Categories
Industry Insights IT Solutions Managed IT Services

Many companies still don’t know how ransomware works

Many companies still don’t know how ransomware works and how it will affect their organization.

According to a global leader in internet content security software and cloud computing security, Trend Micro has released some alarming numbers at how many companies still don’t know how ransomware works.

  • 11 percent have never even heard of ransomware malware.
  • 20 percent do not know how ransomware malware works.
  • 82 percent consider ransomware malware a threat.
  • 33 percent think it comes from malicious email attachments.
  • 24 percent believe ransomware malware infections come from clicking a link in an email.
  • 14 percent believe it happens if you simply browse the web.
  • 69 percent believe they will be victims of a ransomware malware attack in the next 12 months.
  • 75 percent have already suffered a ransomware malware attack.

How are these companies protecting themselves? Here are the statistics.

  • 97 percent use automated data back-up and recovery services.
  • 86 percent keep an offline data copy of their back-up plan.
  • 77 percent have a disaster recovery (DR) plan.
  • 33 percent have tested their disaster recovery (DR) plan.

While many companies still don’t know how ransomware works, it continues to dominate the threat landscape as organizations are fueling the cyber-criminal hacker economy.  Companies are preparing disaster recovery plans and deploying preventative IT security methods to protect them from ransomware however without a lack of understanding of how ransomware malware actually works could make these actions redundant and leave your organization vulnerable to repeat attacks by cyber criminals.

Many companies still don’t know how ransomware works however our complimentary network and security assessment will put your company to the test.

365 iT SOLUTIONS delivers industry Toronto’s best IT consulting services including leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Your cyber security will destroy your value

Despite the damaging ramifications of cyber security threats, many companies may not think it is part of their strategic corporate plan. This is why Your cyber security will destroy your value.

Cybersecurity remains at the forefront of challenges for companies, IT departments and managed IT services providers as this critical business challenge is a growing concern with a devastating impact on company brands, company value and bottom lines.

Recently, KPMG released a survey of 403 CIO, CISO, CTO, and CIOs. These IT professionals come from many different industries including automotive, technology, banking, and retail sectors. Here are some interesting statics and numbers from the survey.

  • 81 percent admitted they had been compromised by cyber-attacks within the past 24 months
  • 89 percent of retail companies reported a breach in the past 24 months
  • 85 percent of automotive companies reported a breach in the past 24 months
  • 76 percent of banking and technology companies reported a breach in the past 24 months

What is the good news if you believe your cyber security will destroy your value?

  • 49 percent have invested in IT security within the past year 12 months.
  • 66 percent of banks appear to be proactive when it comes to investing in their IT security.
  • 62 percent of technology followed by 45 percent of retail and 32 percent of automotive.

Cyber attacks are affecting all companies however the larger organizations have the internal resources to protect themselves. Too many companies are taking a passive or reactive approach toward cybersecurity and network management when it should be a top issue for the entire company.

Your cyber security will destroy your value however you can protect it

Larger organizations have an IT security expert in place, however, this is not possible for small and midsize businesses (SMB). Cyber criminals go after the weakest systems in your network. According to the c-level executive from these large organizations, they acknowledged the ramifications of a security breach down to reputation at 53 percent and financial loss at 50 percent as the top concerns associated with falling victim to cyber attacks including ransomware malware.

If you are a small and midsize businesses (SMB) you don’t have to think that your cyber security will destroy your value but you do have to address it with your management team and managed IT services provider. You need to ensure that your company is taking a proactive approach to managing your IT infrastructure as well as your IT security.  Your IT consulting team must have a full plan in place as well as a well-defined explanation of how you are protected and procedures in place to address your disaster recovery (DR) plan.

Protect your value, brand, and business with our complimentary network and security assessment.

365 iT SOLUTIONS delivers industry Toronto’s best IT consulting services including leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Why do small businesses carry a large security target?

Larger enterprise has dedicated IT professionals to handle network security. As an SMB, stop asking why do small businesses carry a large security target? Protect yourself.

It is obvious that unsecured networks will lead to data leaks, data corruption, and many other problems, however, there are simple ways to protect your small business and avoid becoming a large security target.

Here are five simple IT security recommendations for small businesses to protect themselves, their data and reputation.

  1. Employees make a BIG difference to your network security. It is extremely important that you make employees aware of the importance of network security. Majority of network breaches happen due to business users that are not aware of safe IT policies and IT practices. Most times corporate users are not even aware of these policies or why they have to follow them. A corporate security policy should define the level of security and the roles and responsibilities of corporate users, IT administrators, managers and managed IT services providers. You need to ensure that an extensive IT security policy is in place and corporate users are trained.
  2. Backups, Backups, and Backups. I am sure you noticed that backups are important. All companies must have data backups in place. They need to be secure and scheduled. Daily incremental backups of data are important as well as offsite for disaster recovery. If your business suffers data loss, you need to be able to recover quickly to avoid huge downtime and loss or productivity and profitability. How much would downtime cost your business per hour?
  3. Your passwords are weak. You need to establish a strong password policy for your company.You also need to develop a strong password policy with your IT outsourcing team to ensure all network devices including routers, printers and firewalls are using strong passwords. Weak passwords will jeopardize your company security, user accounts, data, and reputation.
  4. Keep your systems up-to-date.If you work with a reputable managed IT services provider, you should already have this in play as it is the most effective way to manage your risk. Think of this as regular maintenance on your car. By having an effective business-class anti-virus, business class next generation firewall and other security tools on your network is a security base but not enough.  All these IT security tools need to be updated and patched regularly to ensure they are fully protecting your network and eliminating vulnerabilities that can be exploited by hackers and cyber criminals.
  5. Have full controls of your data. If you limit and control access to sensitive information, you will limit the exposure of your company.Any access to information on your infrastructure that contains specific sensitive information such as files, folders and applications should be restricted.  Access should only be given if a user needs it for their specific job function, however, it should be reviewed frequently so changes can be made as necessary.

Why do small businesses carry a large security target? Simple, they do not enforce these five simple security measures to protect their business, data, and reputation.

365 iT SOLUTIONS delivers industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services in the Toronto area.

Let our complimentary network and security assessment will put your company IT security to the test.

Categories
Industry Insights IT Solutions Managed IT Services

How Do You Protect Your Business from Hackers Top 5 Attacks?

Recently industry leading security penetration testers put together the most reliable methods for hackers to compromise a network. How do you protect your business from hackers top 5 attacks?

Security penetration testers successfully compromised many organizations using the same kinds of attacks and surprisingly, zero-days or malware attacks were not in the top 5 attacks.

What were the top 5 successful attacks?

  1. 66% of attacks were successful due to abuse of weak domain user passwords
  2. 64% of attacks were successful due to broadcast name resolution poisoning like WPAD
  3. 61% of attacks were successful due to local admin password attacks
  4. 59% of attacks were successful due to attacks on clear text passwords in memory
  5. 52% of attacks were successful due to insufficient network segmentation

How Do You Protect Your Business from Hackers Top 5 Attacks?

It is important to understand that protection from these threats does not have to be complex and expensive.

It is important to consult with your management team as well as your IT technical services team. There are some very simple and basic practices and tools in the market that would improve your organization’s security and data.

From the list above, attack number 3 and 4 are extremely simple to clean up if you deploy Microsoft’s LAPS tool on workstations and servers.  This will go a long way to protecting against pass-the-hash attacks as well as some central control of your network.

Clear text passwords in memory can be cleaned with a basic registry change. This can be covered by regular Microsoft Windows updates or the installation of Microsoft Security Advisory 2871997 as well as regular monitoring for any unauthorized registry changes.

Finally, you can also easily address number 1 and 2 as they are easy fixes and many need to change your IT policies however number 5 which is insufficient network segmentation should be last as it will take the most time to fix.

There are some technical terms listed above and many of these may be a bit technical. Most business management professionals will not know what they, however, they should be addressed with your IT department, IT consultant or managed IT services provider to ensure your business is protected.

365 iT SOLUTIONS delivers industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services in the Toronto area.

Let our complimentary network and security assessment will put your company security to the test.

Categories
Industry Insights IT Solutions Managed IT Services

Whaling attack, phishing attacks but more targeted

A whaling attack is targeting organizations financial department by imitating senior executives and initiating a request for payment.

As whaling attacks increase with targeted malicious emails, you should be aware of some alarming stats. Whaling attacks have increased 55% since 2015 and over 70% of them are turning to domain spoofing to trick employees into payment. Also, security professionals have found that 72% of all attacks are targeted at CEOs.

Also known as spear phishing, whaling attacks are the more targeted and more purposeful version of phishing emails. They appear as an internal or personal email, often complete with footers and corporate branding, and reflect the language and tone of the person they are pretending to be. When executed properly, they look legitimate.

 

So who are some of the known victims recently of whaling attacks?

  1. The CEO of FACC Operations GmbH which is an Austrian aircraft parts manufacturer was fired after the company lost €40.9 million (£31 million) to a whaling attack.
  1. In 2016, the CEO of Snapchat fell victim to a whaling attack when a high-ranking employee was emailed by a cybercriminal impersonating him and was fooled into revealing employee payroll information.
  1. Also in 2016, when an executive at Seagate unknowingly answered a whaling email that requested the W-2 forms for all current and former employees resulting in a security breach of income tax data for nearly 10,000 current and former Seagate employees.

 

The FBI stated whaling scams have cost companies more than $2.3 billion in losses over the past three years. 17,642 organisations from the US and 79 other countries have fallen victim to a whaling attack.

Most of these whaling attacks range in complexity, from very poorly executed to extremely intelligent attacks that are well focused and executed.  Cybercriminals invest a lot of time and effort to identify the corporate structure within their victims. They then use social engineering to manipulate employees into wiring funds to bank accounts. Once payment the employee was tricked into making the payment, the cyber criminals immediately withdrew or transferred the funds leaving little to recoup the funds.

Most of these whaling attacks happen by simply using a technique called email spoofing where a generic email is disguised to look like it is coming from the senior executive. Now there is email security software that will block spoofed emails however hackers are now using brute force attacks (guessing passwords) on the email account and tailored phishing attacks used to manipulate senior executive to disclose their email password.

Once email access is established, the cybercriminal will monitor conversations and learn the executive’s language and tone prior to sending targeted emails requesting logical payments be made by finance departments or personal accountants.

A whaling attack is mostly focused on electronic fund transfers, however, there has been an increase in cyber criminals trying to illegally secure confidential information and to gain access to other systems.

 

How do you protect your business from a Whaling Attack?

  1. Review and create a business process on payment requests.

Many companies have implemented a policy that requires multiple confirmations or verbal confirmation on all payments over a predefined amount. The FBI has warned that a whaling attack attempts to withdraw small amounts as part of their test run ($500, $1,000, etc.) followed by requests for much larger amounts if successful once they learn your behavior.

  1. Develop systems to protect information and access to other systems.

You should educate your entire staff on whaling attacks and have a policy on how to handle them. One of the best lines of defense is educating employees to understand social engineering methods as this will increase their chances to spot possible attacks.

  1. Use a different complex password for your email account.

Do not use the same password on your network as you would use for other online services such as Facebook, LinkedIn, Twitter, etc. Also, do not share your password with other employees electronically. Many times it may be an attempt via email spoofing to get your password and start the process for a whaling attack.

  1. Identify a spoofed email address

When an email is spoofed, you will notice the name is the same but the email address will change slightly to confuse the users. Example: Instead of getting an email from “John Smith jsmith@abcgroup.com”, you will get a spoofed email from “John Smith jsmith@abccgroup.com”. Notice how the extra “c” hides very well in the spoofed email address.

  1. Use proactive email security and next-generation firewalls.

You need to ensure with your IT department or managed IT services provider that your company is staying ahead of the security threats. You can reduce spoofed emails with a proactive security procedure including all steps listed above as well as a next-generation firewall protecting your network.

 

Is your business safe and protected from a whaling attack?

Let our complimentary network and security assessment will put your security to the test.

365 iT SOLUTIONS is Toronto’s leading IT consulting firm that delivers Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Do Not Be a Victim of Targeted Email Attacks

The rise of targeted email attacks is not new and their numbers are on the rise however you can avoid to becoming a target and victim.

As a leading managed IT services provider, we are proactively working at reducing the risk to our clients.  Cybercriminals rank their targets based on the critical business information. Healthcare, financial, government branches, corporations and nonprofits all carry sensitive information which is worth money on the black market.

Unfortunately, most victims have no knowledge that they were subject to these targeted email attacks as they are not properly trained to identify the warning signs of such cyber attacks resulting in financial losses, stolen data, and virus infections.

At 365 iT SOLUTIONS, we encourage all users to stay secure at all times as well as deploying multiple different preventative measures to protect your business need to be taken.

Here are some basic security measures all users should take to avoid becoming a victim of targeted email attacks.

do-not-be-a-victim-of-targeted-email-attacks-chart

Is your company protected from targeted email attacks?

Our complimentary network and security assessment will put your company, users, and security to the test.

365 iT SOLUTIONS is Toronto’s leading boutique IT consulting firm that delivers industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Healthcare takes the top spot for all ransomware

Ransomware is attacking and healthcare takes the top spot for all ransomware at a staggering 88 percent. Is your business safe from these security threats?

Ransomware Cryptowall was the top ransomware variant in the healthcare industry with nearly 94 percent of detections. Healthcare has been carrying the biggest target for ransomware hackers because the healthcare industry is most likely to pay the ransom to retrieve their vital data.

Even thou the healthcare industry is carrying the largest target, this does not mean everyone else is safe. It is vital that organizations take important steps in protecting their highly sensitive data belonging to the company and clients.

  1. As malicious ransomware has been attacking many organizations, you must have a robust backup and recovery process including complete disaster recovery plan.
  2. You also need to ensure your IT department or managed IT services providers is using active security software that is up-to-date and able to detect the most recent ransomware variants.
  3. As malicious ransomware threats continue to evolve, it will be crucial that organizations have defined incident-response procedures as well as preventive controls in place to reduce ransomware’s impact.

Healthcare takes the top spot for all ransomware but here are some interesting numbers to consider when thinking about your company, data, and security.

  • According to Symantec, Q1 of 2016 saw an average of 4,000 ransomware attacks per day.
  • According to the same study from Symantec, in 2015, an average of nearly 1,000 new variants per day.
  • According to Websense a Raytheon company, healthcare providers are 4.5 times more likely to be hit by Cryptowall ransomware than companies in other industries.

Ransomware is very different from other viruses and many IT departments and managed IT services professionals have had to deal with a company that has been affected with ransomware at some point in time.

Healthcare takes the top spot for all ransomware however you can protect your business. Our complimentary network and security assessment will put your security to the test.

365 iT SOLUTIONS is Toronto’s leading IT consulting firm that delivers Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

How Do You Recover from a Server Crash?

A server crash is very inconvenient, will cause business disruptions and cost your business money but it is not the end. How do you recover from a server crash? Simple.

If your company is using industry best practices and proper proactive IT management and monitoring, you should not be facing this issue however things happen.  It is possible to recover quickly from a server crash but you will need to plan it out properly in order to reduce downtime. Here is a breakdown of how IT consulting experts in the Toronto area recover from a server crash.

Access your Image-based Backups

Is possible, this takes time and money but it is the best option to getting your back up and running. Image-based backups are known as a backup process that creates a copy of the entire operating system (OS) including all data associated with it including the system state, configuration, and application configurations. The image-based backup is saved as a single file that is called an image.

Access Your Data Backups

If you do not have an image-based backup, you will need to perform the following two steps.

STEP 1 – You need to consistently backup your data daily. You need to backup data locally as well as offsite (cloud data backup) as part of your disaster recovery plan. Your data backups need to have all information that is essential to your company.

Step 2- A new server or factory-reset server will require re-installation from recovery media as well as all your specifications, software, and settings.

If you want to avoid on how to recover from a Server Crash? Here are some tips.

Proactive Server Management – By proactively managing your server, you will be able to see upcoming issues and budget for them. Not only does this reduce downtime and increase profitability, it also gives you reassurance.

Prevention Server Monitoring – By proactively monitoring, this will allow you to deal with potential server crashes and other issues. The server monitoring will alert you or your IT support services team to any issue therefore giving you time to stop the failure before the server crashes.

How Do You Recover from a Server Crash? Pretty simple but it can easily be avoided with proactive server management and monitoring. The proactive approach will always win when playing a long term game.

Is your server healthy or do you have a pending server crash coming?

Our complimentary network and security assessment will put your server, network, and company to the test.

365 iT SOLUTIONS is Toronto’s leading IT consulting firm that delivers Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Do you use Cisco firewalls? EXTRABACON is a new exploit.

Recently a hacker group hacked successfully into newer Cisco firewalls. Does your company use Cisco firewalls? EXTRABACON is a new exploit and has caused data leaks.

ExtraBacon is an exploit aimed at newer versions of CISCO ASA appliance. Now that this exploit is public, this opens the door to capable hackers to use ExtraBacon exploit in attacks or sell their hacker services to interested parties as part of the ever growing cyber crime industry.

Cisco ASA firewalls are extremely popular and widely deployed by large organizations and government agencies so it carries a very large target pool and there is no lack of potential targets worldwide.

Does your company use Cisco firewalls? EXTRABACON is a new exploit and what does it mean?

  • The Cisco ASA device must have SNMP enabled
  • The cyber criminals must have the ability to reach the device
  • The will use UDP SNMP to communicate with it
  • The hacker must have telnet or SSH access to the devices

Cisco still has to come up with a definite solution for Cisco ASA firewall lineup and the EXTRABACON issue, however, they have offered some workarounds and signatures aimed at allowing the detection of active exploitation of the zero-day flaw.

Is your company secure and safe from cyber security risks?  Our complimentary network and security assessment can give you the real picture.

 

365 iT SOLUTIONS is Toronto’s leading IT consulting firm that delivers Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Majority of cloud cyber security risks come from employees

Companies are getting smarter and investing in IT to increase their bottom line but the majority of cloud cyber security risks come from employees. How will your business hold up?

A recent research study conducted by a Cybersecurity-as-a-Service provider that specializes in protecting enterprises from cyber security compromised accounts, malware, and data breaches released some interesting numbers regarding cloud cybersecurity and the threats out there:

  • 75% of all cyber security issues are caused by a limited number of employees.
  • 1% of users are causing these cyber security issues for organizations.
  • 70% of cloud sharing occur with personal, non-corporate domains such as hotmail.com or yahoo.com.
  • 1% of users represent 62% of total app installs.

 So how do you address that majority of cloud cyber security risks come from employees?

Here are some useful tips to reduce your risk and bring your employees up to speed.

  • Organizations need to limit by using better security policies on the network for file sharing.
  • Stop users from accidentally downloading malware within the network by training them.
  • Reduce the risk by educating users no to click on phishing links or using unauthorized applications.
  • Deploy a proper password policy to stop dangerous security behaviors such as reuse of old password.
  • Enforce company security through company policies and best practices.

All companies and organizations need to remember that there is no industry out of danger. Technology is needed to run your organization and data is the product. Data is worth money on the black market and cyber criminals are becoming more creative on how to get it. Cyber security of cloud services can interrupt your business, network and data security by simply targeting 1% of your users are responsible for 75% of your risk.

Are cloud services related cyber security risks affecting your business?  Connect with a leading IT security consulting firm and take advantage of a complimentary network and security assessment.

365 iT SOLUTIONS is a leading IT consulting firm in Toronto that delivers industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.