Stay Safe While Shopping Online This Holiday Season

Stay Safe While Shopping Online This Holiday Season

Thanksgiving is not just a time to feast with family and friends any longer as Black Friday has poured over into the holiday preceding it, with some stores opening their doors for shopping as early as 3pm on Thursday, when most of us want to be eating some pumpkin pie. While Black Friday shoppers have already waited in lines overnight, approximately 50% of people are doing some part, if not all, of their Christmas shopping online, and this year it is expected that 13.3% more people will participate in online shopping than ever before. With Cyber Monday coming up on November 28th, there are sure to be millions of consumers purchasing gifts for their loved ones for the holiday season, but as the number of people shopping via the Internet grows, there comes an almost equal increase of cyber attacks as well.

While there are many cyber-crimes out there this time of year including phishing email scams and ransomware attempts, there are many precautions you can take in order to help prevent your information from being stolen. Here are some tips, some of which are also included in a previous Axiom blog post written by Shannon Wilkinson, on how to stay safe while shopping this holiday season:

1) Use credit cards instead of debit cards

We all remember the credit card hack that hit Target in 2013, and while it was detrimental to many shoppers of the massive chain, it did highlight the importance of being secure in your payment method. One very common recommendation I’ve seen to help avoid against significant financial distress if your information were to be compromised in a similar attack is to use your credit card. If your credit card data is used for something malicious without your knowledge, it’s easier to resolve issues with a credit card company than with your bank, so avoid using debit cards as much as you can. When in doubt, cash is always the safest bet.

If you do use one of your cards, take advantage of the possible updates you can receive, that way you can stay up to date on all of your account’s financial activity.

2) Be wary of ‘too good to be true’ deals, they probably are

A common tactic used by cyber-criminals is to lure you to their nefarious websites with deals that appear to be too good to be true. While most of us are aware of this, it is important to keep this in mind during the holiday season when searching for that one gift your loved one just can’t live without. If a deal seems too good to be true or you haven’t seen or heard of it being advertised elsewhere, it is likely, and unfortunately, a scam.

3) Only shop at retailers you know

By only purchasing items from retailers whose brands you recognize, such as Amazon or Best Buy, you can lessen the chance of your data being involved in a scam, as these big name stores likely have better cyber defenses that of less recognizable companies.

No matter which site you use, look for the secure ‘https’ and a lock symbol next to the link in your web browser, as these indicate that any purchase transacted on a particular website is secure. If you do deviate from known websites, take some time to research the validity of these sites to protect your information.

4) Do not give out any extra information

When signing up for a rewards card to add to your holiday shopping savings or giving your information to be entered to win a grand prize, never give out more information than is necessary. No company needs your social security number or other extremely personal information, so if they request it, do not provide it to them.

5) Keep your devices up-to-date

The first step to making sure that you are secure is to make sure that both your mobile (Phones, Tablets, etc) and computer are up-to-date with the latest patches to the operating systems and security software.

6) Be educated on cyber-crimes

Quite possibly the biggest cyber-crime that affects people around this time of year is phishing. Many people, especially after buying something from an online vendor, receive an malicious email. In these cases, customers might receive an email stating that their payment did not go through and their information needs to be re-entered in order to process the order. This is often times a cyber-criminal trying to get you to enter in your credit card information directly to their database. If you receive such an email, contact the company directly to find out if there is actually a legitimate issue with your order and to notify them of the scheme. This and many other fictitious emails have been flooding inboxes recently, so as consumers, we must be hyper-vigilant in protecting our data.

7) Stay updated on current threats

The best way to avoid a scam is to be knowledgeable about current cyber crimes threatening consumers such as yourself. A simple Google News search of ‘current holiday cyber attacks’ can keep you in the loop as to which scams you need to look out for. Likewise, if you find that you are the victim of a cyber crime, tell someone who can do something about it, such as the company who appears to be sending you legitimate information of their fake counterpart, in order to prevent others from being targeted. We are our best resources in the fight against online shopping criminals

While this season may be hectic at times, it is meant to be a time of happiness; avoiding malicious cyber attacks is extremely important in keeping your season full of cheer. Take these precautions to stay safe and if you feel unsure about a website or an email, trust your gut and don’t use that site.

Hailey Carlson | Axiom Cyber Solutions | 11/25/2016

5 Ways to Protect Yourself Against Sextortion

5 Ways to Protect Yourself Against Sextortion

With texting, social media direct messaging, and apps like Snapchat—a mobile app where one person can send a photo to another that will “self-destruct” in a maximum of 10 seconds—it is easy to see how sexting has pushed its way to the forefront of technology-based communication. However, what if the person you’re messaging or snapping with isn’t who you think it is? What could the personal, intimate image you’re sending to your significant other mean if it fell into the wrong hands? When malicious people get their hands on these types of images, they can use them to extort more compromising images or demand payment with the threat of sending the existing images they have to your friends, family, or coworkers—this is the sexual-cybercrime known as sextortion.

Sextortion occurs when malicious online users obtain compromising images, usually posing as a young person who the victim may or may not think they know, or by hacking into a person’s webcam, which they then use to extort more compromising pictures or videos from the victim or sometimes even monetary payment with the threat of distributing the photos on the internet if the victim does not comply.

There are an expected 6,000+ cases of sextortion, many of which are not reported due to victims’ fear of their attackers exposing their intimate moments to the internet. The primary victims are young adults and minors. While women are the primary adult targets, these cyber-scum prey on both girls and boys under the age of 18, and unfortunately, minors make up a majority of the victims—a whopping 78% of total sextortion victims. One offender was able to trick and control 230 victims, 44 of which were minors. He would get the photos from the unsuspecting victims either by posing as their boyfriends or hacking into their webcams and unexpectedly spying on them. This behavior of having multiple victims is not uncommon due to the massive reach of the internet, making it that much easier for these predators to hook more unsuspecting people into their vicious schemes.

With sextortion becoming such a prevalent and common cybercrime, it is important to educate yourself and others on what signs indicate a sextortionist predator and ways to prevent becoming a sextortion statistic.

How to Prevent Becoming a Sextortion Victim

While there are good people out there working against sextortion on a grand scale, such as Mary Anne Franks of the Cyber Civil Rights Initiative who advocates laws that would make distribution of explicit images without the consent of the person pictured illegal, regardless of how the images were obtained, there are some things you can do to help protect yourself from such a crime on an individual level:

Never send compromising photos to anyone, regardless of who you think they are—Even if the image is slightly compromising, sending images to people online and via phones is extremely risky with the increasing abilities of hackers and other malicious people on the internet.

Do not talk to people online who you do not know—again, this seems like an obvious statement, but just because someone appears to be interested in you for whatever reason online, adding people to your networks who you do not personally know is extremely dangerous and can open doors wide open for sextortion predators.

Cover your cameras when not in use—Hackers can gain access to virtually anything they set their minds to if it is poorly protected enough, and that includes your webcam. By placing a webcam cover or even a piece of tape over your webcam, you can prevent hackers from being able to spy on you, even if they can hack into your webcam. Facebook CEO, Mark Zuckerberg, who has been in a bit of hot water recently with his personal social media account breaches, covers his laptop webcam with a piece of tape. If he is worried about people watching him through that camera, you should be as well.

Make sure your computer’s cybersecurity is up-to-date­­—at least by updating your anti-virus software regularly and not going to any seedy websites, you can reduce the chances of hackers getting into your computer and taking your personal information that way. Most anti-viruses will even allow you to auto-update. Taking multiple steps in protecting your personal cybersecurity will only help you to be more and more secure.

Your personal cybersecurity is more important today than it has ever been, and prevention is key to protection, so make sure you take these precautionary steps to lessen the likelihood of potential attack. However, in the event that you do find that you or a loved one fall victim to online sextortion, you are not alone. Do not continue to send explicit photos to the attacker—that would only be more ammunition that they could potentially use against you. Instead, tell an authority figure about the incident and call the toll-free FBI number 1-800-CALL-FBI to alert them of this crime and hopefully stop this person from further blackmail of you and others.

Hailey Carlson, Marketing Intern, Axiom Cyber Solutions 6/28/2016

Image Source

No Firewall & Cheap Routers to Blame for $80 million Bangladesh Bank Heist

No Firewall & Cheap Routers to Blame for $80 million Bangladesh Bank Heist

A typo by hackers resulted in the theft of a mere $80 million instead of $1 billion from the Bangladesh central bank back in February. But what is more worrying is the way that the hackers gained access. Investigators have discovered that the bank had no firewall and were using cheap second-hand routers that cost $10 to connect to global financial networks. The head of the bank resigned and the Finance Minister has called the bank’s approach to cyber security “very incompetent”.

The lack of sophisticated equipment also will make it more difficult for investigators to figure out exactly what happened as there will be a lack of information logging on the devices. And it also means that there would not have been network segmentation, meaning once the hackers had access, they had access to everything instead of just one part of the network. Good network security involves segmenting the network into working areas (think POS, Administration/Management, Guest Network, etc). And of course, good network security also involves the use of a firewall.

FireEye, the security firm helping investigate the theft, believes that malware with keystroke capabilities was covertly installed and in the bank systems for several days before the theft occurred. The thieves were able to gather operational data and steal codes that allowed them to process transactions but a spelling error in one of the transactions lead the theft to be discovered and stopped additional millions from going out the door to the thieves.

It is baffling that a bank that has access to billions of dollars would not invest in the most basic cyber security protections. SWIFT, the secure financial messaging service, whose service was used to transfer the funds but not directly breached, said that in response to the hack that they would be checking with banks to ensure they are implementing recommended security strategies. While SWIFT is able to recommend security practices, there is no organization with regulatory oversight to ensure that financial institutions are securing their computer networks.

While it was reported in late March that the Bangladesh central bank was considering legal action against the Federal Reserve Bank of New York, the new information that has surfaced about the lack of cyber security investment is bound to make that case a lot harder.

Modern banks need to realize that they can’t just invest all their security budgets in physical security. In today’s digitized and connected world, everyone needs to consider network security as well as physical security. Not having a firewall on a network is the physical equivalent of leaving the front door of the business open when no one is around. For a financial institution not to have basic cyber security protection in place is not only dangerous but also egregious.

And I can’t help but close with a great quote from the Head of the Bangladesh Police Forensics Training Institute.

It could be difficult to hack if there was a firewall.

Mohammad Shah Alam

Cyber-criminals Increasingly Target Small Businesses

Cyber-criminals Increasingly Target Small Businesses

Small businesses historically have had the mindset that they are not a target for hackers due to their size, but never have they been so wrong.

Sarah Green, a cyber security expert and business manager for Cyber Security at Training 2000, says that one of the most dangerous phrases used by small businesses is: “It’ll never happen to us.”

 

“Small businesses may feel that they aren’t likely to be a target due to their size and that hackers couldn’t possibly be interested in what they do – but in reality the exact opposite is true,” Green adds.

 

– Source: The Guardian

Hackers are targeting small businesses on a much higher frequency than large businesses. In fact, according to the US House Committee on Small Business, 71% of cyber attacks are aimed at businesses with less than 100 employees.

Hackers know that small businesses are less inclined to invest in cyber-security so it makes them a much more attractive target. Think of it like this, as a burglar presented with two houses, would you pick the house that has the front door left open (no firewall) or the house that has an iron gate (firewall) on the front door?

In the UK, the latest Government Security Breaches Survey found that 74% of small organizations reported a security breach in 2015 and SMEs are being directly targeted by hackers.

In fact, Symantec reports that over half of spear phishing attacks are carried out against small businesses. And the ransomware trend is increasing with many small businesses suffering the consequences. Intermedia reports that 40% of ransomware attacks in 2015 targeted small businesses.

 

It seemed like just another ordinary day for staff at vehicle hire company MNH Platinum. Little did they know that the simple click of an email link was about to threaten their entire business.

 

It was early last year when the Blackburn-based firm was the victim of a virus which encrypted over 12,000 files on its company network. A ransom demand followed – the criminals would decrypt the company’s files in exchange for more than £3,000.

 

With the virus proving impossible to remove without the loss of crucial company data, the firm had no choice but to pay up.

 

“We were completely unprepared for a cyber breach simply due to a lack of awareness of the magnitude an attack of this type could have through mistakenly clicking a link in an email,” says managing director Mark Hindle. “I am thankful that we had a lucky escape, in that I was able to retrieve the documents that are crucial to the running of the business, albeit at a price.”

 

– Source: The Guardian

How can we help?

Axiom Cyber Solutions is offering a Managed Firewall, Cyber-Security Protection for Small Business starting as low as $199 per month.

We realize that most small businesses do not have a dedicated IT team and business owners may be handling their cyber security matters on their own. Let us take over and provide you with peace of mind. Axiom will provide your business a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your business. And don’t worry, there are no upfront costs for the device and you can cancel at any time. #FightBackWithAxiom

5 Reasons Why Your Small Business is at Risk for a Cyber Attack

5 Reasons Why Your Small Business is at Risk for a Cyber Attack

Fact: America’s 28 million small businesses create approximately two out of every three new jobs in the United States each year and more than half of Americans either own or work for a small business.

Fact: Businesses with less than 20 employees make up approx 90% of the workforce according to the U.S. Census Bureau.

Fact: The Small Business Association found that small employers often don’t consider themselves targets for cyberattacks due to their size or the perception that they don’t have anything worth stealing. However, this could not be any more wrong.

Small businesses have incredibly valuable information that cyber criminals want, including both employee and customer data, bank account information, access to the business’s finances, and intellectual property. Many small businesses are in communication with larger businesses, thus, providing access to larger networks to these cyber criminals. These small businesses play an important part of the nation’s supply chain, and rely on their technology to safely store and process their information. No one really wants to spend money on something before it happens but in this day and age, you can’t afford not to protect your business, your livelihood. Look at your alternative, most businesses close within 6 months of a cyber attack. Some things are worth protecting, and your data, your customer’s data, and your network are your priority.

Most small businesses do not have any sort of cybersecurity practices in place because of a lack of resources. That may be a lack in sufficient resources or personnel to dedicate to cybersecurity. Even then, we’ve seen in recent news that larger corporations with plenty of resources at hand such as Target and Sony, are having their own issues with their cybersecurity not keeping them protected. With such an abundance of small businesses who lack cybersecurity, these small employers are an incredibly attractive target for cyber criminals. Let’s go over the 5 reasons why your small business is at risk for a cyber attack.

1. No one thinks it’ll happen to them. According to a report by Symantec, this kind of thought process couldn’t be further from the truth. 60% of all target attacks struck small and medium sized organizations. Oftentimes, these cyber crimes occur before the business owner can even realize their security has been compromised.

2. Most small businesses can’t afford an IT team, let alone cybersecurity so they ignore the issue. Unfortunately, the average cost of a data breach is $36,000 for small businesses. Many small businesses do not realize that they can be fined by the Securities and Exchange Commission (SEC) and Federal Trade Commission (FTC) for not protecting their customer’s data. The reality is, you can’t NOT afford cybersecurity.

3. Many small businesses don’t encrypt their data. Encryption in its simplest terms is a method of protecting data from people you don’t want to see it. According to a survey done by Sophos, there are numerous reasons why organizations do not encrypt their data. 37% of organizations cite lack of budget as to why they do not make extensive use of encryption. 31% point to concerns about encryption’s impact on performance and 28% state they have lack of deployment knowledge, while 20% say lack of legal pressure explains why they don’t use encryption. A small business may not realize why their assets are so valuable but in any organization, data is valuable not only to a small business owner but to the cyber criminals. The damage to your brand, your customers, and your business can be insurmountable.

4. Weak passwords pose as a huge security risk. Does your business use passwords like ‘1234’ or ‘password’? As ridiculous as this password is, it has been the #1 used password for years now. Cyber criminals are banking on this. Do not be lazy and just add numbers to your weak password. For example, instead of ‘123456’, many chose ‘1234567890’. This is a basic extension, which cybercriminals can take full advantage of. You’re not being clever by doing this. Take the few minutes to come up with a unique password. That could very well make the difference in your network security.

5. Not updating their firewalls. By regularly updating and checking your firewalls, you are being proactive towards the security of your business. Manufacturers release updates to their products which usually include fixes to bugs as well as new features that will mitigate new types of threats. It is also important to review your firewall logs and check for any alerts or policy changes.

Be proactive and don’t wait until it’s too late. Read below for how Axiom Cyber Solutions can help your small business manage their cybersecurity.

How can we help?

Axiom Cyber Solutions is offering a Managed Firewall, Cyber-Security Protection for Small Business starting as low as $199 per month.

We realize that most small businesses do not have a dedicated IT team and business owners may be handling their cyber security matters on their own. Let us take over and provide you with peace of mind. Axiom will provide your business a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your business. And don’t worry, there are no upfront costs for the device and you can cancel at any time.

HACKED! Small Businesses are susceptible to cybercriminals

HACKED! Small Businesses are susceptible to cybercriminals

It’s a chilling moment when a small-business owner discovers hackers have stolen thousands of dollars from the company checking account.

Cybercriminals took an average $32,000 from small-business accounts, according to a December survey of owners by the advocacy group National Small Business Association. And businesses don’t have the same legal protection from bank account fraud consumers have.

The Electronic Funds Transfer Act, passed in 1978, states that it’s intended to protect individual consumers from bank account theft, but makes no mention of businesses. Whether a business is protected depends on the agreement it signs with a bank, said Doug Johnson, a senior vice president with the American Bankers Association, an industry group. If the business hasn’t complied with any security measures required by the agreement, it could be liable for the stolen money, he said.

Any business is vulnerable, but small companies are less likely to have security departments and procedures to guard against online theft than big corporations do. They also don’t have big revenue streams that are better able to absorb losses from a theft. And even if they get the money back, they still have to spend time and money dealing with the hassles of closing accounts and opening new ones.

Sandy Marsico’s company accounts were attacked — twice. Her bank contacted her in December 2014, saying a transfer of over $50,000 to Mexico had been requested from her checking account.

The thieves had obtained the account information; Marsico, owner of Sandstorm Design, a Chicago-based marketing company, still doesn’t know how. The bank did an investigation but didn’t share its findings with her.

Marsico didn’t approve the transfer, the account was closed and a new one opened. But the following November, someone began withdrawing money from the new account in increments ranging from $1,000 to $4,000, a total of $20,000 in the course of a month. Marsico didn’t discover it until she got her monthly statement.

“My stomach dropped when I wasn’t able to identify these as our charges,” Marsico said.

The bank, which again did an investigation but didn’t tell Marsico the results, again reimbursed Sandstorm. Marsico has since moved some of her accounts to another bank.

Thieves are increasingly using realistic-looking emails to trick companies into transferring money from their accounts with what’s known as wire transfers, said Avivah Litan, a security analyst with the research company Gartner. Often, an employee receives an email purportedly from a company executive asking them to transfer the money from the company’s account into a specific external account. If employees don’t check to be sure the request is legitimate, they might go ahead and authorize a withdrawal.

The first attack on Marsico’s account was a wire transfer attempt but didn’t use an email to her company.

The FBI reported in August that more than 7,000 U.S. companies had been victimized in emailed attacks since late 2013, with losses of more than $740 million. The government said the number of identified victims had surged 270 percent between January and August of last year. Most of the thieves are believed to be in organized crime groups in Eastern Europe, the Middle East and Africa.

Source: Joyce M. Rosenberg, The Associated Press

How Can Axiom Cyber Solutions Help?

Axiom Cyber Solutions is offering a Managed Firewall, Cyber-Security Protection for Small Business starting as low as $199 per month. We realize that most small businesses do not have a dedicated IT team and business owners may be handling their cyber security matters on their own. Let us take over and provide you with peace of mind. Axiom will provide your business a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your business. And don’t worry, there are no upfront costs for the device and you can cancel at anytime.

Axiom’s solutions come in different sizes and all our solutions are designed to deal with the attack vectors of today while being adaptive and flexible enough to continue to secure your network for years to come. For more information, check out our website at axiomcyber.com or give us a call today for your free consultation.(800) 519-5070. #FightBackWithAxiom

Financial Services are Under Attack!

Financial Services are Under Attack!

Hackers are consistently targeting the financial sector and our personal information is at risk more than ever before. Cyber crime is the number one threat we face according to the U.S. Intelligence Service and 39% of all cyber attacks affected financial institutions (PwC). Hackers target these financial service firms 300% more than businesses in other industries. (CDW Finance) These financial institutions include banks, mortgage lenders, insurance companies, investment firms, and wealth managers. Most people assume that their finances and data are kept safe. However, as we have seen over the past few years, this is no longer true. Hackers are becoming more and more sophisticated and sneaky, infiltrating themselves into even our most secure networks.

Many asset and wealth managers do not believe they are a target because they assume hackers are after higher profile organizations. However, this is not the case. Financial instituions are incredibly attractive to hackers and cyber criminals. According to Kroll’s Cyber Threat forecast these financial firms are an “attractive target as they typically hold volumes of valuable data which are often stored in an organized manner with little protection.”

Recently, the Securities and Exchange Commission (SEC) has listed cybersecurity as a top priority for 2016. At least 88% of broker-dealers and 74% of advisers have been the target of cyber attacks, the SEC stated earlier this February. The majority of these cyber attacks were done through fraudulent emails, some of which led to brokers losing more than $5,000, the report said. In one case, an adviser reported a loss of more than $75,000.

SEC Commissioner Luis Aguilar, stated that “cybersecurity is a persistent and growing threat, and that firms must take their cybersecurity duties seriously.”

The Financial Industry Regulatory Authority (FINRA), also issued their annual Regulatory and Examiniation Priorities Letter earlier this February which identified hacking as a major threat facing brokerages. These regulatory agencies are taking note of how financial institutions supervise their cybersecurity.

FINRA states that they “will review firms’ approaches to cybersecurity risk management, and depending on a firm’s business and risk profile, we will examine one or more of the following topics: governance, risk assessment, technical controls, incident response, vendor management, data loss prevention and staff training.”

There are many ways these cyber criminals attempt to steal money and data. One way is by contacting a wealth manager and pretending to be a client. They will claim they have been robbed and need a wire transfer immediately. Another popular scam is called social engineering. This type of scam is so popular that even the Director of the CIA fell for this last year. In this situation, the teenage hacker posed as a Verizon employee to gain sensitive information which allowed him access into the Director’s AOL account.

Social engineering refers to the concept of psychologically manipulating people in order to trick a person into revealing critical information. For example, tricking an employee into giving them accessibility whether it is a password or crucial banking information is very common. Human nature and trust feeds into this concept and cyber criminals are counting on this. There have even been reports of attractive women befriending IT security professionals, thereby gaining entry and infecting networks with malware.

By employing cybersecurity professionals, you as a business are making real steps toward protecting your business, your clients, your data, and more. Save yourself from being hit with fines and audits, otherwise the FTC will fine a company that has not sufficiently protected their data against a breach. The FTC will require a company to undergo 20 years of security audits if they are found negligent. Having firewalls and intrusion detection mechanisms in place to prohibit cyber criminals from gaining access to your network is key to avoiding the potential fallout you’ll have to deal with. Cybersecurity is a necessity and it is incredibly important for all businesses to take it seriously.

How can we help?

Axiom Cyber Solutions is offering Managed Cyber-Security Protection for businesses starting as low as $199 per month. We realize that many organizations do not have a dedicated IT team and business owners may be handling their cyber security matters on their own. Let us take over and provide you with peace of mind. Axiom will provide your business a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your business.

Axiom’s solutions come in different sizes and all our solutions are designed to deal with the attack vectors of today while being adaptive and flexible enough to continue to secure your network for years to come. For more information, check out our website at axiomcyber.com or give us a call us at (800) 519-5070. #FightBackWithAxiom

Cyber Criminals Are Targeting Universities

Cyber Criminals Are Targeting Universities

Universities are getting barraged by cyber attacks. Organized crime and state sponsored attacks by foreign governments are going after universities and their data. According to the 2015 Cost of Data Breach study by IBM, 1.5 million annual cyber attacks occur which breaks down to over 4,000 cyber attacks every day. It’s no surprise that many of those attacks are done specifically against universities.

In 2015, numerous colleges were attacked. The University of Virginia and Pennsylvania State University blamed their data breaches on Chinese hackers. At the University of Connecticut, their students Social Security numbers and credit card information was stolen. Washington State University, Johns Hopkins University, and Rutgers University were also attacked by cyber criminals.

“The landscape of who the attackers are has changed significantly,” says Mark Nardone, director of IT security for Northeastern University in Massachusetts. “We’re not in the ’80s, where it’s hobbyists coming after systems for a kind of self-gratification or bragging rights. Now we have people coming after resources that have tangible financial worth attached to them.”

10% of reported security breaches in 2014 involved the education sector, according to Symantec’s Internet Security Threat Report

.graph

Bill Mellon from the University of Wisconsin recently did an overhaul of the school’s network security and shared,

“We get 90,000 to 100,000 attempts per day, from China alone, to penetrate our system,” said Mr. Mellon, the associate dean for research policy. “There are also a lot from Russia, and recently a lot from Vietnam, but it’s primarily China.”

College and university networks are appealing to cyber criminals for three main reasons according to Lawrence White, the Association of Governing Boards of Universities and Colleges.

1. Servers found in universities are full of intellectual data that is worth quite a bit to cyber criminals. as a university. Richard Pérez-Peña, a New York Times journalist who reports on higher education, stated that,

“Universities and their professors are awarded thousands of patents each year, some with vast potential value, in fields as disparate as prescription drugs, computer chips, fuel cells, aircraft and medical device,”
Not only do universities have this data, they also have the thousands and thousands of applications from hopeful students containing even more critical information enticing cyber criminals.

2. Unlike most for profit businesses, college and universities try to operate under an easily accessible system. Computer systems are managed in a decentralized way and are difficult to secure. Since these computer systems are difficult to secure, they become prime targets for cyber attacks.

3. The costs associated with cybersecurity is high and many IT departments lack the resources to keep the systems up to date. IT departments in universities may have hundreds or thousands of third party software programs that need to be updated constantly as new viruses are found. A few seconds or minutes of a delay in downloading and installing the new patch can create serious vulnerability issues. Those few seconds could be just the amount of time a cyber criminal needs to get into the universities’ network.

Universities are getting attacked by cyber criminals so often, that the FBI has stepped in and created programs in an effort to assist universities with their cyber security. The College and University Security Effort (CAUSE) is a partnership effort between the FBI and academia that seeks to protect research, products, and personnel from foreign intelligence threats. It falls under the FBI’s Academic Alliance Program. The FBI states they will even send an agent to the university to discuss cybersecurity and will train students, researchers and administrators.

If a university fails to safeguard their data, a data breach will cost them millions of dollars. Repairs, remediation costs, consultancy fees, and preventative help are just a few things a university needs to consider. Consider Rutgers University, who spent approximately three million dollars this past year to clean up the mess that hackers made after their network was knocked offline four times.

How can Axiom Cyber Solutions help your University?

Axiom Cyber Solutions is offering Managed Cyber-Security Protection for Small Business starting as low as $199 per month. We realize that most small businesses do not have a dedicated IT team and business owners may be handling their cyber security matters on their own. Let us take over and provide you with peace of mind. Axiom will provide your business a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your business.

Axiom’s solutions come in different sizes and all our solutions are designed to deal with the attack vectors of today while being adaptive and flexible enough to continue to secure your network for years to come. For more information, check out our website at axiomcyber.com or give us a call us at (800) 519-5070. #FightBackWithAxiom

Law Firms : Beware of Cyber Criminals

Law Firms : Beware of Cyber Criminals

“There are two types of law firms: those that know they’ve been hacked and those that do not”, according to Vincent Polley, attorney for the American Bar Association.

What an incredibly powerful statement considering the fallout of cyber attacks amongst businesses these days. The numbers of cyber crimes have only increased for those working in the healthcare and financial field, but due to reluctance from many law firms to report cyber crimes, we do not know if the same can be said for law firms.

1 in 4 law firms are victims of a data breach according to a 2015 study done by the American Bar Association.

law

Many law firms view cyber breaches as something to be ashamed of and many lawyers are hesitant to openly admit to their clients that they have become victims of a data breach. As hard as it may be to report these things, law firms need to report cyber breaches when they happen. A 2015 study by Citigroup’s cyberintelligence unit reported that,

“Due to the reluctance of most law firms to publicly discuss cyber intrusions and the lack of data breach reporting requirements in general in the legal industry, it is not possible to determine whether cyberattacks against law firms are on the rise.” The report when on to say that law firms are very appealing to cyber criminals, considering the incredibly confidential data on corporate deals and business strategies. These days, data = money, so it comes as no surprise that cyber criminals are after this data.

Earlier this year, there were reports of fraud related to law firms in where a hacker intercepted important instructions between the closing attorney and the buyer’s agent. The hacker sent out entirely different instructions on the wiring of the money. Unbeknownst to the victims, they then wired their money straight into the hacker’s account. These types of scams are only continuing.

The fallout from a data breach for a law firm can be huge. Not only does it become a huge legal liability, a law firm may even be sued depending on what kind of data was released. If a law firm ignores their cybersecurity issues and refuses to take proactive measures, they can be subject to fines by the FTC.

A law firm could also lose their reputation, as well as the trust their customers and clients have given them. The amount of confidential information that people entrust their lawyers with is insurmountable. Class action lawsuits will follow. The time and money dealing with a cyber security data breach is a huge headache of inconvenience and there’s no guarantee that a law firm will even be able to continue to stay open.

Law firms, no matter the size, must take their cyber security seriously. By getting into the mind of a hacker and mapping out vulnerabilities in your network, you will be taking the necessary proactive steps to protect yourself and your business from cyber criminals. Taking steps to protect your business will make the difference in whether or not a law firms is successfully attacked.

Axiom Cyber Solutions is offering Managed Cyber-Security Protection for Small Business starting as low as $199 per month. We realize that most small businesses do not have a dedicated IT team and business owners may be handling their cyber security matters on their own. Let us take over and provide you with peace of mind. Axiom will provide your business a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your business.

Axiom’s solutions come in different sizes and all our solutions are designed to deal with the attack vectors of today while being adaptive and flexible enough to continue to secure your network for years to come. For more information, check out our website at axiomcyber.com or give us a call us at (800) 519-5070. #FightBackWithAxiom