The Ill Winds of Solar Winds

Look for a continuing fallout from the breach of Solar Winds, the giant technology management company that was responsible for the high-level federal government systems that were hacked last year. The hack is top of mind because some of our most sensitive systems were hacked, but businesses were affected, too. It’s time to look at the world of big data management.

The lesson we all need to learn from the hack of Solar Winds is that nothing is truly, truly safe. We don’t know where government agencies and private industry systems were breached – and how badly they were breached – and when it comes to the government systems, we’ll probably never know. But I don’t think we’re going out on a limb by saying that 1.) Solar Winds will need to work extra hard to regain the confidence of customers (and their customers, too) and that if 2.) they don’t succeed in repairing their systems and reputation, they’ll join a lot of other companies on technology’s garbage heap. From our various industry contacts, we had heard customers wanted to leave Solar Winds for reasons other than security.

The big data management companies should be subject to much more scrutiny by government oversight and by their customers. Strict government oversight similar to what we do to monitor CIA activity is necessary because of the extremely critical and sensitive nature of government work. Industry regulation is required to set standards for performance and accountability.

How much oversight and regulation are needed is a political question. What is not political is the need to keep our systems secure and, where possible, insist on transparency in letting us know when things go wrong. Dependency is critical because every system is so intertwined. It’s easy to see it if you look at it like a wheel. In the case of Soar Winds, look at them as the hub, and then look at every organization in their customer list as spokes connecting the hub to the rim. The rim is everyone who does business with any one of the spokes.

Solar Winds and its customers are not the first victims of sophisticated hacking, and unfortunately, they won’t be the last. Google has experienced problems, including an email issue last month, and Microsoft has had its share of issues. Look at what our nation went through with security for our elections.

As individuals we can demand that big data management companies take greater care, but we also need to own our security and asset protection. A lot of it is technology-based. We’ve implored everyone over the years to keep all operating systems, networks and application software up to date – to make sure you download and install updates, security patches and bug fixes. We’ve implored everyone to have all data securely backed up and to have a plan to get your assets – like money in your bank account – when you need them.

Beyond that, be critical of information requested when you fill out forms. Why does somebody need your social security number? Even for a job application, does your prospective employer need that information before they’re ready to do a background check or pay you? Don’t be afraid to question a request or demand a satisfactory answer. For companies where you have critical relationships, like your bank, maintain personal contacts. Know that you can pick up a phone and actually talk to a real human being when you’re concerned about your asset. We can help you with the technology part of security. Call us – 973-433-6676 – or email us for a security audit or to discuss applications and processes that can keep your computers as safe as possible when a big data manager is breached.

Hack Attack Continues vs. Businesses and People

While government-sponsored hacking and disinformation makes big news, don’t take your eye your eye off the ball when it comes to protecting your personal and corporate data. A report from a consulting firm, Positive Technologies, painted a dark, dark picture, saying the second quarter of 2018 showed a 47 percent increase over 2017. You need to remain vigilant, even when events are beyond your control. Nobody is immune.

As reported in Tech Republic, Positive Technologies said the most common methods of cyberattack are:

  • Malware (49%), with spyware or remote administration malware being the most widely used forms of infection.
  • Social engineering (25%) is the term for manipulating users into believing a message, link, or attachment is from a trusted source, and then infecting targeted systems with malware, stealing money, or accessing confidential information.
  • Hacking (21%) exploits vulnerabilities in software and hardware, causing the most damage to governments, banks, and cryptocurrency platforms.
  • Credential compromise (19%) targets password managers used for storing and keeping track of passwords.
  • Web attacks (18%) are online racketeering attempts to extort website operators for profit, sometimes by threatening to steal client databases or shut down the website.
  • DDoS (5%) tends to be the weapon of choice for business rivals, disgruntled clients, and hacktivists. Political events can drive attacks on government institutions. Criminals can use DDoS attacks to take websites offline and demand payment from the victims.

Attacks can be made in tandem, such as the common duo of using phishing emails to trick users into downloading malware.

Financial and healthcare institutions, retailers, and government databases remain prime targets, but higher education institutions and even school districts are being attacked. Wired reports that this past March, the Department of Justice indicted nine Iranian hackers in alleged attacks on 144 US universities and 176 in 21 other countries. They were also cited for attacking 47 private companies.

Hackers are homing in on the money. Positive Technologies said targeted attacks are outnumbering mass campaigns, with attacks directed at companies and their clients, as well as cryptocurrency exchanges. Data theft is driving an increasing number of attacks, with many criminals seeking personal data (30%), credentials (22%), and payment card information (15%). To steal this data, hackers are compromising online platforms, including e-commerce websites, online ticketing systems, and hotel booking sites.

The scary part for us is the report you can never be sure that criminals don’t have your credit card number from one source or another. Even a brand-new smartphone in a store can have pre-installed malware.

People and businesses can take steps to keep their data safe by installing updates for operating systems and application software and installing antivirus protection on all systems and endpoints and keeping it up to date.

Businesses can encrypt all sensitive information, perform regular backups, minimize the privileges of users and services as much as possible, and use two-factor authentication. Enforcing a password policy with strict length and complexity requirements, and requiring password changes every 90 days, can also help protect systems.

We offer security audits for businesses, and we can answer any questions individuals have about protecting themselves from cyberattacks. Call us – 973-433-6676 – or email us to set up an appointment.

Steps to Take – Mitigate Fallout from Russian Hacking Incident

If you haven’t seen or heard the news, a Russian group has hacked user names and passwords for some 1.2 Billion accounts worldwide.

We urge you to run a virus scan and malware scan as quickly as possible on all of your computers to determine if your system has been infected. This post from The New York Times, which first reported the incident, covers some basic steps you can take. We’ve discussed them before, and they are now very much worth repeating. If you want to learn more, you can read reports from PC Magazine and The New York Times.

 

As always, if you have any questions or concerns, contact us immediately by phone (973-433-6676) or email.