Axiom Admin – Page 2 – Axiom Cyber Solutions

‘Tis the Season – The Season for Phishing

Christmas is coming early for phishing scam artists. The day after Halloween, my Inbox started filling up with alerts that I had won a $50 Amazon/Walmart/Costco Gift Card, packages I didn’t order began arriving from UPS/FedEx, LinkedIn change requests, and an assortment of other fanciful clickbait just begging to be clicked on.

Phishing Email from LinkedIn. Look at the From Email Address, Look at the Link (Linked-lower-case L-n), Hovering over the link shows a completely different website address too

Many of us are smart enough not to be fooled into clicking on phishing emails but a recent survey found that those of us who know the dangers of phishing still can’t properly identify 50% of phishing emails that are sent.

Even though surrounded by cyber-security day-in and day-out, one of our employees recently fell for a phishing scam for iTunes credentials. It wasn’t until their credentials failed to log them into the “iTunes” site and someone connected to their iCloud account that it dawned on them that they had been taken by a scam. Scammers are good and the reason why we continue to get emails from Nigerian princes and Nelson Mandela’s wife is that people still fall for the scams and cyber-criminals continue to make a profit.

Hackers are gaining easy access to money, user credentials, and healthcare data through a variety of different phishing scams. And they are sending out an estimated 8 million emails a week. The City of El Paso had $3.2 million diverted through a whaling scam that sent legitimate vendor funds to the incorrect accounts. Bayside Healthcare potentially revealed the health records of 13,000 patients by having one of its employees fall for a phishing scheme.

There is one simple step that everyone can take to defend themselves against phishing attempts: Hover over links in emails to see what site you are being directed to. Or even better yet, go directly to the vendor (Amazon, FedEx, banks, etc) to see if the offer or information is legit.

Podesta Phishing — The phishing email link that got John Podesta

Clicking on links directly from emails, even if they appear to be legit, carries risk. The email that lead to the hack of John Podesta’s email came from a site that had an address that looked like it was part of the Google Domain but really was not.

Often I see emails that appear to be from banks with an odd misspelling (bankfoamerica.com or welllsfargo.com– Did you catch the problem?). Scammers have also been getting better at using proper English and grammar by hiring copywriters to make their emails more difficult to detect.

For business owners, implement a system of checks-and-balances for sending funds to vendors or distributing sensitive employee information. Encourage your employees to question unusual and urgent requests for wiring money, even it comes from the highest levels of the company because fraudsters are posing as the CEO, CFO, or HR Director to try to trick your employees.

Scammers take advantage of the whatever season it may be for soliciting for information. During tax season, they pretend to be the CEO or HR Director looking for employee W-2s. During the Christmas season, they send great sounding offers for gift cards and surprises from some of our favorite online stores to elicit information. So as the holiday shopping season is upon us, buyer beware… and buyer be wary. Scammers are out to get you and they are getting cleverer every day.

Employees: The biggest risk and defense in cyber crime

The news is full of stories about how computer networks are being infected by malware, trojans, viruses, and that nasty malware variant known as ransomware. Starting off as an innocent looking email with an attachment or link sent to someone in HR or Finance, an independent consultant, even the business owner, and ending with the encryption of the business’ networks or a data breach. The news loves to harp on the fact that the human factor is the biggest risk in cyber security but they often do not talk about how humans are also the best defenders against cyber crime.

You can’t just rely on one person in a 10-person company; everyone needs to have a good understanding of cybersecurity and what the risks are for the organization.

Patricia (Pat) Toth

Supervisory Computer Scientist, NIST

Employee education is one of the best ways to defend against malicious activity. Letting your staff know what a phishing email looks like, why they should not enable macros on files they receive by email, and just overall being smart about how they use the internet are all steps in a positive direction for businesses who take cyber security seriously. Firewalls, endpoint protection, SIEM, that’s all great but unless you also pay attention to the inside of the business, the threats and damage will continue to occur.

Four in ten organisations had experienced insider damage at least quarterly in 2015.

Information Age, 2016

Start with Employee Orientation: Incorporating data protection and cyber security best practices into new employee orientation and annual training is a great place for businesses to start hardening their inside defenses. Nearly all companies handle sensitive data, whether from employees to customers, so outlining safe data practices in the employee handbook and giving employees guidelines on how to safely handle data could be the difference between a W-2 phishing scheme that reveals sensitive data about your employees to a hacker and keeping that data secure.

Passwords: Seems like a no-brainer but organizations continue to struggle with password expiry, complexity, and even forcing their IT professionals/admins to change their passwords on a regular basis. A survey during the RSA security conference found that 55% of admins make users change their passwords more regularly than they change their administrative credentials. And believe it or not, 123456 and password still top the list as the most popular passwords still in use.

Safe Data Handling: Employees need to be aware of ways to safely handle data. Whether it’s encrypting sensitive data sent by email or shredding sensitive data on paper, employees need to be told how to handle data. Employees also need to know the process for assisting people who call for assistance. Kevin Roose from Fusion learned the hard way how easy it was to con a customer support representative into letting a hacker into his mobile phone account with the help of the recording of a crying baby and the hacker pretending to be his stressed-out wife.

See Something, Say Something: Employees should not be punished for asking for verification of requests emailed to them. Too often phishing schemes are successful as they appear to be coming from the highest levels of management and are labeled urgent. Employees should know the normal procedure for making such requests and management should put check-and-balances in place to ensure sensitive data and money do not leave the organization without some form of verification. Those in Accounting should be told that the CEO, COO, etc will not email and tell them to wire money to a vendor without a verbal confirmation (and if that is not the procedure, the business should consider it or else be at risk for failing victim to a common phishing scheme!) And HR departments need to know that they won’t receive email requests for sensitive employee information either.

No Firewall & Cheap Routers to Blame for $80 million Bangladesh Bank Heist

A typo by hackers resulted in the theft of a mere $80 million instead of $1 billion from the Bangladesh central bank back in February. But what is more worrying is the way that the hackers gained access. Investigators have discovered that the bank had no firewall and were using cheap second-hand routers that cost $10 to connect to global financial networks. The head of the bank resigned and the Finance Minister has called the bank’s approach to cyber security “very incompetent”.

The lack of sophisticated equipment also will make it more difficult for investigators to figure out exactly what happened as there will be a lack of information logging on the devices. And it also means that there would not have been network segmentation, meaning once the hackers had access, they had access to everything instead of just one part of the network. Good network security involves segmenting the network into working areas (think POS, Administration/Management, Guest Network, etc). And of course, good network security also involves the use of a firewall.

FireEye, the security firm helping investigate the theft, believes that malware with keystroke capabilities was covertly installed and in the bank systems for several days before the theft occurred. The thieves were able to gather operational data and steal codes that allowed them to process transactions but a spelling error in one of the transactions lead the theft to be discovered and stopped additional millions from going out the door to the thieves.

It is baffling that a bank that has access to billions of dollars would not invest in the most basic cyber security protections. SWIFT, the secure financial messaging service, whose service was used to transfer the funds but not directly breached, said that in response to the hack that they would be checking with banks to ensure they are implementing recommended security strategies. While SWIFT is able to recommend security practices, there is no organization with regulatory oversight to ensure that financial institutions are securing their computer networks.

While it was reported in late March that the Bangladesh central bank was considering legal action against the Federal Reserve Bank of New York, the new information that has surfaced about the lack of cyber security investment is bound to make that case a lot harder.

Modern banks need to realize that they can’t just invest all their security budgets in physical security. In today’s digitized and connected world, everyone needs to consider network security as well as physical security. Not having a firewall on a network is the physical equivalent of leaving the front door of the business open when no one is around. For a financial institution not to have basic cyber security protection in place is not only dangerous but also egregious.

And I can’t help but close with a great quote from the Head of the Bangladesh Police Forensics Training Institute.

It could be difficult to hack if there was a firewall.

Mohammad Shah Alam

Cybersecurity Lunch & Learn

Last month we hosted a Cybersecurity Lunch and Learn for Small Business Owners with some of our local partners, Orbis Solutions Inc, ViaWest, and Alpine Insurance.

There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.

John Chambers, CEO of Cisco

We have seen a dramatic increase in the number of small and medium sized businesses falling victim to ransomware, phishing, malware and a variety of other nasty cybercrimes.

71 percent of cyber-attacks occur at businesses with fewer than 100 employees.

US House Small Business Committee, 2015

Besides giving small business owners an awareness that they are a target, getting protected is not an impossible task. There are easy ways for small businesses to get the same type of cybersecurity protection that large enterprises have.

If you are a business owner or executive that wants to know how to get cybersecurity protection, join us for our next lunch & learn scheduled for May 18th. Call our offices at 800-519-5070, Ext 1000 and RSVP today. Space is limited.

Panama Papers – The World’s Largest Data Leak

On Sunday, the International Consortium of Investigative Journalists announced the world’s largest data leak to the public. Kept secret since late 2014, the data leak from the Mossack Fonseca law firm is said to be 2000 times larger than 2010 Wikileaks Cablegate release of US State Department documents. A massive 2.7 terabytes (TB) of emails, database files, and PDFs which equals almost 40 years of documents was collected from the anonymous whistle-blower. In comparison again to Wikileaks, Cablegate was a mere 1.7 gigabytes (GB) of data.

“This is pretty much every document from this firm over a 40-year period,” ICIJ director Gerard Ryle told WIRED in a phone call, arguing that at “about 2,000 times larger than the WikiLeaks state department cables,” it’s indeed the biggest leak in history.

What are the Panama Papers?

The Panama Papers allegedly contain information on 143 politicians, their family members and friends who have been creating offshore companies as tax havens. Fallout has begun with protests in Iceland calling for the resignation of the Prime Minister whose name has been linked to an offshore company in the British Virgin Islands. The Russian government has dismissed claims of wrongdoing and describe it as a “series of fibs” created to discredit Putin ahead of elections. However several countries including the US, Mexico, and Britain have vowed to investigate the possibility of tax evasion.

Why target a law firm?

Axiom has been tweeting lately about how law firms are an attractive target for hackers and that large elite law firms in the US have recently been directly targeted by hackers. And remember our blog post a few months ago about how law firms are being targeted?

Panama Papers proves just how lucrative the data breach of a law firm can be for hackers. Think about all the data that a law firm has: health, financial, intellectual property, and business trade secrets. In the wrong hands, that data would be a virtual treasure trove of information to be sold in the Dark Web.

There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.

Cisco CEO – John Chambers

Law firms cannot take the head in the sand approach to cybersecurity anymore. It’s time for law firms to start assessing their vulnerabilities and planning for a sound cybersecurity infrastructure.

How was the data leaked?

In late 2014, an anonymous whistle-blower contacted the German newspaper Suddeutsche Zeitung stating that they had “more data than you have ever seen” in relation to crimes that the person wanted to make public. At this time, it is not publicly known how the whistle-blower was able to send so much data undetected over such a period of time however Bastian Obermayer, the reporter for Suddeutsche Zeitung who was contacted by the whistle-blower, stated that he “learned a lot about making the safe transfer of big files”.

Obermayer indicated that he communicated through various encrypted channels with the whistle-blower who sent the data in chunks until the 2.7 TB were amassed. Suddeutsche Zeitung contacted the ICIJ and the ICIJ created a secure portal where journalists could research the data. Over 400 journalists kept the information a secret until Sunday when over 100 news outlets published the first articles about the data leak.

Earlier in the day, the Mossack Fonseca website told its customers that their email server suffered an unauthorized breach. The company denies any wrongdoing and has published a lengthy rebuttal to the media reports. A spokesperson has stated that the company may pursue legal action against the news agencies for using the information that was obtained illegally.

It appears that you have had unauthorized access to proprietary documents and information taken from our company and have presented and interpreted them out of context. We trust that you are fully aware that using information/documentation unlawfully obtained is a crime, and we will not hesitate to pursue all available criminal and civil remedies.

Carlos Sousa – Public Relations Director, Mossack Fonseca & Co. (Panama)

The one thing that has not been mentioned yet is the data protection liability suit that the 4^th largest offshore law firm in the world may have coming in the near future. Target settled its data breach for $100 million… this one is going to be much larger.

Doom and gloom?

While the Cisco CEO says that there are two types of companies, ones that have been hacked and ones that know they’ve been hacked; the cybersecurity future is not completely doom and gloom for businesses. There are some basic things that businesses can do to better protect themselves.

Use endpoint (anti-virus and anti-malware) software on all devices and keep it up-to-date
Protect the business with a firewall that inspects traffic both in and out of the business
Get a vulnerability and penetration assessment

Worried about cybersecurity? Axiom Cyber Solutions can help!

Let our cybersecurity experts secure your business against today’s threats and those of tomorrow. Axiom Cyber Solutions offers vulnerability and penetration assessments, managed firewall services, and cybersecurity & disaster recovery strategic planning services.

Axiom Cyber Solutions strives to make cybersecurity affordable to small businesses that may not have a large IT budget. Starting at just $199 per month, with no long term obligation, Axiom Cyber Solutions has developed a managed cybersecurity program to give small businesses the same protection as large enterprises. We provide a fully configured enterprise class next generation firewall (NGFW) that is plug & play to the business and begins to monitor, manage, and update the firewall as soon as it comes online.

Why a Managed Firewall Is Good For Small Businesses

Do you have a firewall at your business? Did you know that your firewall was obsolete the day you installed it? A startling statement to many… but unless you have an expert managing your security updates on a daily basis, your business is not protected against today’s threats. Think of your firewall like your antivirus. If you install it and just leave it running without updating the definitions, you are vulnerable to any new threats.

Cyber-criminals are constantly evolving and finding new ways to exploit vulnerabilities such as default username/password combinations, known security holes, and outdated security definitions. And when a new security hole is announced to the world, the bad guys race to exploit the vulnerability before organizations install updates and unfortunately, major vendors keep discovering and patching serious vulnerabilities.

Cisco patches six critical vulnerabilities – March 2016
Cisco Patches Serious ASA firewall vulnerability – February 2016
Cisco advised firewall users to patch critical vulnerability – January 2016
Bad actors race to exploit Juniper firewall vulnerability – December 2015

Firewall management is time-intensive and requires security expertise. Firewall patches are not easy to install and require a backup in case the patch fails. Plus most firewalls require a reboot of the devices which means the business is taken offline during the update. Given these difficulties, many businesses schedule quarterly or less updates for their firewalls which leave the business open to attack through known vulnerabilities for long periods of time.

The absence of a firewall or an improperly configured firewall is a major factor in many data breaches. A robust firewall is the imperative first line of defense against intrusions and other threats for all business network. So how does a small business without an IT department much less a cyber-security expert get protected? The answer: A Managed Firewall.

A Managed Firewall is a firewall that is monitored, managed, and kept up-to-date by cybersecurity experts.

Managed firewalls offer several benefits such as:

Reduce resource costs -The average salary for a cybersecurity expert is $80-120,000 per year
Security compliance – The business will have the protection requirements to ensure PCI DSS, FFIEC/GLBA, SOX, HIPAA, etc regulations
No licensing costs – The cost is fixed month to month so you can budget accordingly and not get hit with license renewal fees after a year
Reporting – Unless you log into your firewall, you probably don’t know what it is doing. Managed firewall services typically offer some type of threat analysis reporting

How Can We Help?

Axiom Cyber Solutions strives to make managed cybersecurity affordable to small businesses that may not have a large IT budget. Starting at just $199 per month, with no long term obligation, Axiom Cyber Solutions provides a fully configured enterprise class next generation firewall (NGFW) that is plug & play to the business and begins to monitor, manage, and update the firewall as soon as it comes online. Let our cybersecurity experts secure your business against today’s threats and those of tomorrow.

Ransomware – The Cyber Bully on the Block

While ransomware is the new buzz word in cybersecurity, would you believe it that ransomware has been in existence since the 1980’s? The first known ransomware occurred when a man named Dr. Popp sent Trojan-infected diskettes to attendees of the World Health Organization conference and demanded the payment of $189 be sent to a PO Box in Panama. Of course, Dr. Popp was caught and brought to trial…later being declared unfit to stand trial due to the cardboard box he wore to protect himself from radiation.

Ransomware became more mainstream through the years as cyber-criminals realized that it’s easy to monetize and spread ransomware by sending infected email attachments that would encrypt the victims files. But it wasn’t until Q1 of 2015 that cyber-criminals went really big more than quadrupling the amount of ransomware from the previous quarter in 2014. 2016 has been declared the Year of Ransomware by numerous security vendors and as we near the end of Q1 2016, there are no signs that cyber-criminals are going to slow down the attacks.

Now-a-days, it’s hard to read the news without seeing a story about a business, schools, or hospitals being hit with ransomware. One of the more notable recent stories is Hollywood Presbyterian Medical Center that had to pay $17,000 in ransom in February 2016 to gain access to their computer systems. But just earlier this week, another three hospitals were hit in a new string of ransomware attacks that thankfully did not disrupt the operations of those hospitals, most likely due to a good backup strategy.

But for organizations that don’t have good backups, once ransomware is activated even the FBI does not have much hope that the encryption can be cracked.

“The ransomware is that good…

To be honest, we often advise people to just pay the ransom.”

Joseph Bonavolonta

Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program, Boston office

While it has been recommended that the payment of ransomware should be illegal, that does not offer much help to businesses that are suffering downtime due to a successful attack. Even the FBI does not explicitly tell companies what they should do but rather tells them what options are available and lets the individual businesses decide what is the best way to proceed. So if a business is ransomed, what are the options?

Restore a backup of the computer or server – Perfect solution if you actively backup but statistically, only 25% of organizations/people actually do
Pay the ransom – Not ideal because it funds cyber-criminals
Start over from scratch – Go Gone with the Wind, say “Frankly My Dear…” and start rebuilding your computer/server which is time-consuming and you won’t have any historical data

But before it gets to that point of doom & gloom for the business, there are certain things that business can do to minimize the risk and/or impact of ransomware. And it’s always better to be safe, than sorry!

Tips on how to protect your business from ransomware

Educate your employees on how to deal with suspicious emails and procedures for opening email attachments
Don’t open unsolicited emails, don’t click on the links, and don’t open the attachments
Don’t enable macros on attachments received by email or downloaded
Use anti-virus & malware protection – and keep them up-to-date!
Keep your operating systems and browsers up-to-date
Use a pop-up blocker
Download only from trusted websites
Click the Window Close Button – don’t click the big, convenient close button in the pop-up window
Get Firewall Protection

How Can We Help?

If you’ve been the victim of a ransomware attack, Axiom Cyber Solutions is here to help. Call us at 1-800-519-5070 for expert advice and assistance.

Axiom Cyber Solutions is offering a Managed Firewall, Cyber-Security Protection for Small Business starting as low as $199 per month. Our firewalls contain proprietary ransomware protection to stop ransomware from activating on your network. Call us for more information. #FightBackWithAxiom

Cyber-criminals Increasingly Target Small Businesses

Small businesses historically have had the mindset that they are not a target for hackers due to their size, but never have they been so wrong.

Sarah Green, a cyber security expert and business manager for Cyber Security at Training 2000, says that one of the most dangerous phrases used by small businesses is: “It’ll never happen to us.”

“Small businesses may feel that they aren’t likely to be a target due to their size and that hackers couldn’t possibly be interested in what they do – but in reality the exact opposite is true,” Green adds.

– Source: The Guardian

Hackers are targeting small businesses on a much higher frequency than large businesses. In fact, according to the US House Committee on Small Business, 71% of cyber attacks are aimed at businesses with less than 100 employees.

Hackers know that small businesses are less inclined to invest in cyber-security so it makes them a much more attractive target. Think of it like this, as a burglar presented with two houses, would you pick the house that has the front door left open (no firewall) or the house that has an iron gate (firewall) on the front door?

In the UK, the latest Government Security Breaches Survey found that 74% of small organizations reported a security breach in 2015 and SMEs are being directly targeted by hackers.

In fact, Symantec reports that over half of spear phishing attacks are carried out against small businesses. And the ransomware trend is increasing with many small businesses suffering the consequences. Intermedia reports that 40% of ransomware attacks in 2015 targeted small businesses.

It seemed like just another ordinary day for staff at vehicle hire company MNH Platinum. Little did they know that the simple click of an email link was about to threaten their entire business.

It was early last year when the Blackburn-based firm was the victim of a virus which encrypted over 12,000 files on its company network. A ransom demand followed – the criminals would decrypt the company’s files in exchange for more than £3,000.

With the virus proving impossible to remove without the loss of crucial company data, the firm had no choice but to pay up.

“We were completely unprepared for a cyber breach simply due to a lack of awareness of the magnitude an attack of this type could have through mistakenly clicking a link in an email,” says managing director Mark Hindle. “I am thankful that we had a lucky escape, in that I was able to retrieve the documents that are crucial to the running of the business, albeit at a price.”

– Source: The Guardian

How can we help?

Axiom Cyber Solutions is offering a Managed Firewall, Cyber-Security Protection for Small Business starting as low as $199 per month.

We realize that most small businesses do not have a dedicated IT team and business owners may be handling their cyber security matters on their own. Let us take over and provide you with peace of mind. Axiom will provide your business a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your business. And don’t worry, there are no upfront costs for the device and you can cancel at any time. #FightBackWithAxiom

Holiday Cyber-Security Tips

With Cyber Monday just around the corner, it is important for consumers to be mindful of their online activity and avoid falling into the clever traps of cyber-criminals. For the most part, online shopping is safe if you stick to the well-known sites like Amazon, eBay, and other reputable online retailers. It’s when you start looking for those hard-to-find items from little known sellers that you need to start taking extra precautions and be vigilant.

There are several things you can do to make your online holiday shopping more secure and these are some of the most important:

1.) Keep your devices and computers updated

The first step to making sure that you are secure is to make sure that both your mobile (Phones, Tablets, etc) and computer are up-to-date with the latest patches to the operating systems and security software.

2.) Be cautious of too-good-to-be-true deals and emails about problems with orders

The problem with things that are “too good to be true” is that they usually are. This is particularly true during the holiday season while cyber-criminals are targeting shoppers with enticing deals. Be smart if you receive an email with a deal that’s unbelievably good or an email about a problem with your order that asks you to click a link. Go directly to the online retailer’s website in the browser instead of clicking on the link.

3.) Browse secure

Look for https and the lock next to the URL to make sure the transaction is secure and the online retailer is protecting your data during transmission.

Also, avoid purchasing from online retailers that you don’t know. There are many small reputable online retailers but there are also a lot of cyber-criminals setting up legitimate looking websites trying to steal information. If you want to purchase something from an unfamiliar retailer, take a few extra minutes to research them for reviews and see if they have an eBay or Amazon storefront as the policies of those sites will cover your purchases.

4.) Use safe payment options when possible

Never send cash or use a money-wiring service. Many credit card companies offer a temporary card option that will allow you to specify a limit for the transaction as well as provide you a temporary card number and expiration date for the transaction. Avoid using a debit card as much as possible.

5.) Protect your personal information

When making a transaction, give only the information that is required for the interaction. Fill out only the required fields while checking out and make sure to review the merchant’s privacy policy.

Don’t share personal information or banking information over unsecured (no password required) Wi-Fi networks.

Blog ArchivesAxiom Admin

Blog Archives
Axiom Admin