22
Nov, 2021
NewRules_353881430_400.jpg

U.S. Government Making an Effort to Stop Exploits

NewRules_353881430_400.jpg

Earlier this year, there was a string of high-profile ransomware attacks leveraged against major companies. Now, the United States has issued an order that dictates guidelines for how to patch various vulnerabilities in affected systems within federal agencies and organizations. It’s a huge move in an effort to stop hackers and other cyberthreats from becoming more serious problems in the future.

The direction was issued by the Cybersecurity and Infrastructure Security Agency (CISA), and it essentially assigned due dates ranging from November 2021 to May 2022. CISA is urging all federal agencies and organizations to resolve certain known and exploited vulnerabilities during this timeline. There are some notable exceptions for national security-related infrastructures, though.

The catalog of known, exploited vulnerabilities is located on CISA’s website. This catalog contains information on each known vulnerability, and all of them (around 300 or so) are all believed to pose some kind of threat to the federal government. The catalog also links to NIST database entries for guidance on how to apply these patches and resolve these vulnerabilities.

This is obviously a huge undertaking and one that could lead to miscommunications, confusion, and more throughout the patching process. This is especially true when you consider that each department is responsible for deploying their own updates and are only accountable to CISA. Even so, CISA is applying pressure on these organizations to meet specific criteria within a timeframe.

This timeline varies, but within 60 days, agencies must review and update their policies on vulnerability management, and these new policies must be made available to CISA upon request. Agencies must also have a policy in place for carrying out the directive issued by CISA. Organizations must identify who is responsible for this, as well as how they plan to track and report on the implementation process.

If you think patch management is difficult for governments, then imagine how difficult it can be for small businesses with more limited spending power and fewer resources at their disposal. SMBs tend to patch vulnerabilities when they have the time and resources to do so rather than when they need to be deployed, which is not the correct approach. For each day you don’t resolve a vulnerability, you are giving hackers countless opportunities to break into your network.

NuTech Services can help your business with patch implementation and update deployment. We can make this process automatic and easy to take advantage of. You’ll find that there are countless benefits to freeing yourself from the worries associated with technology management and maintenance, and trust us when we say you’ll never have to worry about patches or updates again.

To learn more, reach out to us at 810.230.9455.

17
Nov, 2021
cybercop_396611576_400.jpg

Network Security Cannot Be Ignored

cybercop_396611576_400.jpg

You see the headlines every single day while browsing the Internet: “So-and-So Suffers Massive Data Breach” or “Huge Data Breach Leaves Thousands of Credentials Exposed to Hackers.” Maybe you don’t see these specific headlines, but you get the idea; cybersecurity is a big deal these days, and you need to take it seriously before your business encounters problems that it cannot recover from.

Specifically, you need to implement a variety of security measures that mitigate risk for your business should it ever become the target of hackers. We’ve put together some of the most important measures here for your reference.

Unified Threat Management

A UTM is a device that includes many of the best industry-standard security solutions and packages them into one appliance. A UTM generally includes solutions like a firewall, antivirus, spam blocker, and content filter. It’s a pretty great all-in-one solution that includes a lot of helpful features that your organization will surely get value out of.

Multi-Factor Authentication

For securing accounts and network access, you can turn to multi-factor authentication, a concept which is proving more and more valuable with every passing year. Essentially, you need a combination of measures to access an account, such as a password, biometrics, or access to a secondary device or account. A best practice is to implement two of the three above features so that they include something you know, something you have, and something you are.

Password Management

Multi-factor authentication is vital to your business, but password management is also of critical importance. Password management involves generating multiple complex passwords and storing them in a secured vault where they can be called upon when needed. In essence, a password management tool makes it easier than ever to utilize complex passwords, but you should also know that complex passwords are no substitute for multi-factor authentication.

NuTech Services can help your business implement and maintain just about any security solution you need to keep your company safe. To learn more about what we can do for your business, reach out to us at 810.230.9455.

10
Nov, 2021
249078937_monitor_network_400.jpg

You Can Tell a Lot About Your Business by Monitoring Your Network

249078937_monitor_network_400.jpg

Network security is one aspect of your business that absolutely should not be underestimated. In fact, many companies fail to adequately monitor their networks, and it can lead to many complications down the road. Why is it so critical to monitor your network, and how can you make sure that your business is actually doing it?

Let’s say that your day-to-day operations are proceeding without a hitch. Over time, however, small things start to go wrong. Files start to go missing or settings are slightly tweaked. You might also see some network slowdown. In any case, these issues can compound and you might not notice that they are issues until something seriously odd happens.

By the time you choose to investigate, things are getting seriously bad. It turns out that one of your users has been accessing your network and making these odd changes, but the strange thing is that you know this user personally. They would never do anything like this, and they deny that they have been making any changes to your network. So, who do you believe?

Further investigation shows that the user has been accessing their account from an unknown IP address and from a different country, something which confirms your worst nightmare. Your network has been breached thanks to a compromised account, and since you were not looking for this from the start, who knows how much damage has been done?

Situations like the one outlined above are exactly why you need to keep a close watch on your network. Otherwise, how can you know when inconsistencies like these are a legitimate problem? If you don’t think to look where problems exist, you won’t discover any. While knowing the truth might be scary, the consequences are even more terrifying.

You don’t have time to monitor your network like this and keep operations moving, which is why we at NuTech Services offer comprehensive remote monitoring and network security services. We can keep a close watch on your network for these types of issues to make sure that threats don’t fly under the radar on your network.

With solutions like our unified threat management tool and multi-factor authentication, alongside access controls and password management, you can know for sure that your organization has done all it can to keep itself safe from threats. To learn more, reach out to us at 810.230.9455.

8
Nov, 2021
412578546_ai_scary_400.jpg

In the Wrong Hands, AI is Dangerous

412578546_ai_scary_400.jpg

Artificial intelligence, or AI, is a technology that many industries have found themselves benefiting greatly from, especially in the domains of cybersecurity and automation. Unfortunately, for every one great use of something, hackers will find two bad uses for it. AI has dramatically changed the landscape of cybersecurity and, more interestingly, cybercrime. Let’s take a look at why these threats are so concerning.

Deepfakes

The word “deepfake” comes from the words “deep learning” and “fake media.” A deepfake uses false imaging or audio to create something that appears authentic on the surface, but it is totally fake underneath. Deepfakes can be extremely dangerous and harmful when used under the right circumstances, like a news article showing off a fake video or image. AI-generated deepfakes have even been used in extortion schemes and misinformation scandals.

Deepfakes using AI can generate realistic videos, particularly when there is a lot of source material to call upon, like in the case of famous people or high-profile individuals with a large web presence. These videos can be so convincing that they can show the celebrity or even a government official saying or doing just about anything, creating misinformation and distrust.

AI-Supported Hacking Attacks

AI has been known to help cybercriminals with everyday hacking attacks, too, like breaking through a password or finding their way into a system. Hackers can use machine learning or artificial intelligence to analyze and parse password sets, then use the information learned to piece together potential passwords with shocking accuracy. These systems can even account for how people adjust their passwords over time.

There are also cases where hackers use machine learning to inform and automate their hacking processes. These systems can find weak points in infrastructures and penetrate them through the weaker links. These systems can then autonomously improve their functionality over time with great effectiveness.

Human Impersonation and Social Engineering

AI can also impersonate human beings by imitating their online behaviors. Automated bots can be used to create fake accounts capable of doing most of the everyday online activities that a user might (for example, liking posts on Instagram, sharing status updates, etc). These bots can even use these tactics to make money for the hacker.

Suffice to say that AI systems as a threat represent quite a dangerous future, should they be leveraged properly. These threat actors should be monitored both now and in the future.

To ensure that your organization doesn’t let hackers get the better of you, NuTech Services can help. To learn more, reach out to us at 810.230.9455.

3
Nov, 2021
secure_ai_210746532_400.jpg

Companies Are Using AI to Shield Their Network from Outside Threats

secure_ai_210746532_400.jpg

Businesses need all of the advantages they can get against threats, especially considering the fact that many of them adapt and evolve in response to advances in security measures. Some security researchers are seeing great success with artificial intelligence measures, a concept that could eventually become the future of network security in the business world.

How Does AI Security Work?

AI security consists of tools that can automatically identify and respond to perceived threats. This activity is guided by previous or similar activity, meaning that the AI security solution is capable of learning and growing in response to threats to improve its ability to fight them off. Since AI is always learning more about threats, you can expect a large number of false positives and false negatives throughout this process, but due to its autonomous nature, it will generally involve much less activity on your part compared to having someone actively monitor everything manually. AI security can also discover trends and piece together suspicious activity based on those trends, making for a remarkably sophisticated solution to have on your side.

What are the Benefits?

Let’s face it; for small businesses, hiring qualified security experts can be difficult, especially when it comes to finding the talent. AI can help you get around these challenges by automating your security system to identify threats over time. AI is capable of actually decreasing the amount of time you spend discovering threats on your infrastructure, cutting costs over time. Of course, all of this is dependent on whether you have people to manage your AI solution; otherwise, it’s going to be difficult to manage and maintain it.

Is AI Security the Future?

There is a downward trend in cybersecurity employment, making an autonomous solution seem like it would rise in popularity and usefulness. It’s already projected that this unfilled labor gap could increase to 3.5 million cybersecurity positions by the end of 2021. AI seems like it could be a simple-to-implement solution that addresses these hiring and training concerns, but it’s more likely that it will improve workflows and procedures of existing security employees rather than solve this gap in skilled labor.

How Can Your Business Use AI Security?

Contrary to popular belief, AI security is relatively accessible to small businesses. There are solutions out there that can be implemented by small businesses in accordance with their specific needs and goals. If you can implement AI security that coincides with your business’ operational goals, you can successfully work toward improving operations and workflows for your existing employees.

If you want to stay ahead of the trends and your competitors, as well as the threats that flood the Internet on a daily basis, NuTech Services can help you by implementing the best security measures, including AI security. To learn more, reach out to us at 810.230.9455.

29
Oct, 2021
267291228_hacked_400.jpg

Three Signs Your Computer Has Been Hacked

267291228_hacked_400.jpg

Dealing with a hacked computer can be scary, but depending on the severity of the hack, you might not even know your infrastructure has been breached until it’s too late to stop it, putting you in a reactionary position. Let’s go over some of the telltale signs of a computer hack and what you should do about it.

Increased Network Traffic

Over time you will grow accustomed to a certain level of network traffic on your company’s infrastructure, including the devices connected to it, the devices communicating with it, the endpoints utilizing your Internet connection, and so on. The second you have an increase in your network traffic should be your first clue that something is wrong. Oftentimes, an increase in network traffic could mean that a trojan or backdoor has installed itself on your network, meaning that some hacker somewhere is using your network for some nefarious purpose.

Computer Slowdown

Similar to the previous point is any noticeable difference in your computer or network’s operational functioning. While a slowdown does not necessarily mean that you have been hacked, it is a telltale sign that something is not working as intended and should be looked into anyway. It just so happens that one of the more common slowdown causes is malware and other threats installing themselves on your device or network, so be sure to investigate slowdowns accordingly.

Pop-ups and Other Annoyances

Perhaps one of the most obvious signs of a hacking attack on your computer is a plethora of obtrusive and sometimes downright disturbing ads, as well as other unexplained phenomena. Malware will often install ads that contain malicious links, leading to even deeper-rooted problems than those currently in place on your computer. Furthermore, some malware will install files, delete files, move them, or otherwise create inconsistencies that cannot be explained otherwise.

Basically, when it comes to the more low-profile hacks on your computer (you know, the ones that aren’t blasting you with ads every five seconds), most telltale signs of a hacking attack involve noticing inconsistencies and acting to find the source of them.

The scary thing about many of these signs is that they could also be caused by other things on your infrastructure, so it is generally a best practice to contact your IT provider if you suspect that your network or device has been infected by malware or other threats. It’s also a best practice to actively monitor your network for these issues so as to prevent major data breaches or to mitigate damage.

NuTech Services can equip your business with the tools necessary to take these precautions. To learn more, reach out to us at 810.230.9455.

15
Oct, 2021
367884031_network_security_400.jpg

It May Be Time to Upgrade Your Remote Network Security

367884031_network_security_400.jpg

Today’s cybersecurity landscape is dangerous, to say the least, prompting many organizations to adopt what is called a zero-trust policy for their security standards. Is a zero-trust policy the best solution for your company’s cybersecurity woes, and how effective is it toward preventing security issues? Let’s take a look.

What Does Zero-Trust Actually Mean?

According to the United Kingdom’s National Cyber Security Centre, the official definition of zero-trust is “the idea of removing inherent trust from the network. Just because a device is within the internal “trusted” side of a firewall or VPN, it should not be trusted by default.” 

Basically, this applies to just about all devices on your network, including the ones that are supposed to be there. No devices should be trusted by default.

How Effective is It, Really?

As you might have guessed, not all businesses can subject their networks to this great of scrutiny, so you will want to make sure that your company’s policy reflects its needs. The NCSC makes special note that this is more of a guidance rather than a hard rule, and it should be used in terms of network design rather than as a solution you implement to solve your problems. In fact, some businesses might not even be able to pull off a zero-trust policy.

Think of companies with large computing infrastructures. The sheer number of devices on the network and the costs of implementing such a policy could be staggering, and the policy itself could take years to fully flesh out and develop before it starts to show any true return on investment. Businesses might also have to acquire new hardware and train technicians, as well as frequently update this technology to maintain security standards. In particular, organizations with a BYOD policy will have a difficult time with zero-trust.

Even with these issues, however, there remain many reasons to consider zero-trust as a model for your business. Here are a few:

  • Greater control over data means delegation to the appropriate users.
  • Stronger authentication and authorization
  • Better user experience (consider single sign-on as an example)
  • Every action or device is subject to some form of policy, meaning every attempt at accessing data is verified.
  • Detailed access logs

Start Securing Your Systems Today

You don’t necessarily have to implement a zero-trust policy to enhance your network security, but what you should do is call NuTech Services! Our technicians can give you the strongest fighting chance at stopping any and all threats out there. To learn more, reach out to us at 810.230.9455.

24
Sep, 2021
453804245_alert_attack_400.jpg

The OnePercent Group: A Slightly Different Approach to Ransomware

453804245_alert_attack_400.jpg

A recent trend even amongst ransomware threats is that the FBI is issuing warnings regarding how dangerous it is or how difficult certain variants are. This particular threat—the OnePercent ransomware gang—is no exception. Let’s break down what you need to know about the OnePercent Group and how you can prepare to handle attacks not just from this threat, but most ransomware threats.

What is the OnePercent Group?

The OnePercent Group is a ransomware gang that has been targeting companies since November of 2020. The gang sends out emails in an attempt to convince users to download an infected Word document in a ZIP file. These types of social engineering tactics are surprisingly effective, as people often impulsively download files sent to them via email without thinking to check the sender or the source.

How Does the Threat Work?

Instead of encrypting data found on the infected device, this threat uses macros embedded in the Word document to install a Trojan horse threat on the user’s device. This threat, known as IcedID, is used to steal financial information or login credentials for banking institutions. Furthermore, IcedID can download other types of malware onto the user’s device.

Of particular note is that it can install another type of threat called Cobalt Strike, which is a penetration testing tool. Why would a hacker want this, you ask? It’s simple; it can be used to make a hacking attack that much easier and more efficient by identifying potential pathways for threats on the user’s device.

What’s the Timeline for the Attack?

Using the threats outlined above, OnePercent Group can get a lot of dirt on your business in a relatively short amount of time. After they have collected this information, they issue a ransom note demanding that the victim pay up within a week or risk their data being released online. If the victim refuses to pay up, the group pesters the victims through email and phone calls to pressure them into taking action. If the victim still refuses to pay, they release 1% of the data on the Dark Web. Further resistance leads to the group selling the data to other data brokers on the Dark Web to be sold to the highest bidder.

It just goes to show that as soon as you think you know a threat, they switch things up and try something new. While it can be stressful keeping up with the countless threats found in the online world, it sure is never boring.

Secure Your Business Today

Don’t let the fear of ransomware keep your business from functioning the way it’s supposed to. NuTech Services can help your organization secure its infrastructure and other critical data. To learn more, reach out to us at 810.230.9455.

15
Sep, 2021
322037789_insider_threat_400.jpg

You Need to Reduce Your Exposure to Insider Threats

322037789_insider_threat_400.jpg

One of the most difficult things to do in business is to imagine a scenario in which someone you trust puts your organization at risk. We focus so much on the external threats that the internal ones often go unnoticed. How can you make sure that your organization does not fall victim to the several different types of insider threats out there? Let’s take a look.

Insider threats are more difficult to identify due to the fact that identifying them means figuring out which network activity is acceptable and which activity is not. Gartner identifies four types of insider threats, many of which don’t necessarily have malicious intent. In fact, some are just byproducts of gross negligence for network security and rules. Here are the different types of insider threats and why they are so dangerous.

Those Who Are Tricked

Gartner identifies this category as the “pawn,” or those who are tricked into becoming complicit with a hacker’s desires through the use of social engineering or phishing schemes. In this case, the insider threat is unaware that they are being taken advantage of by the hacker.

Those Who Cooperate

There are some insider threats who cooperate with third parties to disclose sensitive information or trade secrets. This type of threat, called the “collaborator,” is dangerous in that they can leak important information with the express intention of harming your business for their own personal gain.

Those Who Make Mistakes

Some folks just don’t take security seriously, a mindset that leads them to make mistakes while trying to avoid adhering to company policy. These workers are placed in the “goof” category, or those who let their arrogance and negligence lead them to make mistakes. Goofs might make choices that benefit themselves at the expense of the network’s security.

Those Who Act on Their Own

While many insider threats do emerge in part due to the efforts of others, there are some who simply act on their own. These threats are called “lone wolf” insiders, and they are especially dangerous if they have high-level access to sensitive information. While their reasons for acting may vary, this does not excuse their behavior, as they are actively working against the organization they are a part of.

NuTech Services wants to help your business protect itself from all types of threats, be they insiders or external. To learn more about how we can secure your business, reach out to us at 810.230.9455.

13
Sep, 2021
299035271_ransomware_400.jpg

Read This if You Don’t Believe That Ransomware is a Major Problem for Businesses Like Yours

299035271_ransomware_400.jpg

You’d think that cybercriminals would use ransomware to target high-profile businesses with loads of money to extort, but this is not always the case. Even a small business can fall victim to these particularly devastating threats. Ransomware, just like other threats out there, has continued to evolve and adjust its approaches based on the current cybersecurity climate, so what are some of the latest developments in ransomware?

In No Uncertain Terms, Ransomware Has Grown More Dangerous

In order to be effective, a cybercriminal must capitalize on the challenges that small and medium-sized businesses face. For example:

  • Cybercriminals frequently rely on deception in the form of phishing. Using phishing attacks, a cybercriminal bypasses the protections a business has in place by taking advantage of their employees in order to gain access to the business’ network.
  • A lack of communication between departments makes issues even greater. A lack of communications between a business’ departments can exacerbate the risks to be seen from cybercriminals.
  • Smaller businesses don’t always have the resources needed to prepare their team members. Unlike corporations, SMBs likely don’t have a dedicated budget for cybersecurity training, and almost certainly can’t afford the salary of a dedicated security professional on-staff.

In addition to these opportunities, today’s cybercriminals can exploit the following:

Automated Threats

The power of automation has allowed many businesses to streamline certain processes, but the same can also be said for cybercriminals. They no longer manually attack individual targets, instead opting to leverage automation for widespread attacks with the smallest amount of effort. The extortion part of ransomware has also been completely automated, as evidenced by Avaddon, a ransomware variant that proudly displays a list of companies that have been infected right on its Dark Web listing, as well as flaunting a countdown to when the data will become publicized.

Ransomware as a Service

Believe it or not, cybercrime is a legitimate business model in the sense that people can and will put together teams of developers and commission-based structures for their services. Ransomware as a Service is just one way that has surfaced, providing hackers and criminals with the means to pull off ransomware attacks with ease. With these types of services being so accessible, it’s no wonder that there is a major cause for concern out there about cybersecurity.

Layered Extortion

Ransomware attacks often target the same individuals or companies more than once, sometimes charging the victims even more or forcing them to pay up with a threat of the data being leaked if they do not do so. Unfortunately for businesses, this approach is more advanced than it has been in the past. Here is a snapshot of what the extortion process looks like:

  • The victimized business is instructed to pay for their access to their encrypted data to be restored.
  • Hackers release the data they’ve stolen if the ransom isn’t paid.
  • Denial of Service attacks are used to take down a victim’s website.
  • The cybercriminals responsible reach out to the targeted business’ customers, partners, employees, and the media to inform them of the hack.

These tactics have made it hard to say no to ransomware and have drastically improved the success odds for cybercriminals.

You Need to Be Ready to Resist Ransomware

Ransomware can be devastating if you let it create problems for your business, so don’t take any risks with it. Make sure that you are working with cybersecurity professionals who can help you take the fight back. To learn more about security and how to keep it from becoming a problem for your business, reach out to us at 810.230.9455.

25
Aug, 2021
440099277_cybersecurity_400.jpg

Outsource Your Cybersecurity Needs to Ensure You Get the Best Talent

440099277_cybersecurity_400.jpg

To be adept at a task is to say that the one doing the task is a professional, or someone with substantial knowledge that can be used to effectively complete the task. Cybersecurity is one such area where having a considerable amount of knowledge is of particular importance to help navigate the complex environment surrounding it. How can your organization achieve this level of mindfulness and expertise?

First, we need to establish the many challenges that small businesses must overcome regarding cybersecurity. Then, we will explain how you too can achieve the same level of cybersecurity success as security professionals.

The Challenges of Security for SMBs

Security is a major pain point for small businesses, and those that do not take it seriously might think themselves immune to the dangers. It does not matter what industry you are in, the size of your organization, or the data you store; hackers can and will take advantage of any opportunities to cause trouble for you, and they will find value in whatever data they can get. That said, many small businesses do want to be more mindful of security, but they do not know how to approach it. Oftentimes they might find they lack funding to hire internal talent, like a cybersecurity professional, something that holds them back from properly securing their organization.

What Does It Mean to Be a Cybersecurity Professional?

But what is a cybersecurity professional, anyway? What kind of skills and character traits should you look for in a cybersecurity professional? Here are some that you should consider when looking for the key to your cybersecurity talent:

  • A focus on proactive, preventative defenses rather than a reactive approach
  • A divorce from security biases that prevent one from making objective decisions
  • The technical knowledge and expertise necessary to understand cyberthreats
  • An understanding that security also requires training of staff and higher level executives
  • The flexibility to adapt to new threats and learn from them

The one steering your organization’s cybersecurity strategy will ultimately need to have all of the above. If they do not, chances are your organization will be placed at risk, perhaps not necessarily immediately, but certainly in the future.

How to Become a Cybersecurity Adept Yourself

Look, we understand that the human mind is capable of learning and absorbing countless bits of information, but cybersecurity is one aspect that is so complex that it can take years to learn everything you need to know to keep your business safe. The only way you are going to overcome the challenges of the cybersecurity landscape is with a trained and experienced professional on your side. It’s not easy to accrue this knowledge in the short term, which is why so many organizations choose to outsource this responsibility or hire a dedicated in-house cybersecurity professional to address these needs.

There is something to be said for when you can admit you’re in over your head, and with cybersecurity, there is no more dangerous position to be in. You can make the experience much less stressful by outsourcing your company’s cybersecurity to professionals who have invested countless hours, days, and years into learning the complexities of the industry. With NuTech Services on your side, you can know that your organization is devoting the time and effort necessary to securing its infrastructure. To learn more, reach out to us at 810.230.9455.

23
Aug, 2021
306839884_ransomware_400.jpg

REvil Vanishes, Along With Some Companies’ Hopes to Decrypt Their Data

306839884_ransomware_400.jpg

The Kaseya ransomware attack targeting VSA servers for approximately 1,500 organizations was another notable attack in a recent string of high-profile ransomware attacks, and while most organizations did what most security professionals recommend and did not pay the ransom, others did not listen. Now those who did pay the ransom are having trouble decrypting their data, and REvil is nowhere to be found to help them in this effort.

With REvil, the hackers reportedly responsible for the Kaseya ransomware attack, having shuttered their operations, some organizations who actually paid the ransom are in a tight spot. Following comments from United States President Joe Biden urging Russian officials to take action against REvil, it was reported that dark web sites for REvil’s payment portal, public portal, helpdesk chat, and negotiations portal were all offline. It is unclear what has caused these outages; it could be a government shutdown just as easily as it could not. Either way, our thoughts turn back to those who are impacted most by this outage: those who paid the ransom, but cannot decrypt their data.

Ordinarily, those who need help with decrypting their data after paying the ransom could contact REvil’s helpdesk, but if they are nowhere to be found, and your decryption tools are not working as expected, what is there to do? It is, yet again, a stark reminder that you cannot guarantee that paying the ransom will help you get your data back should you fall victim to a ransomware attack. What good reason is there to trust the goodwill of hackers who extort money from others and create so much trouble for countless organizations and individuals around the world? There cannot possibly be one.

We understand that you may feel you do not have a choice in the matter regarding paying up for ransomware attacks, but at the end of the day, it is simply far too risky to do so. Not only are you paying up for a possibility of decrypting your datanot a guarantee, mind youbut you are also funding future attacks and proving to the world that ransomware works well enough to extort millions of dollars from companies around the world. Show the hackers who is in the driver’s seat by refusing to give in to their demands.

Rather than reacting to ransomware attacks, you should instead take a proactive stance against them. Start with implementing adequate security measures that can detect the many modes of transport that ransomware utilizes, as well as a data backup system that can help to restore your infrastructure in the event of a ransomware infection. Furthermore, you must train your employees on how to identify and respond to potential ransomware threats. If you do all of this, you can minimize the chances that ransomware will significantly influence your organization.

NuTech Services can assist you with the implementation of any new security or data backup solutions, as well as train your team on how to be more mindful about these threats. To learn more, reach out to us at 810.230.9455.

20
Aug, 2021
244234131_ransomware_400.jpg

Don’t Be Caught Off Guard by Ransomware

244234131_ransomware_400.jpg

Ransomware is bad stuff, and it’s only gotten worse with its recent resurgence that aligned with the COVID-19 pandemic. Phishing attacks and other means by which ransomware is commonly spread have used the current atmosphere as a springboard. This makes it even more critical that these kinds of behaviors and attempts can be spotted and stopped.

Why Do Cybercriminals Use Ransomware?

It’s simple: if a cybercriminal specifically chooses ransomware as their malware of choice, they most likely intend to profit from their crime. The entire point of ransomware is to collect money from its victims by encrypting their data and demanding a ransom in exchange for the decryption key (which, for the record, isn’t guaranteed even if the ransom is paid).

Looking at it this way, it’s little wonder that cybercriminals have aimed their sights higher and higher.

Don’t get us wrong, small and medium-sized businesses are in no way out of the woods, but there have been more and more attacks on critical pieces of infrastructure taking place recently. Consider the attack that was waged on Colonial Pipeline and the massive supply chain disruptions that came about as a result of its impacts. Another massive issue in the supply chain happened in the food industry, with the REvil group attacking those infrastructures. REvil was also responsible for an attack on Kaseya, a major software vendor, hurting businesses and proving that service providers are a good target for such efforts.

Yes, You Need to Be Prepared to Deal With Ransomware

However, this can’t stop once you have some preventative measures in place. You won’t be fully prepared until your team is ready to deal with a successful attack, just in case one does slip through.

To do this, you need to have a resource in your corner that you can turn to for help with either an incoming attack or one that’s already gotten in. That’s what NuTech Services is here for (amongst many other services). We can help you do more to keep ransomware out, while also putting you in a better position should one get by. Did you know that businesses can now actually insure themselves to help prepare for the high costs that come from a ransomware infection?

You’ll also need to crunch some numbers to evaluate your ransomware risk. How much of a financial impact could a ransomware attack have overall? Are there any risks that could come from any third parties? Could you be considered a valuable target for an attacker, in terms of the financial gain they could anticipate or the amount of disruption they could cause? Do you have anything potentially making you vulnerable to these attacks?

Once you’ve covered these steps (and committed to revisiting them regularly as your situation changes), you need to prepare for the two scenarios we’ve referenced:

Keeping Ransomware Out of Your Business

Naturally, we want to keep ransomware out, which means there are some things you need to do. Keeping your protections—your antivirus, your parameters for your content filters, your firewalls, and everything else of the sort—up to date can reduce the number of threats you need to actively deal with by a considerable amount. It is also important that you keep your team equally up-to-date with the best practices and accepted responses on the chance that they spot a potential threat.

Minimizing the Damage Ransomware Can Do

Should a ransomware attack make it past all that, you need to be prepared to minimize its potential impact on you. Frankly, you’ll likely have to completely wipe your infrastructure, so you need to have an isolated and maintained backup. You know, just in case.

Ransomware is no joke, but neither are the services that you receive by working with NuTech Services. Our purpose is to do everything we can to prevent your business being hindered by a technology issue. Find out what we can do for your business specifically by calling 810.230.9455 today.

13
Aug, 2021
123015824_cloud_security_400.jpg

Cloud Security is a More Pressing Issue

123015824_cloud_security_400.jpg

The cloud is a popular choice for businesses that need access to tools to sustain operations, but there is an innate flaw that comes from hosting anything in an online environment: security. Do not pretend that security is not an issue for your cloud-based resources—failing to acknowledge the importance of security could be a fatal mistake for organizations that leverage cloud-based technology resources.

Misconfigured Cloud Settings

Cloud tools and solutions can work quite well, but they need to be set up properly first—particularly in the realm of security. Due to its nature as an accessibility and communication tool, the cloud must ensure that security is kept at the top of mind so as to avoid data breaches and vulnerabilities. Make sure that you are reviewing, checking, and confirming that your cloud’s security settings are correct on a regular basis so as to not put your organization at risk.

Ineffective Access Controls

The cloud allows resources to be accessed from more than one location, a benefit that simplifies remote work and makes it more accessible to small businesses. Your team will need to know how to effectively utilize these resources to ensure they can get the job done, but you must also do your part to allow or restrict access to important data or applications as needed. A cybercriminal can lean into ineffective access controls set by your organization, too, for if they manage to get their hands on credentials for a network administrator or someone with upper-level privileges, you can bet that they can cause a lot of damage. To protect from this, it also helps to build secure passwords.

Targeted Attacks

Look, it’s no secret that there are countless threats out there, but the fact that the workplace has grown exponentially more connected over the past several decades means that there are more avenues than ever for cybercriminals to make their way into your infrastructure. What’s worse, cyberattacks are quite lucrative and easily repeatable, and due to the sheer number of different threats out there, hackers can switch their tactics up based on what they think will be most likely to succeed against your business.

Depending on your type of business and the compliance regulations of your specific industry, a data breach might mean much more than simple data theft. It could mean fines, lost confidence in your market, legal action, and even costly compensation. Other threats might try to harm your productivity, like Denial-of-service attacks and ransomware, with the latter being particularly devastating. You must be prepared for not just the cyberattacks we have outlined here, but for all potential threats that can derail operations. It all starts with a solid preparedness strategy.

Employee Behaviors

Your cloud solutions—especially in regards to security—will only be as effective as the team members that utilize them. If you don’t teach them how to use your solutions in a secure way, you are putting yourself at greater risk of cybercriminal activity. The other side of this is when the employees themselves are the danger, abusing the permissions they have been granted and using them in a way that is destructive to your business. Since the cloud is so accessible, it can be difficult to know when this is happening for your company, but it’s not impossible.

Turn to us for help with dealing with these cloud security challenges.

Industry professionals like NuTech Services can help your organization identify, prepare for, and respond to cloud security threats. To learn more, reach out to us at 810.230.9455.

2
Aug, 2021
52964812_threats_400.jpg

These Are the Most Likely Threats Your Small Business Will Face

52964812_threats_400.jpg

Data breaches are a well-known fact in the business environment, and small businesses in particular have many challenges that threaten their operations. It is important that you consider these security issues when putting together your risk management strategy, especially as it pertains to cybersecurity. Let’s take a look at how you can overcome some of the security challenges present for small businesses in 2021.

Phishing

Phishing is a major concern for small businesses as these attacks make up a significant portion of cybersecurity situations. Phishing is more of a scam than an official hack, but it is problematic cybercrime all the same. Phishing attacks can come through any form of communication for your business, be it social media, email, and phone calls. The scary part is that it only has to work once to cause trouble for your company.

Here’s an example of how phishing works. If a member of your staff were to accidentally click on an attachment in an email that they think has something to do with their job, they might find that the email installs malware on your network. This method is not limited to malware; it can install trojans, viruses, or even ransomware.

Phishing can be hard to counter, as hackers have developed sophisticated phishing schemes that can make keeping up difficult. You need to train your employees to ensure that they will be more likely to spot potential phishing attempts.

Poor Passwords

It is unfortunate that poor passwords are one of the biggest reasons why security breaches occur. Just like phishing strategies, hackers have implemented sophisticated measures that allow them to not only guess passwords, but guess countless passwords in a short timeframe. Furthermore, social engineering tactics can be used to guess poor or duplicated passwords with ease.

Password security is an aspect of your cybersecurity infrastructure that bleeds into every other aspect of it. Your employees use passwords to access just about anything online, and while duplicate passwords are easy to remember, they are a far cry from the level of security that your organization needs to be successful. Password best practices are one way to shore up this weakness. Passwords should be complex and changed on the regular to keep them from being stolen, guessed, or compromised.

Holes in Software

Software is often updated to account for security issues and holes that are discovered after the fact, and developers respond periodically to these issues. If you fail to patch your software, you could go about operations with major security issues and run the risk of exploitation. In other words, these holes in software are essentially open doors that hackers can use to infiltrate your network.

The best way to address these vulnerabilities is to keep them from becoming major problems in the first place. By this, we mean regularly patching your software and applying updates as they come out. This will close these open doors and enable you to protect your assets.

NuTech Services can help your business prioritize security. To get started, we recommend contacting one of our IT experts who can discuss with you all of the cybersecurity solutions we offer. Don’t wait any longer—give us a call at 810.230.9455!

30
Jul, 2021
important_cloud_secure_400.jpg

How a Mismanaged Cloud Can Undermine Your Security

important_cloud_secure_400.jpg

There is no denying that the cloud has become one of the most popular options for a business to obtain the tools required for their operations. Despite this, it is equally important to acknowledge that there are many ways that the cloud could facilitate security threats if not managed properly. Let’s go over some of the issues that must be addressed if a business is going to successfully leverage cloud technology to its advantage.

Misconfigured Cloud Settings

While cloud tools and solutions have the potential to be highly effective, they need to be set up properly before they can meet this potential with any hope of remaining secure. As the cloud is supposed to be an accessible tool to help facilitate productive collaboration, any accidents or errors could create challenges that would work against that goal. One common outcome of these challenges: security shortcomings and vulnerabilities.

To this end, it becomes especially crucial to your business’ security (and by extension, its success) that all settings in your cloud are reviewed, checked, and otherwise confirmed to be correct on a fairly regular basis.

Ineffective Access Controls

One of a cloud solution’s greatest business advantages is the fact that access to the resources it holds isn’t tied to one location, greatly simplifying processes like remote work by enabling your team to utilize these resources whenever they need them wherever they are working. Having said this, it can become a challenge to simultaneously restrict data to only those who have the proper authorization to do so without properly implemented controls in place

In addition to this, you should also bear in mind how much a cybercriminal will tend to lean on the human element of a business as an exploitable weakness. To combat this, it is important that your team members are instructed on how to create secure passwords.

Targeted Attacks

Back in the day, businesses had a relatively short list of threats to deal with, effectively boiling down to theft and vandalism. Now, however, the nature of our connected workspaces means that a far greater variety of threats could potentially harm a business. Cyberattacks are numerous, profitable for the cybercriminal, repeatable, and vastly varied in how they are shaped.

While modern organizations have the same concerns about theft and vandalism, they now need to worry about many different resources being stolen. Sure, they could have finances taken away, but they could also lose their customers’ payment information or protected data. This could result in fines, lost confidence from their market, legal action, and might even necessitate costly compensatory damages to be paid to those affected. Other threats don’t focus on a business’ finances, but on their productivity or even reputation. Denial-of-service attacks and ransomware get much of their leverage by preventing the targeted business from operating effectively. Plus, how motivated would you be to continue supporting a business that allowed your data to be exfiltrated, opening you up to identify theft?

With so many businesses moving to the cloud without properly paying attention to the security standards we reviewed above, cybercriminals now also see it as an opportunity for their purposes. Diligence and preparedness are both critical to preventing their success.

Employee Behaviors

Finally, one of your greatest assets could very well be one of your greatest challenges when it comes to securely utilizing cloud resources: the team members you’ve brought on to keep your business running. Without the proper instruction, your team may not adjust to the cloud as smoothly as one would hope, potentially creating vulnerabilities that a cybercriminal could take advantage of. 

Alternatively, there is always the chance that your team has someone less-than-trustworthy amongst its ranks, and this individual could potentially use their access to abuse the data your company relies on. The cloud’s accessible nature does make it more challenging—but not impossible—to detect such activities.

Turn to us for help with dealing with these cloud security challenges.

Our team of professionals has the experience and insight necessary to effectively spot cyberthreats that could negatively impact your business’ use of the cloud, and are ready to help you mitigate these efforts. To find out more about what we can do for your business and its security, reach out to us at 810.230.9455.

28
Jul, 2021
irish_health_ransomware_400.jpg

What We Can Learn from the Ireland Health Service Ransomware Attack

irish_health_ransomware_400.jpg

In May of 2021, Ireland’s Health Service Executive, which handles healthcare and social services to the Emerald Isle’s nearly five million residents, was the target of a massive ransomware attack. Even as businesses and municipalities from all over the globe have been dealing with this plight, we mention this because of the aftereffects of this situation. Today, we take a look at the situation and what can be learned from it. 

The Irish HSE Ransomware Attack

On May 14, 2021, the HSE was targeted by a hacking collective known as the Conti Ransomware Gang. The health service then received the instructions that the perpetrators would immediately release the patients’ data to the public unless they paid the ransom of $20 million in bitcoin. After a few days of deliberation, the government agency agreed to pay the sum (a practice that those of us at NuTech Services do not recommend). In turn, they got the decryption key. 

Sad to say, this is not where this situation ended.

Data Restoration is Problematic

With the working decryption key in hand, and a nation of people that depend on their service, the HSE went ahead and started the restoration process. Turns out, it is difficult. HSE is still having problems restoring data systems to their previous state and it has led to bottlenecks inside the nation’s healthcare system. 

The reason is that restoring data, especially on a scale such as this one, is an arduous task, and with new protocols and protections being implemented by HSE administrators to help avoid this type of problem in the future, it is taking much longer than expected. This means costs rise and people don’t get the care they need. As of this writing, it remains a real problem for the people of Ireland. 

What Your Business Can Take Away From the HSE Ransomware

No matter what your business is, getting hit with ransomware is a pretty scary situation. One thing that every company or organization can take away from this situation is the need for comprehensive training for phishing and other scams to minimize the chances of getting ransomware through typical means. You also should be monitoring your network to ensure that if something were to make it past your defenses that more can be done to thwart a major catastrophe like ransomware. You should also have a comprehensive backup in place to help protect the continuity of your business.

At NuTech Services, we can help you identify your organization’s cybersecurity weaknesses and help you put in policies and technology that will help you keep ransomware off your network and be ready for any type of problem should it arise. Reach out to us at 810.230.9455 today to talk to one of our skilled consultants.

26
Jul, 2021
unknown_malisious_400.jpg

Obvious Signs You are the Target of a Hacking Attack

unknown_malisious_400.jpg

If a hacker were to find themselves on your network or within one of your accounts, would you be able to detect them and eliminate them? Today we want to share some of our best strategies for how you can identify the warning signs of a hacking attack, as well as how you should respond. This is particularly important for a workforce that is working remotely, so we hope you take these tips to heart.

Monitor Failed Password Attempts

Passwords are a terribly important part of keeping your information secure. Not only do they prevent unauthorized access to accounts and important data, they also inform you of when someone is actively targeting you. This helps to protect your data, especially when you have remote employees accessing your network.

The problem here is that devices with remote desktop protocols enabled on them, like the ones your remote users are likely utilizing, are quite easy for hackers to find and target if they aren’t configured properly. These devices are often targeted by brute force attacks. In these cases, a hacker will bombard a password requirement with every possible option until they discover the correct password.

When remote protocols are properly configured, too many failed password login attempts will lock down the device and send you a notification to inform you of the failed attempts. When this happens, you reach out to the user and confirm that they were simply having problems with their password. If the failed attempts were not from the employee, then you know that the credentials were stolen.

This level of oversight allows you to prevent brute force attacks from becoming an issue, as locked password attempts keep these brute force attacks from being successful.

Keep an Eye on Your Traffic

Experienced hackers can hide their location to keep themselves from being discovered, but many often do not have the ability to do so. Maybe they lack the technical skill or the attack is too broadly distributed for them to cover their tracks. Either way, you can discover if you are the target of an attack by keeping a lookout on where your network traffic is coming from. If anything looks suspicious, then it’s time to investigate.

For example, if your technology infrastructure has never interacted with a server from any given country, but now regularly contacts a domain in that location, then you know that something fishy is going on.

Actively Make Things More Challenging for Cybercriminals

When you make it more difficult for hackers to gain access to your network, they will be less likely to persist and do so. You can make it extraordinarily difficult for hackers to access your network through a variety of methods. For remote desktop protocols, you can customize the configuration rather than using the default settings. Password timeouts and two-factor authentication are also important for network security, as are access controls on your internal resources. All of these tools combine to create a difficult time for your attackers and, thus, a more secure network.

If you would like assistance with your business’ network security, don’t wait any longer. Give us a call! We’ll work with you to ensure that your network is protected against today’s security threats. Learn more by contacting us at 810.230.9455.

23
Jul, 2021
key_to_protecting_400.jpg

The Key to Protecting Your Business from Ransomware Is More of the Same

key_to_protecting_400.jpg

With so many high-profile ransomware attacks being launched against manufacturers, pipelines, and even hospitals, it’s no surprise that many companies are worried about what the future of this threat means for their organizations. Ransomware poses a serious threat, one that cannot possibly be ignored, so we urge you to take action now so you don’t come to regret it later.

Today’s blog is dedicated to helping you take measures to protect your business from ransomware. You will have gained a foundational understanding of the type of threat ransomware is, how it spreads, and what you can do to stop it before it becomes a problem for your company.

What is Ransomware?

Ransomware is a special type of malware that encrypts the files found on a computer or device, essentially locking them down and rendering the user unable to access them. In order to regain access to the files, the hacker responsible for distributing the ransomware demands a payment. In the case of recent ransomware attacks, the payment is usually quite exorbitant and is most certainly not an amount that is budgeted for. Payment is most often requested in the form of Bitcoin or other cryptocurrency. Once the payment is received, hackers claim they will release the decryption key which can begin the process of unlocking the data.

However, we want all businesses to think twice about paying the ransom up-front and in a panic. Paying the ransom is generally counterproductive for a number of reasons. For one, there is no guarantee that paying the ransom will get you your data back. What’s stopping the hacker from accepting payment and just going about their business as usual? The other main concern is that you are essentially funding hackers by giving in to their ransom demands. Furthermore, paying the ransom just reinforces the idea that these types of hacks work, and work well, encouraging hackers to continue pulling off these stunts.

That said, paying the ransom might seem like the only choice at the moment. More and more hackers are implementing dirty tactics that force organizations’ hands when it comes to the ransom. For example, recent attacks have had hackers threaten to release the encrypted data in the event that the ransom is not paid in a timely manner. Doing so puts businesses in a precarious situation; do they pay up and give the hackers what they want, or do they risk their data being released into the wild, potentially subjecting them to fines imposed by strict data security and privacy regulations?

At the end of the day, it’s a lose-lose situation. Therefore, it makes sense to prevent infections in the first place.

How Can You Stop It?

First, you need to understand how ransomware can spread from system to system. At its core, ransomware operates in much the same way as any other type of malware. It can be spread through downloading infected files or attachments, clicking on the wrong links while navigating the web, and other phishing or social engineering tactics used by hackers. Sometimes hackers can utilize holes in your network security to infiltrate and install ransomware on the chosen device. Yes, in many ways, ransomware is no different from your typical malware, but this does not make it any less scary to deal with.

This is good news, as it means that you can double down on tactics used against any other type of malware to protect yourself from ransomware. Through a combination of proactive network maintenance, adequate security solutions, proper data backups and disaster recovery solutions, and training your employees to identify threats, you can be confident that your organization can effectively prevent and respond to ransomware attacks should it need to.

Let Us Help!

No matter how great your defenses, you can never be 100 percent secure from the threats that are out there that could target your business. Therefore, the best you can hope for is that the above measures are enough to deter any would-be security threats. To implement all of the above solutions, NuTech Services can help. To learn more about how you can take proactive steps toward protecting your business, reach out to us at 810.230.9455.

14
Jul, 2021
106394196_software_patch_400.jpg

Unpatched Vulnerability Leads to Remote Factory Resets in Western Digital My Book NAS Devices

106394196_software_patch_400.jpg

Imagine going to log into one of your devices only to find that it has been completely wiped of any files located on it. Furthermore, imagine trying to log into your online account to manage the settings of said device, only to find that the password you know is correct is being identified as incorrect. This is the experience that many users of Western Digital’s My Book NAS device are currently going through, and it’s suspected that it is all because of an unpatched vulnerability.

The device in question, the Western Digital My Book, is a network-attached storage device that gives users the ability to remotely access files and manage devices. This is notable, as they can do so even if the NAS device is secured with a firewall or router. Bleeping Computer reports that some users are unable to log into their NAS devices, the reason being an “Invalid Password.” Since the devices appeared to be factory reset, some users tried the default login credentials but had no luck accessing their devices or recovering their files.

After some investigation, users discovered that the devices received a remote command to perform factory resets. Bleeping Computer reports that this attack is an odd one in terms of remote command attacks, mostly because the device in question is secured behind a firewall and communicates exclusively through the My Book Live cloud servers to issue remote access. Therefore, it makes sense for some users to assume that Western Digital’s servers were hacked, although they do mention that it is strange that the attack deleted files rather than issuing ransoms, such as with other threats like ransomware which are designed to steal data or encrypt files.

Although Western Digital is investigating the attack, Bleeping Computer does detail a statement issued by the company, stating the following:

  • “If you own a WD My Book Live NAS device, Western Digital strongly recommends that you disconnect the device from the Internet. ‘At this time, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet to protect your data on the device,’ Western Digital said in an advisory.”

These WD My Book Live devices have not received updates since 2015, so it’s unsurprising that a vulnerability surfaced. Still, this situation should be a reminder that it is beneficial to consider upgrading from unsupported devices to those that are actively receiving patches and security updates. That said, failing to administer patches and security updates as they are released is just as bad as using unsupported devices, so the responsibility falls on your shoulders to make sure that you are using technology that isn’t putting your organization at risk.

Need a Hand with Upgrading?

NuTech Services can help your organization take care of any updates to its technology infrastructure. Especially in today’s age of massive security breaches and considerable cyberthreats, it has never been more important to make sure that your network is protected in every conceivable way. To learn more about what we can do for your business, reach out to us at 810.230.9455.