MSPNetworks Blog

Cyberattacks can cost businesses a lot of money. They’re also more prevalent today than ever before. It seems you can’t go a couple of news cycles without hearing about some organization that has been hacked or scammed and it’s resulted in the sensitive data the organization holds being sold online, vast operational downtime, or worse. For this reason, many organizations have deliberately built up their cybersecurity infrastructure, enhanced their policies, and invested in training to ensure that they aren’t the next victim. Unfortunately, this attention doesn’t always work. 

The Federal Bureau of Investigation has found that cyberattacks increased about 400 percent from 2019 to 2020. Doing what you can to keep your organization’s computing resources secure is extremely important. The cybersecurity outlays made by businesses and other organizations have been immense, and that has led to a sobering reality. Most of any organization’s security problems, especially relating to malware deployment, is due to their employees’ lack of conscientious decision-making when faced with problematic situations. 

It doesn’t matter how much more secure or how much smarter you make your organization’s information system security, it can all be for naught if one employee doesn’t do what they should. This is extremely frustrating for IT people, since it is one of their core responsibilities to keep these systems secure. Let’s take a look at how employees fail to keep their credentials secure and what you can do to remedy this worrisome trend. 

Employees as Attack Vectors

Increasingly, workplace strategies have been altered significantly. In fact, millions of workers are currently working remotely now, effectively distributing a business’ operational network. For the IT professional who is in tune with the current threat landscape, workers that don’t do everything they can to protect organizational data and infrastructure are typically viewed as ignorant; or worse yet, as a saboteur. Unfortunately for everyone, the driving factor is not negligence or a willingness to do their organization harm, it is out of workplace stress, a factor that is difficult to quantify, and harder yet to eliminate. 

A study conducted by the Harvard Business Review found some interesting results about the role stress plays in maintaining their assumed role in protecting their organization’s cybersecurity. The study found that two-of-every-three workers failed to fully adhere to organizational cybersecurity policies at least once in the 10 workdays where the study was conducted. During the study, it was found that employees simply ignore the cybersecurity policies around five percent of the time. This may not seem like a lot, but if you consider that it only takes one non-compliant action to result in a major data breach, having dozens of such instances happen each day is putting organizations in jeopardy. 

You may be asking yourself, “If they follow procedure 19 times out of 20, why don’t they follow it that other time?” Well this is where this seemingly clear issue gets cloudy. The study got the answer to this question. The top three were:

• “To better accomplish tasks for my job.”
• “To get something I needed.”
• “To help others get their work done.”

In fact, of all the respondents, 85 percent that were non-compliant to their organizational cybersecurity policies responded with one of these three answers. These employees knowingly broke the rules and in doing so put their organization in jeopardy, but not because they were lazy or they just had it, it was because that was the only way they could efficiently get the work done. Situations where a person is damned if they do and damned if they don’t, they tend to pick the priority. 

To most workers, they weren't hired as cybersecurity professionals; they are hired to do a job and if cybersecurity policy gets in the way, they will choose productivity over security every time. If you consider that only three percent of policy breaches were acts of true defiance or sabotage, the 97 percent of the rest are likely perpetuated by dutiful employees. It’s hard to justify stern reprimand for a person who thinks they have the business’ best interests in mind.

Redefining the Importance of Cybersecurity

For the average employee, following procedure is typically going to be a distant second to maintaining productivity. After all, there are very few instances over time where someone was labeled as “great at their job” because they didn’t accidentally start a cyberattack. Moreover, most organizations’ IT support team can’t really give people the benefit of the doubt; most employees that don’t follow security procedures are looked on as negligent or deliberately working against their best efforts. The truth is most training platforms and policies (as they are known to the employee) don’t take into account that there are gray areas that don’t line up with the expectations put on employees by their managers. 

To this end, it is more important than ever for employees to be involved in the creation and development of workable cybersecurity policies that take into account that business moves fast and sometimes a person that is focused on doing the best job they can, isn’t going to be focused on maintaining network security. Managers also need to ensure the members of their team know what they need to do and what those actions accomplish to reinforce the importance of their cybersecurity efforts. 

Most businesses celebrate employees that excel at their jobs. Today, their job is actively changing and they have to know why straying from procedure is a major problem. The problem is that one wrong move and the company is dealing with malware and reputation troubles, and loss of revenue. While it might be ridiculous to celebrate adherence to corporate cybersecurity policies, people have had cake for less.

If your business needs help balancing productivity with their cybersecurity policies, give the IT security professionals at MSPNetworks a call today at (516) 403-9001. 

In the business world, it can be difficult to know who to trust in regard to cybersecurity. In many cases, businesses are simply opting to not trust any device, friend or foe, when it comes to their data security. This type of zero-trust model is slowly becoming the norm, and it’s one that your organization might consider moving forward.

What is Zero-Trust?

In short, zero-trust is exactly what it sounds like. By default, there is no trust established between devices, accounts, or users on your network. This essentially means that anyone who wants to access information stored on your infrastructure will need to verify their identity, no matter who they are. You could be the CEO or a network administrator and you’d still have to verify your identity in the same way as your general office worker. This is generally accomplished through some form of external authentication.

There are several benefits to implementing a zero-trust model, one of which is that it drastically increases security. When everyone is constantly verifying their identities to go about their day-to-day business, you can bet that your network will be as secure as can be. On the other side of this, however, is what happens when someone is unable to authenticate themselves for whatever reason. Like any new technology solution implementation, it’s safe to say that there will be a rough patch at the beginning of implementation, but once you get through it, you can experience network security, unlike anything you have ever seen.

What Are the Downsides?

The biggest issue with implementing zero-trust policies is that it is a major infrastructural and organizational change, particularly for large businesses that have larger workforces and even more devices that access data on a regular basis. The amount of time, effort, and investment in zero-trust policies and technologies can make it seem like a daunting task to implement, which is why we urge you to think the logistics through before committing to any such practice. To this end, we can help with a comprehensive security audit and assessment to help you determine if zero-trust makes sense for your business.

Plus, if you do decide you want to pursue this policy, MSPNetworks can help your business work toward a zero-trust security model by equipping your organization with the tools needed to keep tabs on all facets of your network security. Whether it’s implementing multi-factor authentication or implementing additional protections on your network, you know you can trust us to make it happen.

To learn more about zero-trust policies and security frameworks, reach out to MSPNetworks at (516) 403-9001.

Getting your staff to care about your organizational network and data security may be more difficult than you might think, but it’s not a lost cause. Today, keeping your business’ organizational security strong relies heavily on your staff’s willingness to follow the right practices, so today we thought we’d give you seven tips to get your people to care about security

Be Up Front

One of the main reasons employees don’t often care about cybersecurity is the overt secrecy surrounding it. Today’s organization needs to come clean when it comes to the constant threats that are out there. If you want your people to have a vested interest in keeping your business’ information systems and data secure, you need to level with them. After all, they can’t help if they don’t understand.

Make it a Personal Investment

Your company holds a lot of your employees personal data. Let them know that along with any sensitive and proprietary data that could be lost in a data breach, that their data could also be vulnerable. In order to sufficiently secure your data and theirs, they need to know what’s at stake if they don’t actively follow cybersecurity procedures.

Top Down Security

Every member of your organization needs to understand that they could be targeted by hackers and fall victim to these threats. The more your employees understand that management is actively complying with security policies, the more willing they will be to alter the way they consider cybersecurity.

Gamify Your Process

People tend to be more engaged when there is incentive baked into a policy. Gamification is the strategy of scoring a person based on their efforts. This strategy works wonders for productivity so it stands to reason that it would work for cybersecurity awareness and following any organizational policy that’s in place to keep your systems and data secure. 

Standardize Procedure

One of the most important variables to get your people to follow the rules, is to have them in place to begin with. In cybersecurity, confusion can be a huge albatross, so ensuring that everyone is playing with the same rulebook is a must. This includes building procedures to handle attacks such as phishing as well as password hygiene and many other security-based policies. The more consistent your procedures are, the more likely your staff is to understand and follow them. 

Start from Day One

With all the threats that are out there at the moment, you will want to stress the importance of cybersecurity with current and new employees, alike. If you start hammering home the importance of compliance with security procedures from the day an employee starts at your business, the more likely they will continue to comply with them as they undertake their job; which for most of your staff, isn’t strictly cybersecurity. 

Keep Training

Security training is becoming commonplace at almost every organization, largely because the threats that it faces could have devastating consequences. You will want to invest in comprehensive training and re-training to ensure that your employees understand the importance of your cybersecurity initiatives, and that they are up-to-date on any and all changes to policy or strategy. 

Cybersecurity is a team effort today and if your organization isn’t stressing the importance of it, it’s only a matter of time until it rears its head. If you would like to learn more about training your employees on the best practices of cybersecurity,  creating a cybersecurity policy that works to keep your information systems secure, or if you would just like to talk to one of our IT professionals about cybersecurity best practices and procedures, give us a call today at (516) 403-9001.

The holidays are times for people to come together, even in these incredibly stressful times, so you’ll want to make sure that you are taking all the necessary precautions on both a personal level and a technological level. Here are some ways that you can keep yourself safe from a technology perspective this holiday season.

Be Cautious of Your Internet Connections

When traveling, it’s extremely important to know how secure your web connection is. Places where tons of people gather, like airports and hotels, are known to have cesspools for Internet connections laden with threats of all kinds. You never know what is lurking on wireless networks that are not secured by the same precautions found on your own in-house network. For times when this is not possible, we recommend using a virtual private network to create an encrypted tunnel between your device and your company’s network if you are going to do work while traveling.

This is a little different than those consumer-based VPNs you might hear about on commercials for podcasts, YouTube videos, etc. These services, like NordVPN, TunnelBear, ExpressVPN, and others aren’t inherently designed for businesses to use as a VPN. However, these services typically do have some merit when traveling, because they encrypt your data that gets sent over Wi-Fi. This can offer a layer of protection if you do have to join a public network. Keep in mind though, you get what you pay for. Most of the free VPN services, even when they claim they don’t store any information about you, tend to store information about you. 

If you want to discuss specific use-cases with us, we’re happy to answer questions, or help equip your business with a professional VPN for your entire staff to connect to securely. Just give us a call at (516) 403-9001.

Enable Multi-Factor Authentication and Location Services on Mobile Devices

We know that you don’t want to think about losing devices, but it’s important to take measures to ensure that doing so does not put the data on your devices at risk. Solutions like multi-factor authentication and location services can help you keep your devices secure even if they are lost, and they can even give you an idea of where to look for a device in the event you don’t think it has been stolen.

Implement Data Backup

While you’re at it, you should also implement data backup services so that you don’t lose any data located on these devices in the event you have to remotely wipe them or are unable to locate them—after all, airlines have been known to misplace luggage on occasion. It never hurts to be prepared. In general, it’s a good idea to have data backup; you never know when you might need it, even without someone stealing your phone or laptop.

Wherever your travels take you this holiday season, know that MSPNetworks has your back! Make sure you follow our blog so you are prepared to handle any technology situations you come across this holiday season.

The holiday season is a time for merriment and good cheer, but hackers have historically used it to take advantage of peoples’ online shopping tendencies. Phishing scams are always on the rise during the holiday season, so you need to take steps now to ensure that you don’t accidentally put yourself at risk—especially with voice spoofing emerging as a threat for Amazon orders.

This particular threat involves an email scam in which users are encouraged to call a number listed to confirm an order, usually one with a large price tag associated with it. This tactic is used to harvest phone numbers and credit card credentials that can be used in later attacks. Security researchers at Avanan have found that the contact number listed on the email is not Amazon’s; instead, it’s a scammer who records the phone number with Caller ID. The user is then contacted by the scammer who requests further financial information, claiming that they are to cancel the order.

Anyone familiar with Amazon and how it works will immediately be suspicious of these practices. First, most people who use the service will know how to cancel an Amazon order. All they need to do is log into their account and do it from there. Second, if you ordered something, Amazon should technically have your financial information already on record, so why would it need to be confirmed once again? It just sounds fishy. All one needs to do to avoid these threats is slow down, take a step back, and don’t go looking for problems that may not even exist.

These scams revolving around online retailers are not a new concept, but this one is notable because the emails are able to get past spam blockers and content filters. It manages this by using legitimate links within the body of the email, so your email solution might not flag it as spam or a threat.

We offer the following advice to you:

• Don’t call numbers you don’t recognize.
• Don’t click on suspicious links in your email inbox.
• Don’t give out your personal information or credit card information just because someone on the phone told you to.
• Check the sender for any message you feel is suspicious to ensure it is legitimate.
• Check your account before responding to any correspondence from the sender.
• Set up multi-factor authentication, just in case.

MSPNetworks can help your business stay safe this holiday season with advanced security solutions. To learn more, reach out to us at (516) 403-9001.

You’ve probably already heard about Log4j this week. Maybe you don’t recognize the name, but it’s likely that you have run across emails or news articles talking about this widespread vulnerability. You need to take it very seriously.

What is Log4j?

When developing software, developers utilize different programming languages. One of these languages is called Java, and in Java, developers have multiple libraries to work with. Log4j is one of those libraries, and it has recently been uncovered that there is a huge vulnerability that cybercriminals can exploit to gain access to your systems and data. It’s a huge open door that has been there for years, and now that the world knows about it, it is just a matter of time before it is being used to do damage.

This particular Java library has been used a lot over the years. The vulnerability impacts some pretty big names in software and cloud hosting, such as:

• Amazon
• Apple
• Cisco
• Fortinet
• Google
• IBM
• Microsoft
• SonicWall
• Sophos
• VMware

…as well as others, large and small. Even the United States’ Cybersecurity and Infrastructure Security Agency (CISA) is affected.

Is My Business Impacted by Log4j?

It’s almost certain that it is. We can’t stress enough that this is a big issue, and that major tech companies are scrambling to put out patches. It doesn’t just affect the folks at Amazon and Microsoft, it affects those that use their products as well.

What You Can Do to Fight Back Against Log4j

One of the scary things about this vulnerability is that most businesses are at the mercy of their vendors to patch it, and some experts think it will take years before this vulnerability is totally removed from the world. Fortunately, as we mentioned earlier, the big names in tech are scrambling to get a patch out the door, and many, if not most, already have.

However, it also falls on the impacted webmasters and businesses to apply the patches that these developers put out. Beyond that, it is critical that you as an individual remain vigilant in your cybersecurity hygiene. That goes double for your business.

For example, let’s assume for a moment that you’re a user on a fantasy football league website. If that website relies on technology that Log4j impacts and they don’t apply the fixes, the information you’ve provided to the website—account details, financial information, and whatever else—would be vulnerable and easy to steal.

This applies to every website or application that uses this technology; if they don't react, your account with them is not very safe. 

The problem is, as a user, you can’t really tell if a website or piece of software is using this particular Java library. In other words:

Everything just potentially got a little more dangerous, when it comes to cybersecurity. It’s up to everyone to work harder to protect themselves.

How to Protect Yourself from Log4j, as an Individual and a Business

It’s critical to use strong password hygiene. “Password123” isn’t going to cut it. Using the same passwords across multiple accounts needs to stop, immediately. This involves following the basic password best practices that we always talk about, like:

• Using a unique password for each account and website
• Using a mix of alphanumeric characters and symbols
• Using a sufficiently complex passcode to help with memorability without shorting your security
• Keeping passwords to yourself

Audit your IT IMMEDIATELY

All organizations need to bring in a professional to audit all of their technology and update what can be updated to remove the influence of Log4j. Not only will this help protect your business and your employees, it will also protect the interests of your clients and customers. 

We recommend that you give MSPNetworks a call at (516) 403-9001 to schedule an appointment. This is extremely important, and you need a professional set of eyes to audit your IT to make sure you aren’t affected by this awful vulnerability. 

Many, many companies have adopted remote work policies and practices since the COVID-19 pandemic forced most to downsize (if not cease outright) on-site operations about two years ago. Now, as we enter 2022, it seems a good time to reexamine the security that we have protecting our businesses and the workers currently operating remotely.

The Pandemic Has Shown Businesses How Well Remote Work Can Work

Despite the resistance that many initially had to the concept of remote work, it quickly proved to be a blessing for those companies that adopted it. Now, about two years later, its value has continued as it has kept a lot of businesses open and operational to some extent as infection rates have fluctuated. This approach has also proven popular amongst the employees who are participating in remote work efforts. A PwC survey conducted in August revealed that nearly a fifth of these workers would like to be fully remote, even without COVID in the picture.

However, for all the benefits that remote operations have provided to businesses, we need to address the elephant that snuck into the room with them: the cybersecurity challenges that remote work and working from home have introduced.

Unfortunately, Remote Work Can Provide Cybercriminals with Opportunity

Despite all the positive aspects that remote work has to offer a business, we can’t pretend that it doesn’t come with its share of challenges—specifically, in terms of maintaining an acceptable level of cybersecurity.

The reality of it all is that your team members simply aren’t going to have the same protections in their home as you should in the office, which means you need to do all you can to supplement the protections you have in place.

Security Issues Can Come from All Angles

Unfortunately, there are many factors in play that can unpleasantly influence your business’ cybersecurity. Not only may your team members be using their own technology to do their job, they’ll certainly be doing so on a network that you don’t have control over. As a result, this network will almost certainly lack the protections you have on your business.

Furthermore, as they’re working remotely, your team members are going to be on their own. This makes it that much less likely that they’ll be as focused on their security practices as they should be, and more exposed to threats as a result.

So, While Remote Work Can Be Valuable, You Need to Keep It From Making You Vulnerable

It’s obvious that you need to protect your business from any threats it faces…the question is how you can do that. There are a lot of practices and solutions that we recommend a business have its users adopt to help shore up these vulnerabilities. For instance:

• If an employee has no choice but to use a public Wi-Fi connection, make sure they are utilizing a reputable VPN (virtual private network) to secure data while it is being transmitted
• To help prevent employees from transferring data from work devices to private ones, putting together a Bring Your Own Device policy to help establish some control over the device and allowing them remote access to your infrastructure or using the cloud helps to secure your data.
• Password practices need to be upheld just as vigorously as they would be in the office. Not only do they need to be complex enough, they all need to be unique. Multi-factor authentication (MFA) should also be implemented to double-down on the security that accounts are protected by.
• Physical security also needs to be remembered when working remotely. Devices should never be left unattended in a public place, and it is not a bad idea to secure them in the home as an added safety precaution.
• All devices used for work, including the modem and router supplying wireless Internet, need to be kept up-to-date so that they remain secure.
• All remote users should be reminded of the threat that scams and phishing attacks pose, with ongoing training and other awareness-enhancing activities being conducted on a regular basis.

Yes, this is a lot, but it’s all important to do to keep your business secure. We’re here to help businesses do so. Give us a call at (516) 403-9001 to learn more.

Hackers have often used email to trick users into clicking on fraudulent links or to hand over important credentials through phishing scams, but these are usually blocked by an enterprise-level spam blocker. However, hackers have learned that there is indeed a way around these spam blockers, and it’s through popular social media websites.

One of the big reasons why spam blockers are so successful is because it examines the content of the messages you receive and makes a determination about its authenticity. One way that it does so is by looking at links within the email body itself. If the link is legitimate and seems to go to a normal, recognized source, then the message can be considered “legitimate,” even if it is not necessarily safe.

Hackers are now attempting to use social media websites to subvert this weakness in spam blockers; they use the sites as a middle-man of sorts, using the social media website to write a post which includes a suspicious link, then using the social media platform’s sharing capabilities to effectively mask the suspicious link behind that of the social media platform.

This is a particularly crafty approach that should not be taken lightly, and it’s already in use at this present moment. Take, for example, a recent campaign using Facebook as the delivery mechanism for phishing threats. In this scenario, hackers send victims an email message suggesting that they have violated Facebook’s terms of service on their page. When the victim clicks on the link in the email, they are brought to a legitimate Facebook post further detailing the issues that must be addressed. The post prompts the user to click on a phishing link, and the rest is history.

The moral of the story is that you can never trust links in your email inbox from unknown users, even if they appear to be legitimate. Phishing can happen anywhere, especially where you least expect it, like on social media websites and even support forums. If the links look a little too suspicious, then you should wait to take action until you have consulted a security professional like those at MSPNetworks. Our technicians are happy to review the contents of messages and make determinations on their authenticity, particularly for situations like the above one where it’s not clear if the link is legitimate or not.

Now, if you don’t have a spam blocking solution in place, we can help you out with that, too. With a unified threat management tool, you can take full advantage of great security solutions designed to keep you protected from the majority of threats. To learn more, reach out to us at (516) 403-9001.

We often discuss how your business can avoid the impact of ransomware, but what we don’t often discuss is what happens to businesses that do, in fact, suffer from such a devastating attack. We want to use today’s blog as an opportunity to share what your business should (and should not) do in the event of a ransomware attack, as well as measures you can take to avoid suffering from yet another in the future.

First of All, Don’t Panic

If you suddenly get a message from a ransomware attacker claiming that the files on your computer have been locked down, first of all, don’t panic. Ransomware is scary, but there is a chance that the attacker really hasn’t infected your device. Some recent threat actors have been able to make a quick buck with “fake ransomware” attacks, where the threat is so dangerous that they can make money just from the panic these attacks can create.

Also, you absolutely should not pay the ransom without first consulting your trusted IT resource. You don’t know if the situation is out of control just yet, so it’s best to not make any impulsive decisions. Paying the ransom only proves that ransomware is effective and further funds future ransomware attacks against other businesses like yours.

Contact Your Trusted IT Resource

Regardless of the extent of the attack, your business needs to contact its trusted IT resource to accurately gauge its impacts. Depending on how bad it is, you might be able to get away with restoring a data backup to a point before the ransomware attack struck. If the hacker is using double-extortion methods, however, this might not be possible. Either way, you don’t want to take action until you have had a discussion with your IT resource about what to do. There is almost always another option available, so you want to know what these are before you commit to any one in particular.

Implement Proactive Measures for the Future

Obviously you don’t want to suffer from another ransomware attack in the future, so it’s best practice to prevent these types of threats from infecting your infrastructure in the first place. You can do so with comprehensive security measures designed to keep threats out of your systems. Furthermore, we recommend that you implement multi-factor authentication and train your employees to identify threats. Doing so can keep your employees from making silly mistakes due to social engineering attacks, as well as limit user access controls in the event someone does slip up.

MSPNetworks can help you implement any measures needed to keep ransomware at bay, including cybersecurity training for your business’ employees so they are more cognizant of the threat in the future. To learn more, reach out to us at (516) 403-9001.

Artificial intelligence, commonly known as AI, is used in several different ways in various industries, but one of the most impactful has been with cybersecurity and its automation. On the other hand, however, are the hackers who use AI in ways that fly in the face of the efforts of these cybersecurity professionals and use AI for cybercrime. What are some ways that AI is used in cybercrime, and why is it so scary for businesses to handle?

Deepfakes

The term “deepfake” stems from the words “deep learning” and “fake media.” Essentially, a deepfake uses false imaging or audio to create something which appears to be authentic when it really isn’t. Used incorrectly, deepfakes can be incredibly harmful in a variety of ways. Imagine reading something on the Internet and having it be accompanied by a fake video or image that skews your perspective and leads you to believe one thing rather than another. AI-generated deepfakes can (and have) been used in this way, and they can even be used in extortion and misinformation schemes.

Deepfakes use AI to generate realistic videos, typically of a famous person with a lot of source material online to pull from. Videos can be generated of a celebrity or government official doing and saying virtually anything, misguiding the viewer and causing confusion. 

AI-Supported Hacking Attacks

AI can also help cybercriminals when they are going about your average hacking attack, like trying to crack passwords or infiltrate a system. For example, hackers can use machine learning and artificial intelligence to analyze and parse password sets; they then use the information gleaned from these password sets to more accurately guess passwords. These systems can even go so far as to learn how people adjust their passwords over time.

Furthermore, there have been instances of hackers using machine learning to inform and automate their hacking practices. Some systems can use machine learning to identify weak points in a system and penetrate them through those weaker links. The systems used can then autonomously improve their operations for greater effectiveness. It is quite concerning to say the least.

Human Impersonation and Social Engineering

AI can also impersonate human beings themselves by imitating their behaviors. Through the use of automated bots, it is possible for hackers to create fake accounts that are capable of performing many of the everyday things your average user might do on social networking sites, like liking posts, sharing things out, and more. These bots can even be used to turn a profit in certain circumstances.

The possibilities for artificial intelligence in a cybercriminal’s toolbox are just as endless as they are for augmenting the operations of businesses, and it is a threat that should be closely monitored both now and in the future.

Don’t let cybercrime of any type complicate your business’ future. To learn more about what we can do for your business to keep it safe and sound from all kinds of threats, reach out to MSPNetworks at (516) 403-9001.

Smart devices have brought about unprecedented amounts of connectivity in aspects of running a business or owning a home that never could have been dreamed of in the past. People can now unlock their front doors, turn up their thermostats, and even switch the lights on and off through their smartphone. Unfortunately, the part that people don’t like to talk about with these applications and devices is security—big surprise, right?

Most consumers tend to lean toward technology that makes their living spaces easier to manage, but these technologies present their own set of problems and challenges, chief among them being security.

Connectivity Through the Cloud

Smart technology works by sending and receiving data from the chosen smart device, be it a thermostat or a video surveillance system, to your smartphone. It does this through the cloud, but there’s a catch—these connections are often unencrypted and unsecured, meaning that anyone who knows where to look can hijack the transmission and steal that data. If you are going to implement smart technology for your company or home, be sure to look for solutions that come with encryption capabilities, thus securing your connectivity through the cloud.

Be Careful About Permissions

Depending on the application, you might notice that it asks for permissions to use various other applications or hardware on your device, like the camera, microphone, or other data found on your device. Be very careful with these permissions. You must be sure of what permissions you are granting before you actually do so. Depending on what permissions are granted, you might accidentally opt into data harvesting. Furthermore, the more permissions you grant without understanding what they are doing, the more likely you are to get hacked, so it’s always better to err on the side of caution with smart technology.

You may have already noticed, but many of the challenges presented above can be mitigated through understanding the nature of what technology you are implementing and how you are using it. Always understand the details for any device you implement on your infrastructure before doing so, and if you don’t, consult professionals who make it their life’s work to help people like you improve their relationship with technology.

MSPNetworks can help you implement smart technology solutions for your office, but we can do so in a way that prioritizes security in all senses of the word. To learn more about what we can do to help you protect your business and its assets, reach out to us at (516) 403-9001.

Network security can be tough; there’s a lot to know, and you often need to have trained professionals on your side to ensure your systems are as secure as possible. With the right solutions on your side, however, it can be made much more manageable. Let’s discuss some of the most important security features your organization should implement and why.

Unified Threat Management

A UTM is an umbrella term that describes a comprehensive security appliance. A UTM typically includes a content filter, spam blocker, and antivirus software, among other solutions. It’s designed to protect you from the plethora of threats out there through the implementation of a singular hardware-based tool. It’s one security measure that your organization definitely does not want to be without.

Mobile Device Management

With so many people still working remotely or from a hybrid setting, managing your team’s mobile devices and their access to important data is an incredibly important thing to work toward. Mobile device management tools can be used to control user permissions and access to data, as well as whitelisting and blacklisting applications.

Permissions, Access Control, and Monitoring

It’s important that your company understand how permissions, access control, and monitoring work in tandem to protect your company’s assets. In essence, your team should have permissions for only the data they need to fulfill their day-to-day duties, and you should actively monitor who is accessing which parts of your infrastructure.

Virtual Private Networks

VPNs create encrypted tunnels between your network and devices that want to access its data. This protects data from being intercepted or observed while it’s traveling to and from your device. They are particularly valuable for any worker who spends time working outside the protections of your in-house network, and in today’s world of remote and hybrid workflows, they are extremely important.

MSPNetworks wants to be your business’ go-to security resource. We can help you implement any of the above solutions and monitor your systems for any security threats you can imagine. To learn more about what we can do to keep your business safe, reach out to us at (516) 403-9001.

As time has passed, cybersecurity attacks have become another way some organizations and nations engage in warfare. You can argue that there is a war going on at all times in cyberspace while hackers—many of which are sponsored by government agencies—try to outdo security researchers at all turns. One such scenario sees customers in the United States and Israeli defense technology sectors becoming the target of “password spraying.”

Password spraying is a somewhat disgusting-sounding term used to describe the process of hacking into multiple accounts by spamming commonly used passwords. You can see how this can become problematic, especially considering users’ propensity for using variations of these commonly used passwords.

In the above scenario, Microsoft warns that about 250 Microsoft Office 365 customers in the aforementioned sectors were being targeted by these password spraying tactics. Microsoft has called the group performing such attacks DEV-0343, with the DEV moniker being used to showcase that the attackers are, at this time of writing, not state-sponsored. DEV-0343 is thought to originate from Iran.

Less than 20 of the targets were actually compromised, but it’s shocking that such high-profile targets would opt for such basic passwords, to say the least. It’s reported that organizations using multi-factor authentication are at much less risk compared to those who don’t. According to Microsoft, security professionals should be on the lookout for suspicious connections from Tor networks: "DEV-0343 conducts extensive password sprays emulating a Firefox browser and using IPs hosted on a Tor proxy network. They are most active between Sunday and Thursday between 7:30 AM and 8:30 PM Iran Time (04:00:00 and 17:00:00 UTC) with significant drop-offs in activity before 7:30 AM and after 8:30 PM Iran Time. They typically target dozens to hundreds of accounts within an organization, depending on the size, and enumerate each account from dozens to thousands of times. On average, between 150 and 1,000+ unique Tor proxy IP addresses are used in attacks against each organization.”

In general, your organization should be prepared to analyze its traffic for suspicious activity of any kind, particularly during off-times when nobody should be accessing your infrastructure. Furthermore, it’s critical to remember that passwords are, of course, only one part of an adequate cybersecurity strategy and that you should always strive to use multi-factor authentication when possible. Passwords are one part of this process and should be used alongside something else you have, like a secondary device or smartphone, or biometric technology.

You can count on MSPNetworks to stay in the loop regarding any security risk to your business and implementing solutions designed to protect your organization from any potential threats. To learn more about what we can do for your business, reach out to us at (516) 403-9001.

It’s easy to focus on threats that are external to your business, like viruses and malware that are just waiting to infiltrate your network, but what about threats that exist from within? While insider threats are not particularly common in the dramatic, over-the-top way that they are made out to be in movies and media, they are still a very real issue that should be addressed by your organization’s network security protocols.

In a lot of ways, insider threats are even harder to identify because of the fact that it is difficult to discern what activity is acceptable and what activity is not. According to Gartner, there are four types of insider threats. Believe it or not, most insider threats don’t necessarily have malicious intent; rather, they just have a gross negligence for network security and rules put into place that protects your organization’s intellectual property. Let’s meet some of these insider threats, shall we?

Those Who Are Tricked

Also known as the “pawn,” this category includes those who are more or less tricked into becoming complicit with hackers’ agendas through the use of social engineering scams or phishing campaigns. In these cases, hackers are simply taking advantage of others who may not know enough to not go along with it.

Those Who Cooperate

Those who cooperate with third parties to disclose sensitive information or trade secrets, also known as the “collaborator,” are dangerous in their own right. Not only do they leak important information, but they do so with the deliberate intent to harm or create problems for your organization.

Those Who Make Mistakes

Sometimes people just make mistakes because they don’t take security standards seriously or deliberately fly in the face of policies. These folks fall into the category of the “goof,” and their arrogance and negligence is what leads them to make such mistakes. Goofs often make choices that benefit themselves, even if they make things significantly less secure in the process.

Those Who Act on Their Own

Sometimes insider threats emerge on their own without being a part of a bigger effort from a hacker or third party. These threats, dubbed the “lone wolf” insiders, are particularly dangerous if they have high-level access to sensitive information. The reasons for lone wolf insider threats acting the way they do might vary, but even if they are made for ethical reasons, like leaking suspicious practices or dangerous activity, this does not change their status as insiders, as they are still acting with a deliberate intent to damage the organization they work for.

MSPNetworks can help to secure your business from threats of all types, including insiders. To learn more about the methods we use to determine legitimate or illegitimate network activity, reach out to us at (516) 403-9001.

What happens when your company configures something on its infrastructure incorrectly? It turns out, according to a recent data leak, that a lot can go wrong, especially in regards to cybersecurity and the privacy of sensitive records. The affected software was not an unknown third-party application, but was actually Microsoft! How did one of the world’s largest software developers put out software that potentially exposed millions of records? Let’s dig into the details.

The data leak in question affected users of Microsoft’s Power Apps, a software that is widely used by many companies and organizations to share data, including such big-name organizations and agencies such as American Airlines, Maryland’s health department, and New York’s Metropolitan Transport Authority. This data leak was discovered by cybersecurity researchers at UpGuard, who promptly notified Microsoft after determining that the data leak was a potential security issue.

The issue has since been resolved, but throughout the duration in which the data leak was still active, information such as names, Social Security numbers, phone numbers, dates of birth, vaccination records, demographic information, and other sensitive information was unsecured and, therefore, could have been stolen or compromised by hackers. While this information was unsecured and could have been accessed at any point during this time, there is no indication that it was accessed in any improper way.

The crazy thing about this whole fiasco is that Microsoft claims that the application was working as intended and that the root of the issue was the way that the software itself defaulted to a setting that allowed for this type of data leak. Microsoft has yet to comment on why the default setting led to such a lack of security, but they have since adjusted the default settings to allow for greater privacy. Still, this does not necessarily excuse the lax privacy settings that the program defaulted to.

It all goes to show that you can never be too sure that your business’ sensitive information is properly secured, as the consequences of having said data leak can be quite devastating. Under ordinary circumstances, a security audit could have been used to identify this risk, but the fact that nobody knew that this was a concern meant that nobody was actively looking for it and, therefore, the security issue flew under the radar for far too long. It’s just one reason why you need to be extraordinarily careful with any sort of configurations your company makes to any tools that are used to store, share, or disseminate information like any records listed above.

MSPNetworks can help your business ensure that all of its system settings are properly configured, as well as work toward properly securing sensitive information of all types. With us on your side, you’ll never need to worry about whether or not you are unknowingly putting information at risk. We can monitor your network, perform security audits, and fulfill just about any other tasks that need to occur to keep your business as secure as possible.

To learn more, contact the cybersecurity experts of MSPNetworks at (516) 403-9001.

Historically there have been several methods to transfer data from one system to the next, and while the cloud has rendered many of them irrelevant and unnecessary, that doesn’t mean they aren’t used by people looking to move data quickly. Many professionals still opt to use USB flash drives to keep certain data close at hand, but how at risk does this put the data on these drives?

Quite a bit, actually. Let’s discuss some of the many challenges that businesses face when dealing with USB flash storage and how it pertains to network and information security.

Device Size

Consider how small many of these flash drives are. This makes them compact and easy to carry around, and they can store a surprisingly large amount of data for their size. Unfortunately, when a business owner heavily uses a USB flash drive for any reason, they are constantly putting that data at risk of being lost or stolen. What would happen if the user accidentally dropped it while out and about? While some USB flash drives allow for encryption and passcodes to lock access as needed, this is not always the case. For this reason, many users prefer alternative methods of data transfer.

Information Security

When USB devices are used to transfer data and take it away from the workplace or off of the company network, tracking where, why, and how it is used can become quite problematic, especially when it comes to sensitive data that is governed by the various data privacy guidelines in specific industries. In particular, you should be wary of employees taking information such as customer data, financial information, intellectual property, source code, and other important assets out of the office; just imagine the fallout that could happen if employees were to lose their drive, or worse, sell the information themselves to make a quick buck. It’s just one other reason to not use USB flash drives, or at least partitioning off data based on user roles within your organization.

Threat Vulnerability

Just because USB drives are pretty low-tech compared to more modern solutions does not mean that they are any less immune to security threats. In fact, infected USB flash drives can become vehicles for security threats to access networks. Consider the fact that these devices are used to transfer or copy files from one location to another. The more endpoints a flash drive connects to, the more likely it is to become infected. The possibility of these types of threats becoming problematic has been detailed in the past through tactics such as the BadUSB firmware hack, so they must be taken seriously.

 Ultimately, it is much easier to secure a cloud-based data storage system and the devices used to access it, but you know what they say: old habits die hard. Do you still use a USB storage device, and if so, did you learn a thing or two about how to keep them secure? If you don’t want to worry about USB technology being used in such a controversial way, we recommend that you implement a cloud-based data storage system that eliminates the need to use physical hardware that could be corrupted or damaged in transit.

Do you routinely use USBs to transfer data from one place to another? If so, the knowledgeable professionals at MSPNetworks can help you move past antiquated hardware and provide the means to keep your data safe. Give our consultants a call today at (516) 403-9001. 

Have you ever wondered how hackers manage to pull off incredible feats like bombarding networks and servers with so much traffic that they simply cannot function? None of this would be possible if not for botnets. But what is a botnet, and why is it important for your organization to understand? Let’s dive into the details.

A botnet is essentially a network of connected devices that have been infected and taken over by a host. Each device on this botnet can be called a “bot.” The host can then direct these bots to perform various tasks. It should be noted here that the bots on these networks do not have to be computers, like desktops or laptops. They can be smartphones or just about any other connected device. And what is another network that includes all of the above, plus all of those odd devices that don’t normally connect to the Internet? That's right--the Internet of Things--and it’s a network of devices that is increasing in size every day. In essence, the Internet of Things represents endless possibilities for hackers who want to leverage botnets to their advantage.

Botnets are frequently used by hackers to perform Denial-of-Service attacks in which the host directs all devices on the botnet to repeatedly launch attacks at the victim’s network in an attempt to make the service or resources on said network unavailable. Botnets can also be used to perform other attacks, though, and they are incredibly dangerous. Some of the other uses of botnets include stealing data, sending spam, and even allowing for remote access to devices. Like many other types of cybercriminal activity, botnets can even be rented out or purchased in much the same way that other high-profile threats, like ransomware, can.

Navigating network security can be confusing due to the many complexities involved, but don’t worry—you’re not expected to know how to protect your company from every single type of threat out there. All you need to do is know when it’s time to admit that you don’t have to go at it alone anymore. There are so many valuable resources out there that you can leverage to take the fight back to hackers, or at the very least prevent yourself from becoming another statistic in the headlines of news articles following the latest security breaches or data privacy violations.

In times like these, relying on cybersecurity professionals to shore up weaknesses in your network’s defenses can be an incredibly valuable resource. Unfortunately, some organizations see the price tag associated with cybersecurity professionals’ salaries and see them as inaccessible or downright expensive. While it’s true that you do not want to skimp on security, small businesses can outsource this responsibility to a managed service provider like MSPNetworks. You might be surprised by how affordable it truly can be with a managed services approach!

Don’t let your devices become just another cog in the machinations of some hacker seeking to build their own botnet. MSPNetworks can equip your company with the tools necessary to protect itself from the threats associated with botnets. To find out more about what we can do for your business, reach out to us at (516) 403-9001.

What would you say if we told you that someone could buy access to your organization’s network for a measly $1,000? Well, this is the unfortunate reality that we live in, where hackers have commoditized the hard work you have invested in your organization. A study from KELA shows that the average cost to buy access to a compromised network infrastructure is insignificant at best, which is why it’s more important than ever to protect your business as best you can.

This report, published by KELA, followed Initial Access Brokers, an umbrella term used to describe threat actors that sell access to compromised network infrastructures. As you can imagine, these threats play a major role in online cybersecurity, as they are what facilitates many of the most dangerous threats out there that require access to a network, such as ransomware and other remote access threats. This report looked at one full year of listings by Initial Access Brokers to determine just what this type of network access is worth to other threats out there.

The results might shock you when you see how little value might be placed on access to your network. Out of 1,000 listings, KELA found that the average price of network access credentials was roughly $5,400, while the median price was about $1,000. There are other trends here aside from the average prices of credentials, including information on affected industries and countries. Among the top countries affected were the United States, France, the United Kingdom, Australia, and Canada, and the top industries affected included manufacturing, education, IT, banking/financial, government, and healthcare.

Just imagine—a disgruntled former employee or a competitor could potentially cause a lot of expensive harm by simply throwing away a small chunk of cash.

With such a low dollar amount placed on the value of your organization’s credentials, including VPN access, you need to start taking your security seriously before someone decides to purchase access to your network. There are a plethora of things you can do today to improve your organization’s security, including the following:

• Implement comprehensive security measures: We recommend unified threat management, or UTM for short, to deal with the majority of threats your business could run into. This all-in-one solution includes a firewall, antivirus, content filter, and spam blocker to minimize opportunities for your staff to encounter potential threats.
• Monitor your network traffic: If you are tracking who logs into your network and from where, you will have a greater chance of identifying sketchy traffic patterns and address them accordingly.
• Implement multi-factor authentication: Password security is important, but it’s not enough. Multi-factor authentication can ensure that anyone logging into your network is actually who they say they are.
• Take regular backups of your infrastructure: While you certainly don’t want it to come to this, you will want to make sure that you are prepared for the nuclear option on the off-chance that you are unable to regain access to your network.

Don’t get caught unaware by security threats. MSPNetworks can help you implement all of the appropriate measures to ensure that your network is as best protected as it can possibly be. Take proactive action now to prevent them from becoming major problems in the future. To learn more about network security, reach out to us at (516) 403-9001.

We don’t like it any more than you do, but if we have learned anything at all over the past several years, it’s that security absolutely needs to be a priority for all small businesses. In the face of high-profile ransomware attacks that can snuff companies out of existence, what are you doing to keep your own business secure? To put things in perspective, we’ve put together a list of some of the more common threats that all companies should be able to address.

Common Security Threats for Businesses

The following list of threats should give you an idea for how to start securing your business. You can never prepare too much for a potential security breach, so take the time now to get ready for what will inevitably come down the line.

Viruses

Some viruses are little more than an irritation, whereas others are incredibly disruptive to operations. They are basically bits of code that can harm your computer or data. Viruses are known for being able to spread from system to system to corrupt data, destroy files, and other harmful behavior. You can get viruses through downloading files, installing free software or applications, clicking on infected advertisements, clicking on the wrong links, or opening email attachments. Fortunately, modern antivirus software has gotten really good at protecting computers, provided that your software is up-to-date. For businesses, it’s best to have a centralized antivirus on your network that controls and manages all of the antivirus clients on your workstations. 

Malware

Malware is malicious software that performs a specific task. A virus can also be considered a type of malware, albeit more simplistic in nature. Malware comes in various forms according to its purpose, such as spyware for spying on infected machines and adware for displaying ads in extremely intrusive or inconvenient ways. The major takeaway here is that you don’t want to deal with malware in any capacity. It’s often installed on devices under the radar, and unless you are actively looking for it, it’s entirely possible that it can run in the background and cause all kinds of trouble without being detected. You can get malware through the same processes as viruses, and the same antivirus solutions can help you to resolve malware as well.

Phishing Attacks

Phishing attacks are mediums to spread other types of threats rather than actually being threats in and of themselves. Hackers might try to send out spam messages with links or infected attachments aiming to get the user to download them or click on them. When they do, the device is infected. Some phishing attacks are so inconspicuous that they can be hard to identify.

There are other types of phishing attacks as well, some of which try to get the user to share sensitive information or send money to the cybercriminal. Cybercriminals can spoof legitimate-sounding email addresses and use psychological hacks to convince the user to act in a certain way. It’s the most common way that hackers see results, so you should be aware of it.

Ransomware

Ransomware is so dangerous and high-profile that it is deserving of its own section. Ransomware locks down files using encryption and forces the user to pay a ransom in order to unlock them, usually in the form of cryptocurrency. Recent ransomware attacks are also threatening to release encrypted data on the Internet if the ransom is not paid, something which basically forces the user to pay up and gets around the possibility of restoring a backup.

Denial of Service (DDoS)

Denial of Service and Distributed Denial of Service attacks occur when a botnet, or a network of infected computers, repeatedly launches traffic at a server or infrastructure to the point where it just cannot handle the load, effectively disrupting operations and forcing it to shut down. Sometimes this happens with websites or services, so it’s no surprise that businesses can suffer from them, as well.

Trojans

Trojans (also called backdoors) install themselves on devices and work in the background to open up more opportunities for hackers later on. These can be used to steal data, infiltrate networks, or install other threats. Basically, if a hacker installs a backdoor on your network, they can access it whenever they want to; you are essentially at their mercy.

Zero-Day Vulnerabilities

Zero-day vulnerabilities are those that were previously unknown to developers but are currently in use by cybercriminals. These zero-day vulnerabilities are problems because when the developer discovers them and issues a patch, cybercriminals can identify the vulnerability based on the patch, and then exploit users who haven’t installed the patch yet. There is not much to be done besides keeping your software up-to-date, monitoring your networks for issues, and trusting the developers to issue patches as they discover security problems.

User Error

User error is a critical issue for many businesses. Your business is made up of people who perform tasks and work toward objectives. If one of these employees makes a mistake, it could leave your business exposed to threats. Thankfully, a combination of best practices and security solutions should be enough to minimize user error, and with some security training under their belt, your employees should have a good idea of how to handle it.

Get Started with Security Solutions

MSPNetworks can equip your business with the tools you need to be successful when protecting your organization. To learn more, reach out to us at (516) 403-9001.

There are always going to be those who want to use your hard-earned data and assets to turn a profit. One of the emergent methods for hackers to do so is through twisting the “as a service” business model into network security’s worst nightmare. This type of security issue is so serious that Microsoft has declared that Phishing-as-a-Service is a major problem.

Phishing-as-a-Service is not a new concept, and neither is the idea of adopting the “as a service” business model in the context of hacking. The difference between those items and now is that ransomware exists, and it’s one of the more dangerous threats out there to be sure. The biggest challenge that many organizations face, and what makes Phishing-as-a-Service so dangerous, is that it enables even amateur hackers to make money off of someone else’s hard work.

The service entails organizations and groups such as BulletProofLink, a Malaysian phishing service, who sell their clients products like website templates, email delivery, hosting, and credential theft. These services are provided in the form of fully unidentifiable links. The service provider hosts these resources on their servers and works to harvest credentials on behalf of their clients. While the credentials can be stolen—and yes, this is bad—they can also be sold on the Dark Web to others. These other attackers can then use them to launch even more dangerous attacks in the future.

Basically, the one who buys the credentials is not necessarily receiving credentials that are guaranteed to work. They are simply paying for the opportunity to get working credentials.

The aforementioned Phishing-as-a-Service provider, BulletProofLink, provides access to templates for login pages such as Microsoft OneDrive, Google Docs, Dropbox, LinkedIn, Adobe, and more. A different service also uses what is called “double-theft” where the provider steals credentials for one customer and sells them to another. As you can imagine, this affects the ransomware workflow, as attackers can use these credentials to infiltrate networks and encrypt systems, forcing those on the receiving end to pay up.

While the devil is certainly in the details for these threats, we hope that you at least walk away from this article realizing how dangerous and innovative hackers can be. If you underestimate the damage they can do to your business, it might be the last mistake you make.

MSPNetworks can help your business overcome the many challenges that come with cybersecurity. To learn more, reach out to us at (516) 403-9001.