialized authentication app will generate. Mobile devices are popular to use with 2FA, as their convenient nature makes them more likely to be available when needed. In order for a user to leverage their mobile device, the 2FA system administrator has to authorize it.
Tip: Make sure that you don’t let your password best practices slip, even if leveraging 2FA. Your passwords still need to be sufficiently complex. If you are one of those who find remembering different passwords difficult, consider using a password management system in conjunction with your 2FA.
Protecting Your Business’ Computing Environment
Whether you use a Local Area Network or a Wide Area Network, the security practices that you need to deploy are fairly predictable. Once you’ve seen to your authentication needs, you need to combine three approaches to security into one all-encompassing strategy: your software-based security, your physical security measures, and your security awareness and best practice training.
There are many examples of how software can help keep your business’ network secure. From firewalls to content filtering to antivirus to spam detection, each of these tools protect your business data from a different kind of threat. You may even want to consider adding encryption to your email solution to make it a lot less likely that the contents of your messages will be intercepted.
Tip: If you aren’t sure which solutions are the right ones to implement, think about how your data moves about your business. The more insight you have into how your data operates, the more effectively you will be able to plan its protections.
Physical Security Measures
Somewhat ironically, we seem to have become so focused on our digital security that it can sometimes seem like we forget that there are very real reasons to protect our physical locations and infrastructure, as well. Consider the damage a bitter ex-employee could do in moments, should they manage to get into your server room. It has become fashionable to leverage biometric authorization measures to protect your server room - and there’s a lot to be said about a good, old-fashioned surveillance system, complete with alarms and cameras (as well as some updates to make this system considerably less old-fashioned).
Tip: Bring in a consulting professional to help you determine your physical security needs. Not only does this save you time by eliminating work you would otherwise have to do for yourself, it ensures that your system will be designed by an experienced professional that knows what will work best in different situations.
Security Awareness and Best Practice Training
Would you be surprised to hear that your employees are likely your biggest vulnerability? Of all of the pieces that make up your network security, the people who use your technology are the leading cause of security issues. With the number of ways that your business could be attacked, your staff needs to be educated on how to identify them and avoid them.
Tip: Both businesses and individuals have experienced difficulties with phishing and it adversely affecting them, so it makes sense to begin your training there. Not only is it a common issue, it is conceptually very simple to grasp, so it is a good starting point before moving on to increasingly complex concerns. The more your staff knows about how they can resist attacks, the more likely they’ll be able to do so if the needs arises.
Remote Solutions Via the Cloud
Modern organizations need to contend with potential threats to their network infrastructures, as businesses always have in some form. The difference is that issues can now come in on the mobile devices owned by their staff, and company resources can be routinely accessed from outside the business’ area network.
This has helped contribute greatly to the growth of cloud computing technologies - although the relative cost savings don’t hurt either. Using the cloud, your staff can access their work data and applications from a remote location, while the resources stored in the cloud are kept secure by the platform’s baked-in security and privacy.
Mobile devices have also been a disruptor to business-as-usual, which means that businesses need to plan on leveraging them if they don’t want them becoming a distraction. Designing a Bring Your Own Device policy and enforcing it through mobile device management solutions is an effective and secure way of reaching a compromise and minimizing the time wasted by mobile devices in the workplace.
Tip: Remember that cloud services are inherently scalable, so you don’t need to worry about overreaching your capabilities. However, you also don’t want to waste capital that doesn’t need to be spent. Auditing your resources is an effective way to identify and eliminate redundant costs leeching from your budget.
Network security can be complicated, but it is an absolutely crucial element to your technology strategy if you want to have any success. Coleman Technologies can help take care of the technical side of things for you, and help teach better habits to your staff. To learn more, keep reading our tips, and reach out to us at (604) 513-9428.
#1: Communication and Collaboration Solutions
Let’s face facts… you’re going to have to be able to work with your remote workers in order to accomplish what needs to be done, so you need to make sure you have a solution that maintains open lines of communication between you and your staff. All of the solutions that a business should use to enable communications while in-house should also be leveraged by a remote workforce, including email, chat platforms, video conferencing, and Voice over Internet Protocol.
On top of that, your line of business apps and the everyday software your staff needs should be available to remote workers. A prime example of a necessary solution for your remote employees is a file sharing platform that allows your team to work side-by-side on documents and data… whether or not they’re actually side-by-side.
#2: Project Management Tools
Time management is one of the biggest challenges inherent in remote work, so giving your staff direction through project management software can help your remote workers stay on task, while keeping the team as a whole apprised of progress towards a shared goal. In this way, project management solutions can help your team more efficiently reach their objectives - while keeping all members more accountable for what they need to accomplish.
This can be a considerable benefit, especially if an employee is going from a structured office environment to the more laissez-faire arrangement that remote work provides. Looming deadlines, combined with a fluid schedule, have been known to increase work-related stress. A reliable project management solution can return some of the structure to a remote worker’s day, giving them the purpose, they need to accomplish their goals.
Any of the benefits of remote work are rendered moot if this remote work leads to a breach or some other security incident. This means that your remote workforce needs to be equipped with the same cybersecurity measures that you should have protecting your business’ on-premise infrastructure.
As a result, you will want to be sure that you’re having your remote workers utilize multi-factor authentication measures, and that their solutions are equipped with fully up-to-date security software. In order to connect back to your business’ network resource, they should also be leveraging virtual private networks to fully ensure your business’ data remains secure while in transit.
In many ways, a password management system would also be classified as a cybersecurity need - especially where remote workers (and thereby, remote access) are involved.
#4: Time-Tracking Software
Finally, you need to make sure that your remote employees are spending their time effectively, as well as that you are properly reimbursing them for their time. There are many tools to help track how time is being spent while in the office, and these tools work equally as well for remote workers.
Whether you need to track how long a task took for billing and invoicing purposes, you’re trying to optimize your workflows, or you are simply ensuring that your team is being efficient and productive, understanding how time is spent during the workday is crucial. Implementing time-tracking software for remote workers can simplify payroll, allowing you to focus on other pressing business matters.
Coleman Technologies can help you out, by introducing the solutions that will make your remote working strategy far simpler. To learn more about what we can accomplish for you, reach out to us at (604) 513-9428.