Tech Minutes

The threat landscape is filled with more types of malware than ever. To keep your business’ network running effectively, it’s important to have a strategy to keep malware out. Today, we’ll talk about a few basics you should know to keep your cybersecurity strategy working properly.

Email is often touted as a favorite medium for launching cyberattacks against businesses and individuals. This is because it’s easy to hide the true intent behind an email attack within its contents, whether they are embedded images in the message itself, or links to external sources. How can you know for sure whether the links in your email inbox are legitimate?

We are going to switch things up a bit and walk you through a retelling of a ransomware attack through the eyes of a business owner. Usually when we talk about these types of threats, we approach it from our perspective and talk about what you should do to prepare and what the threats are, but we wanted to try to show you what an event like this could feel like, for you, in your position, and in your own eyes. We hope that this will raise awareness of how crippling an event like this can be on your company, and we hope you let us know if this perspective helps you, your colleagues, and your staff get a more personal sense of what ransomware can do. Enjoy!

Ransomware is a growing problem for businesses, being one of the most difficult threats to remove from an infrastructure. Not only is it easy to spread, but difficult to avoid as a whole. How can your organization prepare for this threat? It starts by being mindful of how ransomware is spread and how your employees react to it, both now and in the future.

Put yourself in the shoes of a cybercriminal. If you were to launch a ransomware attack, who would be your target? Would you launch an indiscriminate attack to try to snare as many as you could, or would you narrow your focus to be more selective? As it happens, real-life cybercriminals have largely made the shift to targeted, relatively tiny, ransomware attacks.

In a statement given by Tom Bossert, the homeland security adviser to the White House, blame for the WannaCry attacks leveraged from May 12th to the 15th in 2017 was attributed to the Democratic People’s Republic of Korea. This assertion is in line with the conclusions that New Zealand, Australia, Canada, and Japan have come to, according to Bossert.

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

If your business were to be struck by a Distributed Denial of Services (DDoS) attack, would it be able to recover in a timely manner? Do you have measures put into place to keep them from hampering your operations? While most organizations claim to have sufficient protection against these dangerous attacks, over half of them have simply proven to be ineffective against DDoS.

Would you be surprised if we told you that cybercrime is one of the biggest threats to the success of your organization? Unfortunately, there’s no escaping the fact that your business will be under fire from all sides by security threats. One of the most notorious methods includes phishing--email scams that are designed to harvest credentials and other information from unsuspecting users.

The variety of malware known as ransomware exploded in popularity in 2016, encrypting victims’ files and demanding cryptocurrency payments to restore the data to the estimated tune of $1 billion. This may seem to suggest that large corporations and companies are the primary targets of these cyber criminals--and for some, they are.

It’s one of the most commonly-known computer issues: infection. There are plenty of threats out there that could potentially take hold of your PC. The question is, do you know how to proceed if one does? This blog will go into just that.

Technology plays a pivotal role in the way modern businesses function, and as a result it carries some element of risk. An example of this is how companies store electronic records. While the implementation of measures that are designed to provide greater ease of use and organization for a business’ employees make business move faster, it also makes it that much easier for a hacker to locate and steal data. Small and medium-sized businesses, in particular, are vulnerable, as they may not have dedicated IT security.

Ransomware is a tricky piece of malware that locks down the precious files located on a victim’s computer, then (in theory) will return access to them when a ransom has been paid. Depending on the files stored on a victim’s computer, they might simply blow it off and not worry too much about losing access to a couple of pictures or videos--but what if this ransomware threatened to expose your web browsing history?

After a year like 2016, it should come as no surprise that 2017 has been a year of significant cyber threats. Looking back on the events of the year so far may help us to anticipate what kind of threats we can anticipate in the second half of 2017.

A new malware swept across the globe Tuesday, incorporating facets of many ransomwares that have made headlines recently. While it originally appeared to be a variant of the Petya ransomware, it has been determined that it shares more in common with WannaCry. However, “NotPetya,” as it has been named, has a few additional features that experts say make it worse than either of its predecessors.

It doesn’t matter which industry your organization falls into. Your business will always be susceptible to threats in some way, shape, or form. Therefore, it’s your responsibility to ensure that your business understands how to protect itself from these threats, before it’s too late. We’ll help you learn more about the various issues that you need to watch out for, and what you can do to stop them.

The term ‘spyware’ has some clearly negative connotations to it, and rightly so. This variety of malicious software can cause no small amount of trouble if left unchecked. What follows is a brief overview of spyware, and what measures you can take to protect yourself and your business from it.

On June 12th, the U.S. Department of Homeland Security issued a warning to power grid operators and electric utilities concerning a newly surfaced malware called CrashOverride (aka Industroyer). Only, it’s not entirely new. The world has seen this before and the fallout from it is concerning.

When you hear the term “hacker,” what do you imagine? You likely see what many see, a lone user hunched over a computer, creating chaos for chaos’ sake. However, this is a dangerously narrow view of those who qualify as “hackers.”

You might take extreme measures to keep your business’s devices from contracting the odd virus or malware, but what if all of your efforts are for nothing? You could have the greatest preventative solutions out there, but you can still get infected by some nasty threats, the reason being that the device was infected before you even started using it. You might be surprised by how often this happens, even to wary business owners.

Society relies on law enforcement to enforce laws in a fair and just manner, but even the police have their work cut out for them when they are targeted by a cyberattack. A recent incident in Cockrell, Texas shows that not even the police are immune to the threats of ransomware--particularly the emerging brand of ransomware, Osiris.

Let’s say that you receive an email from a software vendor, say, Microsoft. When you are contacted by a major company like this, do you automatically assume that it’s secure, or are you skeptical that it’s a scam? Ordinarily, it might not seem like a big issue, but all it takes is one click on an infected attachment or malicious link to infect your business’s infrastructure.

According to a Swedish cybersecurity firm called Detectify, there are major online domains that are at risk of email spoofing due to misconfigured server settings. Email spoofing is the act of sending a message, while masking the true email address that it comes from. This allows hackers to forge the sender address to suit their needs. Generally speaking, email messages don’t have automatic authentication built into them. This is something that must be configured on the server side of things.

Thankfully, there are ways to properly configure your email server, but unless you’re a hardcore techie, you run the risk of either configuring the system incorrectly, or changing settings that may compromise your security. Yet, it’s still important to keep in mind how the solutions that prevent email spoofing, work. Here’s a breakdown of the details:

You might be wondering why we’re even bringing this up, and it’s because Detectify discovered that, out of the top 500 sites on the Internet, 276 of them can be spoofed. Detectify considers servers that don’t have SPF or DMARC configured correctly to be vulnerable to email spoofing - this includes using no SPF at all, using SPF with softfail only, and using DMARC with action none. Therefore, you need to take measures to ensure that your team knows how best to identify spoofed email domains, and phishing messages in general. If you don’t, you could be placing your business in harm’s way. On top of that, you’ll want to make sure your email server is configured to not allow your email domain to get spoofed.

The best way to keep your employees from falling into this trap is by ensuring that you’ve educated them on security best practices, and to limit their exposure to such threats in the first place. This includes taking the time to explain to them how phishing threats and other security discrepancies behave, as well as implementing solutions to keep suspicious messages out of your inbox in the first place.

When browsing the Internet, one might not consider that threats may be present on the more commonly visited websites, cleverly hidden by their creators. However, the recent actions of a particular exploit kit prove that threats have the potential to hide just about anywhere.

Hackers continue to innovate and cause trouble for businesses of all industries and sizes. One of the more interesting recent tactics includes utilizing a malicious Twitter account to command a botnet of Android devices to do its bidding. Twitoor is considered to be the first real threat to actively use a social network in this manner, making this a major cause for concern.

Twitoor is an app that, when installed, places a Trojan on the Android device that receives commands from a central Twitter account. Twitoor can download and install malicious applications, steal data, and switch between alternative command-and-control Twitter accounts. Since you can’t find Twitoor on the Google Play store, it’s thought that it spreads through downloading via a malicious link and “side-loading” it onto a device.

Once Twitoor has been installed on the device, it becomes a part of a botnet. Botnets are commonly used by cyber criminals to spread the influence of their malware across multiple devices. The idea is to infect as many devices as possible by creating “zombie-bots,” or devices that are enslaved and forced to adhere to the hackers’ commands. These networks are capable of performing actions that singular devices cannot, like initiate DDoS attacks. Normally, a typical botnet can leave behind signs of its origins (where it’s receiving commands from), which security professionals can use to find the source of the botnet. They can then shut down the server issuing the commands, but in the case of Twitoor, it’s a bit more complicated.

The problem with Twitoor is that its devices receive commands from a Twitter account that’s always changing. This helps it to avoid detection. ZDNet explains further measures taken by the message to avoid detection: “Those behind the malware have also taken additional steps to safeguard Twitoor, including encrypting messages to further obfuscate their activities.” This makes Twitoor more difficult to destroy at its roots than a typical botnet.

Criminals are adapting their approaches to hacking in an attempt to innovate and explore new opportunities, and Twitoor is the perfect example of this. You always need to be aware of all types of threats, not just traditional ones. We recommend that you reach out to Directive for assistance with securing your organization’s network security. This includes mobile devices like smartphones, tablets, and laptops.

Ransomware is still on the rise, and the Federal Bureau of Investigation has labeled it as one of the biggest dangers to businesses of all kinds. Compared to other methods of spreading malware, ransomware has a unique return on investment that keeps hackers wanting more. One new variant of ransomware uses a phishing attack that’s tailored to your real-world address, which is exceptionally concerning for victims.

There are many types of malware out there, but few are as scary as ransomware. Imagine being struck by a threat that instantaneously locks down your files and keeps you from accessing them until you pay a certain amount of money. If your business is targeted by ransomware, would you be able to protect it from dragging your operations into a bitter pit of despair?

Ransomware is such a popular method of attack used by hackers that new variants of it pop up every few months. Among these is Petya, a nasty new ransomware that masquerades as an unsolicited resume in an organization’s email inbox. Don’t be fooled, though; the only work these hackers are looking for is to work you out of a couple hundred dollars.

Hackers have always gone after industries that are profitable, or hold sensitive information that can be lucrative when sold under the table. As such, retailers that accumulate financial credentials are often hit by hacks. The entertainment industry is no different, and hackers continue to grow craftier in their pursuit of wealth and power. Not even Steam, the PC gamer’s most valuable software solution, is safe from the dangers of hacking attacks.

Ransomware has been spreading like wildfire over the past few years, but up until very recently, Mac users were spared from this troubling development. Now, security researchers at Palo Alto Networks have discovered what they believe to be the first instance of completed ransomware on an Apple device. As this threat is “in the wild,” Mac users should be wary of it and see it as a potential threat.

Small and medium-sized businesses continue to have problems shoring up their cyber security. Even with the latest solutions, like antivirus and firewalls, they still need to be wary of impending attacks. New threats are created on a daily basis, all of which want to infiltrate your network and cause harm to your business. In fact, 27.3 percent of all malware in the world was created in 2015 alone. Will we ever escape from the clutches of malware?

Technology is often exploited by hackers for their benefit, but one avenue of attack that’s consistently neglected is the mobile device. Smartphones and tablets are arguably at greater risk than desktops and workstations due to them being exposed to more wireless networks. One of the greatest threats to these devices is the botnet, a threat that usually targets desktop computers, enslaving them and turning the machine against its owner (and the rest of the Internet).

One minute you’re browsing trusted sites on the Internet, the next, your PC freezes up and displays the dreaded blue screen of death, along with a fake tech support message. This strain of malware is duping plenty of computer users into calling the provided phone number, which only makes the situation worse.

There’s an intrusive malware on the Internet that locks a user out of their PC and directs them to a fake IT support phone number. In addition to being inconvenient, it can lead to the theft of sensitive information. If this happens to you, whatever you do, don’t call the fake phone number.

What’s scarier, monsters or computer viruses? While it would be horrifying to be caught in a dark alley with a vampire, it would also be terrifying to lose your data to a hacker. Each entity is scary in its own right, but how frightening would it be if the two were combined?

With many organizations heavily relying on mobile computing, malicious operators have begun targeting the “low-lying fruit” of a business’ IT infrastructure, which is often a company’s mobile devices. Kemoge, a malicious adware strain designed to corrupt Android mobile operating systems, is the latest mobile threat that your business needs to protect itself against.

Malware that targets ATMs isn’t a new concept. After all, ATMs use internal computers that can be hacked just the same as any old workstation. The prime difference is that hacking into an ATM allows for a direct dispensing of cash, rather than some crafty behind-the-scenes action. A new type of ATM malware, titled GreenDispenser, is a cause for concern in Mexico, and could spread to other countries if left unchecked.

Ransomware is one of the most devastating computer viruses in today’s computing landscape. You may have heard of one of its most famous variations, Cryptolocker. It received a lot of attention when it dramatically hit the scene two short years ago. Thankfully, the threat from CryptoLocker has decreased after the GameOver Zeus botnet was taken down last year. Although, now we’ve got a new, more contagious strain of this ransomware to deal with known as Cryptowall.

One of the primary threats that business networks are trying to protect themselves from is malware. We’re all aware of how much damage a stray piece of malware can inflict on a business, as they can perform functions like lock down files, steal sensitive data, and distribute crippling viruses. In recent developments, studies are showing that malware is now involved in less than half of all reported hacking attacks, and that more sophisticated measures are now being taken to exploit unwary users.

If you feel that there’s an increase in ransomware activity, don’t worry; it’s not just you. Hackers are now taking greater advantage of ransomware, a threat that locks down files and returns them in exchange for a payment. This is wreaking havoc on the computing world. Even the FBI has acknowledged the threat, and has issued a warning that the most likely type of cyber extortion users will encounter is probably going to be DDoS attacks.

In today’s society, we throw the word “hack,” around without a second thought. This is especially true in the realm of cyber security for businesses. Have you ever taken a moment to think about why the term “hacker” was chosen as the title for those who partake in sketchy online activity? What exactly makes a hacker, a hacker?

We all know that hacking is one of the biggest risks we must deal with in today’s technology-based society. Most hackers out there try to take advantage of the latest vulnerabilities in software, but there are some that use a more sophisticated method. These hackers try take advantage of the weaknesses found in the human psyche, rather than the technological flaws that consistently get patched.

The online world is a scary place. Viruses, malware, spyware, adware, and more are all out there trying to get at your network. These threats are almost always prevalent, but compared to each other, some are vastly superior and far more dangerous and advanced than the others. Advanced malware has the potential to disrupt your business’s operations, cause extensive data loss, and more.

One would assume that software preinstalled on a new PC is secure and has been properly vetted by the manufacturer. This is the case 99 percent of the time, but an exception has recently been discovered with the Superfish app, which came installed on new Lenovo computers sold between September and December of 2014. How can you protect your PC from this fishy security threat?

The Internet is up to its ears with threats and hackers, but some of the most annoying malicious entities are bots. These are systems which can gather information from all kinds of sources. While some aren’t malicious in nature (think SEO bots which gather data from websites), there are those that aren’t so innocent. These tend to fall into the hands of hackers and attempt to steal information or send spam.

Grab your tissues, it’s flu season! Just like biological viruses such as the flu can cripple an entire office, digital viruses can cause a lot of trouble for businesses too. Both downtime-causing virus scenarios can be prevented if proper safety measures are followed, like sanitation and cybersecurity.

The latest threats can put a damper on your business plan and put your company at risk. Therefore, it's only natural to protect yourself from them. This new threat in particular, Cryptowall 2.0, has the potential to do plenty of heavy-duty damage to your business's network, if given the opportunity.

A new threat, dubbed Sandworm by iSight Partners, has been discovered. It is a cyber espionage campaign dating back to at least 2009, and is said to be based in Russia. Sandworm uses a previously undiscovered zero-day vulnerability in Windows operating systems to steal information from government leaders and organizations.

The trend of employees bringing in their own mobile devices to the office and using them for work purposes (BYOD) is growing rapidly. In fact, a new report from Juniper Research forecasts that by 2018, more than one billion employee-owned devices will be used in enterprises. A trend this big means that organizations have to take BYOD seriously.

Hackers have many different tools at their disposal to access your computer. Some of these tools can even control your machine! When a hacker controls your PC, your computer is now part of a network made up of other compromised devices that they control. This compromised network is known as a botnet, and you don't want to be part of it!

There's a computer security threat so menacing that not even the best security technology can stop it. It's called psychology, and it's used with email phishing scams to trick users into overriding their security solution. The only way to stop this threat is with common sense, and unfortunately, there's no app for that.

Are you going to make sure your machete is handy and start boarding up your windows for the coming of George Romero's slow-moving walking dead, or will you load up on ammo and lock yourself in a bunker for the more active and feral Max Brooks-type zombies? What about your data, like your Zombie Survival Guide E-book? Is it safe?