Cybersecurity Scorecard

Cybersecurity has dominated our conversation for the past year, and a report from SonicWall, which provides security tools worldwide for networks to email and everything in between, shows where we’re making progress and where new threats lie.

First, the good news. In data gathered in the past year from the SonicWall Global Response Intelligent Defense (GRID) Network, the good guys and the bad guys made advances. The most notable of the advances the company found were:

  • The number of new POS (point of sale – mostly credit and debit cards) malware variants decreased by 88 percent since 2015
  • SSL and TLS encrypted traffic increased 34 percent year-over-year
  • Major exploit kits Angler, Nuclear and Neutrino disappeared
  • Unique malware attack attempts dropped to 7.87 billion from 8.19 billion in 2015

On the other hand:

  • Ransomware attacks grew 167x from 2014 to 2016 to an astounding 638 million attacks during the year
  • SSL/TLS encrypted malware was exploited 72 percent more often in 2016 than in 2015
  • Internet of Things (IoT) devices were compromised to launch record-setting DDoS attacks
  • Despite significant efforts by Google to patch vulnerabilities, Android continued to be exploited by cyber criminals

SonicWall notes that the technology to solve many of the new challenges cyber criminals threw at victims in 2016 already exists.  SSL/TLS traffic can be inspected for encrypted malware by NGFWs (next-generation firewalls), which are hardware- or software-based network security systems that detect and block sophisticated attacks by enforcing security policies at various levels. For any type of new advanced threat like ransomware, it’s important to understand that all network-based solutions should block network traffic until a safe verdict is reached before passing that traffic through to the intended recipient.

In 2017, there are two areas that SonicWall joins us in telling you to be particularly on-guard: ransomware and the Internet of Things (IoT).

Companies in the United Kingdom were 3x more likely to suffer ransomware attacks than in the United States, but don’t breathe easy. The US experienced the highest number of ransomware attacks in 2016 because of large volume of business.  While we as individuals and small businesses depend on companies like SonicWall to provide the tools to detect and stop ransomware, we need to follow strict security procedures – all of which should be well-known to us by now:

  • Install updates for all of your software for operating systems and apps. They contain the security patches and bug fixes that shore up the breaches in your systems.
  • Be extremely careful about the emails you open and the links you click.
  • Back up your data continuously to a system that is either not always online or that uses authentication. This will help ensure that you don’t accidentally revert to an encrypted back up if you’re hit.

The IoT has been massively compromised because of poorly designed security systems by device manufacturers. To protect yourself, SonicWall reminds you to make sure your devices are behind next-generation firewalls that scan for IoT-specific malware and that you segregate IoT devices on a separate zone to make sure they don’t affect the rest of your network if they’re compromised. To that, we add that you immediately change user names and passwords – and that you make those passwords strong. Some 70 percent of IoT breaches worldwide are in the US.

More protection was made available for Android mobile phones and devices, but they still remain vulnerable to overlay attacks. SonicWall recommends that companies using Android devices keep the option to “install applications from unknown sources” unchecked and both options to “verify applications” checked. They also recommend you avoid rooting and that you install anti-virus and other mobile security apps – and that you enable “remote wipe” in case your device is stolen or compromised with ransomware.

If you’re interested in a deeper dive and more technical explanations, we invite you to read SonicWall’s whitepaper on cybersecurity.

We can help you with a cybersecurity audit for your office or home and for all mobile devices. Call us – 973-433-6676 – or email us for an appointment.

Smarten Up! The Spoof is On

I was at a client’s office when the email – to her as president of a service organization – arrived, asking for a wire transfer of money. Other members of the organization got the same message, and some actually sent money. A scammer had spoofed a name or email address that was recognizable. This is becoming a growing problem. Is technology making us stupid?

The answer is “no,” but it is making us careless because it gives us the ability to do too many things too easily with too little forethought. That, in turn, leads to doing stupid things – and that’s what spoofers and other Internet-based thieves are counting on now and will continue to do so.

Email seems to open the doors to your computer and your data more conveniently than anything else. The biggest breach opportunities come when you click on something or follow through on instructions because you didn’t take the time to look carefully at an email and when you send sensitive information in an unencrypted email.

Spoofing is the most effective way to get you to open an email and link yourself to trouble. It’s remarkably easy to recreate a company’s logo and attach a fake email address to it. When many people see what they think is a legitimate logo, they just click to open. If nothing jumps out as a red flag, they’ll continue to a bogus website, and BINGO, it’s too late.

People are particularly susceptible to spoofs at this time of the year. Online merchandise sales continue to grow at holiday time, and merchants or shipping companies often send tracking info so you’ll know when your packages should arrive. If you take a little time to look at the message, you’ll probably see that the domain attached to the shipper or merchant bears no resemblance at all to the company. You might also note that the message itself is generic – and it likely has misspelled words or syntax that just doesn’t fit how we converse in the United States.

If you want to verify the tracking on a package, you can go onto the merchant’s or shipper’s website and enter a tracking number you received when your order was confirmed. If you don’t have that number, there is often a way to get the information.

Similarly, as we move from the holiday season to the tax season, be especially careful of financial-related information. There’s a reason why your financial advisor doesn’t let you leave trade information on voicemail or email. They don’t want your financial data left out in the open, and you should feel the same way. When financial advisors and institutions – and even healthcare providers – have messages for you, they generally tell you to access them on their secure websites – and require you to sign in.

DO NOT click a link on an email you think was sent to you by anyone who wants financial, health or other sensitive personal data. If you know the website, open a new browser window and go to the website by typing in the website address. Even if the domain name in an email looks correct, something like “[email protected]” can really link to “you’vebeenscammed.com.”

And, of course, never, never send user names, passwords, credit card info, bank accounts, Social Security numbers (even the last four digits) or other personal information in an email. Unless you and the other party have activated a mutually agreed-upon encryption process, the data is wide open. Email messages can go through multiple communications systems, and it’s impossible to know when a data thief is waiting to pick off any number of random messages at any point. They can pick off thousands in the blink of an eye and then take their own sweet time pulling out key info and wreaking havoc.

It all goes back to convenience vs. security, with a dose of distraction thrown in for good measure. We’ve had clients accidentally open a door to their computers, and the invaders took their info and denied the owners access to their systems. Fixing it on the computer end generally requires a visit from us, and then there’s the nerve-wracking hassle of working with other companies to close your breaches. When you have to go through all of that, it’s more than just an inconvenience.

We’re not telling you anything you don’t know. We are telling you to take a deep breath and a closer look at your email and the links inside them. We’re also telling you not to send sensitive information in emails. If you think you may have had a breach in your security, we can help you patch up your computer system. We can also help you set up an email encryption system. Call us – 973-433-6676 – or email us with your questions or to have us help resolve an issue.

Following the Money Conversations

Money is the only reason somebody steals information. Some 70 percent of the emails that lead to information theft are related to either financial institutions, businesses or something that mentions money in the subject line. Another 20 percent are related to espionage, and 5 percent are related to employee grudges. In most cases, curiosity kills your security.

Phishing expeditions are still one of the most effective ways for hackers to get into a computer system, and that’s because people have insatiable curiosity, especially when it comes to money. We’ve told you time and time again to be very careful about the links you click on from within an email. It is so easy for a hacker to mimic the logo of any bank or financial institution and to create an email address that can be close enough to looking real that you won’t notice it’s a fake in your haste to check out a great offer or respond to a dire warning.

So, as we’ve mentioned ad nausea, your curiosity could open the door to a Trojan horse virus that will enable someone to get into your computer. And once they do that, they can insert themselves into your financial conversations. To whom are you talking about money? Is it your financial advisor? Is it an attorney or a CPA? Is it your bank, credit card company or several merchants? They can identify every single one of them just by looking at your email. After all, you keep thousands of them in your Outlook application or on a website – which they can easily find once they get into your computer.

How will they put your email conversations to work for them? Well, let’s see. There’s your financial advisor, who’s been talking to you about your 401(k). Hmm. That’s good. Bet you have the password for that account stored on your computer. That makes it easy.

But wait, what if you “forgot” your password. The hacker can go to the website with your 401(k) and use your email address to reset the password. If that security is lax – say, for example, there’s no two-factor authentication – the hacker can have your email address routed to his, and now he’s in your account and can clean it out.

Of course, that could be just part of his haul. He knows who your financial advisor is, and maybe their system isn’t 100 percent locked down. You can imagine the fallout.

What if you’re involved in a large business transaction, such as buying a business or even a house? Your attorney may be dealing with a financial institution or two – even through another attorney. Again, a hacker can insert himself in a conversation with any party connected to the money, spoofing your email address or that of anyone involved. And once the hacker is into that next system, it opens more doors.

Just to add to your “watch list” when checking your email, also be wary of somebody sending you updated files that you are not expecting. We have a client who clicked on a PDF and wound up with an infected computer. Fortunately, it caused a major inconvenience more than anything else. Because all of the client’s files were backed up offsite, we had to wipe the computer clean and then find the infected files to delete from the backup. We were able to fully restore everything after that, but it took 18 hours.

So, let’s recap the steps you need to take:

  • Look before you click. Do I get this kind of email message from this sender on a regular basis? Is this an offer that’s too good to be true? Is there anything that looks just the least bit out of the ordinary – even if it’s from a sender I know and trust? Remember, you can always access the sender’s website from your Internet browser instead of the email, or you can pick up the telephone and call a company or a person.
  • If something looks odd even before you open the email, just delete it. I am amazed at how many people just let something suspicious just sit there.
  • Don’t conduct financial business or visit passworded sites while on a public Wi-Fi network. Non-secured networks can be viewed by anyone from anywhere.
  • Be very careful with flash drives. Someone can use one to invade your computer. If you are running a good anti-virus or anti-malware program, it should intercept any external device and give you the option to scan it.
  • Keep your anti-virus and anti-malware software up to date. And make sure they’re both running.

Finally, if you suspect your computer has been infected with a virus, call us immediately at 973-433-6676. We can assess your system and begin the process of restoring its health. If you have any questions about online security, call us or email us. We all have too much at stake.

Two More Tips to Protect Your Money

  1. When you travel by air, don’t just throw your boarding pass in the first trash bin you find in the terminal. The barcode on the pass has a wealth of information, including your frequent flyer account information – and any other personal information in that database – and your itinerary, which can let somebody know how far away from home you are and how long you will be away. If you can’t shred it, tear it into pieces that also separate the barcode and throw them into different trash bins.
  2. Check all of your financial accounts frequently, especially with business bank accounts. When you have a lot of money coming in and going out electronically, that means a lot bank treasury departments are accessing your account. If you monitor the accounts regularly, you have a much better chance of catching fraudulent activity.

Seniors and Scammers

People 60 years and older seem to be victimized more than any other group by scammers, whether they operate online or over the phone. While it’s always easy to let your guard down at any age, older people seem inclined to be more trusting when they get a phone call.

The rules for seniors apply to people of all ages. It starts with being an active listener and observer for three alarms.

The first alarm is visual as well as audible. Voice Over Internet Protocol (VOIP) telephone systems are totally Internet based, and that allows any system owner to program a caller ID to appear as any phone number. It can be your local area code or an area code from anywhere in the US or the rest of the world. Scammers match a phone number to a name in a database, so it can even display a name that looks very normal with an unrelated phone number that looks normal. Sometimes, you’ll just see a string of random numbers. Be careful, and if something doesn’t sound right, disconnect the call. None of those phone numbers can be traced.

We live in a diverse society, so don’t take this second alarm the wrong way, but listen for an accent. A lot of scammers call from other countries because they can avoid a lot of laws in the US. If you hear an accent and something doesn’t sound right, don’t give the caller access to your computer or any other information and disconnect the call.

A third alarm is any caller who claims to be from Microsoft, some other large technology company or the IRS. Microsoft and the IRS, for example, will NEVER call you on the telephone to tell you there’s a problem with your computer or a tax return. Microsoft does all of its updates online through Microsoft update, and the IRS sends you a letter – by snail mail.

When it comes to the telephone, screen your calls. If the caller doesn’t leave a message, it’s just as well you didn’t talk them. If you get a call from someone who is NOT your IT consultant and who says he’s discovered a problem on your computer, hang up.

Also be careful of pop-up messages while you are surfing the web. Scammers can break through weak security measures on some websites or a hole in your security and insert a pop-up message. When you click a link on that message, they’ll make the screen look like your computer is infected. Then, they can offer you a repair or a service subscription while they gain access to your computer – allowing them to infect your computer or hold your data hostage.

Cybercrime is a fast-moving target. If you suspect something wrong, it might be best to shut down your computer and call us at 973-433-6676. We can discuss the best plan of action, which could a remote check of your system or an on-site visit. For non-emergencies, you can email us, too.

Defeating the Biggest Business

Cybercrime is the world’s biggest business, and there are no signs it’s shrinking. While you can take a number of steps to protect yourself, here’s what you need to do if you suspect you’ve been hacked: ACT FAST.

The reason fast action is vital is because it takes practically no time at all for criminally minded hackers to get into your system once they find an unlocked door – or find a “cyberlock” they can pick. With a little more time, they can use your information to exploit larger systems to which you may have a connection, such as a large merchant or a bank. Your complacency works to their advantage.

After lying relatively low for a few months, malware and ransomware have once again reared their ugly heads. Google recently removed more than a dozen malware-infected apps from its Google Play store. Variations of the Crypto Locker and Crypto Wall viruses, which plagued the IT world in 2014 and 2015, are coming back in email attachments and fake update notices for Java and Adobe Flash.

If you see something really unusual or strange on your screen, you should call your IT specialist immediately. An IT professional should be able to fix the problem right away. We see a lot of the problems on a regular basis, and we know where to look to make the fix. If you can’t get your IT professional right away, take a picture of the screen with your smartphone and send as text or email. You can also take a screen shot and paste it into a blank Word document that you can save and send to your IT professional. On a Windows-based computer, press the FN key (it usually has blue lettering) and the PrntScrn key (also lettered in blue). Then paste it (Ctrl-V) into the Word document.

As soon as you do that, you can shut the computer off – without saving anything.

To further protect yourself and your data, you need to look before you click. DO NOT:

  • Open email attachments from sources you don’t recognize
  • Open email attachments that look suspicious or odd even if they appear to be from a source you know
  • Click on a link you cannot verify for authenticity

We’ve talked a lot about hacking, and here are some figures to cause concern. Some 82,000 new pieces of malware are released every day, and 600,000 Facebook accounts are hacked daily. On top of that, hackers are finding more ways to load ransomware on your computer, essentially holding your data hostage until you pay them money.

If a hacker manages to defraud you of money in your bank account, you get no FDIC protection. That is one reason why we recommend you stop using a debit card – remember, the money comes directly out of your bank account – and just get a plain-old, single-purpose ATM.

You can also sign up to get alerts from your bank or credit card company anytime a transaction is made on your account. That way, you’ll know immediately if somebody made an unauthorized purchase with your credit card or debit card or made an unauthorized withdrawal from your bank account.

Another concern you should cover is the data on your hard drive if you lose your computer or if it’s stolen. With all the personal data that most people keep on their computers, a computer thief can easily get into your data and find all the account numbers, user names and passwords you have stored. Encrypting your data could make it extremely difficult – if not impossible – to get at your data. At the very least, it can give you enough time to contact banks, credit card companies and stores where you have accounts to shut down activity.

The possibility of losing your computer, having it stolen or getting hacked is also a good reason to make sure your data files are all backed up offsite – and it’s a good reason, too, to rely on the cloud instead of your hard drive for the bulk of your storage needs. Also make sure you have fully licensed application software. With securely backed-up data files and licensed app files, we can clean out ransomware and malware problems and restore your data and apps – and get your security up to date.

We can help you maintain the security and integrity of your information. Contact us by phone – 973-433-6676 – or email to talk about your business or home system, how you use your computer and the best available anti-virus, malware and backup programs for your needs. We can also make sure you’ve set up all defenses properly.