It took a perfect storm of cleverly written software, one weak link and a holiday weekend in the United States to launch the world’s largest ransomware hack to date. As this was written, some 1,500 businesses were being held up for a total of $70 million.
Continue readingDid We Learn Anything from Colonial Pipeline?
Today, the gasoline shortages caused by the ransomware hack of Colonial Pipeline are in our rearview mirror. Hopefully, the memories are not forgotten. There are things we can all do to make it harder to access and hold our data for ransom . . .
Continue readingHealthcare and Ransomware
As many of you know, our family has spent a lot of time in hospitals over the past 30 days. Thankfully, we’re all healthy – and the doctors have been great. But looking at their technological support systems as a patient, parent and IT specialist, I could use an electronic sedative.
Judging from what I see in news reports, hospitals seem to be prime targets for ransomware. That’s a lot of sensitive data to hold hostage, and I have a greater appreciation of the consequences now than a month ago. Every hospital room I was in had a computer. Every member of the medical staff who examined Charlie or me had to login to enter all the data used to update our charts. Every medication we were given was logged into the system. The process created an information lifeline that was critical for every step in our treatments.
The data the hospitals used to treat us was entered before we were admitted. The doctors who examined us previously entered notes into our electronic charts. The results of COVID tests were entered. Everything, it seemed, had to be verified at every stage of our care. It was comforting to know that every caregiver had access to the latest information on a screen, where it could be clearly displayed without the need to decipher somebody else’s handwriting.
But what happens when the technology breaks down? What would have happened if just before surgery, a hacker had invaded Charlie’s chart or mine and held the records hostage as the anesthesiologist was about to administer drugs? What if one of us had a bad reaction to anesthesia during surgery? That’s not the best time for us to begin hostage negotiations, and even in the willingness to pay ransom, it’s not the same as going online to pay your credit card bill.
I’d feel a lot better about healthcare if the hospital systems put the same resources into information technology as they do into their healthcare technology. I saw truly amazing systems to treat us, but the news reports tell another story. IT systems, even in large systems in large metropolitan areas, are antiquated and don’t get regular updates for security patches and bug fixes. If I were prescribing a remedy, it would be to update those systems immediately.
And as large hospital systems acquire smaller, financially strapped hospitals, it’s even more important to take that update medicine. With telemedicine becoming more common, there’s more interaction with a variety of technology systems and networks, so I would demand the hospitals build electronic fortresses.
The same goes for physicians’ offices, regardless of whether they are part of a hospital system or in some other network. As patients, we regularly use the medical systems’ portals – websites – to access records, refill prescriptions and use other essential information. What if the doctor’s system goes down? What if someone is having a life-and-death emergency during a hostage negotiation because the doctor’s IT system was hacked?
To borrow an old phrase: Physician’s office, update thyself.
At the same time, we need to keep our systems secure. The hospital and office systems we deal with are likely to have done everything right. But if we leave a door open in our own system, it could be the opening a hacker needs to get into a healthcare system and hold critical data hostage.
We can help you make sure you keep up your end of the deal. Call us – 973-433-6676 – or email us to arrange for a security audit of your system. For hospitals and doctors’ offices, we’re always happy to provide a second opinion.
Websites and the Need to Know
Why do some companies and organizations, especially non-profits, feel the need to post the names of their entire staffs on their websites? The question came up in a recent conversation with an IT colleague.
Smaller companies and non-profits seem to get hack-attacked more often, and they tend to list everyone in the company or organization on their websites – along with their contact information. If that organization is running “lean and mean,” it could have a lot of people wearing many hats and juggling unrelated tasks. That can create a vulnerability when an outsider can distract a busy worker who has access to sensitive information.
Here’s a possible scenario that illustrates the problem.
When you list the contact info for the bookkeeper, you may be listing it for an employee who has access to all the organization’s financial data but has no need for public contact. A hacker doesn’t need to be especially skillful to use the bookkeeper’s email address to launch a phishing attack in a variety of ways. The most obvious, of course, would be to spoof a bank. But it could also be a spoof email from someone connected with the organization who is looking for something, such as wanting to know if a check was deposited.
If the bookkeeper responds to the bogus bank link or the spoofed email, it could open the door to getting more financial information or sensitive data – not only from your organization but from every person or organization you deal with.
Why take the risk? If you limit names and contact information to those whose duties involve some aspect of public contact, you can limit your exposure. If someone really needs to contact your bookkeeper, for example, they can call a general phone number for the organization where a gatekeeper can determine if it’s a legitimate call or can “take a message” so the bookkeeper or another employee can return the call. If the contact is made by email, it can go to a general mailbox, where a gatekeeper can read it and distribute it appropriately.
If you limit contact info in a small company or non-profit to the C-Suite, you can limit your exposure to hacking, ransomware and other vulnerabilities. If people outside your organization need to contact specific individuals, that information can be provided privately.
We can help. Call us – 973-433-6676 – or email us to help you set up appropriate email addresses and work with your web designer to make your website more secure.
What Are Your Biggest Online Threats in 2020?
Cyberthreats will be coming at you – and any person or organization with whom you have an online relationship – with increasing speed and sophistication. For some, it might feel like you’re living inside an online fantasy game, but it’s real life. Here’s what to look for.
Phishing and Social Engineering
There’s nothing new about phishing, where cybercriminals try to obtain sensitive information, like passwords or financial information, usually by using links in emails to install malware to breach your system. Non-profits have been major targets because they don’t have alert systems built into network infrastructures, but any business, governmental organization or individual can be hit. We’ve discussed the need to be highly aware of what you’re clicking and to exercise extreme caution. As an individual user, you have control.
At businesses, it’s a bigger chore to combat phishing. Attacks enable hackers to steal user logins, credit card credentials and other types of personal financial information, as well as gain access to private databases.
Going hand-in-hand with phishing is social engineering, which can cover a multitude of attacks such as disinformation and deep fakes spread by social media. We see this as one of the biggest threats you face this year.
Social media makes it easier to spread disinformation faster than anyone can send out the facts to repudiate fakery or misrepresentation. Deep fakes relate to fake images and videos being created by deep learning techniques. We’ve seen them in the political arena and can expect more them to be leveraged as a tool to attempt to discredit candidates and push inaccurate political messages to voters via social media. We’ll also see them in ransomware, showing targets realistic videos of themselves in compromising situations. We’ll also see more spoofing in business email with deep fakes used to add a further degree of realism to the request to transfer money.
Ransomware
Ransomware attacks cost billions of dollars every year, as hackers literally kidnap an individual or organization’s databases and hold all of the information for ransom. The rise of cryptocurrencies such as Bitcoin spurred ransomware attacks by allowing ransom demands to be paid anonymously. As companies build stronger defenses against ransomware, some experts believe hackers will increasingly target other potentially profitable ransomware victims such as high-net-worth individuals.
Third-Party Vulnerabilities (IoT, Cloud, Supply Chain)
This is a tough threat to ward off because you have some control over your vulnerabilities but not all of them. With the Internet of Things (IoT), you have control. Make sure that you change every default username and password for every device you connect to your network and have a strong network password and firewall. I have little sympathy for people whose systems are hacked because they didn’t take the proper setup steps to prevent invasion.
The cloud is as safe as you can get, especially with large, reputable service providers. They have the resources to deploy the most advanced security measures and multiple services to protect your data. Our advice here is to use a top-rated cloud service provider and make sure you have protected your network, just you would to maintain IoT security.
The supply chain is tough. With so many companies using the internet to fulfill product orders, manage vendors and customers and provide financial services, each one of them can rely on hundreds of vendors. You rely on all of them to keep your data safe, and that can make any one of them the weakest link in your security. Your best defense is to take every security precaution you can, such as keeping your software and hardware up to date, using common sense on what you click, and letting others know when you have concerns about their security.
Internal Attacks
We have only begun to see the impact insiders can have on organizations as well as national and global security. While the news focuses on dangerous insiders exfiltrating data to foreign governments and terrorist organizations, you need to focus on your business – and your business partners. In all likelihood, your biggest threats will be data theft for monetary purposes – similar to effects of ransomware – or some disruption of your business by a disgruntled or careless employee.
5G’s Unprecedented Data-Theft Speeds
5G cellular technology promises unprecedented speed to make it possible to have more effective infrastructure, autonomous vehicles, faster emergency response and greatly improved telemedicine. It will be almost entirely software-driven; you’ll need hardware capable of handling it. Because it will be software-driven, it will be susceptible to hacks. You’ll need to follow safe internet practices and hope that everyone else does, too. There’s not much you can do technologically in the grand scheme of things, but you can and should demand that large organizations and governments take steps to protect 5G networks.
We can help you make sure you have the knowledge and systems in place to protect your systems from cyberthreats. Contact us by phone – 973-433-6676 – or email to discuss your needs.
Defeating the Biggest Business
Cybercrime is the world’s biggest business, and there are no signs it’s shrinking. While you can take a number of steps to protect yourself, here’s what you need to do if you suspect you’ve been hacked: ACT FAST.
The reason fast action is vital is because it takes practically no time at all for criminally minded hackers to get into your system once they find an unlocked door – or find a “cyberlock” they can pick. With a little more time, they can use your information to exploit larger systems to which you may have a connection, such as a large merchant or a bank. Your complacency works to their advantage.
After lying relatively low for a few months, malware and ransomware have once again reared their ugly heads. Google recently removed more than a dozen malware-infected apps from its Google Play store. Variations of the Crypto Locker and Crypto Wall viruses, which plagued the IT world in 2014 and 2015, are coming back in email attachments and fake update notices for Java and Adobe Flash.
If you see something really unusual or strange on your screen, you should call your IT specialist immediately. An IT professional should be able to fix the problem right away. We see a lot of the problems on a regular basis, and we know where to look to make the fix. If you can’t get your IT professional right away, take a picture of the screen with your smartphone and send as text or email. You can also take a screen shot and paste it into a blank Word document that you can save and send to your IT professional. On a Windows-based computer, press the FN key (it usually has blue lettering) and the PrntScrn key (also lettered in blue). Then paste it (Ctrl-V) into the Word document.
As soon as you do that, you can shut the computer off – without saving anything.
To further protect yourself and your data, you need to look before you click. DO NOT:
- Open email attachments from sources you don’t recognize
- Open email attachments that look suspicious or odd even if they appear to be from a source you know
- Click on a link you cannot verify for authenticity
We’ve talked a lot about hacking, and here are some figures to cause concern. Some 82,000 new pieces of malware are released every day, and 600,000 Facebook accounts are hacked daily. On top of that, hackers are finding more ways to load ransomware on your computer, essentially holding your data hostage until you pay them money.
If a hacker manages to defraud you of money in your bank account, you get no FDIC protection. That is one reason why we recommend you stop using a debit card – remember, the money comes directly out of your bank account – and just get a plain-old, single-purpose ATM.
You can also sign up to get alerts from your bank or credit card company anytime a transaction is made on your account. That way, you’ll know immediately if somebody made an unauthorized purchase with your credit card or debit card or made an unauthorized withdrawal from your bank account.
Another concern you should cover is the data on your hard drive if you lose your computer or if it’s stolen. With all the personal data that most people keep on their computers, a computer thief can easily get into your data and find all the account numbers, user names and passwords you have stored. Encrypting your data could make it extremely difficult – if not impossible – to get at your data. At the very least, it can give you enough time to contact banks, credit card companies and stores where you have accounts to shut down activity.
The possibility of losing your computer, having it stolen or getting hacked is also a good reason to make sure your data files are all backed up offsite – and it’s a good reason, too, to rely on the cloud instead of your hard drive for the bulk of your storage needs. Also make sure you have fully licensed application software. With securely backed-up data files and licensed app files, we can clean out ransomware and malware problems and restore your data and apps – and get your security up to date.
We can help you maintain the security and integrity of your information. Contact us by phone – 973-433-6676 – or email to talk about your business or home system, how you use your computer and the best available anti-virus, malware and backup programs for your needs. We can also make sure you’ve set up all defenses properly.