MSPNetworks Blog

Data breaches have become all too common for small businesses over the past several years and when it seems like there is a solution to one problem, something even worse pops up. Part of a comprehensive risk management strategy is identifying problems and doing what you can to keep them from affecting your business. Let’s take a look at the major cybersecurity threats small businesses are facing in 2021 and what you can do to keep them from hurting your business.

Phishing

For the small business, phishing makes up a large percentage of problematic cybersecurity situations. Phishing is more of a scam than a hack, but regardless of how you view it, it is the most dangerous problem businesses have to face when considering cybercrime. A phishing attack can come on any communications medium (including social media) and it only has to work one time for it to become problematic for your business. 

It works like this: A member of your staff, working at their regular breakneck pace, accidentally clicks on an attachment in an email that they think of as something to do with their jobs. Turns out, the email was spoofed and the attachment just deployed malware on your network. This can be trojans, viruses, or something as terrible as ransomware. 

Phishing is not only the most prevalent form of cyberscam, it is also extremely hard to combat. The hackers that use it are getting more sophisticated, and if your business isn’t evolving your strategies to keep up, you have a pretty good chance of being a victim. You need to have a comprehensive training system in place to tell your team about the dangers of phishing and how to spot possible phishing attempts. 

Poor Password Hygiene

Like passing that guy at the gym that always smells like B.O., it’s a sour situation when poor password hygiene is the reason for a data breach or a malware infection. Like phishing strategies, today’s hackers have very sophisticated strategies to guess people’s passwords. Not only that, social engineering can expose poorly made or duplicated passwords pretty easily. 

Passwords are used by almost every organization online and it is important that your employees select passwords that aren’t obvious and aren’t duplicates from other accounts. It is also important that your organization understands how to keep their data safe through the use of password best practices, such as not having employees constantly change their passwords, as they have a tendency to make them simple to remember or they don’t change them much from previous passwords.

Holes in Software

Like most other products, software titles have a support staff attached to them. These teams include development professionals whose job is to keep it secure. These patches are rolled out pretty regularly. If you don’t patch your software, you could have major holes that can be exploited. These vulnerabilities are regularly taken advantage of and are effectively open doors for hackers to get into your network.

The best way to keep these vulnerabilities from appearing is to regularly patch your software with the updates as they come out. Doing so will close the proverbial doors to your network and data and keep your digital resources safe. 

If your business would like to talk to one of our IT experts about getting the cybersecurity protection you need, or if you would learn more about which strategies work the best to keep your business’ network and infrastructure free from threats, give MSPNetworks a call today at (516) 403-9001.

We believe that at the end of the day, employees want to do the right thing and accomplish their daily tasks without incident. However, technology can often break these plans with unexpected issues that prevent them from doing so. If you don’t take the time to provide the proper IT support when it is needed, you force your employees to either be unproductive or find unconventional (and often unsecure) solutions.

Employees Using Unsecured Devices

Generally speaking, your employees will use their work technology to fulfill their obligations, including their desktops or perhaps a work-issued laptop or mobile device. Unfortunately, depending on how well these devices are maintained, they may be slower than the technology employees use when they are out of the office. This may lead them to using technology that is not governed by your security solutions, such as their personal devices, simply because they work better than their work-issued devices.

Therefore, it is crucial that you manage and maintain your organization’s devices in a way that makes sure they are working optimally. You should follow this up with a comprehensive Bring Your Own Device policy that outlines how employees are allowed to utilize their mobile devices for work purposes. Doing so will save you a lot of grief in the long term.

Unauthorized Software Downloads

There are times when your staff will require specific tools in order to perform a function of their job. If they do not have the appropriate tools to accomplish the task, they may choose to download applications from the Internet that allow them to do so. These applications are often dangerous to utilize, as they are outside the scope of your company’s software infrastructure, and who can really tell if the application used is secure or not?

This is especially problematic for software that requires a software license. Imagine for a moment that one of your employees is going about their daily tasks without any disruptions, only to be brutally severed from the tools needed to perform these duties by an expired software license. In their desperation to keep working and meet required deadlines, they might download some free software or perhaps one with a counterfeit software license. While this solves the short-term problem of getting work done, it could come at a steep cost should your organization become subject to network audits or otherwise.

In the end, being proactive about technology support is the only way you can prevent these issues from breaking your business and budget. While your employees might feel like they are being proactive in finding a solution, you shouldn’t have to rely on them finding the solution for themselves; instead, provide them with a protocol to follow so that you know they will seek the help of experts when it is needed.

MSPNetworks can be those experts. We want to help your employees do their jobs in the most effective way possible, be it through implementing new and innovative solutions or assisting them with their daily duties through comprehensive IT support. Let your team focus on what they know best: their own jobs, not keeping their computers and other technology in proper working order.

To learn more about how we can help your employees stay productive throughout the workday, reach out to us at (516) 403-9001.

To say someone is adept at a task is to say that they are a professional, or someone with a considerable amount of knowledge that contributes to their ability to complete a particular task. In cybersecurity, this is extremely important, as the entire concept of cybersecurity is complex by nature. Your business too can improve its cybersecurity practices and shift focus to a more mindful approach to network security.

First, let’s consider some of the challenges that small businesses face related to cybersecurity. Then, let’s talk about what it means to be a security professional and how your organization can use this knowledge to its benefit.

The Challenges of Security for SMBs

Security is a huge problem for small businesses, especially those that don’t take it seriously or think that they are not a target. The truth of the matter is that hackers don’t care how many employees you have or what industry you are a part of. Your business has data that hackers would find valuable, period. While many want to take it seriously, there are barriers that many businesses perceive to be in the way, chief among them a lack of security expertise and a lack of funds to hire top cybersecurity talent.

What Does It Mean to Be a Cybersecurity Professional?

This might seem like an odd question to ask, but we want to make sure that businesses understand what they must look for in a cybersecurity professional. Here are some traits that a security professional will have:

• A focus on proactive, preventative defenses rather than a reactive approach
• A divorce from security biases that prevent one from making objective decisions
• The technical knowledge and expertise necessary to understand cyber threats
• An understanding that security also requires training of staff and higher-level executives
• The flexibility to adapt to new threats and learn from them

Ultimately, whoever is at the helm of your cybersecurity strategy must possess these personal and professional traits. Failing to do so puts your organization at risk.

How to Become a Cybersecurity Adept Yourself

We won’t beat around the bush with this one; you are not going to become a cybersecurity professional overnight. Technicians have to undergo extensive training that involves meticulous attention to detail and a thorough understanding of the countless threats out there, as well as knowledge on how to respond to each of them. Suffice to say there is a reason why so many businesses choose to outsource this responsibility.

In a sense, trusting your organization’s security to outsourced professionals does make you a cybersecurity adept. Not only do you acknowledge that there are professionals whose jobs are specifically to handle this responsibility, but you also understand that security is nothing to mess around with. It’s a win-win scenario. MSPNetworks can be the professionals you trust your organization to. To learn more, reach out to us at (516) 403-9001.

Phishing attacks are some of the most common threats out there. Hackers will craft messages or web pages designed to harvest information from your employees, be it through suspicious requests for credentials via email or through false websites that look so much like the real thing that it’s no wonder they were tricked. How can you make sure that your employees don’t fall for these dirty tricks? It all starts with comprehensive phishing training.

So, what goes into a successful phishing training program? Let’s take a look.

Phishing training involves exposing your team to simulated real-world scenarios in which they might encounter a phishing scam. It’s worth mentioning here that phishing can potentially involve much more than just a simple email containing requests for sensitive information or forms on websites asking for credentials. Phishing can come in the form of phone calls, text messages, and other communication mediums. Therefore, it becomes of critical importance that your staff have the skills needed to identify these phishing scams in whichever form they take.

As for what this phishing training might look like, it depends on the context. Training might take a more passive approach with videos, but it also takes on more active approaches with interactive workshops and hands-on training exercises.

One of the best ways to get a feel for how well your employees understand phishing attacks is to test them without them knowing it using these simulated attacks to see who takes the bait and who doesn’t. In this way, you can get a sense for how they would react under normal everyday circumstances. This type of threat awareness is important to gauge where your employees are in regards to cybersecurity, and it can give you an idea of which employees need further training.

We want to emphasize that phishing training is not about calling employees out on reckless behavior; rather, it’s about corrective practices that can help your business stay as secure as possible long-term. It is better to find out which of your employees struggle with identifying phishing attacks in simulated situations than when the real deal strikes, after all.

Look, we all want to trust our employees to do the right thing and know better than to click on suspicious links in emails, but at the end of the day, wanting something and actually getting it are two entirely different things. We need to accept reality and admit that hackers can and will succeed in their phishing attempts if we don’t do anything to prevent them. The best way to keep phishing attacks from becoming a nightmare scenario for your business is to implement comprehensive training practices and consistently reinforce them with your staff.

MSPNetworks can give your employees the training they need to keep from falling victim to phishing attacks. After working with our trusted IT professionals, your employees will know how to identify phishing attacks and how to appropriately respond to them without risking your organization’s security. To learn more about our phishing training and other security services, reach out to us at (516) 403-9001.

It’s no surprise that mobile technology has infiltrated the workplace in more ways than one. Many businesses issue company-owned devices to their employees to get work done while out of the office, while others allow employees to bring their own devices, or use their own laptops and smartphones for fulfilling their day-to-day duties. That being said, it’s important to remember that mobile devices need to be managed in a very specific way to maintain security.

Let’s discuss how your business can manage the benefits of mobile devices in the workplace without sacrificing security.

Remote Wiping

Let’s say that one of your employees goes on a business trip and they set their briefcase down for a moment while they order a cup of coffee or some other task. When they return, the briefcase is gone, along with any devices that were in it. Besides scolding the employee for their negligence, your first thought might drift to the question of “What about the data found on that laptop?” What might the thief do with such data? The possibilities should have you concerned. Should you fail to recover the device, you will want the capabilities to remotely wipe the device of any and all sensitive data. This is to ensure that hackers don’t make use of it against your organization and to comply with various data privacy regulations. While it might stink to lose the device and have to replace it, it would stink more to have that data fall into the wrong hands.

Whitelisting and Blacklisting Applications

Some smartphone and desktop applications will be more secure than others, meaning that you will need to be extra cautious in what you allow applications to access on your devices. While we encourage all users to pay attention to what permissions are granted to applications, this is especially important for businesses. You should have the capabilities to whitelist and blacklist applications based on their potential merits or risks, thus keeping your devices (and data) as secure as possible.

Managing and Tracking Devices

Finally, you will want to consider a method for keeping track of any and all devices used to access your organization’s data. This includes any company-issued devices and employee-owned devices used for work purposes. You want to know who has which device at any given time, when that device was issued, what the employee is using the device for, etc. All of this helps you keep track of devices so that you can be sure they are being used effectively and, most important of all, safely.

Implement a Mobile Device Management Policy

If you want a comprehensive all-in-one policy to keep track of your company’s mobile devices, look no further than mobile device management from MSPNetworks. We can help your business stay on top of its mobile devices and reinforce best practices at every turn. To learn more, reach out to us at (516) 403-9001.

Two-factor authentication is commonplace in the office environment, but it’s not commonplace enough, if you ask us. Too many organizations pass on it, placing their security at risk for no good reason. While the methods might vary, the benefits of two-factor authentication are too good to ignore. We’ll walk you through how to set up two-factor authentication for three of the most common accounts in the business environment: Microsoft, Google, and Apple.

But first, let’s discuss what two-factor authentication is and why it’s so beneficial to utilize.

What is Two-Factor Authentication?

It used to be the case that users would only utilize passwords to secure their accounts. However, passwords are easy for hackers to take advantage of on their own. Two-factor authentication uses at least two of the three methods below to secure an account rather than just the password alone, theoretically making it more difficult for a hacker to access an account. Basically, unless two of the three methods are fulfilled, the account will not be accessible. Here they are:

• Something you know (a password)
• Something you have (a secondary device you own)
• Something you are (biometrics, facial recognition, fingerprinting, etc)

Why Is It Important?

Imagine that your online accounts are a house with two doors: one for the mudroom and one for the house proper. If both doors use the same key, a thief only needs to steal one key to gain access to both the mudroom and the house. Now imagine that the mudroom and the house have two different keys. That essentially doubles the effort needed to break into the home.

Simply put, in the same way as the above scenario, it’s much harder for a hacker to access an account that is protected by multiple measures. For example, even if a hacker has your password, if the account is set up to use an external device like a smartphone or biometrics, they still won’t have access to the account. Unless the hacker goes through the trouble of stealing the secondary device or stealing your fingerprints/facial structure (something that is remarkably difficult compared to swiping a password), the account will remain secure.

Setting Up Two-Factor Authentication

Right, let’s get to the bread and butter of this article: how to set up two-factor authentication for the big three accounts: Microsoft, Google, and Apple.

Microsoft

Microsoft recommends that you either have a backup email address, a phone number, or the Microsoft Authenticator application installed on a mobile device before you get started with two-factor authentication for this account. To get started, go to this page and sign in with your Microsoft account. Next, select More security options. Under the option for Two-step verification, select Set up two-step verification. After that, it’s just a matter of following the on-screen instructions.

Google

The first step here is to log into your Google account by going here. Next, in the navigation panel, select Security. Under Signing in to Google, select 2-Step Verification. Finally, click on Get started. You’ll see the directions for the next steps appear on the screen. You can set up your verification step in a variety of ways, including Google Prompts, security keys, Google Authenticator, verification code via text or call, or a backup code. You can also disable this second step on trusted devices, but doesn’t that defeat the purpose?

Apple

To set up two-factor authentication for your Apple ID, go to your account by clicking here. Sign in, answer your security questions, then click Continue. If you see a prompt to upgrade your account security, tap Continue. Click on Upgrade Account Security. You can then add a phone number for which you will receive verification codes via text message or phone call. Click on Continue, enter the verification code, and turn on two-factor authentication.

Want to get started with two-factor authentication for your business? The three accounts outlined above are just the tip of the iceberg. MSPNetworks can help you implement a multi-factor authentication system that secures your data and network. To learn more, reach out to us at (516) 403-9001.

The first half of this year has seen its fair share of ups and downs, especially on a global scale. With a global pandemic still taking the world by storm, it’s despicable that hackers would take advantage of the opportunity to make a quick buck using phishing tactics. Yet, here we are. Let’s take a look at how hackers have turned the world’s great misfortune into a boon, as well as how you can keep a lookout for these threats.

According to reports from SecureList, spam and phishing trends in Q1 of 2021 relied heavily on COVID-19 and the buzz generated by it. Let’s take a look at some of the major threats that took advantage of the pandemic.

Stimulus Payment Scandals

The first couple months of 2021 saw businesses and individuals receiving payments from governments, such as economic impact payments or business bail-outs. Hackers took advantage of this opportunity to try to convince users to hand over their credentials through the use of messages that both looked and sounded professional. As is often the case with phishing messages, some users of specific banks were targeted through the use of near-identical websites designed to steal credentials and fool users. Others tried to convince users to enter information by convincing them that the latest details on the bank’s COVID-19 practices could be found on the other side of links or sensitive information forms.

The Vaccine Race

For a while, the COVID-19 vaccine was a bit tricky to get your hands on. While things have improved significantly in recent months, the initial rush to get vaccinated triggered many would-be hackers to try their hand at vaccination phishing emails that replicated the look and language of communication from health officials. Users would have to click on a link in the message, which would then redirect them to a form for plugging in personal information and, in some cases, banking credentials. Even those who already received vaccinations were not safe, as there were fake surveys circulating urging people to fill them out and claim prizes for doing so.

What You Can Do

Don’t let hackers take advantage of the cracks in your business’ defenses. Phishing attacks can come in countless forms, so it is your responsibility to protect your business from them. Here are some ways that you can make sure your organization is secured from phishing attempts.

• Filter Out Spam: A spam filter can keep the majority of threats out of your inbox, but the unfortunate fact is that most phishing emails are probably going to make it past the spam filter. Therefore, you will want to take more advanced tactics against these threats.
• Train your Employees: Training your employees on how to identify threats gives them the power to avoid threats that do manage to get past your defenses. Teach them what to look for and you’ll be giving yourself a better chance of overcoming them.
• Implement Unified Threat Management: No matter how well trained your employees are, it helps to have just a little bit of reassurance that you have done all you can to secure your business. This is what a UTM does; it’s a single security solution that can optimize your network’s protection.

MSPNetworks can help your business keep itself secure. Not only can we implement great security solutions, but we can also help to train your employees, including regular “tests” where we send out fake phishing emails to see who is and is not paying attention. To learn more about how this can help your organization, reach out to us at (516) 403-9001.

Data privacy is a bit of a hot topic in today’s business environment, especially with high-profile hacks and ransomware attacks emerging and putting organizations at risk. In particular, the emerging concept of “privacy engineering” has a lot of businesses thinking about how they can secure their organization and future-proof their data privacy infrastructures.

Let’s discuss what privacy engineering is, as well as what some big names in the industry have to say about the future of data privacy.

What is Privacy Engineering?

The International Association for Privacy Professionals, or IAPP, defines privacy engineering as “the technical side of the privacy profession,” which can mean any number of things. For some, it is making sure that the processes involved in product design take privacy into consideration. For others, it might mean the technical knowledge required to implement privacy into the products. At the end of the day, it seems there is a general consensus that privacy engineering is the consideration of privacy, from a user’s standpoint, throughout the production process, from conception to deployment.

This is notable for a couple of reasons. Systems and products that take privacy into consideration at every stage of development will be much more consumer-friendly. Users can be more confident that their privacy has been considered through each stage of the process, making them much more likely to buy into the product. When products have this kind of reputation, it would be no surprise to see profits increase.

This sets off a chain reaction for businesses that create these products, increasing their bottom line. When businesses achieve this level of success, the value of the company increases, leading to more investors and the production of similar goods or services. Furthermore, since privacy and security is such an important part of modern computing, these types of investments are relatively safe from a shareholder’s point of view, as organizations that invest in products that meet specific regulations and set these high standards are more likely to persist into the future.

You can see how this all shakes out; in the end, the concept of privacy engineering is beneficial to both the consumer and producer. Therefore, placing your bets on technology that facilitates this is a great way to invest in your own company’s future.

What Does the Future Hold?

Back in 2020, Gartner made some predictions for where the data privacy industry was heading in the years to come. Here are some insights from their report:

• Proactive security and privacy is better: When you take measures to build security and privacy into operations, you are more likely to build trust and adhere to regulations. We preach this all the time; it is easier to prevent issues from emerging than reacting to those that are already here.
• Increased reach of security regulations: According to Gartner, 65% of the world’s population will have their privacy governed by some sort of data privacy legislation or regulations by the year 2023. This is notable, especially with the rise of regulations like GDPR.
• The rise of a privacy officer: By the end of 2022, 1 million organizations will have appointed a data privacy officer. Having someone within your organization whose sole responsibility is to keep you compliant means that you can rest easy knowing that you are doing all you can to make sure it stays that way.

Don’t Wait to Get Started

MSPNetworks can help your business ensure it is implementing adequate data privacy and security standards all across your infrastructure. To get started, reach out to us at (516) 403-9001.

With the onset of the COVID-19 pandemic, many organizations were forced to transition to remote work, even though they would have preferred to keep operations within the office. While the transition was rough at first, these organizations may have found that remote work offers certain flexibilities that were impossible in the traditional office environment. That said, one looming threat was (and still is) a major concern for the remote workplace: security.

One of the major ways that businesses can protect their organization while working remotely is through the use of what’s called a virtual private network, or VPN.

What is a VPN?

When you connect your device to a virtual private network, what exactly is happening to the connection? It’s actually much more simple than it sounds; what it boils down to is that the device connects to an encrypted network over the Internet. This encryption allows for the secure transfer of data to and from the device, preventing onlookers from observing (or stealing) the data.

Think about it like looking at a pipe that is transferring something to and from a location. If the outside of the pipe is solid, onlookers cannot see what is in the pipe. When it is clear, you can see exactly what is inside it. Encryption in this case acts like an opaque pipe, obfuscating contents to the point where they cannot be seen clearly, but you still know that something is there. In VPN terminology, the pipe in the above scenario is referred to as a “tunnel.”

How Does It Help Your Business?

You can see how this would benefit the remote employee. Since the employee is not in-house working on the company network, they do not have access to the in-house security solutions that you may have implemented to keep your data safe. This is why encryption is so necessary; if you fail to protect your company’s assets through unsecured connections to your network, you are unnecessarily risking your company’s future.

Now, think about the possibilities that open up when you don’t have to worry about network security while out of the office. Employees can travel for business trips (when it’s safe to do so, of course) without fear of data being stolen while communicating with your home office. They can perform work from anywhere at any time, allowing for enhanced productivity without sacrificing security. They will not need to rely on public Wi-Fi connections or other unsecured networks to connect to your office.

We don’t want to beat a dead horse, but from a security and longevity standpoint, it just makes sense to implement a VPN.

Get Started with a VPN Today

If you are ready to take the leap and implement a virtual private network for your business, don’t wait any longer. MSPNetworks can help you deploy a solution that is specific to the needs of your organization. We’ll work with you to get the most secure solution at the best price point. To learn more about how a virtual private network can benefit your business, reach out to us at (516) 403-9001.

Data breaches have a tendency to destabilize relationships. With so many data-related problems befalling businesses nowadays, it is important that each side of every data-driven relationship understands their role in the protection of other organizations’ data. Today, we’ll take a look at the issue and how to determine if your partners are putting in the effort required to keep your data secure. 

Are Your Vendors Properly Protecting Your Information?

We’ve seen businesses have a litany of challenges protecting their sensitive data over the past several years, and as threats get more sophisticated it poses more problems. Additionally, many businesses outsource a fair amount of their operational and support efforts and that can have a negative effect on their security. 

So, how do you know that your vendors are protecting your information?

You ask them, of course. 

Before you onboard any new vendor, you should come up with a questionnaire that asks the right questions about how they handle their own cybersecurity, and more specifically (and importantly) how they go about handling your information. 

At MSPNetworks, we do this for all of our clients to ensure that they are partnering with reliable companies that, at the very least, are attempting to do the right things to protect sensitive information. 

Questions You Should Ask Your Vendors

The first thing you should consider when making up some questions to ask your vendors about security is: do you understand the answers? If you don’t know what you are doing, you could just assume any thoughtfully answered response would be sufficient. This is far from true and is a liability, especially in trying to ascertain what risk your business is facing by doing business with a company. We can’t stress enough that if you don’t have someone that knows what they are doing, you need to find someone, as this will serve you much better in times like this.

Let’s go through a couple of important questions you should ask if you do have the competence available to sufficiently measure risk from the answers:

1. Do you collect, store, or transmit personally identifiable information (PII)?
2. If so, do you store your PII onsite or in the cloud?
3. How do you provide users access to the PII you store?
4. Can PII be accessed remotely?
5. Do you constantly monitor all services, systems, and networks?
6. What regulatory bodies does your business operate under? Do you have proof of compliance?
7. What kind of encryption do you use for data-at-rest? Data-in-transit?
8. Do you consistently patch your software? 
9. Do you have mobile device management and IoT management systems?
10. Do you utilize legacy systems that aren’t supported by manufacturers?
11. What cybersecurity tools do you use?
12. Do you have language in your agreements about vendor cybersecurity? 
13. How are your continuity systems?
14. How would you go about the situation in the event of a data breach?
15. What authentication procedures do you use? 
16. Do you train your employees on the best practices of cybersecurity?

There are many more questions you can ask, and you should ask them if you find them necessary. Vetting your vendors is a great way to know if they have your best interests in mind. 

If you would like to partner with a company that not only has your best interests in mind, but also can help you ascertain if your other partners do as well, give MSPNetworks a call at (516) 403-9001 today.

You’ve probably heard by now, a Russia-based hacking collective by the name of DarkSide targeted Colonial Pipeline, a company that supplies nearly 45 percent of the fuel used along the Eastern Seaboard of the United States, with a ransomware attack. Not only does this hack have an effect on fuel prices and availability, it highlights just how vulnerable much of the nation’s energy infrastructure is. Let’s discuss the details of the hack and the raging discussion about cybersecurity that’s happening as a result. 

The Facts Surrounding the Hack

On Friday, May 7, 2020, Colonial Pipeline had to shut down operations after a ransomware attack threatened to spread into critical systems that control the flow of fuel. Almost immediately gas prices started to jump in the region, averaging around six cents per gallon this week. The pipeline, which runs from Texas to New York, transports an estimated 2.5 million barrels of fuel per day. The shutdown has caused some fuel shortages and caused panic buying in some southern U.S. states. Administrators said that the ransomware that caused the precautionary shutdown did not get into core system controls but also mentions that it will take days for the supply chain to get back up and running as usual again. 

Who Is DarkSide?

The hacker group DarkSide is a relatively new player, but it has set its sights high. The group claims to be an apolitical hacking group that is only out to make money.  In fact, they put out the following statement after the FBI started a full-scale investigation of the group:

“Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”

DarkSide seems to be a professionally-run organization that deals in ransomware. They follow what is called the Ransomware-as-a-Service model, where hackers develop and sell their ransomware to parties looking to conduct operations like the one that stymied Colonial Pipeline. They also are known for their “double extortion” methodology, where they threaten to take the data they encrypt public if their demands aren’t met. Their ransom demands are paid through cryptocurrency and have only been in the six-to-seven figure range. 

What’s interesting is that the group seems to have its own code of ethics, stating that they will never attack hospitals, schools, non-profits, or government agencies. Either way, their current attempt at extortion has made a mess for millions of Americans. 

Problems Securing Infrastructure

Even before the world completely changed, cybersecurity analysts were recommending that more had to be done to protect aging utility systems around the world. Back in 2015, hackers took down a power grid in Ukraine and left 250,000 people without electricity, and it caused some movement to improve system security, but nowhere near as much as is required. Now, with the push to use renewable energy and more efficient systems of deployment, more technology has been added to these systems than at any time in history. These smart systems, coupled with a resounding lack of security, means that the next cybersecurity catastrophe is just around the corner. 

The pandemic didn’t help matters. Systems that are being updated are increasingly being connected to public and private networks for remote access. All it takes is one vulnerability and hackers can exploit and take control of systems that affect the lives of millions of Americans. Hackers causing a gas shortage is scary, but hackers taking down power grids or other systems that the public depends on to live could be looked at as an act of war.

The scariest part is it seems as though no system is immune to these problems. According to CISA, the Colonial Pipeline hack is the fourth major cyberattack of the past year. You have the Solar Winds breach that allowed Russian Intelligence to infiltrate thousands of corporate and government servers; an attack where Chinese nationals rented servers inside the U.S. to invade a still unnumbered amount of Microsoft Exchange servers; and a still-unknown hacker that hijacked a tool called Codecov to deploy spyware on thousands of systems.

Microsoft is widely renowned as being at the forefront of cybersecurity and Solar Winds is itself a cybersecurity company. This tells you a little bit about where we are about protecting essential systems. It’s not a good situation.

While you can’t always worry about cybersecurity everywhere you are, you have to prioritize it for your business. If you want to talk to one of our security experts about your cybersecurity, give MSPNetworks a call today at (516) 403-9001.

Passwords are probably the most important part of keeping accounts secure. That’s why it is so important to follow industry best practices when creating them. Today, we’ll take a look at the standards outlined by the National Institute of Standards and Technology (NIST) in creating the best and most secure passwords.

What Is NIST?

For years, NIST has been the predominant organization in the establishment of password creation standards. They continuously change their advised practices to meet with the current cybersecurity demands. They recently updated their guidelines so we thought we would go over what strategies they suggest, to give you an idea of what makes a secure password. 

New Guidelines

Many corporations are currently using the NIST guidelines and all Federal agencies are expected to utilize them. Let’s go through their newest password guidelines step by step. 

#1 - Longer Passwords are Better than More Complicated Ones

For years, it was preached that the more complicated the password, the more secure the account. Today’s guidelines refute that notion. NIST suggests that the longer the password, the harder it is to decrypt. What’s more, they suggest that organizations that require new passwords meet a certain criteria of complexity (letters, symbols, changes of case) actually make passwords less secure. 

The reasoning behind this is two-fold. First, most users, in an attempt to complicate their passwords will either make them too complicated (and forget them) or they will take the cursory step of adding a one or an exclamation point to the end of a password, which doesn’t complicate the password as much, if at all. Secondly, the more complex a user makes a password, the more apt they are to use the same password for multiple accounts, which of course, is not a great idea.

#2 - Get Rid of the Resets

Many organizations like to have their staff reset their password every month or few months. This strategy is designed to give them the peace of mind that if a password were compromised that the replacement password would lock unauthorized users out after a defined set of time. What NIST suggests is that it actually works against your authentication security. 

The reason for this is that if people have to set passwords up every few weeks or months, they will take less time and care on creating a password that will work to keep unwanted people out of the business’ network. Moreover, when people do change their password, they typically keep a pattern to help them remember them. If a previous password has been compromised, there is a pretty good chance that the next password will be similar, giving the attacker a solid chance of guessing it quickly. 

#3 - Don’t Hurt Security by Eliminating Ease of Use

One fallacy many network administrators have is that if they remove ease of use options like showing a password while a user types it or allowing for copy and pasting in the password box that it is more likely that the password will be compromised. In fact, the opposite is true. Giving people options that make it easier for them to properly authenticate works to keep unauthorized users out of an account. 

#4 - Stop Using Password Hints

One popular way systems were set up was to allow them to answer questions to get into an account. This very system is a reason why many organizations have been infiltrated. People share more today than ever before and if all a hacker needs to do is know a little personal information about a person to gain access to an account, they can come across that information online; often for free.

#5 - Limit Password Attempts

If you lock users out after numerous attempts of entering the wrong credentials, you are doing yourself a service. Most times people will remember a password, and if they don’t they typically have it stored somewhere. Locking users out of an account, at least for a short period of time is a good deterrent from hackers that use substitution codes to try and guess a user’s credentials. 

#6 - Use Multi-factor Authentication

At MSPNetworks, we urge our clients to use multi-factor or two-factor authentication on every account that allows them to. According to NIST they want users to be able to demonstrate at least two of three authentication measures before a successful login. They are:

1. “Something you know” (like a password)
2. “Something you have” (like a mobile device)
3. “Something you are” (like a face or a fingerprint)

It stands to reason that if you can provide two out of three of those criteria, that you belong accessing the system or data that is password protected. 

Security has to be a priority for your business, and password creation has to be right up there with the skills everyone should have. If you would like to talk to one of our IT experts about password management and how we can help your business improve its authentication security, give us a call today at (516) 403-9001.

Today, employees have to be a major part of every business’ cybersecurity attempts. The reasoning is simple: attacks are more likely to come in the form of end user correspondence than on a direct assault of the network. As a result, it is important that cybersecurity is more than just another line item on a task list, it has to be built into the culture. Let’s discuss a few ways to get your employees to care about cybersecurity.

Why Is Cybersecurity A Nuisance?

This is not a new phenomenon. Your employees want to be productive. In their minds, any extra tasks that are assigned are a hindrance to that aim. Cybersecurity, in today’s businesses, also has a tendency to intrude on their desire to separate their home life from their work life. While this isn’t really the case in most scenarios, there certainly needs to be some cooperation from them to properly secure your network. 

By now your workers understand that security is extremely important. What they don’t understand is how it is their problem. You hire them to do a job, and for most of them, that job isn’t "security guard." That’s why it is important that cybersecurity is something they are confronted with from the beginning of their employment. It is a culture issue, not just an operational one. Let’s go through some ways you can get your staff to care about cybersecurity.

Remove the Red Tape

Today, a well-executed hack or social engineering attempt can completely devastate a business. In some cases, and this is especially true for smaller businesses, a hack can cause the closure of a business. Those types of events affect more than just the business owners or the stakeholders. 

To ensure that your staff gets just how important this issue is, level with them. You don’t need to keep the threats a secret any longer. A unified approach to cybersecurity requires that your employees know how hackers and scammers will go about trying to trick them into handing over access to the company network. This will not only actively remove the indifference most employees have about cybersecurity, but it will also ensure that they realize how important doing the right things are. 

Make Sure Your Staff is Personally Invested

For the average employee, any indifference they have about a business’ cybersecurity efforts comes from the idea that it doesn’t really have any effect on them. This is not true. Hackers don’t just want access to business information, they want access to the network. That means all of the data on that network. 

Making sure that employees understand that it’s just not company information, it is their personal information and that of their contemporaries. Reminding that their data is at stake might just be the thing needed to get them to take security measures seriously. 

Build Solid Training and Literacy Right Into Your Culture

As we mentioned above, one of the best ways to ensure that your staff understands their role in your organization’s cybersecurity plan is to build it into your culture. To do this, it has to be out in front. You need to mention it in your hiring process (interview, any collateral you use to outline employee responsibilities), it needs to be parsed out properly in your organization’s documentation (employee handbook, etc.), and it has to be something that every person in the business knows that they will be confronted with at some point.

Ensuring that your people don’t get complacent is a massive point of emphasis if you want to keep their cybersecurity literacy ongoing. On top of training, you need to keep up some type of consistent reminder that they are important to organizational efforts to keep hackers and other unauthorized entities off of the business’ network. The more time and effort you put into planning out your cybersecurity training, the more that people will get out of it. 

We Can Help!

Keeping your business from falling victim to a cyberattack takes a lot of effort. Our security professionals are constantly readying ourselves to assist our clients in keeping them free of threats and a lot of that is helping them come up with policies, procedures, and strategies to keep their employees engaged in this never-ending fight against hackers. Give us a call at (516) 403-9001 today to learn how we can help you protect your business.

One of the most effective means for a business to shave a few dollars off its budget (and potentially boost employee engagement, for that matter) is to adopt something called a Bring Your Own Device policy—effectively, an agreement that allows their team members to access business-owned documents and files on devices they personally own to get their work done. While these policies have been shown to be very effective, they also need to be carefully considered so they can be adopted appropriately.

Let’s take a few moments to review some practices that are recommended for a secure BYOD implementation.

Determine Acceptable Parameters

Device and OS Requirements

For your productivity to remain intact and for your organizational security to be preserved, the tools your team brings to use need to meet the baselines that you set—otherwise, there is likely to be a shortcoming that leaves an opening. Certain workflows may require a specific operating system to be used, simply for the processes to be compatible. Keeping track of your team’s chosen hardware will help you determine if their devices are eligible to participate.

Accepted Software

On the topic, your business workflows should have defined software solutions identified for your team to use so that processes can flow smoothly. Make sure your team knows that they are expected to use these titles for their work processes and that they are expected to have certain protections in place on their mobile devices before they can use them to work.

Upkeep Policies

When using a personal device to access your business’ network, there needs to be some supported expectation that the user will ensure that the device remains functional and secure. This could mean that only authorized dealers or professionals are authorized to perform basic maintenance tasks and that these tasks are carried out promptly.

Security Preparations

Encryption Policies

In terms of protecting your data from the prying eyes of hackers, you’d be hard-pressed to find a more effective method than encrypting it. Considering this, it is important that you encourage/require encryption to be put in place as a part of any BYOD policies you implement.

Password Standards

We know, we know… the importance of secure passwords is a topic that has been covered frontways, backways, and every which way for a long time. However, once people start to follow these guidelines, we’ll stop bringing it up. When it comes to strong passwords, make sure your team is using them on all their devices, and that these devices are set to lock if an incorrect password is repeatedly entered.

Data Handling Guidelines

Where your data is concerned, you need to also establish the proper means for it to be stored and accessed while an employee is using a personal device. Ideally, your BYOD plan will have the means to block any data transfers to an insecure device as well as establish the proper procedures for accessing this data.

Necessary Prerequisites

Data Removal Circumstances

When an employee’s device has access to your company’s data via a BYOD strategy, it is critical that you retain the means to rescind that access as needed—like if a device is lost or stolen, or if an employee leaves the company. You may also want to include the right to review an employee’s device for company-owned data so that it can be removed if they were to leave so that your data isn’t brought elsewhere or abused.

Lost or Stolen Device Procedures

On the topic, your team needs to have a reporting process to follow should something happen to their device that will help to ensure that mitigating actions can be appropriately taken. Reinforce that these reports need to be promptly submitted to help minimize the potential impact of such occurrences.

Breach of Policy Consequences

Finally, you need to establish how employees will be reprimanded should these policies go unheeded or disregarded. While the loss of BYOD privileges is a common tactic, you should also seriously consider what is acceptable before an employee should be terminated. Once these distinctions have been made, share that information with your team when they opt into your BYOD implementation, so they are aware of the severity of such indiscretions.

A Bring Your Own Device policy is an essential piece of the modern office’s IT considerations and is something that we can help you out within much more detail. Find out what needs to be done by calling (516) 403-9001 today.

2020 was, obviously, a challenging year for healthcare providers. In addition to the obvious issue of the COVID-19 pandemic creating serious operational, financial, and supply chain difficulties, cybersecurity concerns didn’t go away during this time. Let’s consider some of the additional stresses that IT security needs can, will, and have placed on healthcare providers.

The amount that healthcare practices invest in their cybersecurity services has been projected to exceed $65 billion in the span of time from 2017 to this year—but despite this, the industry isn’t improving. In fact, healthcare providers have had to turn away patients for these precise reasons… but the question remains: why?

There Are a Few Reasons that Healthcare Providers Have Had Problems As of Late

IoT Security Issues

Anyone who has been to a hospital in the past decade or so has likely noticed how connected many of these facilities have become. A nurse’s clipboard has been replaced by a laptop that they wheel around to input all information and logs into, while diagnostic equipment itself is now largely computerized.

This means that many of a healthcare provider’s tools can now be classified as Internet of Things devices, and as such, are prone to security inconsistencies and vulnerabilities as a result. Many IoT devices are notorious for iffy-to-non-existent security as it is.

Ransomware

While ransomware can be, and is, an issue in every industry, the healthcare industry is particularly susceptible to its impacts for obvious, life-or-death reasons. Ransomware has been responsible for many organizations actually closing their doors, unable to sustain the damages. This is largely due to the reliance that their organizations have on the data that they need to treat their patients and manage the business—without the support required to properly protect this data.

Insider Threats

Unfortunately, the employees in a healthcare organization are not infallible, which does sometimes lead to insider threats to data. In fact, some professionals have said that insider threats are the biggest challenge for hospitals and such right now.

New Threats May Be On the Horizon

Of course, cybercrime of all kinds constantly advances, and that which targets the healthcare industry is no exception. In healthcare, these threats can be downright frightening.

For example, a research team in Israel managed to develop a proof-of-concept computer virus that could artificially paste tumors into CT and MRI scans so that high-profile patients could be misdiagnosed by their physicians.

With ingenuity like that, it is terrifying to consider what cybercriminals may do moving forward.

Regardless of your industry or the size of your business, cybercrime isn’t something to be taken lightly. MSPNetworks is here to help prepare for it. Give us a call at (516) 403-9001 to learn more about the solutions we have to offer.

As one of the biggest cybersecurity considerations the modern business has to make, how to combat phishing has to be at the top of any business’ cybersecurity strategy. Let’s take a look at phishing and why it’s such a big problem for today’s business. 

You’ve Probably Been Phished

When trying to explain what phishing is to someone who has no idea about it, we typically start with the namesake. Phishing is the same as fishing. A hacker will bait a hook and users will bite on it. It’s that simple. Instead of worms or minnows, a phishing attempt needs some bait that will fool an unsuspecting computer user into providing information that will allow a hacker to access secured networks and steal or corrupt data. 

To say that this method is effective would be an understatement. First of all, the massive breadth of attacks—there are literally millions of these attacks per day—results in high levels (and low percentages) of successful attacks. In fact, 88 percent of organizations that were polled claimed to experience at least one phishing attack in 2019. In 2020, phishing emails were one of every 4,200 emails sent or about 73 million. The pace has actually quickened in 2021.

Successful phishing attacks result in stolen credentials, compromised networks, ransomware and other malware. They all lead to businesses losing money. 

Phishing is More Prevalent Than Ever

Phishing has been an issue for quite a while, but the COVID-19 pandemic and the corresponding jump in remote work provided the perfect opportunity for these scammers to operate. In 2020, 75 percent of worldwide organizations were targeted by phishing attacks, while 74 percent of U.S. businesses were successfully attacked in some way. This often led to massive losses, some $3.92 million on average. That’s an average and takes into account loss of productivity from downtime, data theft, deterioration of consumer confidence, and other factors.

It is therefore important that you do what you can to train your staff about how to recognize and thwart phishing attempts before they have a chance to have a negative effect on your business.

MSPNetworks can help you put together a training strategy, as well as put together tools to help you keep your network and data safe. Call us at (516) 403-9001 to learn more.

Let’s face it, most people are glued to their phones when they have downtime. Many don’t look up to cross the street. With this much dedication to their individual mobile devices you’d think that people would be more careful about what they download.

Apparently, that Instagram feed is just too distracting to worry about individual data security. 

 Researchers from the mobile security firm Zimperium have discovered a malicious app that pretends to update your Android device, but is just spyware that can steal almost all of your data and monitor your search history and your location. Simply called “System Update” it has tricked many unsuspecting Android users as of this writing.

What Can “System Update” Do?

The spyware, or officially Remote Access Trojan (RAT), attached to this malicious download can only be downloaded outside of the Google Play store, which is fortuitous for many would-be victims of a malware attack like this. The spyware can effectively steal messages, contacts, device information, browser bookmarks, user search history, and can gain access to the microphone and the camera.

What’s more, it continuously tracks a user’s location, which can be really dangerous for anyone. The app starts spying everytime the device receives new information, which for any heavy user is constant. After stealing your data, the app will work to erase the evidence of it’s activity, effectively covering its tracks indefinitely.

 All-in-all, it is a pretty tough cookie. 

How Are People Accessing This Malware?

You won’t be surprised to learn that phishing is the number one way people are being exposed to the corrupt “System Update” app. Google continuously warns people to not install apps from outside the Google Play app store, but as people’s devices age, they aren’t always compatible with older operating systems found on these devices and start looking for options outside of the Google Play app store. This can lead to people downloading apps that seem useful, but are completely nefarious. “System Update” seems to be one of those apps.

What You Can Do to Protect Yourself

While there have been nefarious apps found on the Google Play store in the past, the malicious app rate is extraordinarily low when sticking to the official app store. Users should also consider questioning any situation where an app is suggested for you outside of the app store, even if it seems to redirect you to the Google Play apps store. You just never know what you are going to get when you trust third parties on the Internet.

 If you need a comprehensive plan to protect your business data from employee impulse and mobile negligence, give our technicians a call today at (516) 403-9001. We can help you with mobile device management (MDM) and Bring Your Own Device (BYOD) which can have all types of benefits for your business.

Going through your passwords and updating them every so often is a very wise habit to get into, particularly when they are used to protect a lot of data—as the password to your Google account often is. Considering this, let’s go over how to update your Google password and otherwise lock down your account.

How Much is Tied to a Google Account?

For many, their Google account is linked to quite a few frequently-used utilities and applications. Going far beyond the search engine functionality it began as, Google’s services now involve multiple programs and solutions. As such, the potential danger of a cybercriminal accessing your Google account is increased greatly.

For instance, a Google account is now linked to:

• Google.com (for custom tailored search results)
• Gmail
• Google Drive
• Google Docs/Sheets
• Google Maps
• Android
• Google Workspace
• Google Chrome
• YouTube

 … with many, many other accounts and services also tied to Google. A good rule of thumb: anything with “Android,” “Chrome,” or of course “Google” in the name is likely tied to your Google account.

Updating Your Google Password

Fortunately, Google makes it exceptionally simple to update the password to your account:

1. Visit https://accounts.google.com/. If you aren’t signed in already, log in with your email/phone number and password.
2. Click Security on the left-hand side.
3. Look for Signing in to Google. Click Password.
4. Google will usually prompt you to provide your current password, and then have you input a new password.

A WORD OF WARNING: Naturally, with so much tied to a single password, you need to make sure it is as secure as you can possibly make it. Use a totally unique password—not one that provides you with access to any other account. Don’t include any personally identifiable information that others might associate with you, like your birth date, maiden name, social security number, phone number, or the like.

To help accomplish this, it will help to use a password manager to keep track of them all, along with any built-in password creation features it has built in, as this will help you to generate a secure, randomized password with sufficient complexity. You could also string a few random and unrelated words together to make a passphrase, sprinkling in numbers and symbols as you see fit to help make a memorable but significantly more secure option.

Once you make these changes, you’ll probably need to re-log into your Google account on a few devices.

But Wait, There’s More!

To really protect your Google account, let’s go a little further and set up 2-Step Verification (also commonly known as Two-Factor Authentication) if you have not yet done so. 2-Step Verification is a great insurance policy against the possibility that your password is breached.

Once your password is changed, from your Google Account page:

1. Click the Security option on the left-hand side of the page.
2. Click 2-Step Verification.
3. Google may prompt you to enter in your password again, just to make sure it’s you.
4. Depending on what Google already knows about you, this might go a few different ways—you’ll either be prompted to set up a phone number to get a text message or phone call, or Google might walk you through setting this up on your smartphone. Either way, follow the on-screen instructions. 

Your various authentication options come at varying levels of simplicity and efficacy. Most convenient is the use of a Google prompt, which sends a notification to your Android device whenever a new device is attempting to log into your account that allows you to permit or disallow permission to do so. Receiving a text message with a code is undoubtedly convenient, but less secure as these text messages can potentially be intercepted. The most secure option is to utilize Google’s Authenticator app, which is also simple to set up.

If your business uses Google’s solutions to power your business, MSPNetworks recommends that you implement these changes. Need help? Give our team a call at (516) 403-9001.

The new year is upon us and after the debacle that 2020 was, it is extremely welcome. If you are like us, you have a new set of goals that you’ve created for yourself and are probably looking to improve your professional and personal well-being. One way to do that is to ensure that your accounts are secure. Today, we will be going through how to update your password with Microsoft.

You may have heard that the U.S. Government just suffered from a massive cybersecurity breach from an attack that was perpetrated from overseas, and among the systems that were affected was Microsoft Office. Unfortunately, foreign hackers were actively monitoring email accounts between the U.S. Treasury Department and the National Telecommunications and Information Administration (NTIA). Fortunately, however, Microsoft, who is known for its active role in identifying and thwarting cybercrime, didn’t find any active vulnerabilities in their Office 365 applications or cloud services, but they did offer some suggestions, one of which was to do everything you can to protect your data.  

It is important to understand how to take action to ensure your organization—and your personal accounts—are secured properly. 

What You Need to Know About Your Microsoft Account Security

If you actively utilize Office 365, or any other Microsoft product, you need to know a breach would affect you. For your typical user account, their Windows 10 license is tied to their Microsoft account, and if you have Office 365 or use any other Microsoft applications or services, they are covered by those credentials as well. Here is a list of the application titles you need to concern yourself with when considering your Microsoft account security:

• Windows
• Outlook
• Office
• Skype
• OneDrive
• Xbox Live
• Bing
• Microsoft Store
• MSN

Here’s How to Update Your Microsoft Password

To Microsoft’s credit, they make it extremely easy to change your password. Here are the steps:

1. Visit https://account.microsoft.com/
2. Click Sign In on the top right, if you aren’t already signed in. If you are already signed in, the page will display your name with options about your subscriptions and other services. Once you sign in with your email and password, you’ll be taken to this page.
3. Towards the top of the page, on the right-hand side, you’ll see an option that says Change Password. Click it.
4. If you have Two-step verification enabled, it will walk you through verifying your account with a text, an email, or using the Microsoft Authenticator app. If you don’t have that set up, don’t worry, we’re going to get you set up after you change your password.
5. Once prompted, enter your current password, and then come up with a brand new password.

CRUCIAL ADVICE: You never want to use the same password on multiple accounts. Every password you make should be unique, complex, and lack any personally identifiable information (such as your date of birth or your address). Really random works best, but we know it is difficult to remember random passwords. Make sure that your password is something that nobody could guess with variance in case, numbers, and symbols. The more complex your password is, the more secure your accounts are going to be.

One feature Microsoft offers when setting up your credentials is a checkbox that will require you to change your password every 72 days. It really works to secure your account. You might think it’s unnecessary, but consider how much of your personal information is tied up in your relationship with Microsoft. Check it and keep active on protecting your data and account security.

One Last Thing

One thing you should consider when changing your password is to set up Two-step Verification. Click that too. If you are using a Microsoft 365 account through work, you may need your administrator to turn it on and give you further instructions. Give us a ring if you need help.

All you will need to do is follow the on-screen instructions. If you do not already have an authenticator app on your smartphone (like Google Authenticator, Lastpass Authenticator, Duo Mobile, Authy, etc.) Microsoft has a tutorial to help you set up Microsoft Authenticator. If you prefer to use one of the other apps, set it up with your preferred app.

Two-factor verification will require you to use the Authenticator app to log into your Microsoft account on a new device, or make major changes to your Microsoft account (like updating a new password). It won’t require you to use the app every time you want to use Word or Outlook, but it is a good practice to use to ensure you are doing all you can to protect your account and data. 

Keeping your Microsoft account secure isn’t hard, but it is extremely important. If you need help or would like to talk to one of our certified technicians about setting Microsoft products up for your whole business, give us a call at (516) 403-9001 today.

To preserve your cybersecurity, you need to have a comprehensive view of everything involved with your technology—and we do mean everything. Let’s consider a recent close call, involving the Democratic Republic of Congo that exemplifies this perfectly that could have potentially exposed millions of Internet users to serious threats.

First, it will be helpful to go over how websites work (giving you a hint as to the nature of the close call we’ll be discussing).

How Web Browsing Works

When navigating to a website, you type that website’s URL into your address bar and you’re brought to the website, right? While this is how it appears on the surface, there’s actually a lot more going on underneath.

The domain name we know, as users, to go to a website is different than the actual functioning name that your Internet browser recognizes. Instead, your browser recognizes a series of numbers known as an Internet Protocol (IP) Address. IP addresses are too in-depth of a topic for us to go into much detail here, but to sum up: they tell the browser which web server it needs to direct towards to find the desired website.

Obviously, a series of numbers is more difficult to remember than a name, so this discrepancy would make the Internet much harder to use if it weren’t for nameservers.

Nameservers are the component of the Internet that helps bridge the URL to the IP address. When you type a website into the address bar, the browser references a nameserver to find out where the correct web server is before requesting content from it. In essence, the nameserver helps your browser translate your request into a language it understands—in many ways acting like your browser’s GPS.

In other words, the nameserver is a crucially important part of how the Internet functions, which means that these servers are particularly important to keep secure… particularly if the nameserver in question controls a top-level domain (the “.com”,”.net”,or “.edu” part). If an attacker were to gain control of a top-level nameserver, man-in-the-middle attacks could be used to redirect web traffic to malicious websites.

What Happened in the Democratic Republic of Congo

Therefore, when security researcher Fredrik Almroth noticed that one of the nameservers for the .cd country code top-level domain (belonging to the Democratic Republic of Congo) was set to expire, he took notice. When these domains expire, as did the nameserver domain scpt-network.com did in October, the governments that own them have a set amount of time to renew it before someone else could claim it.

Almroth was monitoring this domain to ensure that it was renewed, just to be safe. Once the end of December rolled around, the security researcher was quick to snap it up to protect it from ne’er-do-wells who would otherwise abuse it. Because the other nameserver to the domain was still operational, Almroth simply had any requests timeout of his nameserver and be passed to the working one.

What Was at Risk?

In short, quite a bit. With possession of such a nameserver, an attacker could potentially intercept any traffic—encrypted or not—directed to a .cd domain. This could give an attacker a frightening amount of power and control over thousands of websites.

The Congolese government ultimately opted to set up a new domain, ensuring that security was never in question.

What Your Business Can Learn From This

In short, technology can be complicated, which means that threats can potentially come from every angle.

Cybercriminals are irritatingly resourceful and will absolutely resort to cheap tricks to get their way. The size of their target is also irrelevant to them, so whether they’re targeting a government infrastructure or the website a local store keeps up doesn’t particularly concern them. As such, businesses of all shapes and sizes need to have a trusted resource they can rely on to keep their IT in order, especially in terms of its security.

As such a resource to many businesses, MSPNetworks prioritizes keeping an eye on all aspects of our clients’ technology solutions to help avoid issues like these that could otherwise have gone unnoticed. To find out more about what we can do for your operations, give us a call at (516) 403-9001 today.