MSPNetworks Blog

As one of the biggest cybersecurity considerations the modern business has to make, how to combat phishing has to be at the top of any business’ cybersecurity strategy. Let’s take a look at phishing and why it’s such a big problem for today’s business. 

You’ve Probably Been Phished

When trying to explain what phishing is to someone who has no idea about it, we typically start with the namesake. Phishing is the same as fishing. A hacker will bait a hook and users will bite on it. It’s that simple. Instead of worms or minnows, a phishing attempt needs some bait that will fool an unsuspecting computer user into providing information that will allow a hacker to access secured networks and steal or corrupt data. 

To say that this method is effective would be an understatement. First of all, the massive breadth of attacks—there are literally millions of these attacks per day—results in high levels (and low percentages) of successful attacks. In fact, 88 percent of organizations that were polled claimed to experience at least one phishing attack in 2019. In 2020, phishing emails were one of every 4,200 emails sent or about 73 million. The pace has actually quickened in 2021.

Successful phishing attacks result in stolen credentials, compromised networks, ransomware and other malware. They all lead to businesses losing money. 

Phishing is More Prevalent Than Ever

Phishing has been an issue for quite a while, but the COVID-19 pandemic and the corresponding jump in remote work provided the perfect opportunity for these scammers to operate. In 2020, 75 percent of worldwide organizations were targeted by phishing attacks, while 74 percent of U.S. businesses were successfully attacked in some way. This often led to massive losses, some $3.92 million on average. That’s an average and takes into account loss of productivity from downtime, data theft, deterioration of consumer confidence, and other factors.

It is therefore important that you do what you can to train your staff about how to recognize and thwart phishing attempts before they have a chance to have a negative effect on your business.

MSPNetworks can help you put together a training strategy, as well as put together tools to help you keep your network and data safe. Call us at (516) 403-9001 to learn more.

It’s been reported that a hacker virtually broke into a Floridian water treatment facility and briefly increased the levels of sodium hydroxide in the Pinellas County water supply. Fortunately, onsite operators noticed the spike and reduced it right away, keeping the public from risk of increased levels of poison in their water. This is just the latest story in a seemingly never-ending supply of them that have to do with public utilities being at risk from cyberattacks. Today, we will take a look at this issue. 

Protecting Online Utilities

Today, most systems are not only run through the use of computers, they are perpetually online so that remote operators have access to manage these systems. This provides hackers a wider-range of opportunities to carry out attacks against public infrastructure. Despite the massive amount of capital invested to ensure that these systems remain secure and reliable, all it takes is one situation to cause a great deal of public harm. The event in Florida just accentuates how important the security protecting these systems is. 

The Shifting Utilities Landscape

Over the past year, more people have been asked to work remotely to help keep the COVID-19 pandemic from spreading. This has not only led to more people working remotely at jobs that would typically require on-site staff, it also has helped push a degree of automation (using artificial intelligence and machine learning) to help identify incongruencies and threats to critical IT systems. This means that more people are relying on unfamiliar tools to do their jobs remotely. One can understand how this can lead to some confusion when trying to thwart very specific and targeted attacks. 

Threats Against Utilities and Infrastructure Are More Severe

A recent report from the Ponemon Institute suggests that threats against utilities are becoming shockingly more sophisticated. 54 percent of utility managers stated that they expect to have to deal with at least one cyberattack on critical infrastructure in 2021. That means that half of the people that work in electricity, water treatment, solar and wind, and gas think that they will be directly dealing with a major event triggered by a cyberattack this year. That’s completely unsettling considering how important these systems are to the sustainability of our society. 

What is Being Done?

This is where it gets a little tricky. Utility companies spend a lot of time and resources securing infrastructure. There’s a reason most of these places are surrounded by razor wire. To secure themselves against cyberattacks, however, they are taking much the same approach that your average enterprise would. They will try to secure systems by learning from past mistakes, innovating the tools they use, and simply being more vigilant.

Some innovations to speak of are similar to the ones you might see at your business. Using the integration of AI to actively search for and identify threats can end up being quite beneficial. AI can go through a lot of data extraordinarily quickly, meaning that it can identify potential problems quicker and thwart bad actors’ attempts at sabotage. Another technology that is being used in energy distribution is the Internet of Things. Utility companies are starting to utilize smart meters that modulate the flow of electricity and water. While you’d think that the integration of IoT devices would actually make the systems less secure, utility companies identified that from the outset and spent time and resources securing those systems before they were ever deployed in the field. 

Protecting our utilities has to be essential not only for utility companies, but also for society as a whole. What are your thoughts? Should the public subsidize utility companies for their cybersecurity? What moves would you make? Leave your thoughts in the comments section below.

Chances are, you not only have a smartphone, but that smartphone is also currently within arm’s reach. With these devices playing an increasingly important role in our personal and professional lives, these devices have proven to be a lucrative target for hackers to pursue. This week, our tip is meant to help you spot the warning signs that an application is hiding an attack.

Too Many Permissions

As careful as so many are with their data security, mobile applications can be a glaring blind spot. While access to certain files on the phone is required for certain applications to function, other applications should have no need for the data they request. Each application you use should have its requested permissions evaluated, and should one ask for too much, you need to reconsider using that app. This is also one of the reasons it is important to only source your applications from an established applications store—these app stores are vetted and regularly reviewed to catch malicious apps.

Battery Loss

Time for a basic physics lesson: the first law of thermodynamics states that the amount of energy in the universe is a set amount. This means that energy cannot be created or destroyed, only converted to a different form. While the battery in your phone is an imperfect example of this, the theory stands: if you don’t use it much, the phone should remain charged. So, if your phone suddenly drops in battery life seemingly without explanation, that’s a bad sign.

Malware could be the explanation you’re looking for. Running in the background, some mobile malware will collect assorted data. To find out which applications are responsible, it helps to check how much power different applications consume in your battery settings.

Passwords Stop Working

So, you type in your password, just as you always do, and press the enter key. Incorrect password. Whoops, you must have hit two keys at once or something, so you type it again. Incorrect again. Again and again, you type your password, making sure it is perfect, only to have it kickback.

This is an almost sure sign that your account has been taken over and your credentials changed. Reclaim the account if you can and reset passwords for all your accounts using best practices. It may also be wise to restore your device entirely from a backup to wipe any malware that may have been lurking.

MSPNetworks can help your company manage its entire technology infrastructure, down to the mobile devices that we so commonly see. Learn more about what we can offer you by calling (516) 403-9001.

Windows 7 might not be supported by Microsoft any longer, but millions of people are still using PCs that run the antiquated operating system. Since Microsoft has put an end to extended support for Windows 7 OS, a couple bugs have been found. Let’s take a look at what exactly is behind these issues and discuss your options.

What is the Problem?

Just recently--after Microsoft has ended support for the OS--reports started to come in that there were noticeable bugs in the software. The first one was in the “Stretch” wallpaper option. The bug was delivered in Microsoft’s final update for Windows 7 OSs. Microsoft, while initially only willing to fix the problem for organizations that are on extended support, changed course and released a fix on February 7, 2020, weeks after the OS’ end-of-life event. With so many business’ livelihoods tied to legacy software, it stands to reason that Microsoft will be judicious about what they support and what they don’t. 

Of course, for organizations that aren’t under contract for extended security updates, it is going to get worse. As time goes on, Windows 7 PCs, even ones used for core business uses, will not have the protection they need to keep threats out if they don’t have extended support available for a cost per PC. This reality started with the (already patched) “black wallpaper bug”, and is now seen in the newest bug that doesn’t allow users to shut down their Windows 7 PCs.

That’s right. Some Windows 7 users are receiving a pop up message that reads: “You don’t have permission to shut down this computer” every time users go to shut down the machine. Since this bug seems to be more significant than the “black wallpaper bug”, it will be interesting to see if Windows 7 relents and ships another patch for this issue. 

There Are Solutions

Users on the social forum site, Reddit, have come up with workarounds, but these are not official fixes to the problem. In fact, one solution requires third-party software. Without a word from Microsoft, however, we still contend that the best solution to the problem is to move off of the Windows 7 operating system for good, if possible. If that simply isn’t possible, paying for extended security support is the only reliable option to keep your Windows 7 legacy systems running in the manner you need. Only time will tell if Microsoft will actively patch this issue, or if it's just the first sign of the software degridating. 

At MSPNetworks, we can help you find solutions to any of your IT support problems. Call our expert technicians today at (516) 403-9001 to see how we can help your company get the hardware and software systems you need to run an efficient and productive business.

As prevalent as cybersecurity threats unfortunately are today, many users tend to overlook major threats that they just aren’t focused on nearly as much: social engineering attacks. Social engineering attacks are just another means for a cybercriminal to reach their desired ends, and therefore needed to be protected against.

What is Social Engineering?

Social Engineering is the act of manipulating people into providing access credentials to criminals that aren’t supposed to have access to a system. To do this, the social engineer uses his/her influence (real or not) to trick people into supplying the needed information.

The act of social engineering can be approached in multiple ways. Hackers can take advantage of user carelessness, they can come in as a helpful party, they can take advantage of an individual’s fear, and they can exploit a person’s comfort zone. Let’s take a look at each.

User Carelessness

Despite the need for information systems, companies largely depend on individual users to secure their own endpoints. Sure, they will put in place a set of tools designed to keep network resources secure, but overall, it is important for each user to maintain vigilance over their own workstation and other network-attached devices. If they aren’t, scammers can obtain access fairly easily. 

If they can’t use spam or phishing messages to gain access, they may have to try an alternate method. For example, a scammer may gain access to your workspace. If your people ignore best practices for convenience and leave credentials or correspondence out in the open, a scammer looking for things like this will be able to leverage that mishap into access most of the time. 

Perceived Helpfulness

Most people will help people that are having trouble. The impulse to be helpful can be taken advantage of if the “victim” is a hacker. People can hold the door for a cyberthief giving them access to your office. They can use information syphoned from the web to gain a person’s trust and then use the trusting nature of good people for nefarious means. Moreover, it is natural to want to help someone, so you and your staff have to be careful that they are, in fact, in need of help and not looking to steal access to company resources.

Working Within the Comfort Zone

Most workers do what they are told. If they have somewhat repetitive tasks, they may grow complacent. Social engineering tactics will take advantage of this, especially at a large company. The scammer will get into your office and if some employees are used to random people just milling around, they won’t really pay any mind. 

We typically like to think about hackers as loners that sit in the dark and slurp energy drinks while they surf the Dark Web. While this description is fun, it’s not realistic. Hackers, the ones that you should be worried about, know your company’s weakest points and will take advantage of them. If that weakest link is the complacency of your employees, that will be the way they will approach it. Unfortunately, this also technically includes insider threats.

Fear Tactics

Getting someone to do something out of fear is effective, but can be risky. The more fear someone has, the more they will look to others to help mitigate it. That’s why most fear tactics, nowadays, come in the form of phishing messages. Using email, instant messaging, SMS, or other means to get someone worried enough to react to a threat takes a believable story that could produce an impulsive reaction by a user. Fear has long been known to be a powerful motivator, so it really is no surprise that cybercriminals would resort to this means to coerce their targets into compliance. 

We Can Help 

If you would like more information about social engineering or any other cybersecurity issue, contact the IT experts at MSPNetworks at (516) 403-9001. 

Cybercrime has morphed over the past decade or so. With unbreakable encryption making breaking directly into a network all but impossible, phishing, Distributed Denial of Service (DDoS) attacks, and other methods of indirect hacking have become en vogue. As a result, software companies are looking in some strange places to find building blocks for intrusion mitigation. One interesting emerging technology being used for this purpose is blockchain.

Developments in blockchain technology have begun to be stretched past keeping records and cryptocurrency. Today there are a couple companies using blockchain to create innovative cybersecurity solutions that aim to drastically reduce a company's exposure to cybercrime. No matter what vertical you work in, blockchain-integrated solutions have begun to pop up. Building new solutions with blockchain is incredibly popular nowadays, but is it just a buzzword used for its role in marketing, or is it making a discernible difference in these solutions?

Often thought to be “unhackable”, security professionals developing a blockchain-based cyber security platform isn’t all that noteworthy, until you realize how they are going about it. Developers have begun to create blockchain-based platforms that uses the distributed nature of the solution to power content delivery networks (CDN) and DDoS attack mitigation services. It does this by allowing users to rent out their spare bandwidth to use as security computing.

This will potentially reduce the ability for hackers to execute attacks, lower the cost for businesses to mitigate the effects of these attacks, and capitalize on their extra bandwidth. Other developers are using smart contract adoption to secure their interoperability and file security.

Is Blockchain Vulnerable?

Being a human invention, there have been some kinks in blockchain technology. For those of you who do not know how the blockchain works, here is a very stripped-down definition: Every transaction made through the blockchain, financial or contractual, is given a permanent, designated “block” in the chain. In order for it to be added to the ledger, the rest of the network (every other node) needs to approve this new block’s validity. Once it is added, it cannot be altered and provides an unchangeable record of the transaction. If a block needs to be changed, a new block would have to be entered. It is only then that the transaction is completed.

While this method may seem extraordinarily secure, this “unhackable” technology has its flaws. In 2018 alone just under one billion dollars' worth of cryptocurrency was stolen. Of the $927 million taken, $532.6 million of it was hacked from the Tokyo-based cryptocurrency company Coincheck where 500 million XEM coins up and vanished from the exchange.

Other Blockchain Vulnerabilities

To my surprise, one investigation found that some blockchain and cryptocurrency constructs has over 40 different vulnerabilities. Here are a couple:

51% Vulnerabilities

Many of blockchain’s vulnerabilities have more to do with the nature of the platform as well. One such vulnerability is known as a 51% vulnerability and is associated with mining cryptocurrencies. Let’s assume you are a cryptocurrency miner and you accumulate hashing power that exceeds more than half of what the blockchain contains, you could leverage a 51% attack to manipulate the blockchain to your own advantage.

Obviously popular blockchains, typically associated with renowned cryptocurrencies, have too big of a price tag to be practical targets for such a hack. Less expensive coins, however, are, and can be lucrative targets for hackers. In 2018, 51% attacks were leveraged against new cryptocurrencies, netting the attackers the equivalent to approximately $20 million.

Security of Private Keys

Using a blockchain requires a user to have a private key to unlock the naturally encrypted platform. Naturally, if this key were to be stolen, the thief would be able to access the user’s blockchain. What’s worse, because the blockchain is decentralized, these kinds of actions are difficult to track and, as designed, harder to undo.

It’s hard to forget in this world that is completely integrated with technology that some tech is just in its infancy. Blockchain, especially outside of the cryptocurrency sphere is only emerging and the tech built with it should be looked at through skeptical eyes. Stay up to date with the latest technology concerns and information, subscribe to MSPNetworks blogs.

If you own an Asus laptop, there is a chance that a recent update could have installed malware, and we are urging anyone who has an Asus device reach out to us to have it looked at.

Numbers are still coming in as far as how widespread this issue is. As of Monday, cybersecurity firm Kaspersky Lab said potentially thousands of Asus computers were infected, but on Tuesday that number has potentially broken a million.

How Could My Asus Laptop Get Hacked?

This type of attack is called a Supply-Chain Compromise and is one of the most frightening kinds of cybersecurity threats out there. Asus’s software update system was compromised by hackers, putting a backdoor into consumer devices. The scariest part is that this backdoor was distributed last year and it’s just being noticed now.

The good news is this has given Asus plenty of time to plug up the security holes on their end, but if you own an Asus device there is still a chance that it is infected with malware from the initial attack.

What Do I Do Now?

First and foremost, no matter what brand of computer or laptop you have, you need to make sure you have antivirus, and that antivirus needs to be licensed and kept up-to-date.

If you have an Asus device, Asus has released an update in the latest version of their Live Update Software. They’ve also patched their internal systems to help prevent similar attacks from happening in the future. You’ll want to make sure you have Live Update 3.6.9 installed.

Asus has also released a security diagnostic tool that will check your system to see if it has been affected. Click here to download the tool.

We HIGHLY encourage you to reach out to MSPNetworks if you are running any Asus hardware. It’s better to be safe than sorry.

Phishing attacks have been in the social consciousness now for a while, and for good reason: it is the predominant way that hackers gain access to secured networks and data. Unfortunately, awareness to an issue doesn’t always result in positive outcomes. In this case, hackers get more aggressive, and by blanketing everyone under a seemingly limitless phishing net, 57 billion phishing emails go out every year. If a fraction of those emails accomplish their intended goal, the hackers on the other end of them really make out.

As a result, endpoint security has become a major consideration for nearly every organization. There are strategies and solutions that businesses can implement that will not only give IT administrators the resources they need to protect the company’s data and computing infrastructure, but also trains their staff in the backhanded way these hackers try and infiltrate the business’ network with their legitimate credentials. Let’s take a look at some different forms of phishing and what you should be teaching your staff to keep them from messing up, and making your business just another negative statistic.

Deceptive Phishing

As the most common type of phishing scam, deceptive phishing in a name is pretty obvious. The name of the game for this attack is to pull the wool over the eyes of an unsuspecting end user. In essence, a deceptive phishing strategy is one where an email or message is created impersonating a legitimate company or person to flat out steal personal access information. With this access, the illegitimate party has some time to pick and choose what he/she wants to take, or gain access to. By having legitimate credentials, the illegitimate party doesn’t immediately trigger any red flags.

Most deceptive phishing messages are ignored, caught by filtering technology, or disregarded when accessed; but, the one that works to fool the end user is worth the hundreds or thousands of emails they’ve sent using the same method. To ensure that your organization doesn’t have to deal with a data breach, or malware associated with that phishing attack, it’s extremely important to lay out the ways that these deceptive emails are different from legitimate emails.

Phishing emails traditionally have misspelled words and hastily thrown together construction. Typically, users will have to download some attachment. So if there is an attachment that an email prompts you to click on, be sure to check the URLs by mousing over the links to determine if the email is from a legitimate source. One thing every user should be cognizant of is that if the email is from a financial institution demanding payment, it is likely a phishing email. Email, while being a popular form of communications, is rarely used for such purposes.

Spear Phishing

These types of phishing attacks are personalized to a specific user. This can cause a lot of people to forget what they know about phishing and let their defenses down. The goal - as fraudulent as it is - the same as a traditional phishing attack, except it will be harder to decipher that it is, in fact, an attempt to trick the user into providing network access. The spear phishing email will often feature the target’s name, their title, their company, even information like their work phone number, all with the same aim: to get them to click on the malicious extension or URL sent with the email.

Users of the social media site, LinkedIn, will likely come across spear phishing if they utilize the service regularly. Since you provide certain information for networking with other like-minded industry professionals, you unwittingly provide the hackers with the information they need to build these messages. Of course, we’re not suggesting that you stop using LinkedIn, or any other social media because of the risk of hackers, but be careful what information you have shared within these profiles and ensure that any personalized email is, in fact, legitimate before you click on anything.

Pharming

With more and more people becoming savvy to these types of phishing attacks, some hackers have stopped the practice altogether. They, instead, resort to a practice called pharming, in which they target an organization’s DNS server in order to change the IP address associated with the website name. This provides them an avenue to redirect users to malicious websites that they set up.

To ward against pharming, it is important to tell your staff to make sure that they are entering their credentials into a secured site. The best way to determine if the website/webtool a person is trying to access is secure is that it will be marked with “https” and will have a small lock next to the address. Also having strong, continuously-patched antivirus on your organization’s machines is important.

With proper training and solid security solutions, your company can avoid falling for the immense amount of phishing attacks that come its way. To learn more about how to secure your business, and what tools are best to help you do just that, call the IT professionals at MSPNetworks today at (516) 403-9001.