Security Archives - NuTech Services LLC

Nov, 2022

Nothing Good Comes from Card Skimmers

Card skimming is a very real problem for companies and individuals alike, but there will always be those who are more impacted by these kinds of financial scams—particularly those who rely on prepaid cards provided by the government for food assistance and so on.

Skimming Losses Really Hurt Those Receiving Assistance

It has been confirmed by authorities that those who take advantage of Electronic Benefits Transfer, better known as EBT, which permits those paying for their food purchases through the Supplemental Nutrition Assistance Program, or SNAP, are at greater risk for loss from card skimming.

This is largely due to the way that the SNAP card works. The associated EBT account is debited to reimburse the store for the purchase, making the EBT card the same as a debit card. The card also has a PIN associated with it that allows the user to withdraw money from an ATM.

The issue with EBT cards is that they lack the protections that other payment cards have, like smart chip technology or fraud protections. SNAP funds can be stolen and spent, and without these protections in place, those who need the funds are left in a tight spot.

This shouldn’t come as a surprise to anyone who uses cards for payment—after all, hackers have been stealing card data for as long as they have existed—but they are getting much better at doing so inconspicuously. One way that they do this is through the use of card skimming devices which they hide inside cash machines, or those that are camouflaged to look like they are a part of the machine itself. This puts people at risk of having their card data stolen and duplicated by hackers and scammers, who can then use that information for fraudulent purchases or to sell them online to the highest bidder.

What Can You Do?

Until more states implement improved security measures for EBT cards, like eliminating the magnetic strip and replacing it with the modern security chips that other cards use, most of the security measures taken will depend on the user being more aware of how and where they are using their cards. Be on the lookout for signs that a machine has been tampered with, especially if the devices are found in a place that isn’t out in the open. And, of course, if you see something suspicious, say something so that others don’t become victims, too.

We want to help you be as secure as possible in your use of technology, so for more great tips and tricks, be sure to call us at 810.230.9455.

Nov, 2022

Whoops! Microsoft Update Has Been Missing This Critical Security Vulnerability

For the most part, Microsoft takes security as seriously as it should, issuing updates and patches to maintain your Windows and Server operating systems. While you can count on receiving these updates for your supported operating systems, what you might not have known is that Microsoft accidentally overlooked a flaw in its own defenses.

The Flaw is in Vulnerable Drivers

Microsoft has a Windows Update tool that is supposed to detect and add vulnerable software drivers to a blocklist.

Drivers are the bits of software that help your computer interface with various hardware. Without the driver properly installed and updated, the hardware doesn’t behave the way it should. Of course, we’re talking about software here, so drivers can be just as vulnerable to threats as any other software can, and because of their functionality, they have access to systems on your PC that can cause problems.

Well, Microsoft’s Windows Update tool hasn’t been managing the block list, even though Microsoft has insisted on reinforcing it. You may have been receiving updates and patches as needed, but this is one particular piece of security that has not been updated.

This flaw gives threats the ability to push any known vulnerable driver to your PC, then use those vulnerabilities to their advantage. These types of flaws are not new or unheard of; they have been around for at least a decade, and the large increase in threats over the past several years can be attributed to this vulnerability. Attackers like to cast wide nets using easy-to-leverage vulnerabilities, and this one fits the profile just fine.

Microsoft has been working on a fix and says that something will be coming with the next Windows update.

Businesses usually want to prevent their users from installing and configuring new devices on their work PCs, and this is a sound strategy to prevent many threats from striking your business. It’s not a magical cure-all, but it will go a long way.

If you’re ready to protect your network from external threats, know that NuTech Services is ready and able to assist your business with implementing enterprise-grade security solutions. All you have to do to get started is call us today. You can reach us at 810.230.9455.

Nov, 2022

Network Segmentation is a Smart Move for Business Cybersecurity

When it comes to your network and its security, you cannot give all of your users access to all of your assets. It’s just not a good practice, and doing so can potentially put your resources at risk. Let’s discuss how network segmentation can make a world of difference for the integrity of your network and the data found on it.

Explaining Network Segmentation

Network segmentation can best be described as the practice of segmenting your business’ network into different parts with the intention of protecting its various resources.

To use a practical example, consider how a bank might be set up. The bank isn’t just secured at the front door; it’s also secured at various points within the building, including security cameras and multiple locked doors, safety deposit boxes, and vaults, all of which require different keys to access.

Network segmentation works in the same way, providing multiple different opportunities to partition off various parts of your network for authentication and access control. This helps to handle not just external threats, but internal ones as well. It’s just one major component of a zero-trust architecture model, and it’s an important one.

How Does Network Segmentation Protect Your Business?

Network segmentation works by keeping certain people based on roles and responsibilities away from specific data on your infrastructure, thereby reducing the risk that it can be compromised or stolen. This helps your business against cybercrime and helps to limit employee access to data they have no business accessing.

For example, you wouldn’t want anyone on your sales team to have access to the personal or private data shared with human resources, and you wouldn’t want any regular employee handling payment information from a client or the financial information for your company’s banking. Each department has its own data that is required for it to function, and you don’t want to put yourself in a compromised situation because you let the wrong employee access the wrong kind of information.

If your business’ network is properly segmented, you can limit access to this information based on user role. Your HR department can have access to all of the records they need to do their jobs, and the same goes for accounting, IT, or any other part of your organization. This is especially important for positions like executives and IT administrators, who might have super admin access to the network, thereby granting considerable permissions for the entire network. Imagine if that account got hacked and used against you; you don’t want to think about it.

Let Us Help to Protect Your Network

NuTech Services can help your business handle all of its issues related to network security. To learn more, contact us at 810.230.9455.

Oct, 2022

Why Security Questions are Terrible for Security

What is your mother’s maiden name? What street did you grow up on? What is your favorite movie?

How about: What good do you really think these questions are going to do to help keep your accounts any more secure?

Seriously, there are a few big problems with the security questions that a lot of businesses, websites, and other accounts rely on. Let’s discuss why these security questions don’t work, and what some alternatives might be.

So, What’s So Bad About These Security Questions?

Let’s walk through an example to illustrate just that!

So, let’s say I was a mean little cybercriminal, and I wanted to help myself to the contents of your bank account. So, I go to your bank’s website, which I confirmed by sending you a phishing message. I also happened to confirm your username (and why I didn’t just take your password along with it, the world may never know) which I can then input into the bank’s website.

Oh darn, I still need that password…or, I can click the handy little Forgot password? link next to the entry field. I’m presented with a few options for your security question, and I have an easy enough way to potentially deduce any of them.

What was your mother’s maiden name? Off to Facebook, for which you either haven’t set your privacy settings or an update reset them without your knowledge. From your profile, I can easily go through and find who your mother is, who just so happens to use her maiden name in her profile so old friends can find her. Security question answered.

What is your favorite book/movie/etc.? Again, Facebook can come in handy here, as it’s somewhat likely you set up your bank account’s web credentials at around the same time as your Facebook. Facebook lists out the books and movies and shows and general interests that people have, and these pages are never as popular as when a Facebook account is first created.

Otherwise, a little bit of perusing through your photos might tip me off, especially if I find countless pictures of you wearing Twilight merch in the early days of you having Facebook, or see lots of John Grisham novels in the background.

What was the name of your first pet? Once more, Facebook is a handy resource. All I’d have to do is search a profile for any mention of a pet and I’ve got a pretty good chance of finding the answer.

Once I’ve completed my bit of Facebook snooping, I can simply give the bank the answers they need for their “security” questions, and I now have total access to your finances.

Keep in mind that Facebook is just one social media platform, too. By posting our entire lives on the platform, we’re putting a lot of trust in their security and in our own capabilities not to overshare or create secure passwords.

It Gets Worse, Too

While it’s getting to be a little old at this point, a study conducted by Google back in 2015 found that many of these security questions have horrifyingly predictable answers.

For instance, the study found that an attacker had a 19.7% chance of correctly answering, “What is your favorite food?” if they only had one guess and knew that the user spoke English. If a user spoke Arabic and the attacker had ten guesses, they had a 24% chance of correctly answering “What was your first teacher’s name?” If the targeted user spoke Korean, ten guesses gave the attacker a 43% chance of answering “What is your favorite food?”

That’s not even mentioning how the cultural differences between the person writing the questions and the person using them to secure their account can pigeonhole the user into selecting a more-easily-guessed answer because these cultural differences make for different experiences. Maiden names aren’t a globally-accepted tradition, after all.

Finally, if the attacker has a bit of technical skill, they can always try a brute-force attack against the recovery question—which, without the complexity requirements that passwords are subject to, is likely to take much less time.

So, If Not Security Questions, What Can We Use to Secure Accounts?

There are a few measures that can be taken to improve security safeguards. For instance, multi-factor authentication and biometrics can make it easier to access your accounts, without making it easier for attackers to do so.

Reach out to us today to learn more about the different authentication and security measures that we can help you implement. Give us a call at 810.230.9455 today!

Oh, and go check that your social media accounts have the right privacy settings.

Oct, 2022

Everything You Need to Know About Patch Tuesday

In the technology news sector, you’ve probably noticed a trend where Patch Tuesday makes headlines at least once a month. This is generally the day when Microsoft issues patches and security updates for its many different technologies, and it’s important for your IT department to know when Patch Tuesday falls each month.

Patch Tuesday Explained

Microsoft is perhaps the most high-profile software developer in the world, and with that kind of reputation comes many different technologies that must be maintained for countless people and organizations all over the world. However, no matter how big a deal Microsoft is, there will always be oversights and mistakes made, especially with complicated technology front and center.

This is why Patch Tuesday exists; it gives Microsoft one day a month dedicated to address performance issues and security risks associated with their products. Every month, the Microsoft Security Response Center issues information and updates using the Common Vulnerabilities and Exposures numbers on their website. These updates typically cover all current Windows operating systems and products which have not yet met their end-of-life or those that are on an extended support contract.

Patch Tuesday is the second Tuesday of each month. Patches and updates are issued at 5:00 p.m. (UTC).

Why Is It Important?

When they are addressed in a routine fashion like this, IT workers for businesses that use Microsoft products can prepare to deploy these patches and updates accordingly. IT workers need to prepare blanket installations to the entire infrastructure, so an official date makes this much easier to pull off.

Hackers also find Patch Tuesday to be helpful, as they can look through Microsoft’s patches and updates for code that might give away hints about other potential vulnerabilities. In other words, they reverse-engineer patches to target individuals who have not yet implemented the patches and updates, thereby punishing them for not understanding the importance of them.

Why Should You Implement Patches and Updates?

Patches and updates are issued so regularly because your business has so much to lose if you don’t implement them. Patches and updates clean up potential security concerns with your software that could give hackers access to your infrastructure, and with how crafty hackers are these days, new vulnerabilities and bugs are found all the time.

Even Patch Tuesday is not an infallible solution, though, as there are often vulnerabilities that can go months or even years without being detected, simply because nobody is actively exploiting them. In cases like this, security researchers happen upon the bug or vulnerability and address it in the next updates. However, if they find one that is being actively exploited, you can safely bet that Microsoft will issue patches or updates more expediently.

Does patching your technology give you some anxiety? NuTech Services can help out with these tasks. To learn more about how we can help keep your technology safe and updated, reach out to us at 810.230.9455.

Oct, 2022

These Are the Ways You Get Malware

Malware has been a problem for people that rely on technology for decades. Like the security that is designed to mitigate the effect of malware, the malware itself has grown in potency and frequency and is a major problem for businesses. Today, we will take a look at a few ways you can get malware.

Spear Phishing

One of the most common attack vectors for cybercriminals, spear phishing is the act of people disguising themselves as common entities to get their targets to provide their login credentials. These attacks can come in from all different directions: phone calls, email, messaging, social media, and even snail mail. Once a cybercriminal gains access to an account they can infect your network with malware, including ransomware.

Malvertising

Unfortunately, as the Internet grows, you can get malware on your computer by simply surfing the web. This happens through what is called malvertising. This is when malware is injecting malicious code into advertisements that are used on legitimate websites. Some can simply slow down your computer while some can hijack your browser controls and continuously direct them to pages full of ads.

Trojan Downloads

Trojans are strains of malware that have been around for decades. Today, users can acquire them through legitimate pieces of ancillary software from the Internet and email. While the initial download is legitimate, over time the software can be exploited to create malware. When a user installs any third-party software, the built-in security protections of the app store are circumvented.

Infected Documents

Documents such as .txt, .pdf, and others are all over the Internet. That’s why when users download them, they don’t think there is a problem. Unfortunately, it doesn’t take much for one of these documents to contain malicious code and end up infecting your computer and network. Every time developers attempt to fix this issue, hackers find ways around it.

Imposter Sites

Cybercriminals will now set up sites that look legitimate to get people to interact with them and provide them with the data they need to get access to networks. This happens in multiple ways that are designed to pull the wool over users’ eyes, such as changing a single letter in a URL or simply copying the design of a website but adding malicious links.

Fraudulent Mobile Apps

With so many people and organizations using smartphones for business purposes, there are apps out there that can turn into malware, much like the ancillary software you find with browsers and websites. Fortunately, the Google Play Store and the Apple App Store both have protections that keep malware from being a problem. Software updates can change apps and create problems for users.

If you are having trouble with malware, or think you do and are not sure, reach out to the IT professionals at NuTech Services. Our technicians can help you navigate today’s dangerous computing situations and keep malware from being a problem for your business. Give us a call at 810.230.9455 to learn more.

Oct, 2022

A Few Useful Insights into Online Payment Fraud

Financially-focused cyberthreats are no joke, especially considering how digital payments now make up 41.8% of all payments made worldwide. Let’s consider a few statistics that highlight how important it is to ensure that the payment card data your business collects is sufficiently protected.

Digital Payments are Twice as Common as Credit Card Payments

On a global scale, mobile wallets are used at just about double the rate as card payments are today—and while this means that a vast number of people have already embraced the benefits of these modernized payment options, this by no means is to say that it is a flawless system.

In fact, keeping pace with the adoption of digital payments has been the number of data compromises, with the victim’s full name, Social Security number, and date of birth being the most commonly breached personally identifiable information. Others follow closely behind, like the victim’s current home address, medical history, and driver’s license coming next.

According to the Data, the Usual Cybercrime Suspects are On the Rise

With a few exceptions, most forms of cyberattacks and vulnerabilities have either remained constant or have actually decreased in the past few years, save for the big three cyberattack vectors: phishing, ransomware, and malware. Between 2019 and 2021, all three of these attack vectors saw large upticks in their use.

Again, most (not all, but most) other attack vectors either remained somewhat constant or actually decreased in use during the same period of time, according to the Identity Theft Resource Center.

Meanwhile—and this may be the most concerning statistic for your customers—the most commonly stolen information in 2021 was apparently someone’s full name (in 1,803 breaches and exposures), their full Social Security number (in 1,136), and their date of birth (688). That’s the identity theft trifecta right there—and again, it isn’t as though other forms of PII were that far behind.

Data is a Precious Resource—Let Us Help You Protect It

Your business really does live and die by its data, in all its types and forms. We’re here to help you keep it safe so your operations can continue unhindered by issues of any kind. Give us a call to learn more about our managed services and our security services today at 810.230.9455.

Oct, 2022

Multi-Factor Authentication isn’t Infallible, But It Shouldn’t Be Abandoned

We haven’t been shy about pushing for multi-factor authentication, AKA MFA, and there’s a reason for that: if implemented correctly, it can help prevent many cyberthreats. Having said that, cybercriminals have managed to find a way to undermine MFA. Let’s consider how they’ve managed to do this.

First, let’s examine why we’ve trusted MFA up to this point:

What Makes Multi-Factor Authentication as Effective as It Is?

Phishing—or the act of manipulating the user, instead of the computer system, in order to gain access to data—has become a hugely common tactic, mainly because it works. Hackers are also still able to guess weak passwords and gain access. MFA adds an additional layer of security by requiring an additional proof of identity. Without this credential—typically something other than a password that’s harder to replicate—a hacker theoretically can’t get in.

Unfortunately, this is no longer always the case.

Hackers Have Figured Out Ways to Work Around MFA

Microsoft has observed a few recent attacks that demonstrate that hackers can in fact bypass MFA protocols that businesses put in place. The term bypass is important. It isn’t that hackers have cracked MFA, they’ve just figured out how to get around it.

It’s like driving through a city to find that your normal route is under construction, so traffic has slowed to a crawl. Sure, you could simply wait it out and hope to get through in a reasonable amount of time, or you could find another route.

Most hackers use something called an adversary-in-the-middle attack. The hacker sets up a proxy server between their target and the service they want the credentials for. By phishing their target, the hacker is able to steal both their password and the session cookie. This way, the user accesses their account as normal, with no knowledge that it’s been undermined, while the hacker gets what they want.

Hackers Have Used Other Methods, Too

MFA can be worked around in other ways, as well. MFA systems that rely on text messages or emails with single-use codes have little defense against a user being convinced to provide these codes as they are generated. Trojans can be used to spy on users, while other means can take over the devices used to actually authenticate the involved systems. Like many other forms of cybersecurity, it really comes down to how vigilant the user is.

So, How Do You Keep Your Business Systems Secure?

In our humble (expert, but still humble) opinion, the best cybersecurity strategy is one that relies on both the right technical security system and the capabilities of the people using it, working in tandem to better secure the protected assets. This is why we still recommend, even encourage, businesses to implement MFA despite these security hiccups. Our one caveat is that these businesses also need to educate their teams as to their importance.

We can help you do both, implementing enterprise-grade security while also providing comprehensive cybersecurity training and testing to ensure your business is as prepared as possible. Reach out to us today to learn more about how we can assist your business by calling 810.230.9455.

Oct, 2022

Who’s Sitting at the Other Keyboard While You’re Being Attacked?

It can be too easy to think about hackers and cybercriminals in an almost abstract way, diminishing them to little more than a faceless entity at a keyboard. Naturally, this is far from the truth. Let’s examine the reality of the cybercrime industry, which actually does as much harm to the perpetrators as it does to the people they scam…if not more.

How is this possible? Well, all one has to do is look at an ad that was up on the White Shark Channel of the Telegram messaging service:

“Selling a Chinese man in Sihanoukville just smuggled from China. 22 years old with an ID card, typing very slow.”

That ad, listing the sale of a human being, offered a price of about $10,000.

Many of the People Actively Operating These Scams Have Been Defrauded and Enslaved

Imagine that you were offered an employment opportunity that had a good enough offer that you agreed to travel to their location, only to be held there against your will and forced to work, under threat of physical beatings, torture, and starvation.

This is the reality for tens of thousands of people from China, Taiwan, Thailand, and Vietnam. Promising employment opportunities, victims are lured in and forced to work defrauding people online, all around the world. These victims are held captive, forced to engage in fraud until their negligible wages allow them to pay the fee to leave.

The thing is, these victims are regularly moved or sold to other organizations, with the price of freedom rising by a few thousand dollars each time.

These people are then forced to engage in “pig butchering” scams, where the scammer metaphorically fattens up their target before going in for the kill. Essentially, the scammer—pretending to form a friendship or even a romantic relationship—draws as much money from their target into an investment platform, but once the target is out of cash, the scammer cuts them off and makes off with the funds. Naturally, this kind of fraud isn’t reported very often, largely because of the shame associated with being bamboozled and betrayed in such a fashion.

These operations have this process down, to the point where documentation is provided to their enslaved workforce. They are encouraged to create social media accounts for their fraudulent personas, with photos available from specialized websites for this specific use. These profiles are then populated with photos and interests that communicate affluence, like those of luxury cars or posts about investing. They are even encouraged in one example of the scammer’s documentation to focus on family values, as this sort of belief helps encourage trust from others.

Once these profiles are created, these trafficking victims are then expected to reach out to their prospective victims. One forced scammer reported working on a team of eight such scammers, organized under a leader, and provided with 10 phones each to use as they reached out to a list of names in an attempt to draw them into these scams. From there, the scammers take note of any promising information that those who respond reveal, to see if there are any “pain points” to take advantage of. This “customer mapping” gives the attackers the opportunity to gauge how promising of a mark an individual may be.

Meanwhile, all of this is done behind bars, with barbed wire fences. Calling the police isn’t really an option for victims, either, as they will be harshly punished for doing so and likely sold to another operation…ultimately increasing the price for their freedom further. In addition, they are also coerced into making statements that absolve the company of any misdeeds.

Is What Forced Scammers Do Bad? Absolutely…But For Many, It Isn’t Their Choice

Don’t get us wrong: we are in no way apologizing for what hackers and scammers do. We just want to point out that, in many cases, the person actually taking advantage of you is just as much a victim as you are (and arguably, more so).

It’s also worth understanding that criminals treat cybersecurity like a business, albeit they are doing a wide range of horrifying and abhorrent things to accomplish their goals, it’s organized and optimized like a business that’s designed to cause harm.

Regardless, it is important that you and your team are able to identify and mitigate as many of any scammers’ attempts as possible. We’re here to help you do that, amongst our other services. Give us a call at 810.230.9455 to find out more about how we can help protect you.

Sep, 2022

Hackers Circumvent Traditional Cybersecurity with Phishing

Business owners often get unsolicited emails from individuals who want to sell them goods, services, or products. Depending on the message, they might even come across as a bit suspicious, prompting you to question the authenticity of the email. If you’re not careful, you might accidentally expose your organization by clicking on the wrong link in the wrong email, thus falling victim to the oldest trick in the book: the phishing attack.

The greatest threat from phishing attacks often comes from the fact that you might not expect a particular type of phishing scam. Phishing attacks are growing increasingly more common, and it’s for a very good reason: they work. Cybersecurity professionals have their work cut out for them, as hackers are frequently trying to overcome the latest security measures out there by utilizing a stagnant part of most companies’ security infrastructures: their employees.

Phishing attacks can come in countless different forms, and they all target the human element of your company’s security infrastructure. Whether it’s an unsolicited email, a phone call asking for sensitive information, a physical mailer asking you to pay a fine or fee, or even text messages asking you to click on links to confirm shipping details for an order you can’t recall placing, they all circumvent your most carefully placed security measures by leveraging your employees.

Furthermore, some phishing messages are so convincing and well thought out that spam filters might not even catch them in the process. If a hacker invests time into researching your business—including the recipient of the email—they could be so personalized that they can circumvent the spam filter entirely. These are very real threats to your organization, and if users don’t know what to look for, they could make a mistake that is hard to walk away from unscathed.

At the end of the day, the best way to combat phishing messages is not to implement the best security solutions on the market (although they do go a long way); it’s to train your employees on how to identify and respond to security threats like phishing messages so they don’t fall for social engineering tactics.

We always encourage businesses to use an enterprise-grade spam filter, but we also want them to train their employees to address threats in a way that minimizes risk. These are preventative measures that address issues before they become significant problems or detriments. They aren’t going to solve all of your problems, but they will prevent most of them from evolving into bigger and more dangerous ones. As per usual, your security is only going to be effective if people are aware of your solutions and policies.

While we cannot guarantee that you’ll never encounter a phishing attack again, acknowledging that these issues will appear from time to time can go a long way toward preparing to handle them effectively. NuTech Services can help your business acquire the IT resources and training needed to take the fight to phishing attacks. To learn more, contact us today at 810.230.9455.

Sep, 2022

Ransomware Has Gone Mobile

Smartphones have managed to hold out against ransomware a bit longer than other hardware and operating systems, but those days are coming to an end. It’s important to remember that the average smartphone is not protected with antivirus software and thus remains threatened by your standard ransomware attacks. It is absolutely critical that your business doubles down on its protection against ransomware, especially in the mobile market.

Defining Mobile Ransomware

Ransomware is defined as a malware that gives a hacker the ability to control a computer or network and hold it for a ransom. Users lose access to the controls and data that allows the system to function, and the only reprieve in most cases is to restore a backup of said data. Users have to decide whether they want to lose access to that data, restore the data from a backup, or pay the ransom in hopes that the hacker will honor their word and restore access.

Think about the number of smartphones which exist in the world today and the fact that most computing these days happens from mobile devices. With so much data to steal and devices to tap, it makes total sense for hackers to focus their efforts on mobile devices.

Phishing Plays an Important Part in Ransomware Infections

When it comes to malware dissemination, phishing attacks are hackers’ go-to methods of infection. When you think about how easy it is to slip up and click on the wrong link, you’ll realize that phishing is a very real threat to your organization and your data. Phishing can come in many different forms, too, adding to the stress. Will the hacker call you on the phone, send you an email, text you a link, contact you through social media, or even send you a physical mailer? It can be quite overwhelming.

How Does Mobile Ransomware Work?

Most mobile platforms remain remarkably secure even against the potent threat that is ransomware. Most scams resort to targeting the device’s cloud storage, locking it down, and demanding a ransom in the process. One particular iPhone scam uses the Find My Phone feature that allows the user to remotely lock the device. Scammers only wanted $100 to unlock the device, and with such a low asking price, people are of course going to pay up rather than go through the hassle of involving the authorities or other professionals. Hackers who gain access to an iOS account can even use the information to create new iCloud accounts and move all data into these new accounts until the ransom is paid.

Threats which target Android are similarly problematic, and they all start with phishing. The most dangerous one was called ScarePackage that targeted 900,000 Android smartphones over the course of 30 days. It was deployed through a fake app that could lock down the device and threaten that the FBI was the one responsible for doing so with the only solution being to pay a ransom. The FBI isn’t in the business of extortion, so this is a simple case of coercion and fear manipulation by hackers.

How You Can Protect Your Devices

Let’s examine some things you need to know about mobile phishing schemes.

The first warning sign is that the message will make you do a double-take. Phishing scams can come through a variety of mediums, including email, telephone, social media, and so on, be it for work or personal use. Mobile phishing messages can come through text messages asking you to click on links. These messages will seem random and out of place, so that is the first hint that something is out of the ordinary here.
Look for spelling and grammar errors. Professional correspondence has a certain look and sound to it, like the sender has taken some time to proofread and edit it. If you receive sloppy messages from strange senders, be wary of the message.
The messages might seem a bit aggressive. It’s one thing for a message to come off as frustrated, but another entirely when the person on the other end of the message demands immediate action. This is often a telltale sign of phishing messages; they urge people to make fast, irrational decisions through fear tactics and threats.

NuTech Services knows how to combat the countless types of cyberthreats out there, phishing and ransomware included. We can use our knowledge to implement high-quality technology tools and to educate your team on how to make the best decisions possible with their technology. To learn more about what we can do for your business, call us today at 810.230.9455.

Aug, 2022

We Think You Should Know What Social Engineering Is

Social engineering is a dangerous threat that could derail even the most prepared business. Even if you implement the best security solutions on the market, they mean nothing if a cybercriminal tricks you into acting impulsively. Let’s go over specific methods of social engineering that hackers might use to trick you.

Let’s start with a look at what social engineering is and why it works so well on users.

Social Engineering Targets the Human Part of Your Brain

Social engineering is designed to get you to act impulsively. In other words, it’s the manipulation of your emotions and thought processes. If we hear that something needs to be done, and it comes from someone whom we believe and respect, then we will naturally want to perform the task, even if it might not necessarily make sense in the moment.

In regards to business and social engineering, the stakes are considerably higher than if someone were to play a prank or a trick on you. In these cases, social engineering tactics prey on the fears and anxieties associated with the workplace. All of this takes some preparation on the hacker’s part. Here are some of the steps involved in this process, from the hacker’s perspective.

The Steps Involved in a Social Engineering Attack

Depending on the target and the victim, the social engineering attack might go through various stages. More often than not, the attacker will plan out their attack through the use of research. Let’s get in the mindset of an attacker to see it from their perspective.

If you wanted to attack a company, for example, you might first collect as much data as you could. The Internet can be a treasure trove of information on its employees thanks to its open nature, and you might be able to find information publicly on social media and networking sites like LinkedIn, Facebook, and others. You might discover some of the likes and dislikes of these employees. Afterward, it is just a matter of using this information in a way that gets the user to act a certain way.

There are other ways of going about an attack, too, like fear tactics. Employees don’t want to get in trouble in the workplace, and if they get a message from someone claiming to be their boss, they will likely act to keep their integrity and job in check.

A resourceful attacker might use a combination of both to get their way. If someone posts a picture on social media with their webcam in the background, the attacker could use this to instill fear in the user’s heart that they have been caught doing incriminating things. The attacker might then threaten to release the footage to personal or professional contacts, and then they might demand a ransom in exchange for not doing so.

How Can Your Team Avoid Social Engineering Attacks?

If you want to help your team avoid social engineering attacks, it starts with helping them spot some of the dead giveaway signs:

Messaging and tone that incites fear or makes a threat
Links that were not requested and don’t match their apparent destination when you hover over them
Close-but-not-quite email addresses and domain names
Malicious email attachments

It also never hurts to confirm the identity of the message’s sender through secondary means. You might go check on your boss to make sure that the message came from them, or you might contact the third party that the message claims to be through a number you might have on record. As long as your employees are aware that social engineering exists and that they can become the target of attacks, then you can’t go wrong here.

Let Us Help You Get Ready for These Threats

We want to help you ensure that your team is ready to tackle important security problems in a way that doesn’t put your organization at risk. To learn more, reach out to us at 810.230.9455.

Aug, 2022

Don’t Let Your Guard Down While You Travel

With so many workers constantly connected to screens and other technology, it is a good idea to disconnect every so often by taking a vacation somewhere. However, it’s not always this easy, especially for a business owner who is still minimally connected to the office even while technically on vacation. We’ve got a couple of tips for how you can make the most of your technology while on your vacation without putting your company at risk in the process.

Use Your Mobile Hotspot Over Public Wi-Fi

It is safer to use your smartphone as a mobile hotspot than using public wireless connections, and it is well worth paying a little bit extra. You’re not going anywhere without your phone, so it makes sense that you use your mobile hotspot to connect your laptop, tablet, or other device to it rather than use a potentially unsecured wireless network. As long as you have decent cell service, it’s guaranteed to work, unlike a public Wi-Fi connection.

Connect to Public Wi-Fi Only When Necessary

We think it’s safe enough to pull up directions or to look at your flight itinerary while using public Wi-Fi, but you should be a little more careful with checking your email, logging into your social media, or anything else involving sensitive information. The longer you remain on the network, the longer you are at risk of having your data stolen.

If you have a virtual private network, however, you can use that to create a secure connection for work-related information. Your business should be using one of these anyway, especially in the wake of a pandemic which forced countless employees to work remotely.

Be Careful of What You Share on Social Media

If people know you aren’t home, then who’s to say that they won’t try to break in? The automated outdoor lights are not going to be enough to stop someone who is intent on breaking and entering. It’s better to just not advertise online that your home will be empty for a week. We aren’t saying that you will be robbed while on your vacation, but it’s certainly not out of the realm of possibility.

People could even come up with elaborate schemes to make your life more difficult, too. Imagine some hacker or scammer sees that you are on vacation for a couple of weeks, then uses your identity to get the help of a random Facebook friend with some nonsensical story about how you lost your wallet and need help getting home. When you consider how often accounts are hijacked, it’s not a stretch to think it could happen to you.

Make Sure Your Traveling Accounts are Secured

Traveling often means that you are creating new accounts, whether you are flying on an airline for the first time, using a ride-sharing service, staying at a hotel, or even something as simple as ordering food. Make sure that you aren’t getting too lax with your personal information, and ensure that you are always using complex, secure passwords for your accounts, stored in a password manager rather than your web browser. It can sometimes be easier to plan ahead so you don’t have to worry about it at the moment.

Let Us Take Care of Your Technology

If you are going on vacation, we hope you get as much rest and relaxation out of it as possible. The past couple of years have not been kind, and we could all use a break–especially now. Take some of the worrying out of your vacation by trusting your IT management to NuTech Services. We’ll make sure things run smoothly while you’re gone. To learn more, reach out to us at 810.230.9455.

Jul, 2022

Securing Every Endpoint is Important to Maintaining Security

Sometimes it can be easy to take cybersecurity for granted, especially when you consider that built-in security features are more powerful than they have ever been. Unfortunately, if you think that cybersecurity is something that ends with the built-in security of your desktops and laptops, then you’re in for a rude awakening.

Most Devices Are Connected These Days

Besides older industrial machinery and equipment, just about all devices connected to your network communicate with each other in some way, thereby making them a cybersecurity risk. Individual workstations and desktops might be protected, but you also need to keep them updated, along with all of the other endpoints that might be connected to your network.

In fact, you might be surprised by some of the other devices that could potentially be threats to your network.

Network Printers Can Be Dangerous

Does the name Stackoverflowin ring a bell? Back in 2017, this hacker hijacked 150,000 printers all over the world from big brands like Canon, Brother, Epson, HP, and Samsung. They were then able to send documents to these printers to print out the messages. The attack might be harmless, but it showcases just how serious issues of cybersecurity with printers can be, as they can be controlled and manipulated in ways you might not expect.

In essence, the above attack could be categorized as a botnet, or a large group of infected devices from all over the Internet using their collective power to launch an attack against a network. This segues nicely into our next topic of discussion, the DDoS attack.

Internet of Things and Distributed Denial of Service Attacks (DDoS)

Just last year, the world saw the most massive DDoS attack yet. A DDoS attack is when countless devices—we’re talking hundreds, thousands, or even millions of infected devices—band together to launch all of their power against a website or service. It’s like when the grocery store has too much traffic and people get stuck waiting around in the aisles, or when a highway experiences traffic congestion.

Anyway, back to the attack. It went after its target with 17.2 million requests per second, three times larger than the largest DDoS attack which preceded it. With a varied list of compromised devices, including smart appliances and various Internet of Things devices such as smart light bulbs, thermostats, washing machines, and others that can connect to a smartphone, anyone with connected devices has reason to fear these attacks. And, of course, if a hacker can take over your washing machine, you bet they’re not going to be doing your chores for you. They’ll likely use it to gain deeper access to your network and create all kinds of problems for you.

Networking Equipment Like Routers, Switches, and Other Hardware

Any device which sends or receives network traffic throughout your office is going to be vulnerable, as it’s likely connected to your workstations, which your employees use on a day-to-day basis. Even in the home environment, you can expect there to be threats aplenty, as just last month a new type of malware was discovered making its home on consumer and small-business grade network routers. This particular threat allowed hackers to influence connected devices using the Windows, Linux, and macOS operating systems.

The malware, an incredibly complicated and sophisticated threat called ZuoRAT, is believed to have been created by a major organization or perhaps even a nation-state. The threat is quite difficult to identify and detect, all while granting a considerable amount of control to any potential attacker, making it a dangerous combination of stealthy and powerful. It can also be used to roll out additional malware, bypassing security measures along the way.

Yes, Even the Bluetooth Earbuds

Bluetooth headphones might seem small and of little consequence, but even these devices can be vulnerable to threats. Take, for example, the vulnerability which was discovered within the microcontrollers of a handful of earbuds, allowing hackers to gain control over the device for the purposes of a botnet. The threat has only been used by researchers, but security experts were able to break into their own Bluetooth earbuds and disable the Bluetooth and wireless communications on the connected device. Imagine the repercussions this could have in the realm of a physical security system, where security cameras could be broken into and turned off.

Pretty scary stuff, although we would like to mention that we don’t bring this up to scare you—merely to open your eyes to the possibilities out there for hackers, which are seemingly infinite in scope.

It’s Never a Bad Time to Consider Your Cybersecurity Strategy

We know it can be a little unnerving to think about the many threats out there, but you don’t have to do it alone. NuTech Services is here to help you navigate the cybersecurity landscape. To learn more, reach out to us at 810.230.9455.

Jul, 2022

Get Your Cybersecurity Answers with Penetration Testing

Hacking attacks can be stressful to manage, but when you add in that they can strike when you least expect them to, it gets a lot worse. You’ll never know how you respond to such an event unless you simulate it and replicate it somehow. This is what the penetration test is used for; it provides your business with a way to prepare for cyberattacks.

Understanding the Penetration Test

When you perform a penetration test, you check your infrastructure to see where it cracks against a cybersecurity attack. These tests are performed by trained IT professionals who simulate the methods used by real-life attackers. The goal is to find where your business might be most vulnerable to infiltration.

A penetration test will often be performed with a goal in mind. You might need to know which systems are most vulnerable to hackers, and in the process, you might discover that one particular system is more vulnerable than you previously thought. Penetration tests are vital to stopping data breaches and for laying out how you plan to respond to them. It’s much better to keep issues from developing into larger problems.

The Various Types of Testing

First, we should outline the difference between a penetration test and a vulnerability assessment. With the latter, you are just getting a list of what needs to be addressed, while a penetration test is more of a simulated attack against your infrastructure to see how it responds to the attack. Here are three ways that a penetration test is generally performed:

Black box testing – The tester goes in blind; in other words, they know nothing about the network or what to target. This type of testing might be used if there are no specific problems that need to be addressed.
White box testing – The tester goes in with full understanding of the network, often looking for specific problems that need to be addressed.
Gray box testing – The tester has partial knowledge of the network. In other words, they don’t have the whole picture, but they have some of it.

The results will show just how far the data breach got, what was stolen, and other important metrics that you’ll need to keep in mind for resolving problems like these in the future. Not all security plans are fool-proof, which is why there is a necessity for such a test in the first place. It’s up to you and your security team to ensure that such an attack cannot occur for real.

Get Started Today

Small businesses can often struggle with technology management, especially with so few resources at their disposal compared to larger enterprises. This is why we offer comprehensive IT solutions that can fit into just about any budget. If your business can overcome the challenges presented by cybersecurity, then you can go about your day-to-day operations with greater confidence.

To learn more about how we can assist with penetration testing and other proactive, preventative security measures, reach out to NuTech Services at 810.230.9455.

Jul, 2022

The RSOCKS Botnet Shows the Dangers of Unsecured IoT

Botnets are nefarious entities consisting of countless connected devices, all of which have been infected by hackers to perform malicious deeds. One such botnet, a Russian botnet consisting of millions of infected Internet of Things devices, has been dismantled and taken down by the United States Department of Justice and various law enforcement agencies throughout Germany, the United Kingdom, and the Netherlands.

The RSOCKS Botnet

The RSOCKS botnet was responsible for hacking into countless computers and other connected devices all over the globe, according to the Department of Justice. This particular botnet was operating as a proxy service. While it advertised selling legitimate IP addresses through an Internet service provider, or ISP, it was instead offering IP addresses assigned to devices hacked through the botnet. The purpose of this service was for hackers to conceal their IP addresses from law enforcement while they launched attacks against authentication portals.

In other words, hackers were using these hacked IP addresses to conceal their activity while they launched attack after attack against authentication platforms. The Department of Justice reports: “It is believed that the users of this type of proxy service were conducting large-scale attacks against authentication services, also known as credential stuffing, and anonymizing themselves when accessing compromised social media accounts, or sending malicious email, such as phishing messages.”

What Happened to RSOCKS?

The FBI has since seized control over RSOCKS’ website, where users could purchase IP addresses. The price points for these services ranged from $30 per day for 2,000 proxies to $200 per day for 9,000 proxies. If a user committed to making the purchase, they could download their list of IP addresses and ports, which they could then use to route traffic through the cracked devices to obscure their true identity. The botnet was first built using infected IoT devices, but it later took advantage of Android and other types of computers, too.

When services like this are so affordable, even to the layman hacker, you cannot afford to not take them seriously.

What Can Be Done?

This type of threat shows the security shortcomings of Internet of Things devices, something which your business needs to be well aware of if it is to successfully protect itself from threats such as this. The reason behind why Internet of Things devices were chosen as outlets for these attacks is that many are distributed with their default passwords, easily allowing hackers to bypass their security features and take advantage of them. If you do utilize IoT devices, you should use the same security standards that you would use for other, more advanced devices, like more strict password policies or dedicated networks specifically partitioned off for IoT devices.

NuTech Services can help you take all the appropriate measures needed to secure your business. To learn more about what we can do for your organization, reach out to us at 810.230.9455.

Jun, 2022

Are You Budgeting Enough for Security?

Cyberattacks have caused many millions of dollars worth of damage to businesses over the past several years, so it makes sense that your business should invest in its cybersecurity to mitigate these damages. That said, there is only so much you can invest into your cybersecurity budget, as you have to factor in other parts of your business, too. Today, we want to share with you three ways you can invest in cybersecurity initiatives that won’t completely break your bank.

Many organizations hire a CISO, or Chief Information Security Officer, to handle the management of their cybersecurity budget and the general security management for IT resources. This individual might operate under the CIO, but they have the chief responsibility to ensure that the cybersecurity budget is allocated as the business sees fit. Here are four tips you should keep in mind when finding your CISO.

Identifying Your Organization’s Digital Strengths and Weaknesses

Most IT implementations are rooted in an understanding of your infrastructure’s strengths and weaknesses. In order to get the most out of your IT capital, it helps to know just what needs to be addressed and where you can benefit the most. You might be shocked by how much an audit can help with this process. Some of the common issues suffered by small businesses include:

Business continuity plans: Businesses don’t always have contingency plans in place for the worst-case scenarios, especially for their IT systems. If they’re not careful, downtime could become a serious problem in the event of a disaster.
Phishing and cybersecurity training: With the threat landscape constantly changing, you’ll want to make training your staff a priority. Phishing attacks are the top way malware spreads across systems.
Cybersecurity insurance: Cybersecurity insurance does exist, and it can help to protect against data loss and cyberattacks.

A comprehensive security audit can help your business address the many challenges it might face moving forward.

Aligning Your Security to Support Your Business

Certain investments might be practical, but they also need to suit your business’ specific needs. Security spending is something that can be justified as long as risks can be managed appropriately. To this end, you should invest in solutions that provide a return on your investment over the long term such as risk mitigation, regulatory compliance, and solutions that also boost productivity and efficiency, such as automation. This can justify the expenses associated with automated security processes.

Onboard Solid Contributors

The final piece of the puzzle involves building a strategy that requires investments be made in your IT infrastructure. Whether you are trying to hire new employees or bring in professionals to help train your existing workforce, investing in the people power of your business will always be fruitful. The more your employees understand about the role they play in securing your business, the easier it will be to keep your organization safe.

Network security doesn’t have to be challenging. If you make informed decisions about your security investments, you can remain confident that your organization will be making the right decisions moving forward. To learn more about how NuTech Services can fit into your IT decision-making process, reach out to our professional technicians and consultants at 810.230.9455.

Jun, 2022

Securing Your Endpoints Can Help Thwart Cybersecurity Troubles

How many devices or points of access do you have for your business’ data infrastructure? Chances are it’s more than you think, at least at first glance. If you count up all the mobile devices, server units, workstations, laptops, and so on that have access to your network, you might suddenly realize how important it is to secure all of these endpoints, as any unsecured device could be a path forward for hackers.

What is an Endpoint?

In short, an endpoint is any device that interacts with your data infrastructure. Examples include smartphones, tablets, laptops, desktops, networking devices, servers, routers, and so on. Essentially, any device that has access to your infrastructure in any way can be considered an endpoint, so you must do what you can to make sure they are secured. Otherwise, you could be inadvertently putting your data at risk.

Considering the fact that many employees are still working remotely, and likely will for the foreseeable future, you must consider where and how your employees are accessing the data on your network. It doesn’t matter if the device is employee-owned or company-owned; it still needs to be secured, perhaps even at the infrastructure level.

What Can You Do to Protect Them?

We’ve put together a list of practices you can use to improve endpoint security for your organization’s infrastructure:

Implement enterprise-level security solutions including a firewall, antivirus, spam blocker, and content filter
Consider a zero-trust policy to ensure all users authenticate their identities before being granted access to data
Use a virtual private network to encrypt traffic into and out of your network
Consider permissions of all users on your network
Train your staff on how to identify potential attacks against your network
Back up your data just in case you need to restore it in the future
Secure devices that you don’t think need to be secured, like Internet of Things devices—perhaps even on their own network separate from your business’ operational connection

Get Us On Your Side!

If you need cybersecurity professionals to back up your endpoint security, we’ve got you covered. NuTech Services can help you implement any and all solutions you need to keep your business safe. With us on your side, you’ll know that your data is well-protected, no matter which device is accessing it.

To learn more about what we can do for your business, reach out to us at 810.230.9455.

Jun, 2022

When Working Remotely, Cybersecurity Has to Be a Priority

Cybersecurity is something that must be reinforced both in the office and out of the office for your remote employees, and it’s unfortunately quite difficult to maintain. Let’s take a look at the unique circumstances surrounding the remote worker and how you should reinforce security best practices for them, even if they are not physically present in the workplace.

Best Practice: Provide Them with the Tools to Stay Secure

It’s important that you give your employees the tools they need to stay secure while outside the protection of your in-house network. We recommend that all remote workers utilize a fully up-to-date antivirus software at all times, as well as a virtual private network (VPN) connection. A VPN in particular is an excellent tool for just about any business, as it can keep onlookers from snooping through the traffic moving to and from your employees’ devices.

Best Practice: Emphasize Password Security Even More

There are several password best practices that should be followed, including a couple that we keep near and dear to our hearts at all times: never write down your password, always use a different password for a new account, create a passphrase that is difficult to crack, and so on. Remote employees should be held to the same standards as your in-house workers, and perhaps they should practice even more stringent guidelines. You want to craft a culture of cybersecurity that reinforces appropriate password best practices so that these standards stay at the top of your priority list at all times.

Best Practice: Reinforce Physical Protections

There is more to cybersecurity than just the digital component of it; you must also consider the physical security side. Be sure to keep unexamined peripheral devices away from your work hardware, and be sure that any and all hardware used for work is kept secure at all times. We recommend that you reserve it for work exclusively rather than using it for your personal use, too. Doing so helps to keep it secure, and it helps to keep you sane, too.

These tips are only the beginning of an appropriate remote cybersecurity policy. We recommend that you contact NuTech Services for even more great tips and tricks on cybersecurity. To learn more, give us a call at 810.230.9455.

May, 2022

4 Surprising Statistics about Network Security

If you aren’t making cybersecurity a priority for your business, then we urge you to review the following statistics to ensure that you understand the gravity of the consequences. Let’s take a look at some of the ways scammers and hackers are making their way around the carefully-laid defenses placed by businesses and how you can protect your own organization.

First, a quick look at the statistics is in order:

The global cost of cybercrime is a staggering $6 trillion.
On average, it takes over half a year to detect a data breach.
91 percent of attacks start with a phishing email.
Businesses faced an average of 22 security breaches in 2020.

$6 trillion makes cybercrime the world’s third-largest economy, which is a little jarring to say the least. Evidence suggests that four percent of the U.S. GDP is swiped by those involved in cybercrime. This is a total of billions of dollars, all stolen by hackers and scammers every year. These numbers are for the United States alone; imagine what is being done on a global scale.

As far as the news is concerned, you would think that data breaches are so high-profile that they are identified easily, but this is simply not the case. The average time to detection, according to IBM, is around 287 days. In data-intensive industries like healthcare and financial services, this number is even larger. IBM provides a timeline for containment as well, a number that sits at around 80 days.

Social engineering attacks were far from the norm in computer-based attacks, but hackers have continued to utilize these attacks to best even the smartest of network security professionals and solutions. Phishing attacks are the primary example of this; it might not be easy to crack a password, but it might be easier to do so if the user whose password you’re trying to steal willingly gives it away because they don’t know any better. This is why phishing has become front-and-center in the cybercrime field.

No business is too small to become the target of a cyberattack, and you should always be prepared to deal with the worst-case scenario, no matter how unlikely it might be. The average business deals with 22 security breaches each year, and you can rest assured that if you fail to protect your business, it will suffer as a result.

Network security can be daunting, but it doesn’t have to be. We aim to make understanding its intricacies easier and to take the burden off of small businesses. To learn more about what we can do for your business, reach out to us at 810.230.9455.