Security Archives - Page 4 of 13 - NuTech Services LLC

Jul, 2021

Considering Encryption in Light of Android Messages’ Update

With the addition of end-to-end encryption to Google’s Android Messages application, we have a perfect opportunity to discuss the concept of encryption and why it is so important. Let’s dive right in, shall we?

First, let’s go over what encryption is, as a bit of background.

What is Encryption, and How Does it Work?

If you’re looking to keep data secure as you share it or store it, encryption is one of the best means to do so.

For instance, let’s say that (for whatever reason) we wanted to share a line from Romeo and Juliet with someone, but we wanted to make sure that the someone we’re sharing it with would be the only one to get that information. By using encryption, we can take the following passage…

“But, soft, what light through yonder window breaks?
It is the east, and Juliet is the sun.”

…and turn it into this as it is sent along:

OoLCYOGthzwihU03wMa6y1xdbXhK4bM+XQCE02c2LCV6qg2mdGPG4MWgPHOQzmkfUC2jxq2/sKE9eN4E+6ByUBGukTFnxL9ShM0oqIv3HAN7m8yXBOwyMa9B6Hn2FXYw

Once this information has been encrypted, only someone with the decryption key could take this jumble and restore it to William Shakespeare’s classic piece. Think of it like using the Ovaltine decoder ring from A Christmas Story.

Obviously, this is a gross oversimplification of how encryption works. In reality, encryption is effectively an enormously complicated math problem that would take even the most powerful computer centuries to solve.

Okay, so now that we’ve established what encryption is, let’s dive into what Google has done with its Android Messages app.

Google is Adding Encryption to the Stock Message App on Android

First announced at the launch of its beta test in November of 2020, all up-to-date instances of the default Android Messages application now feature end-to-end encryption. This is certainly a welcome improvement, as SMS messages are often used to transmit sensitive information and two-factor authentication proofs.

As of right now, this encryption feature comes into play with one-on-one chats between users who have chat features enabled on their device, and is visually represented by a padlock at the top of the screen.

Encryption is a Tool That You Should Be Using

While encryption alone won’t be enough to completely protect your business’ processes as a whole, that isn’t to say that it can be skipped—quite the opposite.

NuTech Services can assist you in implementing this and various other security measures and protocols. To learn more about what we have to offer, give us a call at 810.230.9455.

Jun, 2021

Agent Tesla Is Out to Steal Your Credentials (and Your Cryptocurrency)

Network security isn’t just for large, high-profile enterprises; even small businesses need to take it seriously. All businesses have something of value to hackers, and if you don’t believe this is the case for your organization, think again. All data is valuable to hackers, and you need to do everything in your power to protect it—especially against threats like Agent Tesla, the latest version of phishing malware designed to steal your data.

Before we dive into what makes Agent Tesla so concerning, let’s discuss phishing on a more broad scale. What is it, and why is it important that you know what it is?

Explaining Phishing Attacks

Not all hackers take a direct approach to infiltrating your systems. Brute force can only get them so far, so they have to resort to sneaky tactics like phishing. A phishing attack aims to convince users to grant a hacker access to a network of their own free will, usually through downloading an infected file, clicking on a suspicious link in an email, or handing over credentials to someone claiming to be tech support or someone of authority within the organization.

Why You Should Care

The scary part of phishing attacks is that you can do everything right in terms of network security and still fall short of protecting your organization. Phishing attacks, when executed properly, have the potential to make it past even the best security solutions. They rely on the human aspect of your organization—your employees—to infiltrate and cause problems for your business. In a sense, your company’s security measures are only as effective as your employees’ knowledge of network security.

Agent Tesla

Agent Tesla as a threat has been around since 2014. The malware uses a keylogger to steal information from infected devices, which it transmits to the hacker behind the attack periodically throughout the day. This gives the hacker access to information like passwords, usernames, and other data that is typed into the system. This new variant of Agent Tesla is notable because it also seeks to steal cryptocurrencies from the user.

Agent Tesla spreads through the use of phishing emails with infected Excel documents attached. One such attack, as evidenced by a report from Fortinet, shows an email with an Excel file sporting the title of “Order Requirements and Specs” attached to it. To the untrained eye, it might appear to be legitimate. If the user downloads the file and opens it, the file runs a macro that downloads Agent Tesla to the device. The specific process, as outlined by Fortinet, involves installing PowerShell files for Agent Tesla, adding several items to the Auto-Run group in the system registry through the use of VBScript code, and finally creating a scheduled task that executes at a designated interval.

Agent Tesla itself is surprisingly accessible, given that it can be purchased on the cheap and the developers offer support to those who do purchase it. This sets the bar pretty low for hackers who want to get started in this deplorable line of work.

What You Can Do

You don’t want to find yourself in a reactive position with your network security. Instead, you should be proactive about it. Your network security against phishing attacks (and all threats in general) should take a two-pronged approach:

Implement quality network security solutions to catch the majority of threats before they reach your network.
Train your employees to identify threats so that the ones that do get through your defenses do not cause more trouble than they need to.

NuTech Services can help your business do both of the above, implementing powerful enterprise-level security solutions that can keep your company safe and training your employees to keep it that way. To learn more, reach out to us at 810.230.9455.

Jun, 2021

Major Hack Stymies Meat Processing

A recent surge of high-profile ransomware attacks strikes again with an assault on the world’s largest meat processor and distributor, JBS S.A. The cyberattack was so disruptive that the company was forced to suspend operations in both North America and Australia, leading to a considerable impact on the supply chain. Let’s take a deeper dive into what lessons can be learned from this situation.

What Happened to JBS S.A.?

In May 2021, JBS’s global IT systems were hit by a ransomware attack that forced the meat processor’s operations to completely shut down in North America and Australia. All operations were forced to halt as a result, and each step of the company’s operations ceased, from livestock procurement to exporting and shipping.

Fortunately for JBS, they had backups prepared and were able to restore their systems. There was also no evidence to suggest that customer, employee, or supplier data was compromised by the attack. This doesn’t mean that we can’t learn anything from the situation, though. Here are some major takeaways from this hack.

Who Was Involved in this Attack?

There has been no indication that any activist groups were involved in the attack; those responsible for this attack are sophisticated cybercriminals, the kind who have been associated with recent Russian cyberattacks. The Federal Bureau of Investigation has taken an interest in this attack, and the United States government has been in communication with Russia regarding it.

Similarly, the Australian Cyber Security Centre has been assisting with the effort but has chosen not to disclose what they are actually doing for this assistance. The company is also working with the Australian government and the Australian Federal Police to investigate the matter.

How Ransomware Affects Other Threats

Ransomware is still relatively new in the grand scheme of things, but it has grown exponentially in the time that it has been around. It is much more than a simple threat that locks down files unless a ransom is paid; nowadays hackers are also threatening to release the target’s data if the ransom is not paid. This is particularly concerning, even for businesses like JBS that have backups, as these types of organizations often have data governed by privacy regulations.

Having a backup is a good idea, even in the event that you are struck by a ransomware attack like those outlined above. The reason for this is simple; in the event you aren’t struck by one of these double-ransom attacks, you should theoretically be able to recover without much trouble. Many ransomware attacks spread through automated phishing campaigns and other hands-off means, meaning that if the hacker is taking such a hands-off approach, you should be able to recover without much incident.

We at NuTech Services are committed to helping businesses just like yours overcome cybersecurity issues big and small. To find out more about how we can help your organization overcome the challenges of modern cybersecurity, reach out to us at 810.230.9455.

Jun, 2021

The Colonial Pipeline Attack Continues to Be Important to Cybersecurity

The situation surrounding the hack against Colonial Pipeline has only become more complex as new information has come to light, each new discovery providing more insights and potentially actionable takeaways. Let’s examine some of the biggest developments surrounding the attack, and what they will likely mean for overall cybersecurity from this point forward.

Let’s begin with some of the bad news, just to get it out of the way.

The Colonial Pipeline Attack Has Inspired Additional Ransomware Campaigns

Taking advantage of the notoriety that the Colonial Pipeline attack garnered, cybercriminals have designed phishing campaigns to play on the fears of its recipients. Via email, messages have been distributed to organizations offering so-called “ransomware system updates.”

To be fair, this isn’t untrue so much as it is misleading. Technically speaking, they do contain ransomware system updates, in that these messages will update the recipients’ systems with ransomware.

To do so, these fraudulent emails direct the recipient to visit an innocuous-enough-looking website in order to download a so-called system update to help protect their computer. Little does the user realize that these websites have been designed to mimic a legitimate one, just so there’s a higher chance that a user will be fooled. Shortly after news broke that Colonial Pipeline had shelled over the payment the DarkSide ransomware group demanded of them, these phishing emails began appearing in the wild.

The Department of Justice Was Able to Repossess a Lot of the Ransom

On June 7th, the Department of Justice distributed a press release that stated that they had managed to seize 63.7 Bitcoins (valued at about $2.3 million) of what Colonial Pipeline had paid up. By following the money, the FBI located a wallet that they had exfiltrated the key for that had received a significant portion of the ransomware payment. As a result, the FBI was able to seize this portion of the payment.

However, This Led to Severe Dips in Cryptocurrency Values

When this news broke, cryptocurrencies saw their values plummet. After all, cryptocurrencies are supposed to be completely anonymous and secure, so the idea that the FBI was able to track and repossess these funds is disconcerting to many. The market therefore plummeted by 11 percent in a single day.

It is somewhat likely that more government intervention will follow, despite the impacts this would certainly have upon the crypto market. Time will only tell if these efforts will continue.
Clearly, ransomware is not to be underestimated, and these developments will only complicate things further. Cybersecurity is a difficult thing to manage, but NuTech Services is here to help. Give us a call at 810.230.9455 to learn more about what can be done to better secure your business.

May, 2021

The Latest Password Best Practices from the National Institute of Standards and Technology

Passwords are the first line of defense your accounts have against the myriad of threats out there. It’s imperative that you follow industry best practices when creating them so as to maximize security. Thankfully, the latest guidelines from the National Institute of Standards and Technology, or NIST, make creating secure passwords easy.

What is the NIST?

The NIST has been the go-to authority on password creation standards for quite some time, and while they constantly change their advised practices, it is to keep up with the endlessly-shifting nature of cybersecurity. Their most recent update to password best practices can be seen in the below guidelines.

New Guidelines

Several corporations currently use the NIST guidelines and all Federal agencies are expected to adhere to them as well. Here are the latest steps in creating a secure password.

1. Length is More Important than Complexity

Password complexity has been one of the pillars of password security for years, but these days, the guidelines disagree. NIST suggests that the longer the password, the harder it is to decrypt. In fact, according to the NIST, organizations that require new passwords to be complex with numbers, symbols, upper and lower-case letters, etc, actually make the password less secure.

There are two major reasons for this determination. The first is that users often make their passwords far too complicated and forget them, leading to the eventual addition of something like an exclamation point or a 1 at the end of the password. This doesn’t make the password much more complex. Furthermore, users might be tempted to use the same complex password for multiple accounts, which is certainly not going to help their cause.

2. Eliminate Password Resets

Most businesses require that their staff reset their passwords every so often, whether it’s every month or every few months. The strategy is supposed to ensure that even compromised passwords can only be used for so long, locking would-be hackers out after the password has been changed. NIST suggests that this practice is actually counterproductive to account security.

Their reasoning is that, if people have to set passwords up too frequently, they won’t be as careful when creating them. Furthermore, when people do change their passwords, they are more likely to use the same pattern to remember them. If a previous password has been compromised, there is a good chance that this pattern can give the attacker clues into what the current password is.

3. Don’t Hurt Security by Eliminating Ease of Use

A big concern that many network administrators have is that, if they remove options such as showing a password while the user types it in or allowing copy/paste, it is more likely that the password will be compromised. The truth is that ease of use does not compromise security; it turns out that making it easier for people to properly authenticate themselves is better for security than restricting them.

4. No More Password Hints

Some systems allow for password hints where the user can assign a question and a designated answer to access the account, should they forget the password. This system in itself is flawed and the very reason why many organizations have been hacked. Thanks to social media websites and the Internet as a whole, it’s not impossible to imagine a hacker using websites or other resources to look up information on a particular user to gain access to an account. And you know what they say; once it’s on the Internet, it’s there to stay.

5. Limit Password Attempts

Placing a limit on password attempts is beneficial for your organization’s network security in just about every circumstance imaginable. Password remembrance is usually one of two things; either the user will remember the password or they will have it stored somewhere. Locking users out of their account for a short period of time can be a great way to dissuade would-be hackers from trying to guess a user’s password.

6. Use Multi-Factor Authentication

At NuTech Services, we like to reinforce with our clients that multi-factor or two-factor authentication is imperative for every account possible. The NIST recommends that users be able to demonstrate at least two of these three authentication measures before a successful login. They are the following:

“Something you know” (like a password)
“Something you have” (like a mobile device)
“Something you are” (like a face or a fingerprint)

If at least two of these criteria are met, then chances are you are supposed to be on the network. Plus, consider how hard it would be for a hacker to gain access to more than one of the above. It just makes sense.

If you don’t make password security a priority for your business, you might come to regret it later, and no one wants to be the one responsible for a data breach. If you need a hand with implementing a password management system or other security best practices, reach out to us at 810.230.9455.

May, 2021

When It Comes to Cybersecurity, Consider a Top-Down Approach

Cybersecurity is one aspect of running a business that absolutely cannot be underestimated in its importance. It doesn’t matter if you’re a huge enterprise or a small business; if you don’t take cybersecurity seriously, there is a very real possibility that your organization could be threatened in the near future. The easiest way to ensure your business’ continuity is to develop an internal culture of cybersecurity, and it starts from the top-down with you, the boss.

In the grand scheme of things, it does not matter how advanced or high-tech your security solutions are or how secure your passwords are. If your team members aren’t behaving with security at the top of their minds, your cybersecurity solutions will not yield the results you are hoping for. To this end, it is important to establish cybersecurity as a priority within your company’s culture.

How to Build a Culture of Cybersecurity for Your Business

Social proof, a concept that is mostly applied to marketing, can be a key component of implementing any type of lasting change in your organization’s cybersecurity culture. In essence, social proof refers to the idea that people can be convinced to think or act in a certain way based on testimonials of peers and colleagues. It’s easy to see how this can influence the workplace, but as is the case with most things in life, it’s not nearly this simple.

The key takeaway here is that the culture around your organization’s cybersecurity will mold around itself over time (if you give it time to do so).

Consider this scenario: a new employee just starts working for your company and is getting set up with network access, permissions, and everything else necessary for the position. If your organization’s cybersecurity culture is poor, the new employee’s coworkers might suggest they use the same username and password, a practice that is usually frowned upon. However, if this attitude is prevalent throughout the department, then it becomes the norm. This new employee then continues to spread the practice throughout the company as new hires are brought on, creating a systemic cybersecurity issue for your entire business.

Now let’s say that the opposite is true, and your employees instead reinforce good cybersecurity practices to all new hires. If company policies require that all passwords maintain a certain level of complexity and all staff are on board with this message of security, then it’s much more likely that new hires will move forward with security at the top of their mind.

It All Starts With You

There are several ways that you can organically infuse cybersecurity awareness into your business operations. Here are just a few of them:

Rather than simply having password policies in place, enforce them by only allowing passwords that meet these minimum requirements.
Access controls are important, but monitoring these protections on a regular basis is critical to identifying and addressing weaknesses or shortcomings.
Security onboarding is important but should also be reinforced periodically through a refresher course.

As the leader, your business’ employees will be looking to you to take the lead on security. By setting a good example, you can change your organization’s cybersecurity culture for the better. NuTech Services can help you with not only implementing security solutions, but reinforcing best practices that will foster the kind of culture you are looking for in your business. To learn more, reach out to us at 810.230.9455.

May, 2021

Understanding the Threat of Geographic Deepfakes

Per our role as cybersecurity professionals, part of our responsibility is to put the developing threats out there in the world into perspective for the clientele that we serve. After all, with so many modern threats seeming to border on science fiction, it is only natural for smaller organizations to assume that their size will protect them from such attacks through simple lack of interest—or even that such threats will never be used practically at any significant scale. Unfortunately, these assumptions are too often mistaken.

For your business to survive, let alone thrive, you need to have prepared for every eventuality. To put the importance into context, let’s examine a threat that many may have shrugged off—deepfake images—and the potential they show in terms of future cyberattacks and misinformation campaigns.

A Refresher on Deepfakes

Deepfakes are images or video clips that have been manipulated by artificial intelligence to show something other than the truth. You may have seen a few lighthearted examples online, where a comedian’s face is replaced by the celebrity they are impersonating, or different actors are inserted into movie scenes. There are even mobile applications now available where you can create simple (albeit glitchy) lip synch videos based on a headshot.

Not all applications of this kind of AI-based image generation are so obvious, however. Just look at the This Person Does Not Exist website, where you can see the results of a generative adversarial network’s work in creating very convincing, imagined faces. Every time you click on that link, the website will display a completely unique and imagined photograph that looks like a real person, but isn’t.

While entertaining, such applications do little to highlight the actual risks presented by deepfakes when put to more extreme uses. Adult-themed deepfakes are already being used to generate pornographic materials of people without their consent, and deepfake technology has also been used to doctor up footage to manipulate political interests. However, another use for deepfakes has risen that has many concerned—geographic deepfakes.

What is a Geographic Deepfake?

Rather than manipulating a person’s face or words, geographic deepfakes are used to manipulate satellite imagery to hide or distort the appearance of the landscape. As this technology grows in popularity and accessibility, it could potentially be used to seriously impact businesses and governments around the globe.

How Serious are Geographic Deepfakes?

Let’s put it into context for a moment by going over how a geographic deepfake could be (and increasingly are being) used.

Let’s say for a moment that you were a military commander, and you were leading your troops through the field. Your objective isn’t far, all you need to do is cross a bridge that spans over a ravine that you’ll see once you crest the next hillside. Except, once you reach the top of the hill, you don’t see the bridge that your satellite imaging assured you would be there. You see the ravine, sure, but there’s no bridge to cross it.

There goes your plan, and such a failure is bound to have wide-reaching ramifications.

This exact scenario was brought up in 2019 by an analyst at the National Geospatial-Intelligence Agency named Todd Myers—and is in no way a new tactic.

Throughout history, maps have been weaponized as a part of disinformation campaigns and propaganda and have even been manipulated to protect intellectual property. Cartographers would insert fabricated locales and details into their maps to try and catch any copycats out there—after all, if you had invented “Not-Realburg, Michigan,” seeing it on another map is a blatant clue that your work had been copied.

A recent study, compiled and published by the geography department at the University of Washington, explored the topic of deepfake-generated geography in more depth.

What the Study Contains

In their study, the researchers review the long, long history of embellishing maps—reaching back to the Babylonian era in the 5th century B.C.—before focusing on the modern, technology-based contexts of location spoofing and how it can be weaponized, sharing examples produced by the researchers specifically for the study as a proof of concept.

In short, the study does what the research team intended it to do: it highlights the very real capabilities of such technologies, and how easily they could potentially be abused with no single means of identifying when an image has been manipulated.

What’s worse, the inherent trust the public has for such images makes them particularly effective, according to the researchers. While the team was able to engineer a tool to help identify their own fake geographies, these kinds of tools will need constant maintenance to keep up with the improvements that deepfakes will inherently see as time marches on.

What Can Businesses Learn from This?

While these kinds of threats will hopefully have minimal impacts on most businesses for some time yet, it is still valuable to consider how such a technology could be used against a company’s operations. Returning to the example of the missing bridge above, it isn’t hard to imagine how such an event could create serious interruptions and delays to the supply chain. Taking it a step further, someone trying to interfere with your success directly could use such an attack to hide your business from view on a map.

We also can’t neglect the idea that cyberattacks tend to inspire other cyberattacks, so there’s no telling what an imaginative cybercriminal might think to do with such capabilities someday.

For now, the best thing that your business can do is to reinforce your business using the technologies available today. While it would be foolish to completely ignore the development of cyberthreats like deepfakes, there are other attack methods that need to be protected against in the present. NuTech Services can help you in that aspect. Give us a call at 810.230.9455 to discuss what your business needs to make its technology more secure and more productive.

Apr, 2021

Physical Security Tools Every Business Can Use

Many small and medium-sized businesses don’t consider making physical security investments if they already have some type of workable solution in place. The problem is that there have been a lot of innovative moves made that would make those investments strategically smart at the time. So, while a physical security upgrade may not be a priority for your business, we thought we’d go through some of the tools used, and how they have improved.

Security Systems

The company that needs more security at your place of business, you may want to consider installing a full-featured security system. Today’s systems have all types of setups that have customizable options to fit your business’ needs. Systems fitted with motion detectors, door alarms, and full-featured access control systems–and work through your business’ wireless network–can be a great way to deter would-be thieves and protect your business’ most important assets.

Security Cameras

The innovations to security camera systems have been pretty amazing recently. If your business installed its camera system over five years ago, you should really think about getting an upgrade. Today’s systems come with high definition (HD) cameras with megapixel IP lenses that capture everything that you need and won’t leave you guessing about what you’re watching on replay.

Other improvements include camera systems with wide dynamic range (WDR), digital signal processing (DSP), and noise cancelling. These features help these HD systems create cleaner images in a long list of different environments. Some systems support low-light operations for use in times when businesses are closed.

Access Control

We typically talk about access control as a type of security used to protect your business’ digital assets, but the same principle applies to your physical security. Access to certain parts of your business might not be right for all of your staff. If you have parts of your business that you want to keep secure, there are many different access control systems available.

These systems are a combination of automatic locking and authentication systems that are placed on doors. There are mechanical, digital, and biometric systems to choose from. While you may pay more for biometrics, they have been proven to secure assets from theft and keep people who aren’t authorized to be in a place, out.

Security is always going to be a critical part of your business, and NuTech Services has the certified technicians to help you secure your entire business. Give us a call today at 810.230.9455 to have a conversation about getting the security you need to secure your assets.

Apr, 2021

How Many Types of Cybercriminals Can You Name?

We’re all familiar with the idea that pop culture has cultivated in our minds about computer hackers, but as it happens, this impression is just one of the many shapes that the modern hacker can take. This kind of closed-off view is dangerously shortsighted, so let’s take a few moments to dig into the kinds of hackers there are, in ascending order of the threat they pose to your business.

The Heroic Ethical Hacker

It is important to acknowledge that hackers aren’t all bad—some are actually committed to using their skills to protect businesses from threats. By examining a business’ defenses from the perspective of a cybercriminal, the ethical hacker can help you identify vulnerabilities in your network infrastructure so that they can be resolved appropriately. These are the hackers that you hire for your own benefit.

The Accidental Hacker

It isn’t unheard of for someone to go poking around on a website—particularly if they stumble upon a preexisting issue on it. Unfortunately, this kind of poking can often result in them finding more than they bargained for. This kind of hacking has raised the question of whether such activity should be prosecuted if the person responsible reports what they have found back to the company.

Either way, what does it say about a business’ security if its website can be hacked accidentally? Such events need to be looked on as a warning to improve the protections you have in place.

The Pokey Curious Hacker

Just one step up from the accidental hacker, some hackers are fully aware of what they are doing and are just doing it to find out if they can. Meaning no real harm, these hackers are seeking little more than validation—or, in layman’s terms, bragging rights. Having said this, it is important to acknowledge that this variety of hackers is becoming rarer with the increased criminal accountability that such activities bring with them. Nowadays, hardware modification by means of single-board computers now occupy the time of those that would be interested in these kinds of activities.

The Scammy Networking Hacker

Adware—or a piece of software that hijacks your browser to redirect you to a website hoping to sell you something—is a real annoyance, as it wastes the user’s valuable time and energy. It also isn’t unheard of for otherwise well-known and legitimate companies to use it in their own marketing, despite the risk they run of having to pay regulatory fines due to these behaviors.

While the real damage that adware spamming can do may seem minimal, it is also important to put the nature of these efforts into perspective. An adware spammer will use the same tactics that other serious threats—things like ransomware and the like—are often spread through. If you’re finding your workstations suddenly inundated with adware, you are likely vulnerable to a much wider variety of threats than you might first assume.

The Strength-in-Numbers Hacker

Sometimes, instead of attacking you, a hacker will use your resources to attack another business. While this isn’t an attack against you, per se, it should still be seen as a threat, as it interferes with your business’ potential for success.

The attackers that do this use the resources they take over to generate something called a botnet—a network that can then be used to the hacker’s ends. For example, one only must look at the attack on the DNS provider Dyn, where a botnet was able to take down various major websites (including Facebook and Twitter) for several hours. These botnets often make their way in through unpatched vulnerabilities and breached login credentials.

The Political Hacker

Political activists are often seen in a positive light—and rightly so—but some activists use tactics that are decidedly negative in their nature. By deploying cyberattacks to sabotage and blackmail a company that they see as doing something wrong, a hacktivist often goes about doing good in a bad way. This kind of activity can be dangerous to your operations and to the cybercriminal alike, as law enforcement won’t take the motives behind a hacker’s deeds into account.

The Cryptocurrency-Seeking Hacker

The ongoing obsession many have with cryptocurrency right now has contributed to no shortage of attacks seeking to bring the attacker responsible an unfair leg up. While the concept of borrowing resources is not a new one—The SETI (Search for Extraterrestrial Intelligence) Institute, which is associated with NASA, once legitimately used a screen saver to borrow the CPU usage of the computers it was installed upon—cybercriminals now do a similar thing to help hash cryptocurrency for their own benefit.

With hardware costs rising and the intense utility demands that mining brings about, it is little surprise that such hackers will find a way to sidestep these demands for their own benefits.

The Gaming Hacker

While many may scoff at video games in general, it is important to keep in mind that the industry behind them is valued in the billions, with huge investments of both time and money put into the games it creates. Naturally, with such high stakes, it is only natural that some hackers set their sights upon it for their own gain. Such hackers will attack their fellow players to obtain in-game currency through theft or will even restrict their competition through denial-of-service attacks.

The Professional Hacker

A lot of gig work has been facilitated by the Internet and its capability to facilitate networking. In terms of cybercrime, this has allowed many people to act as a for-hire hacker, combining malware of their own creation with programs that they’ve found or stolen to offer their services to others. For a fee, these mercenaries will act on behalf of whomever pays, whether that’s a government seeking some separation from the deed or a business looking to sabotage their competition.

The Larcenous Hacker

Considering how much of life has been converted to digital, it should come as little surprise that crime has followed suit—after all, hacking someone is a lot less physically dangerous and potentially much more profitable than mugging them likely would be. As transactions have digitized, thefts and cons using ransomware and romance scams did as well to allow those less scrupulous to continue to profit from their actions.

The Business-Minded Hacker

Much like the professionals we discussed above, some hackers decide to turn their efforts specifically to the corporate world. By spying on documents and stealing data from one business, these hackers seek to sell this information to that business’ competitors for a healthy price. Fortunately, many businesses will report when a cybercriminal has approached them with such an offer, alerting the hacked business to the breach.

The Sovereign Hacker

At long last, we come to what many see as the biggest threat: the veritable militias composed of hackers that governments will assemble to actively interfere with and undermine the efforts put forth by other nations. These groups have been known to attack the political structure of opposing nations as well as the industries that these countries rely on, with the goal of having a leg up if hostilities were to arise between them.

The hack on Sony Pictures in retaliation for the satirical 2014 film The Interview was an example of an attack by a nation-state.

What Does This All Go to Show?

Putting it bluntly, this list should demonstrate that any individual impression of what a hacker is will not be enough to ensure that a business is prepared to deal with a cyberattack. Fortunately, NuTech Services can help. With our team of professionals following a lengthy list of best practices and policies, we can ensure that you are ready to resist a cyberattack when it comes.

To learn more about what we can do to protect your business, reach out to us at 810.230.9455.

Apr, 2021

How Big of a Threat is the Dark Web Gig Economy?

Contemporary movies are filled with high-stakes cybercrime, where a lovable criminal syndicate breaks into a company’s systems to help wreak havoc on the true villains of the film, all the while exposing the company’s dirty laundry. Naturally, this idea can be frightening for any business, whether or not they have any dirty laundry to air out—after all, nobody wants a ruined reputation—and is unfortunately less and less of a fantasy all the time.

This is directly due to the idea of a hacking gig economy, and how the Dark Web can be used to support it.

What is a Gig Economy?

Before we get too far into the weeds as we discuss the Dark Web, let’s make sure we’re on the same page in terms of the “gig economy.” The gig economy basically describes the prevalence of people working in part-time positions on a temporary basis or as independent contractors, either as a means of supplementing their existing income or as their primary source of it. This environment has been supported in its growth by the capabilities of the Internet—particularly within the younger generations in urban areas.

This new economy has proved beneficial for both the members of the workforce that are a part of it, and the businesses that enlist their services. These businesses have a much larger pool of resources to draw upon without the long-term commitment of a full-time hire, while workers can more easily supplement their increasingly flexible lifestyle with this kind of work.

Of course, a lot of drawbacks have come with this new method of work as well, but that’s something we’ll have to get into later. For now, we just need to focus on the idea that more people are seeking out work opportunities in a less traditional format (as well as businesses increasingly seeking out people to fill these temporary roles) and are using the Internet as a means of doing so.

Unfortunately, this trend also includes cybercriminals, and those businesses who want to take advantage of their illicit services. These parties accomplish this by taking their intentions to the Dark Web.

Understanding the Dark Web

Admittedly, the term “Dark Web” may not be familiar to everyone, so it may be helpful to look at how the Internet is functionally constructed. The Internet of today is made up of three distinct parts:

The Surface Web: The Surface Web is the part of the Internet that most people are familiar with and associate with the Internet in general. Composed of all websites and pages that have been indexed by a search engine (and can therefore be found through these search engines), the surface web is anything that is openly accessible via the Internet.
The Deep Web: The Deep Web includes all the pages that require a login or payment before they can be accessed, along with a user’s data on a website or platform. This data is not indexed, meaning that search engines cannot crawl or index it. This is what makes up most of the Internet today.
The Dark Web: The Dark Web is the portion of the Internet that is inaccessible to a typical browser, only available via the Tor browser. As such, activity here cannot be traced or tracked, making the experience anonymous—and therefore, ideal for cybercriminal activity (amongst many other uses, of course). Due to its anonymity, the Dark Web operates on secrecy and cryptocurrency.

This last point is what allows the Dark Web to give cybercriminals the utility that it does as a means of selling their services to those seeking it out. By anonymizing all browsing and even hiding payments behind the encryption of cryptocurrencies, the Dark Web gives this illicit economy the perfect environment in which to thrive.

Let’s explore how such a transaction could take shape:

Examining a Dark Web Gig

Let’s assume for a moment that you have a serious enemy, whether it’s one of your competitors, an old employee who left on bad terms, or a former client with a serious grudge. What can this enemy of yours do?

If they have the knowledge of how to do so, someone seeking to hurt your company could access the Dark Web and seek out a hacker’s services on one of the many forums that the Dark Web hosts, offering some financial payout in exchange for your website being taken down. Maybe they’d offer a thousand dollars or so, and a hacker with some time could take them up on that offer.

This isn’t a hypothetical situation—Dark Web forums have seen more than eight million users send over 80 million messages seeking out the services of a hacker, with hackers using the forums to promote their own services. Generally speaking, these posts break down as follows:

90 percent of these posts are from those seeking out hacking and cyberattack services
7 percent of these posts are from hackers seeking out jobs
2 percent of these posts are meant to encourage the sale of hacking tools
1 percent of these posts are to encourage people to network with each other

As you might imagine, the number of people actively using these platforms leads to many very specific services available.

The Value of Data on the Dark Web

Of course, we should discuss how much a cybercriminal could potentially make, if only selling data that they have stolen. After hacking a database, a hacker could potentially sell its contents for $20,000—about a rate of $50 for about 1,000 entries.

The Risk This Presents to Your Business

Small-to-medium-sized businesses are under a somewhat ambiguous level of threat from the Dark Web, specifically where data theft and distribution are concerned. To many, the Dark Web remains a sort of computer horror story.

However, as the Dark Web comes more into the public consciousness, its already-considerable risks will only grow… and again, it isn’t as though it isn’t already being used to distribute stolen data, be it sensitive information or access credentials or what have you. There’s a non-zero chance that some of your data is already put up for sale on some Dark Web site.

To minimize this risk moving forward, there are a few safeguards that you need to adopt as a standard procedure:

Security

If there’s a way that someone can use some vulnerability to access a business’ resources, whether they’re hosted online or on your network, they will. Ensuring that everything is reinforced against these threats will help to minimize the chance of their success.

Team Awareness

A big part of avoiding phishing is for your team to be able to see it coming. Training your team members to identify and properly mitigate the threats that they will face—and they will face them at some point—will be crucial to protecting your business.

Due Diligence

Finally, all the best practices that you expect your team to uphold all must remain in play, as hackers actively seek out companies with lacking security to target. Don’t give them the opportunity.

NuTech Services is here to help. Reach out to us at 810.230.9455 to learn more.

Apr, 2021

Don’t Let a Malicious Application Undermine Your Mobile Security

While you’ll probably hear us recommend that you update as soon as possible at every opportunity, the source of these updates is important to consider. This is especially the case now that mobile security firm Zimperium has discovered a new mobile spyware that pretends to update your mobile device… but actually steals data and monitors the user’s search history and location.

Called “System Update,” many Android users have already fallen victim.

What “System Update” Does

The Remote Access Trojan (or RAT) that powers this spyware isn’t available through the Google Play store. This means that this message/contact/device info/browser bookmark/search history/microphone and camera access-stealing application isn’t available to most users.

However, should a user download it, the app could continuously track their location with the application kicking into effect whenever new information is sent to the device. The app then covers its tracks once your data is stolen, making it something that should not be taken lightly.

How is System Update Being Spread?

Perhaps unsurprisingly, phishing has proven to be an effective means for the System Update application to be spread. Despite repeated warnings from Google to never install applications from outside the official Google Play Store, many—especially those with aging devices—seek out new apps and options from other, far less trustworthy sources.

How to Protect Yourself

First, don’t download applications from outside of the Google Play Store. While some malicious apps have snuck past the review process to appear on its pages, this is a very rare occurrence. Question every attempt made to send you to another source of a download, erring on the side of avoidance.

NuTech Services can help your business do even more to protect your business from these kinds of threats, providing and using tools like mobile device management (MDM) and a Bring Your Own Device (BYOD) policy. Give us a call today to learn more at 810.230.9455.

Apr, 2021

What Makes a Ransomware Attack So Expensive?

Ransomware is no laughing matter, especially in terms of the costs it can impose on its victims—this is, after all, what ransomware is famous for. However, some of these costs can be derived from unexpected expenses and exacerbate the already significant issues that ransomware poses. Let’s go over some of the costs that you should anticipate, should you be targeted by a successful ransomware attempt.

Cost 1: Downtime

Perhaps unsurprisingly, downtime expenses make up most of the financial toll that a business suffers when successfully targeted with ransomware. Depending on the severity of the attack, a business could easily find itself taken completely out of action for days or even weeks. A survey taken in 2020 provided an estimated downtime span of about five days for an organization to completely recover, with another estimating an average of 21 days to resume operations.

This should be of serious concern to businesses, especially with the cost of such downtime rising precipitously. Data from Datto showed that downtime resulting from a ransomware attack can cost north of $274,200 (far more than the average ransomware demand totals).

Cost 2: Reputational Damage

Few things look worse for a company than having their customers’ data locked up—and presumably stolen, as we’ll get into later—so it only makes sense that ransomware can be immensely problematic for the impacted business’ public image. Surveyed consumers from numerous countries have said that they would take their business elsewhere if their data was rendered inaccessible or service was disrupted even once—with 90 percent strongly considering a business’ trustworthiness before becoming a patron and just over half avoiding companies that had experienced a cyberattack within a year prior.

This is a serious issue… particularly with groups popping up that are now collecting and sharing the data that companies have lost in a breach as part of a purported effort to improve transparency.

This means that a company seeking to protect itself will need to approach these issues on two fronts—not only avoiding successful attacks over time, but also putting themselves in a better position to react and get a handle on any that come later. As time goes on, this will be even more important for a company to enable.

Cost 3: Upgrade Costs

While there are truly few benefits to experiencing a ransomware attack, it can at least motivate a business into making the necessary upgrades to protect themselves from that point on. However, these kinds of upgrades don’t come cheap.

After all, these upgrades should equate to far more than just a fresh coat of paint. We’re talking about something akin to a comprehensive overhaul from the bottom up just to ensure that whatever vulnerability—software or otherwise—allowed the attack access has been identified and resolved. As one might imagine, these circumstances aren’t cheap for the business, adding to the burden that a cybersecurity event imposes.

Cost 4: Layered Extortion

We aren’t going to lecture you once again by defining ransomware and all that. What we are going to do is pose a simple question:

Let’s say that you are infected, and to keep your data from being deleted, your business elects to pay up. However, what guarantee do you have that the cybercriminals will keep up their end of the bargain and release the data they have encrypted, rather than keep it or share it on the Dark Web?

Frankly, you don’t—and knowing this, many cybercriminals have begun to steal data before encrypting it, adding the idea of data exposure to their target’s list of concerns. Class-action lawsuits are a real possibility if a business’ entire client list were to have their personally identifiable and sensitive information disclosed online.

Cost 5: Price of the Ransom

Finally, we come to the cost of the ransom itself. While one might expect just biting the bullet and paying for the return of a business’ data would be a less costly option than it would to completely restore a business’ infrastructure from scratch, this isn’t the reality.

Who said the cybercriminal had to return it in its original condition, after all?

Taking this factor into consideration (as well as the costs that come with recovering and restoring this data after the fact), it actually turns out that paying the ransom is far less cost-effective than just restoring data from a backup.

Protecting Your Business Against Ransomware in the First Place is the More Cost-Efficient Option

So, it is safe to conclude that the only reliable means of protecting your business and its data against ransomware’s ill effects is to proactively prepare for its eventuality. NuTech Services is here to help see you through it with our comprehensive data backup and continuity services, as well as the security we can assist you in implementing. Find out more by reaching out at 810.230.9455.

Mar, 2021

What Can Be Done to Counter COVID-19-Themed Scams?

As commonly happens with any disaster, COVID-19 has inspired no short supply of scams. While these scams initially focused upon the relief funds that were delivered to people to help sustain the suffering economy, the ongoing vaccine distribution efforts have given those behind these efforts a new means of attack.

Let’s consider how these scams have materialized over the past year.

The Opportunity COVID-19 Gives Scammers

Like most predators, hackers will fully utilize every advantage they have over their intended prey. With COVID-19, this advantage comes in the form of the desperation many still feel for news. As a result, numerous scams have been reported to reference the coronavirus outbreak, adopting a wide variety of methods.

Some of the old tricks that these scammers have adapted include:

Phishing – While phishing scams are nothing new, and certainly won’t end with COVID-19, scammers have certainly taken advantage of it during these tumultuous times. By sending emails and other messages (as we’ll get into) that appear to come from a trustworthy source or an authority, a scammer can manipulate their target into compliance.
- Vishing – This form of verbal phishing is conducted over the telephone but is otherwise identical to your more typical phishing scams.
- SMiShing – Once again, a basic phishing attack, but carried out through SMS texts.
Pretexting – Basically, this is what occurs when someone reaches out to you seeking out your information under the guise of calling from some trustworthy entity looking for verification. As you would imagine, this has not been uncommon as of late.
Spoofing – Spoofing is the act of disguising a URL or a profile to appear to link to one location, but take the target to another, generally malicious one.
Quid Pro Quo – Just as it sounds, a scammer offers someone something in return for their information, but never holds up their end of the bargain. A longer scam, this usually requires some level of trust to be established but can be quite lucrative for the miscreant who carries it out.

How to Protect Your Business from Scams

Like most things having to do with cybercrime, there isn’t really a surefire way to prevent such scams from appearing, which means that the onus to keep data safe falls to the user that is dealing with these scams firsthand.

The biggest thing that you can do—and that you should encourage your team to do—is to verify everything. Any time anyone requests something of you online—whether it seems to be your boss, your coworker, your parents, or the CDC—you need to make sure you’re talking to who you think you’re talking to.

Verify. Everyone. And. Everything.

With so much of modern life now utilizing the Internet, it is nothing if not irresponsible to not have an appreciation for the severity of today’s biggest threat landscape. Keeping a good perspective about how valuable your personal information is and treating it as such with best practices can very much help protect you and your business from cybercriminals.

NuTech Services is here to help you see to your business’ cybersecurity preparedness and protections. Find out more about what we can offer by calling our team of professionals at 810.230.9455 today.

Feb, 2021

Are Utilities as Secure as They Should Be?

Recently, a story broke in Florida that sounds like something out of a terse action film: a hacker managed to access a water treatment facility and subjected the Pinellas County water supply with increased levels of sodium hydroxide. While onsite operators were able to correct the issue right away and keep the public safe from danger, this event is the latest in a line of cyberattacks directed at public utilities. Let’s consider this unpleasant trend.

Keeping Utilities Safe

Many of today’s systems run via the assistance of computers and are hosted online to embrace remote capabilities. Unfortunately, this nature leaves them vulnerable to hackers—despite the huge investments made into protecting the public infrastructure that runs on these systems.

As the event in Pinellas County proves, it just takes one time to cause great damage. Therefore, we can see why it is so important to keep these systems secure.

How Utilities Have Changed

With more people than ever suddenly working remotely, many jobs that once required on-site staff have shifted to automated solutions—especially in terms of seeking out IT threats and issues. However, with all this “newness”, many people aren’t familiar with the toolkits they are working with.

As a result, more employees are vulnerable to attacks and less aware of how to prevent them.

Infrastructure and Utility Threats are Increasing in Severity

According to a Ponemon Institute report, the level of sophistication that is used in attacks against utilities has increased sharply. 54 percent of utility managers foresee having to contend with at least one cyberattack this year—meaning that half of those that provide electricity, safe water, and other critical resources anticipate a major event.

When you consider how much our society relies on these systems, this is disconcerting to think about.

What Can Be Done?

Unfortunately, this question is where things can get complicated. It isn’t as though utility companies underestimate the importance of security, after all. However, by modeling their approach upon the one undertaken by the average enterprise, they have adopted a lot of the same practices: revising their practices as they go, continuing to innovate, and being increasingly vigilant.

For instance, many providers are integrating options that businesses have had success with. AI has been integrated to help identify potential threats much more efficiently by processing far more data in far less time. The Internet of Things is now used to better track and modulate internal processes and distribution of resources. Even better, these IoT devices (which are usually infamous for their questionable security) have seen the investments necessary to properly maintain their protections thanks to the efforts of the utility companies.

Considering the importance of our utility services, protecting them needs to be a priority… but what do you think? Should more attention be paid to the cybersecurity protecting them? Leave your opinion in the comments.

Feb, 2021

Why You Need to Do a Security and Compliance Audit

Businesses that don’t see after their vulnerabilities are just asking to be breached. That’s the consensus view in the IT industry. It’s disconcerting, then, to consider how many businesses don’t actively assess their IT security, especially considering how much these platforms change from year-to-year. Today, we’ll briefly discuss what a security and compliance audit is, and why we think you need one.

What is a Security and Compliance Audit?

This is pretty straightforward. There are a constant stream of threats that come at your business and the individuals that work in it. In order to keep your business’ assets safe from theft or corruption, you need to do what you can to protect them. That typically includes implementing security software, training your staff about phishing and other scams, and overall just being vigilant about the way you go about things. Most business owners would say that is all they can do and if that doesn’t protect them nothing will.

In the same breath, these same people will continuously add to their IT infrastructure, implement new technologies, and deploy alternative platforms if they think they can make a dollar and a cent doing so. The integration of these new systems can create holes in your business’ network, and these holes are what hackers use to breach your network and steal your data or corrupt your whole IT platform.

Furthermore, as a business’ IT gets more complicated, their compliance concerns get more complicated. Most businesses have certain compliance requirements they need to meet in order to keep doing business effectively, with more expected to pop up as privacy concerns get met with more policy.

The security and compliance audit is a full-blown assessment of the network and infrastructure designed to find potential holes. The security and compliance audit goes beyond your typical vulnerability scan because the results include a specific assessment of your specific IT profile. At NuTech Services, we suggest getting a security and compliance audit done before you make any significant changes to your IT infrastructure. We also suggest getting a penetration test after any changes are complete to ensure that your platforms meet the security and compliance standards your business operates under.

Square Away Your IT Defenses

Getting a comprehensive security and compliance audit and a subsequent penetration test can be all the difference between a litany of potential troubles. On one hand, you may have vulnerabilities remaining in your IT infrastructure that could be exploited, putting your business in peril. On the other, non-compliance with regulatory standards can cause large fines or worse. If you would like to talk to one of our IT professionals about the possibility of getting your network and infrastructure audited and tested to help you close up any holes in your IT, give us a call today at 810.230.9455.

Jan, 2021

You Better Update Your Microsoft Password Today

While we would strongly recommend that you update your passwords more than once a year, now is as good a time as any to do so. Reflecting on this, let’s go over how to fully lock down your Microsoft accounts.

We should start with a bit of a warning. In December, a massive cybersecurity attack targeted the US government via (along with other tools) Microsoft Office. As it was revealed, foreign hackers were monitoring the US Treasury Department and the National Telecommunications and Information Administration through their email accounts.

While Microsoft hasn’t identified any specific vulnerabilities within their cloud services or applications (a good sign, for certain), they have shared some practices to help users properly and comprehensively secure their data. These practices are important to keep in mind for both your personal and business accounts.

What is Included in a Microsoft Account?

Your Microsoft account will include many programs under its purview… basically, anything that Microsoft contributes to will be tied to this account, including:

Windows
Outlook
Office
Skype
OneDrive
Xbox Live
Bing
Microsoft Store
MSN

How to Update Your Microsoft Account Password

Microsoft has made the process somewhat simple and straightforward.

Visit https://account.microsoft.com/
Click Sign In on the top right if you aren’t already signed in. If you are already signed in, the page will display your name with options about your subscriptions and other services. Once you sign in with your email and password, you’ll be taken to this page.
Towards the top of the page, on the right-hand side, you’ll see an option that says Change Password. Click it.
If you have Two-step verification enabled, it will walk you through verifying your account with a text, an email, or using the Microsoft Authenticator app. If you don’t have that set up, don’t worry, we’re going to get you set up after you change your password.
Once prompted, enter your current password, and then come up with a brand-new password.

An important consideration: You need to make sure that every password you create abides by certain best practices, like not being used for more than one account and involving no personal details or identifiable information. If pressed, select four random and unrelated words, switch up some of the capitalization, and substitute numbers and symbols for some letters—the more complicated, the better.

Helpfully, Microsoft has included a feature that will require a password change every 72 days. While this sounds like a pain to deal with, it can help reduce the chance of your password being breached and therefore can keep your account more secure.

Additional Security Features

While we’re changing your password, let’s go ahead and add another layer to your security in the form of Two-Step Verification. Setting this up will require you to provide proof of your authenticity beyond just having the right username and password. Work accounts may need administrator permissions to activate it, but it is worth doing.

Once you change your password, you should be directed to Microsoft’s account security page, where you will find the option to activate two-step verification. You’ll be walked through the process via on-screen instructions that will tell you how to link an authenticator application on your smartphone (like Google Authenticator, LastPass Authenticator, Duo Mobile, and other examples). If you don’t have one, you’ll be instructed how to set up Microsoft Authenticator, or you can opt in to one of these other options.

You’ll be taken through the setup process and asked to verify your contact information.

From that point forward, you’ll need to use your authentication app to log into your Microsoft account on a new device, or anytime you want to make changes like updating your password. You’ll be able to use other programs, like Word or Outlook, as normal. Make sure that you keep an eye on your emails and text messages for any Microsoft may send you.

This process can take mere minutes but deliver lasting benefits to your security. For more assistance with locking down your work accounts, or any other of your IT needs, make sure you reach out to NuTech Services by calling 810.230.9455.

Jan, 2021

Hey You… Update Your Google Password, Right Now!

If you haven’t taken the time to go through and update your passwords lately, particularly the one protecting your Google account, you should do so… despite it undeniably being a pain. After all, Google serves various purposes and is attached to many accounts for most. Considering the number of data breaches and other cybersecurity issues this potentially contributes to, you will want to ensure your Google account is properly locked down.

What Does a Google Account Involve?

Seeing as Google has grown to include far more than the original search engine, there are a lot of things that the average user has that involve Google in some way. Anyone who owns an Android smartphone, or surfs the Internet via the Chrome browser, or checks their email via Gmail certainly has a Google account, and this is but a small sample from a considerable list of items.

So, if a user’s Google account were to be compromised, a lot of data could potentially be exposed:

Google.com (for custom tailored search results)
Gmail
Google Drive
Google Docs/Sheets
Google Maps
Android
Google Workspace
Google Chrome
YouTube

Again, this is a brief sample. Chances are that—if it has something to do with Android, Chrome, or of course Google—it’ll be tied to your Google account.

Updating a Google Password

Fortunately, the process to change your Google password is quite simple:

Visit https://accounts.google.com/. If you aren’t signed in already, log in with your email/phone number and password.
Click Security on the left-hand side.
Look for Signing in to Google. Click Password.
Google will usually prompt you to provide your current password, and then have you input a new password.

REMINDER: While password security should always be a priority, the password you use to lock down your Google account absolutely must be as secure as you can make it. Use a unique password that is strong, without any personally identifiable information or other password shortcuts involved. Using a password manager can help make this easier, both by storing all your different passwords for you and assisting you in generating ones that are secure.

Once you have updated your Google password, you may have to log back in on some of your devices.

Adding Some Extra Security to Your Google Account

To really protect your Google account and the data it holds, it helps to take your security to the next level by enabling 2-Step Verification/2-Factor Authentication. This will help protect your account, even if your password was somehow stolen.

After changing your password, on the Google Account page:

Click the Security option on the left-hand side of the page.
Click 2-Step Verification.
Google may prompt you to enter your password again, just to make sure it’s you.
Depending on what Google already knows about you, this might go a few different ways—you’ll either be prompted to set up a phone number to get a text message or phone call, or Google might walk you through setting this up on your smartphone. Either way, follow the on-screen instructions.

You have a few options available to you in terms of the verification process. One of the more convenient is the option to be sent an SMS message with a secondary code required before your account can be accessed from a new device. For more security, there’s the Google prompt, which serves up a notification on your mobile to be tapped to confirm login, or Google’s own Authenticator app.

Fair warning—if your workplace uses Google Workspace, you might need the help of an administrator to enable 2-step verification. For more information on securing your accounts (or any other IT question you have), turn to the team at NuTech Services and reach out at 810.230.9455.

Jan, 2021

Why Is It Super Important to Keep Your Software Updated?

Your business’ software is one of its critical assets, so it really can’t also host many risks to your security and business continuity. Therefore, keeping your software up-to-date and fully patched should be a priority. Let’s go over what patch management entails and why it is so important.

What Causes Software Vulnerabilities?

Many people might incorrectly assume that, once a software is released and paid for, it won’t be the source of any major security issues from that point forward. Unfortunately, this isn’t entirely accurate. As hackers and cybercriminals work to identify vulnerabilities in the code that software developers have created, the software developers will fight back by creating patches to resolve these vulnerabilities.

This pattern continues until the software is eventually abandoned for a new and improved option, much like we’ve seen with the progression of the Windows OS. The reason that we are so adamant that everyone needs to migrate away from the antiquated Windows 7 is because hackers have had years to devise new ways of undermining its security while Microsoft has shifted focus to its later iterations of the operating system.

Regardless, this cat-and-mouse game goes on, with consumers, business owners, and IT admins caught in the crossfire.

Without consistent updates, all software titles can potentially be leveraged against the user—and with so many kinds of software in use within a business, there needs to be a process to ensure that they are all attended to on desktops, laptops, servers, and mobile devices alike. A good rule of thumb: if a software title interacts with the Internet, its software will need to be updated eventually.

Defining Patch Management

Patch management is the process by which a business ensures that updates and patches are applied to all vulnerable pieces of software. Whether it’s a productivity solution, communication and collaboration tool, digital security measure, an operating system, any kind of software under the sun could potentially be a risk that needs to be promptly addressed.

While this makes patch management an essential part of operating securely, it can be notoriously time consuming to dive into. This is why our team at NuTech Services utilizes cutting edge technology to see to our clients’ software solutions and keep them patched and upgraded. As a matter of fact, the technology we use keeps watch over our clients at all hours to ensure that all applicable updates are properly implemented.

Reiterating Why Patch Management Matters

Let’s touch back on Windows 7 once again, as the issues it causes are severe enough to bear repeating. As these words are first being written, almost 20 percent of PC users are still using Windows 7, despite Microsoft abandoning support for it a year ago in January 2020.

This effectively makes Windows 7 a clear and present danger for anyone using it—to the point that the Federal Bureau of Investigation effectively begged users and businesses to abandon it in a press release this past August.

For assistance with your patch management processes and the upkeep of your assorted IT solutions, reach out to the experts we have here at NuTech Services. Our team will be here to assist you behind the scenes, all you need to do is reach out to us at 810.230.9455 for more information.

Jan, 2021

How Not to Teach Your Team About Phishing, Courtesy of GoDaddy

GoDaddy—the domain registrar and web-hosting company once famed for its risqué advertisements—is facing some significant backlash for a much different reason. On December 14th, GoDaddy’s employees received an email that appeared to be from the company, promising a holiday bonus. However, while the email was from the company as it appeared to be, it was actually a phishing test that the hosting provider decided to run.

Let’s consider the situation:

GoDaddy’s Phishing Message:

When they checked their email on December 14th, GoDaddy’s employees found an email waiting for them in their inboxes, sent from “Happyholiday@Godaddy-dot-com”. Upon opening it, they found the following message, under a large picture of a snowflake emblazoned with the company’s name and “Holiday Party.” Get ready, it’s a doozy:

—

Happy Holiday GoDaddy!

2020 has been a record year for GoDaddy, thanks to you!

Though we cannot celebrate together during our annual Holiday Party, we want to show our appreciation and share a $650 one-time Holiday bonus! To ensure that you receive your one-time Bonus in time for the Holidays, please select your location and fill in the details by Friday, December 18th.

EMEA

Any submittals after the cutoff will not be accepted and you will not receive the one-time bonus of $650 (free money, claim it now!)

We look forward to celebrating with you again, in person next year!

—

However, no bonus reportedly awaited the approximately 500 employees who excitedly clicked through the links. Instead, they received an email from the company’s security chief two days later, informing them that they had failed the phishing test and would therefore need to retake the company’s Security Awareness Social Engineering training.

As you can imagine, this did not sit well for many of these employees… especially considering that the “record year” GoDaddy experienced came only after hundreds of employees were either reassigned or laid off entirely. Combining that with the fact that a data breach ultimately exposed 28,000 of GoDaddy customers’ credentials earlier this year, and the comments seem especially ill-advised.

GoDaddy has since released an apology for their mean-spirited bait-and-switch phishing test, releasing a statement. According to a spokesperson, “GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologized.” While the company felt that the lesson was an important one to impart to their team members, there has been some acknowledgement that this was an insensitive means of doing so.

GoDaddy Isn’t the Only Company to Do This

Other companies and organizations have used similar tactics as they have worked to evaluate their internal phishing preparedness. One example came in September, when Tribune Publishing sent out a company email trying to phish employees with the promise of a targeted bonus ranging somewhere between $5,000 and $10,000. The Tribune’s attempt was also derided by the employees affected by it, one reporter tweeting that the level of cruelty was “stunning.” That company also apologized for its use of a “misleading and insensitive” email.

However, Phishing Can’t Just Be Ignored

While these companies certainly took the wrong approach to educating their users, the point still stands that phishing is a very serious risk for businesses today to contend with.

Instead of taking this approach, there are other ways to help educate your team, through seminars or even other internal evaluations. The primary issue really came from the fact that GoDaddy took advantage of a monetary promise to their employees during a time when many people are already financially strapped, with seemingly no intention of giving them this bonus.

Obviously, this is a situation that nobody wants to find their organization in, just as nobody wants their organization to be phished. However, with NuTech Services, there are ways to prevent the latter. Give our team a call at 810.230.9455 to learn more about how we can help you fight back against phishing, without alienating your employees.

Dec, 2020

Watch Out for Malicious Browser Extensions

Browser extensions are nifty little programs that can be implemented into your web browser itself, adding onto its capabilities and utility… at least, that’s the concept. Unfortunately, these programs also give cybercriminals a means of secretly launching an attack. The security firm Avast recently identified 28 such third-party extensions that have been installed—according to the download numbers, at least—by about three million people on Google Chrome and Microsoft Edge combined.

How Do These Threats Work?

These attacks work similarly to how a phishing attack or a spoofed email would, as a user is promised one thing but winds up receiving something very different. While a malicious application may perform the task it claims to, it also may redirect the user to a phishing website or ad (making the cybercriminal some money) or simply steal some of the user’s information, like their birthday or email address.

In the case of these extensions, the code needed for several different malicious operations was present, including:

Redirecting traffic to advertisements (falsely generating revenue)
Redirecting traffic to phishing websites
Collecting personal data
Collecting browsing history
Downloading additional malware onto a user’s device

Avast’s researchers believe that only the first code was actively utilized, generating ill-gotten revenue for the creators of these extensions. Regardless, these extensions should be removed from any systems on your business’ network that they may be installed on.

The impacted extensions are as follows:

Chrome

App Phone for Instagram
Direct Message for Instagram
DM for Instagram
Downloader for Instagram
Invisible mode for Instagram Direct Message
Odnoklassniki UnBlock. Works quickly.
Spotify Music Downloader
Stories for Instagram
The New York Times News
Universal Video Downloader
Upload photo to Instagram™
Video Downloader for FaceBook™
Vimeo™ Video Downloader
VK UnBlock. Works fast.
Zoomer for Instagram and Facebook

Edge

DM for Instagram
Downloader for Instagram
Instagram App with Direct Message DM
Instagram Download Video & Image
Pretty Kitty, The Cat Pet
SoundCloud Music Downloader
Stories for Instagram
Universal Video Downloader
Upload photo to Instagram™
Video Downloader for FaceBook™
Video Downloader for YouTube
Vimeo™ Video Downloader
Volume Controller

Again, we encourage you to check your company’s network to ensure that these extensions are not installed in any of your users’ browsers, and that you encourage your employees to do the same.

Not sure how to go about doing so? NuTech Services can help. As a managed service provider, our services include remotely monitoring your business’ technology and network for threats while keeping abreast of this kind of news so that we can proactively resolve any issues that may influence your operations.

Find out more today by reaching out to us at 810.230.9455.