When it comes to valuable data, hackers will go out of their way to try and steal it, placing businesses in dangerous situations. In particular, healthcare data is attractive to hackers, and considering how lucrative the prospect of healthcare data is, companies need to take extra precautions to protect it. But what is it about healthcare data that makes it so attractive, anyway? Let’s dig into the consequences of potential attacks on healthcare data.
Coleman Technologies Blog
Even the solutions designed to keep businesses and organizations safe are vulnerable to the threat of a cyberattack, as when it all boils down, these tools are still software solutions, no matter how secure they might be. The company in question today—Barracuda—is a huge name in the cybersecurity industry, and it has become the victim of a zero-day exploit. Let’s go over how you can prevent your business from experiencing the same thing.
Your business’ computing infrastructure is a pretty resilient system. It has all types of tools added on to keep malicious code, bad actors, and even sabotage from ruining the good thing you have. This reliability has led to hackers changing the way that they go about their business. Nowadays, most of the attacks that affect businesses are phishing attacks. In today’s blog we will go through the elements of a phishing attack and how you can protect your business from them.
Did you know that tomorrow is World Password Day, 2023? As the result of a campaign to spread awareness of the importance of sufficiently secure passwords, it has become an annual reminder of how critical sufficient passwords are to proper cybersecurity…despite passwords not being sufficient protection on their own. In light of tomorrow’s observance, let’s take some time to review why passwords are important to get right, and what else you need to have in place.
This past January, the Federal Bureau of Investigation issued an announcement that they had targeted and taken down the servers for a Dark Web organization responsible for the Hive ransomware group. While there is certainly cause for celebration here, one major statistic is enough reason to continue being concerned.
Has your business been targeted by hackers? Do you even know? Let’s face it, small businesses don’t typically worry all that much about cybersecurity. To many small business owners, they might see it as a luxury for their perceived risk. Unfortunately, the reality of the situation is that hackers and scammers are targeting small businesses more regularly than they have in the past and without some kind of dedicated cybersecurity strategy, there could be a good chance that your business could run into some problems because of it.
While security researchers do their best to find security vulnerabilities in software and systems before they are actively exploited by attackers, they can’t be successful all the time. There are too many threats and too many variables to consider, and zero-day exploits are often discovered well after they are actively being exploited by threats. How can you keep zero-day exploits from impacting your business?
It’s the holiday season, and you know what that means: lots of gift-giving and online shopping. Regardless of what you and your family celebrate this holiday season, you should be prepared to handle the influx of phishing attacks which always surface around this time every year, including both the usual methods and the more sophisticated ones.
For millions of people, the rubber ducky is a benign reminder of childhood. Depending on when you were a child, the rendition of Sesame Street’s Ernie singing “Rubber Duckie, you’re the one,” is ingrained in your mind every time you hear the term. Unfortunately, the Rubber Ducky we are going to tell you about today has only fond recollection for people who are looking to breach networks they aren’t authorized to access or deliver malware payloads that are designed to cause havoc.
It probably isn’t a question you’ve put much thought to, but tell me: who do you think feels the greatest impact from card skimming schemes, where a payment card’s data is captured so a cybercriminal can make use of the card’s associated account? While it isn’t a good situation for anyone, some are impacted more than others.
WhatsApp is one of the world’s most popular messaging applications. With over 2 billion users, WhatsApp is known for its relative security, as it is one of the few messaging applications that offers end-to-end encryption. A modified version of WhatsApp, called YoWhatsApp, has been reportedly deploying malware.
How often do you get emails from individuals claiming to be working with a business who wants to do business with yours or sell you a product, completely unsolicited and even perhaps a bit suspicious? These types of messages can often land small businesses in hot water, as it only takes one phishing email landing in the wrong inbox at the wrong time to put your business in jeopardy.
How Do These Threats Work?
These attacks work similarly to how a phishing attack or a spoofed email would, as a user is promised one thing but winds up receiving something very different. While a malicious application may perform the task it claims to, it also may redirect the user to a phishing website or ad (making the cybercriminal some money) or simply steal some of the user’s information, like their birthday or email address.
To begin, let’s examine the data that we currently have available, courtesy of Statista: in 2019, there were a total of 1,473 data breaches recorded. The first half of 2020 saw 540 breaches reported. Crunching the numbers, these 33 percent fewer breaches have impacted what other sources assert to be 66 percent fewer people.
We aren’t alone in believing so, either. A recent study examined twenty such AI-integrating cybercrimes to see where the biggest threats would lie.
Here, we’re looking at the results of this study to see what predictions can be made about the next 15 years where AI-enhanced crime is concerned. Here’s a sneak preview: Deepfakes (fake videos of celebrities and political figures) will be very believable, which is very bad.
The Advantage COVID-19 Gives Hackers
To put it bluntly, diversion. With so much attention rightly given to COVID-19 right now, there are many who are remaining in their homes as much as possible to try and prevent the pathogen from propagating. This approach makes the Internet even more important to so many people. Not only are many businesses operating remotely, many rely on support services and other online functions for their in-house processes. Otherwise, people who cannot work remotely are seeking ways to pass the time, turning to social media and other online services for that.
Providence Health Plan - 122,000 members of the Providence Health Plan had personal information leaked when an unauthorized party accessed the company’s servers. Information that was stolen included plan member names, addresses, email addresses, dates of birth, Social Security numbers, member ID numbers, and subscriber numbers.
Facebook - Facebook had an unprotected server with over 419 million records accessed. Users had their Facebook’s user ID and phone number exposed. In some cases, user’s names, genders, and locations were also leaked.
Dealer Leader, LLC. - 198 million prospective car buyers were left exposed by an unprotected server. The information that was left out there included names, email addresses, phone numbers, addresses, and IPs.
DoorDash - The popular food delivery app had 4.9 million customers’ information breached by a third-party. The information left exposed included the names, delivery addresses, phone numbers, hashed passwords, order history, and the last four numbers of each’s credit card number. In the same hack, over 100,000 delivery drivers had their driver's license information leaked.
Zynga - The mobile game maker, Zynga, the developer of popular mobile games such as Farmville and Words with Friends has announced that 218 million players had their data exposed after their network was breached by a hacker. The company had player names, email addresses, login IDs, phone numbers, Facebook IDs and more left exposed.
Methodist Hospitals of Indiana - The Methodist Hospitals of Indiana fell victim to an email phishing scam and it allowed hackers to steal 68,000 records that included names, addresses, dates of birth, Social Security numbers, driver’s licenses, and more.
Autoclerk - Autoclerk, a hotel property management software developer had an open database infiltrated exposing data that included names, dates of birth, home addresses, phone numbers, dates of travel, travel costs, room numbers, and some masked credit card details of hundreds of thousands of guests.
Kalispell Regional Healthcare - Over 130,000 Social Security numbers, addresses, medical record numbers, dates of birth, medical histories and treatment information, and names of treating physicians were exposed by hackers.
Adobe - Data was exposed that included email addresses, usernames, location, Adobe product licenses, account creation dates, and payment statuses. 7.5 million users were affected.
Network Solutions - The world’s oldest domain name provider has been exposed in a hack. Millions of individuals’ data that included names, addresses, phone numbers, email addresses, and service information was compromised.
Texas Health Resources - The Texas-based health care provider reported a data breach where 82,000 patient records were exposed. Included in the breach were names, addresses, email information, health information, and more.
Disney Plus - The brand-spanking-new Disney+ streaming service had new user account information hijacked by hackers. Login credentials wound up on the Dark Web soon after.
Magic the Gathering - The popular online strategy game has reported that an unsecured website database has exposed 452,000 player records that include names, usernames, and more.
State of Louisiana - The State of Louisiana has been a victim of a ransomware attack that took down many state agencies’ servers. Although no data is said to be lost, the state’s crucial computing infrastructure was down for several days as systems were restored from backup.
Macy’s - Macy’s had their ecommerce site hacked. Hackers embedded malicious code into their checkout page and put a skimming code on the company’s Wallet page. The malware retrieved names, addresses, phone numbers, email addresses, payment card numbers, card security codes, and card expiration dates.
T-Mobile - T-Mobile had over a million customers’ information accessed by a hacker. Information accessed included names, billing addresses, phone numbers, rates, and calling features.
Unknown - An unsecured server containing over 622 million email addresses and 50 million phone numbers, and millions of pieces of other information was discovered. It is unknown what organization this data is tied to as the time of writing.
With hundreds of millions of records being exposed each month, it’s hard to feel confident about giving your personal or financial information to anyone in the current threat landscape. If your business needs help trying to be secure, call us today at (604) 513-9428.
Before we get into the manipulation of the URL, let’s define its parts.
The first part of the URL is called the protocol, which tells the computing network which language is being used to communicate on said network. Most of the time, the URL will use the protocol “HTTP”. The HyperText Transfer Protocol makes it possible to exchange web pages. Other protocols that are used include File Transfer Protocol, News, and Mailto.
The second part of the URL is the ID and password, which makes it possible to access secure servers on the network. This part is typically removed because the password will be visible and transfer unencrypted over the computer network.
The third part of the URL is the server name. It allows users to access information stored on specific servers whether through a domain or the IP address associated with the server.
The fourth part of the URL is the port number. This number is associated with a service and tells the server what type of resources are being requested. The default port is port 80, which can be left off the URL as long as the information that is being requested is associated with port 80.
Finally, the fifth, and last, part of the URL is the path. The path gives direct access to the resources found tied to the IP (or domain).
Manipulating the URL
By manipulating parts of the URL, a hacker can gain access to web pages found on servers that they wouldn’t normally have access to. Most users will visit a website and then use the links provided by the website. This will get them to where they need to go without much problem, but it creates their own perimeters.
When a hacker wants to test the site for vulnerabilities, he’ll start by manually modifying the parameters to try different values. If the web designer hasn’t anticipated this behavior, a hacker could potentially obtain access to a typically-protected part of the website. This trial and error method, where a hacker tests directories and file extensions randomly to find important information can be automated, allowing hackers to get through whole websites in seconds.
With this method they can try searching for directories that make it possible to control the site, scripts that reveal information about the site, or for hidden files.
Directory traversal attacks, also known as path traversal attacks, are also popular. This is where the hacker will modify the tree structure path in a URL to force a server to access unauthorized parts of the website. On vulnerable servers, hackers will be able to move through directories simply.
What You Can Do?
Securing your server against URL attacks is important. You need to ensure that all of your software is updated with the latest threat definitions, and keeping a detailed configuration will keep users in their lanes, even those who know all the tricks.
The IT experts at Coleman Technologies can help you keep your business’ IT infrastructure from working against you. Call us today at (604) 513-9428 for more information about how to maintain your organization’s network security.
On May 8, 2019, almost a year to the day after the first transaction was made, an Amazon spokesperson claimed that the company had completed investigating the compromised accounts, and had been the victim of an “extensive” fraud. The extent of the fraud was large enough where two banking companies, Barclays and Prepay Technologies (who is a partial subsidiary of Mastercard) are caught up in the crime.
Ultimately, Amazon neglected to disclose the true scope of the hack, but a report by Bloomberg indicated that over one billion dollars were dispersed to merchants in 2018 via Amazon Capital Services U.K. While there is currently no figure provided by the company, if large portions of that money was subverted, it could rank as one of the largest hacks in the history of online commerce, and certainly the biggest fraud that has involved Amazon.
Amazon, which has a business model built to be largely automated, has done a remarkable job of keeping personally identifiable information from being hacked over the years, but in today’s threat-persistent culture, even the most secure companies can have situations happen to them that jeopardize their ability to complete financial and information transactions, regardless of how much they invest in cybersecurity.
Just because this article mentions a major fraud involving the world’s largest online retailer in no way means that hackers have moved on from trying to hack small businesses. Small businesses face the majority of hacking attacks, mainly because they have the least amount of security to thwart. In fact, if Amazon can fall victim to phishing attacks, it’s not a stretch to believe that your company is susceptible. With millions of phishing messages sent every day, many of which target small businesses, having a strategy to educate your staff is extremely important.
The best way to go about doing that is to be proactive. Getting your staff to understand that they are on the front lines of a never-ending cyberwar and what they need to learn in order to keep themselves, and your organization free from the serious risks that come from falling victim of phishing attacks. Some things you can prioritize:
- Annual education and training - Have a comprehensive plan in place to educate new and current staff that is updated and required annually.
- Having strong passwords - Since phishing is a form of social engineering, the hackers on the other end of the phishing attack are simply looking for access. Having strong passwords will keep them out much longer than weak ones.
- Avoid shadow IT - Make it clear that all software has to pass through IT first, before it is downloaded onto a workstation. It may seem inefficient at first, but the company will be better off vetting a software solution before it gains access to your organization’s network.
- Provide cloud storage - When people are constantly on the move and have a lot of responsibilities, they will often upload their work into their personal cloud-based file storage. This can be risky behavior, even if the employee’s motives are solid. Keep your company’s data hosted on its own infrastructure.
With these four tips you can go a long way toward protecting your business, and your staff, from the detrimental characteristics of a phishing attack.
If you need help with your organization’s cybersecurity, or if you simply want some help outlining a strategy to use, contact the IT professionals at Coleman Technologies today at (604) 513-9428.
How Blockchain Has Been Shown to Be Vulnerable
Let’s face it… blockchain technology is a human invention, which means that there are going to be some flaws.
Admittedly, the concept behind the blockchain makes this hard to believe: every transaction made through the blockchain, financial or data-based, is given a permanent, designated “block” in the chain. Before the transaction is completed, the rest of the network needs to approve this new block’s validity. The block is then added to the chain, where it cannot be altered and provides an unchangeable record of the transaction - to undo it, a new block would be created. It is only then that the transaction is completed.
While this method may seem foolproof, even “unhackable”, this just isn’t the case. In March of 2014, cybercriminals managed to steal $450,000,000 worth of Bitcoin through a transaction mutability vulnerability, and in June of 2016, cybercriminals managed to steal approximately $60,000,000 by leveraging a recursive calling vulnerability.
Additional Blockchain Vulnerabilities
Again, as a human creation, there are going to be some flaws in blockchain platforms. One investigation revealed that some blockchain and cryptocurrency platforms had over 40 vulnerabilities.
Many of blockchain’s vulnerabilities have more to do with the nature of the platform as well. One such vulnerability is known as a 51% vulnerability, and is associated with mining cryptocurrencies. Let’s assume you are a cryptocurrency miner. If you manage to accumulate hashing power that exceeds more than half of what the blockchain contains, you could leverage a 51% attack to manipulate the blockchain to your own advantage.
Naturally, more popular blockchains, like Bitcoin, are far too expensive to be practical targets, but smaller coins are much more affordable to attack and can be lucrative for hackers. In 2018, 51% attacks were leveraged against less popular cryptocurrencies, netting the attackers approximately $20 million.
Security of Private Keys
Using a blockchain requires a user to have a private key. Naturally, if this key were to be stolen, those cybercriminals who stole it would be able to access and tamper with that user’s blockchain. What’s worse, because the blockchain is decentralized, these kinds of actions are difficult to track and even harder to undo.
As you might imagine, most breaches involving a blockchain are in some way tied to an end user. In 2017, a fraudulent cryptocurrency wallet service was left up for months as the cybercriminal responsible allowed people to funnel their cryptocurrencies into it before stealing $4,000,000 - out of a reported total of $2 billion being stolen since 2017 began. In January 2018, it was disclosed that hackers stole private keys with malware, taking over $500,000,000 in NEM coins (a now-effectively-worthless cryptocurrency established by a nonprofit).
If hackers are able to steal from a purportedly “unhackable” technology, what’s to stop them from stealing from your business?
Cybersecurity solutions from Coleman Technologies, that’s what. We can set up the security solutions your business needs to protect its data, and monitor your systems to detect breaches preemptively, preventing a security issue from happening. To learn more about what we can do, reach out to us at (604) 513-9428.