Hackers Archives - Page 2 of 4 - NuTech Services LLC

Jun, 2021

Major Hack Stymies Meat Processing

A recent surge of high-profile ransomware attacks strikes again with an assault on the world’s largest meat processor and distributor, JBS S.A. The cyberattack was so disruptive that the company was forced to suspend operations in both North America and Australia, leading to a considerable impact on the supply chain. Let’s take a deeper dive into what lessons can be learned from this situation.

What Happened to JBS S.A.?

In May 2021, JBS’s global IT systems were hit by a ransomware attack that forced the meat processor’s operations to completely shut down in North America and Australia. All operations were forced to halt as a result, and each step of the company’s operations ceased, from livestock procurement to exporting and shipping.

Fortunately for JBS, they had backups prepared and were able to restore their systems. There was also no evidence to suggest that customer, employee, or supplier data was compromised by the attack. This doesn’t mean that we can’t learn anything from the situation, though. Here are some major takeaways from this hack.

Who Was Involved in this Attack?

There has been no indication that any activist groups were involved in the attack; those responsible for this attack are sophisticated cybercriminals, the kind who have been associated with recent Russian cyberattacks. The Federal Bureau of Investigation has taken an interest in this attack, and the United States government has been in communication with Russia regarding it.

Similarly, the Australian Cyber Security Centre has been assisting with the effort but has chosen not to disclose what they are actually doing for this assistance. The company is also working with the Australian government and the Australian Federal Police to investigate the matter.

How Ransomware Affects Other Threats

Ransomware is still relatively new in the grand scheme of things, but it has grown exponentially in the time that it has been around. It is much more than a simple threat that locks down files unless a ransom is paid; nowadays hackers are also threatening to release the target’s data if the ransom is not paid. This is particularly concerning, even for businesses like JBS that have backups, as these types of organizations often have data governed by privacy regulations.

Having a backup is a good idea, even in the event that you are struck by a ransomware attack like those outlined above. The reason for this is simple; in the event you aren’t struck by one of these double-ransom attacks, you should theoretically be able to recover without much trouble. Many ransomware attacks spread through automated phishing campaigns and other hands-off means, meaning that if the hacker is taking such a hands-off approach, you should be able to recover without much incident.

We at NuTech Services are committed to helping businesses just like yours overcome cybersecurity issues big and small. To find out more about how we can help your organization overcome the challenges of modern cybersecurity, reach out to us at 810.230.9455.

Jun, 2021

How Can a Business Be Impacted by Unpatched Software?

It’s no secret that software often does not work as intended. Developers frequently discover bugs and patch them out. The same can be said for security vulnerabilities. Despite the importance of these updates, small businesses often fail to implement these patches and updates in a timely manner, a practice which can lead to more problems down the road.

Software bugs can range from very problematic to minor inconveniences. Some can cause a software to behave in an unpredictable manner. Others might expose critical data or leave backdoors in the code that could lead to security breaches. Let’s explore some of the issues that software bugs can bring about from both a customer and worker perspective.

Customer Satisfaction Takes a Dip

A positive reputation is key to any successful business endeavor, and something as simple as a software glitch can create major problems in this regard. For example, if a customer service portal simply does not work, it can create major issues for your customers when they seek to get help with other areas of your business. With most businesses having at least some online presence, this is a very real possibility, and customers are more likely to share their experiences when that experience is negative.

Small Issues Suggest Larger Problems

If a company is issuing software to paying customers, then there is an expectation that it works as intended. Things like a lack of attention to detail, grammatical errors, or UI issues can all contribute to the larger quality of the program. Small issues can often provide clues to larger underlying problems that could surface after a long enough use.

Security Becomes a Concern

If software is not regularly updated, be it a website, application, or operational software, vulnerabilities are likely to be discovered by hackers. This is why you see updates happen so frequently, especially by big name developers. People don’t want to use tools that put their financial information or personal data at risk (or at least, they shouldn’t). Patching these issues and testing them periodically is something that all developers should do; failing to do so could lead to disasters just waiting to happen.

The Issue Expands Over Time

It is extremely important that you have a patch management strategy in place to guarantee the operational effectiveness of your business technology. Neglected software can become riddled with problems in the long term, and if a customer or vendor finds these issues, you can bet that they can cost businesses a considerable amount of time and resources to rectify, if they get resolved at all. If you fail to do anything about problematic software for your business, you are just throwing money onto a bonfire, hoping desperately to snuff out the ever-growing flame.

Since software is such a major part of your business, you have to be extremely careful about how you implement it and update it with the latest patches and security updates. NuTech Services can help you make this happen. To learn more, reach out to us at 810.230.9455.

Apr, 2021

How Many Types of Cybercriminals Can You Name?

We’re all familiar with the idea that pop culture has cultivated in our minds about computer hackers, but as it happens, this impression is just one of the many shapes that the modern hacker can take. This kind of closed-off view is dangerously shortsighted, so let’s take a few moments to dig into the kinds of hackers there are, in ascending order of the threat they pose to your business.

The Heroic Ethical Hacker

It is important to acknowledge that hackers aren’t all bad—some are actually committed to using their skills to protect businesses from threats. By examining a business’ defenses from the perspective of a cybercriminal, the ethical hacker can help you identify vulnerabilities in your network infrastructure so that they can be resolved appropriately. These are the hackers that you hire for your own benefit.

The Accidental Hacker

It isn’t unheard of for someone to go poking around on a website—particularly if they stumble upon a preexisting issue on it. Unfortunately, this kind of poking can often result in them finding more than they bargained for. This kind of hacking has raised the question of whether such activity should be prosecuted if the person responsible reports what they have found back to the company.

Either way, what does it say about a business’ security if its website can be hacked accidentally? Such events need to be looked on as a warning to improve the protections you have in place.

The Pokey Curious Hacker

Just one step up from the accidental hacker, some hackers are fully aware of what they are doing and are just doing it to find out if they can. Meaning no real harm, these hackers are seeking little more than validation—or, in layman’s terms, bragging rights. Having said this, it is important to acknowledge that this variety of hackers is becoming rarer with the increased criminal accountability that such activities bring with them. Nowadays, hardware modification by means of single-board computers now occupy the time of those that would be interested in these kinds of activities.

The Scammy Networking Hacker

Adware—or a piece of software that hijacks your browser to redirect you to a website hoping to sell you something—is a real annoyance, as it wastes the user’s valuable time and energy. It also isn’t unheard of for otherwise well-known and legitimate companies to use it in their own marketing, despite the risk they run of having to pay regulatory fines due to these behaviors.

While the real damage that adware spamming can do may seem minimal, it is also important to put the nature of these efforts into perspective. An adware spammer will use the same tactics that other serious threats—things like ransomware and the like—are often spread through. If you’re finding your workstations suddenly inundated with adware, you are likely vulnerable to a much wider variety of threats than you might first assume.

The Strength-in-Numbers Hacker

Sometimes, instead of attacking you, a hacker will use your resources to attack another business. While this isn’t an attack against you, per se, it should still be seen as a threat, as it interferes with your business’ potential for success.

The attackers that do this use the resources they take over to generate something called a botnet—a network that can then be used to the hacker’s ends. For example, one only must look at the attack on the DNS provider Dyn, where a botnet was able to take down various major websites (including Facebook and Twitter) for several hours. These botnets often make their way in through unpatched vulnerabilities and breached login credentials.

The Political Hacker

Political activists are often seen in a positive light—and rightly so—but some activists use tactics that are decidedly negative in their nature. By deploying cyberattacks to sabotage and blackmail a company that they see as doing something wrong, a hacktivist often goes about doing good in a bad way. This kind of activity can be dangerous to your operations and to the cybercriminal alike, as law enforcement won’t take the motives behind a hacker’s deeds into account.

The Cryptocurrency-Seeking Hacker

The ongoing obsession many have with cryptocurrency right now has contributed to no shortage of attacks seeking to bring the attacker responsible an unfair leg up. While the concept of borrowing resources is not a new one—The SETI (Search for Extraterrestrial Intelligence) Institute, which is associated with NASA, once legitimately used a screen saver to borrow the CPU usage of the computers it was installed upon—cybercriminals now do a similar thing to help hash cryptocurrency for their own benefit.

With hardware costs rising and the intense utility demands that mining brings about, it is little surprise that such hackers will find a way to sidestep these demands for their own benefits.

The Gaming Hacker

While many may scoff at video games in general, it is important to keep in mind that the industry behind them is valued in the billions, with huge investments of both time and money put into the games it creates. Naturally, with such high stakes, it is only natural that some hackers set their sights upon it for their own gain. Such hackers will attack their fellow players to obtain in-game currency through theft or will even restrict their competition through denial-of-service attacks.

The Professional Hacker

A lot of gig work has been facilitated by the Internet and its capability to facilitate networking. In terms of cybercrime, this has allowed many people to act as a for-hire hacker, combining malware of their own creation with programs that they’ve found or stolen to offer their services to others. For a fee, these mercenaries will act on behalf of whomever pays, whether that’s a government seeking some separation from the deed or a business looking to sabotage their competition.

The Larcenous Hacker

Considering how much of life has been converted to digital, it should come as little surprise that crime has followed suit—after all, hacking someone is a lot less physically dangerous and potentially much more profitable than mugging them likely would be. As transactions have digitized, thefts and cons using ransomware and romance scams did as well to allow those less scrupulous to continue to profit from their actions.

The Business-Minded Hacker

Much like the professionals we discussed above, some hackers decide to turn their efforts specifically to the corporate world. By spying on documents and stealing data from one business, these hackers seek to sell this information to that business’ competitors for a healthy price. Fortunately, many businesses will report when a cybercriminal has approached them with such an offer, alerting the hacked business to the breach.

The Sovereign Hacker

At long last, we come to what many see as the biggest threat: the veritable militias composed of hackers that governments will assemble to actively interfere with and undermine the efforts put forth by other nations. These groups have been known to attack the political structure of opposing nations as well as the industries that these countries rely on, with the goal of having a leg up if hostilities were to arise between them.

The hack on Sony Pictures in retaliation for the satirical 2014 film The Interview was an example of an attack by a nation-state.

What Does This All Go to Show?

Putting it bluntly, this list should demonstrate that any individual impression of what a hacker is will not be enough to ensure that a business is prepared to deal with a cyberattack. Fortunately, NuTech Services can help. With our team of professionals following a lengthy list of best practices and policies, we can ensure that you are ready to resist a cyberattack when it comes.

To learn more about what we can do to protect your business, reach out to us at 810.230.9455.

Apr, 2021

How Big of a Threat is the Dark Web Gig Economy?

Contemporary movies are filled with high-stakes cybercrime, where a lovable criminal syndicate breaks into a company’s systems to help wreak havoc on the true villains of the film, all the while exposing the company’s dirty laundry. Naturally, this idea can be frightening for any business, whether or not they have any dirty laundry to air out—after all, nobody wants a ruined reputation—and is unfortunately less and less of a fantasy all the time.

This is directly due to the idea of a hacking gig economy, and how the Dark Web can be used to support it.

What is a Gig Economy?

Before we get too far into the weeds as we discuss the Dark Web, let’s make sure we’re on the same page in terms of the “gig economy.” The gig economy basically describes the prevalence of people working in part-time positions on a temporary basis or as independent contractors, either as a means of supplementing their existing income or as their primary source of it. This environment has been supported in its growth by the capabilities of the Internet—particularly within the younger generations in urban areas.

This new economy has proved beneficial for both the members of the workforce that are a part of it, and the businesses that enlist their services. These businesses have a much larger pool of resources to draw upon without the long-term commitment of a full-time hire, while workers can more easily supplement their increasingly flexible lifestyle with this kind of work.

Of course, a lot of drawbacks have come with this new method of work as well, but that’s something we’ll have to get into later. For now, we just need to focus on the idea that more people are seeking out work opportunities in a less traditional format (as well as businesses increasingly seeking out people to fill these temporary roles) and are using the Internet as a means of doing so.

Unfortunately, this trend also includes cybercriminals, and those businesses who want to take advantage of their illicit services. These parties accomplish this by taking their intentions to the Dark Web.

Understanding the Dark Web

Admittedly, the term “Dark Web” may not be familiar to everyone, so it may be helpful to look at how the Internet is functionally constructed. The Internet of today is made up of three distinct parts:

The Surface Web: The Surface Web is the part of the Internet that most people are familiar with and associate with the Internet in general. Composed of all websites and pages that have been indexed by a search engine (and can therefore be found through these search engines), the surface web is anything that is openly accessible via the Internet.
The Deep Web: The Deep Web includes all the pages that require a login or payment before they can be accessed, along with a user’s data on a website or platform. This data is not indexed, meaning that search engines cannot crawl or index it. This is what makes up most of the Internet today.
The Dark Web: The Dark Web is the portion of the Internet that is inaccessible to a typical browser, only available via the Tor browser. As such, activity here cannot be traced or tracked, making the experience anonymous—and therefore, ideal for cybercriminal activity (amongst many other uses, of course). Due to its anonymity, the Dark Web operates on secrecy and cryptocurrency.

This last point is what allows the Dark Web to give cybercriminals the utility that it does as a means of selling their services to those seeking it out. By anonymizing all browsing and even hiding payments behind the encryption of cryptocurrencies, the Dark Web gives this illicit economy the perfect environment in which to thrive.

Let’s explore how such a transaction could take shape:

Examining a Dark Web Gig

Let’s assume for a moment that you have a serious enemy, whether it’s one of your competitors, an old employee who left on bad terms, or a former client with a serious grudge. What can this enemy of yours do?

If they have the knowledge of how to do so, someone seeking to hurt your company could access the Dark Web and seek out a hacker’s services on one of the many forums that the Dark Web hosts, offering some financial payout in exchange for your website being taken down. Maybe they’d offer a thousand dollars or so, and a hacker with some time could take them up on that offer.

This isn’t a hypothetical situation—Dark Web forums have seen more than eight million users send over 80 million messages seeking out the services of a hacker, with hackers using the forums to promote their own services. Generally speaking, these posts break down as follows:

90 percent of these posts are from those seeking out hacking and cyberattack services
7 percent of these posts are from hackers seeking out jobs
2 percent of these posts are meant to encourage the sale of hacking tools
1 percent of these posts are to encourage people to network with each other

As you might imagine, the number of people actively using these platforms leads to many very specific services available.

The Value of Data on the Dark Web

Of course, we should discuss how much a cybercriminal could potentially make, if only selling data that they have stolen. After hacking a database, a hacker could potentially sell its contents for $20,000—about a rate of $50 for about 1,000 entries.

The Risk This Presents to Your Business

Small-to-medium-sized businesses are under a somewhat ambiguous level of threat from the Dark Web, specifically where data theft and distribution are concerned. To many, the Dark Web remains a sort of computer horror story.

However, as the Dark Web comes more into the public consciousness, its already-considerable risks will only grow… and again, it isn’t as though it isn’t already being used to distribute stolen data, be it sensitive information or access credentials or what have you. There’s a non-zero chance that some of your data is already put up for sale on some Dark Web site.

To minimize this risk moving forward, there are a few safeguards that you need to adopt as a standard procedure:

Security

If there’s a way that someone can use some vulnerability to access a business’ resources, whether they’re hosted online or on your network, they will. Ensuring that everything is reinforced against these threats will help to minimize the chance of their success.

Team Awareness

A big part of avoiding phishing is for your team to be able to see it coming. Training your team members to identify and properly mitigate the threats that they will face—and they will face them at some point—will be crucial to protecting your business.

Due Diligence

Finally, all the best practices that you expect your team to uphold all must remain in play, as hackers actively seek out companies with lacking security to target. Don’t give them the opportunity.

NuTech Services is here to help. Reach out to us at 810.230.9455 to learn more.

Mar, 2021

What Can Be Done to Counter COVID-19-Themed Scams?

As commonly happens with any disaster, COVID-19 has inspired no short supply of scams. While these scams initially focused upon the relief funds that were delivered to people to help sustain the suffering economy, the ongoing vaccine distribution efforts have given those behind these efforts a new means of attack.

Let’s consider how these scams have materialized over the past year.

The Opportunity COVID-19 Gives Scammers

Like most predators, hackers will fully utilize every advantage they have over their intended prey. With COVID-19, this advantage comes in the form of the desperation many still feel for news. As a result, numerous scams have been reported to reference the coronavirus outbreak, adopting a wide variety of methods.

Some of the old tricks that these scammers have adapted include:

Phishing – While phishing scams are nothing new, and certainly won’t end with COVID-19, scammers have certainly taken advantage of it during these tumultuous times. By sending emails and other messages (as we’ll get into) that appear to come from a trustworthy source or an authority, a scammer can manipulate their target into compliance.
- Vishing – This form of verbal phishing is conducted over the telephone but is otherwise identical to your more typical phishing scams.
- SMiShing – Once again, a basic phishing attack, but carried out through SMS texts.
Pretexting – Basically, this is what occurs when someone reaches out to you seeking out your information under the guise of calling from some trustworthy entity looking for verification. As you would imagine, this has not been uncommon as of late.
Spoofing – Spoofing is the act of disguising a URL or a profile to appear to link to one location, but take the target to another, generally malicious one.
Quid Pro Quo – Just as it sounds, a scammer offers someone something in return for their information, but never holds up their end of the bargain. A longer scam, this usually requires some level of trust to be established but can be quite lucrative for the miscreant who carries it out.

How to Protect Your Business from Scams

Like most things having to do with cybercrime, there isn’t really a surefire way to prevent such scams from appearing, which means that the onus to keep data safe falls to the user that is dealing with these scams firsthand.

The biggest thing that you can do—and that you should encourage your team to do—is to verify everything. Any time anyone requests something of you online—whether it seems to be your boss, your coworker, your parents, or the CDC—you need to make sure you’re talking to who you think you’re talking to.

Verify. Everyone. And. Everything.

With so much of modern life now utilizing the Internet, it is nothing if not irresponsible to not have an appreciation for the severity of today’s biggest threat landscape. Keeping a good perspective about how valuable your personal information is and treating it as such with best practices can very much help protect you and your business from cybercriminals.

NuTech Services is here to help you see to your business’ cybersecurity preparedness and protections. Find out more about what we can offer by calling our team of professionals at 810.230.9455 today.

Feb, 2021

Are Utilities as Secure as They Should Be?

Recently, a story broke in Florida that sounds like something out of a terse action film: a hacker managed to access a water treatment facility and subjected the Pinellas County water supply with increased levels of sodium hydroxide. While onsite operators were able to correct the issue right away and keep the public safe from danger, this event is the latest in a line of cyberattacks directed at public utilities. Let’s consider this unpleasant trend.

Keeping Utilities Safe

Many of today’s systems run via the assistance of computers and are hosted online to embrace remote capabilities. Unfortunately, this nature leaves them vulnerable to hackers—despite the huge investments made into protecting the public infrastructure that runs on these systems.

As the event in Pinellas County proves, it just takes one time to cause great damage. Therefore, we can see why it is so important to keep these systems secure.

How Utilities Have Changed

With more people than ever suddenly working remotely, many jobs that once required on-site staff have shifted to automated solutions—especially in terms of seeking out IT threats and issues. However, with all this “newness”, many people aren’t familiar with the toolkits they are working with.

As a result, more employees are vulnerable to attacks and less aware of how to prevent them.

Infrastructure and Utility Threats are Increasing in Severity

According to a Ponemon Institute report, the level of sophistication that is used in attacks against utilities has increased sharply. 54 percent of utility managers foresee having to contend with at least one cyberattack this year—meaning that half of those that provide electricity, safe water, and other critical resources anticipate a major event.

When you consider how much our society relies on these systems, this is disconcerting to think about.

What Can Be Done?

Unfortunately, this question is where things can get complicated. It isn’t as though utility companies underestimate the importance of security, after all. However, by modeling their approach upon the one undertaken by the average enterprise, they have adopted a lot of the same practices: revising their practices as they go, continuing to innovate, and being increasingly vigilant.

For instance, many providers are integrating options that businesses have had success with. AI has been integrated to help identify potential threats much more efficiently by processing far more data in far less time. The Internet of Things is now used to better track and modulate internal processes and distribution of resources. Even better, these IoT devices (which are usually infamous for their questionable security) have seen the investments necessary to properly maintain their protections thanks to the efforts of the utility companies.

Considering the importance of our utility services, protecting them needs to be a priority… but what do you think? Should more attention be paid to the cybersecurity protecting them? Leave your opinion in the comments.

Dec, 2020

Watch Out for Malicious Browser Extensions

Browser extensions are nifty little programs that can be implemented into your web browser itself, adding onto its capabilities and utility… at least, that’s the concept. Unfortunately, these programs also give cybercriminals a means of secretly launching an attack. The security firm Avast recently identified 28 such third-party extensions that have been installed—according to the download numbers, at least—by about three million people on Google Chrome and Microsoft Edge combined.

How Do These Threats Work?

These attacks work similarly to how a phishing attack or a spoofed email would, as a user is promised one thing but winds up receiving something very different. While a malicious application may perform the task it claims to, it also may redirect the user to a phishing website or ad (making the cybercriminal some money) or simply steal some of the user’s information, like their birthday or email address.

In the case of these extensions, the code needed for several different malicious operations was present, including:

Redirecting traffic to advertisements (falsely generating revenue)
Redirecting traffic to phishing websites
Collecting personal data
Collecting browsing history
Downloading additional malware onto a user’s device

Avast’s researchers believe that only the first code was actively utilized, generating ill-gotten revenue for the creators of these extensions. Regardless, these extensions should be removed from any systems on your business’ network that they may be installed on.

The impacted extensions are as follows:

Chrome

App Phone for Instagram
Direct Message for Instagram
DM for Instagram
Downloader for Instagram
Invisible mode for Instagram Direct Message
Odnoklassniki UnBlock. Works quickly.
Spotify Music Downloader
Stories for Instagram
The New York Times News
Universal Video Downloader
Upload photo to Instagram™
Video Downloader for FaceBook™
Vimeo™ Video Downloader
VK UnBlock. Works fast.
Zoomer for Instagram and Facebook

Edge

DM for Instagram
Downloader for Instagram
Instagram App with Direct Message DM
Instagram Download Video & Image
Pretty Kitty, The Cat Pet
SoundCloud Music Downloader
Stories for Instagram
Universal Video Downloader
Upload photo to Instagram™
Video Downloader for FaceBook™
Video Downloader for YouTube
Vimeo™ Video Downloader
Volume Controller

Again, we encourage you to check your company’s network to ensure that these extensions are not installed in any of your users’ browsers, and that you encourage your employees to do the same.

Not sure how to go about doing so? NuTech Services can help. As a managed service provider, our services include remotely monitoring your business’ technology and network for threats while keeping abreast of this kind of news so that we can proactively resolve any issues that may influence your operations.

Find out more today by reaching out to us at 810.230.9455.

Nov, 2020

Examining Some Unusual Cybercrime Patterns in 2020

As compared to the past few years, there have been considerably fewer successful data breaches in 2020. While this may sound like exclusively good news, there are a few reasons why this information should be taken with a grain of salt.

To begin, let’s examine the data that we currently have available, courtesy of Statista: in 2019, there were a total of 1,473 data breaches recorded. The first half of 2020 saw 540 breaches reported. Crunching the numbers, these 33 percent fewer breaches have impacted what other sources assert to be 66 percent fewer people.

At First Glance, This Appears to Be a Good Thing

However, there are more considerations to weigh before we can establish this as a positive trend. While we wish that we could simply say that yes, this is a good sign, there is unfortunately more data to consider. For instance:

The Kind of Breach It Was

There are so many more variables to take into account, starting with the type of breach that took place and how severe the breach itself was. Let’s consider a few scenarios.

On the one hand, you might have a dozen or so breaches with a few records lost in each. On the other, you have just one, but that one breach exposes thousands of records, each containing personally identifiable medical data.

Of course, the single breach is far worse—objectively speaking—than the dozen. However, this kind of scenario isn’t likely to be the case, as the data also showed that 66 percent fewer people have been impacted.

How Accurate the Records Are

Of course, we also have to take the accuracy of the data into account, simply reflecting on the delay that naturally occurs between the actual breach, when it is first discovered, and when the public is notified about the breach. Furthermore, it isn’t all that uncommon for new victims to be discovered long after the breach is first revealed. Some companies will attempt some level of damage control and play their numbers down as much as possible, or simply omit the actual number of impacted accounts in their announcements.

As a result, we may not yet be dealing with the actual number of breaches that have occurred in 2020, depending upon how forthcoming breached businesses have been.

What Impact Has Remote Work Had?

Finally, we need to acknowledge the fact that more people than ever before are working from home—outside of the protections that many remote-friendly businesses have implemented. In theory, this would typically lead to an increase in threats, but recent reports have shown threats to be decreasing. While it would be wonderful if this turned out to be the case, it is very possible that a shift in focus away from maintaining security to maintaining operations could be skewing these results. Furthermore, some businesses might not be able to sufficiently monitor their employees’ security as they are working remotely.

Regardless, You Can’t Allow Your Security to Be Shortchanged

Even if these apparently lowered cybercrime statistics are accurate, you shouldn’t take a break from your cybersecurity preparedness. Easing up will only encourage less secure security habits, leading to increased security problems later on.

Of course, you don’t need to work alone as you protect your business. NuTech Services can help you see to your IT needs, working to protect your resources and ensure that work can be accomplished. Find out more about what we can offer by calling 810.230.9455 today.

Aug, 2020

Artificial Intelligence Will Be Assisting Cybercriminals

To effectively manage the risk that your business is under due to cybercriminals and their activities, it is important to acknowledge what attacks your business may soon have to deal with. Due to the increased accessibility of artificial intelligence and related processes, we predict that cybercrimes will likely use AI to their advantage in the very near future.

We aren’t alone in believing so, either. A recent study examined twenty such AI-integrating cybercrimes to see where the biggest threats would lie.

Here, we’re looking at the results of this study to see what predictions can be made about the next 15 years where AI-enhanced crime is concerned. Here’s a sneak preview: Deepfakes (fake videos of celebrities and political figures) will be very believable, which is very bad.

The Process

To compile their study, researchers identified 20 threat categories from academic papers, current events, pop culture, and other media to establish how AI could be harnessed. These categories were then reviewed and ranked during a conference attended by subject matter experts from academia, law enforcement, government and defense, and the public sector. These deliberations resulted in a catalogue of potential AI-based threats, evaluated based on four considerations:

Expected harm to the victim, whether in terms of financial loss or loss of trust.
Profit that could be generated by the perpetrator, whether in terms of capital or some other motivation. This can often overlap with harm.
An attack’s achievability, as in how feasible it would be to commit the crime in terms of required expense, technical difficulty, and other assorted obstacles.
The attack’s defeatability, or how challenging it would be to overcome, prevent, or neuter.

Split amongst themselves, the group ranked the collection of threats to create a bell-curve distribution through q-sorting. Less-severe threats and attacks fell to the left, while the biggest dangers were organized to the right.

When the group came back together, their distributions were compiled to create their conclusive diagram.

How Artificial Intelligence Cooperates with Criminality

In and of itself, the concept of crime is a very diverse one. A crime could potentially be committed against assorted targets, for several different motivating reasons, and the impact that the crime has upon its victims could be just as assorted. Bringing AI to the party—either in practice or even as an idea—only introduces an additional variable.

Having said that, some crimes are much better suited to AI than others are. Sure, we have pretty advanced robotics at this point, but that doesn’t mean that using AI to create assault-and-battery-bots is a better option for a cybercriminal than a simple phishing attack would be. Not only is phishing considerably simpler to do, there are far more opportunities to profit from it. Unless there is a very specific purpose to a crime, AI seems most effective in the criminal sense when used repeatedly, on a wide scope.

This has also made cybercrime an all-but-legitimate industry. When data is just as valuable as any physical good, AI becomes a powerful tool for criminals, and a significant threat to the rest of us.

One of the authors of the study we are discussing, Professor Lewis Griffin of UCL Computer Science, put the importance of such endeavors as follows: “As the capabilities of AI-based technologies expand, so too has their potential for criminal exploitation. To adequately prepare for possible AI threats, we need to identify what these threats might be, and how they may impact our lives.”

The Results of the Study

When the conference had concluded, the assembly of experts had generated a bell curve that ranked 20 threats, breaking each down by describing the severity of the four considerations listed above—specifically, whether or not they were to a criminal’s benefit. Threats were grouped in the bell curve based on similar severity, and so the results neatly split into three categories:

Low Threats

As you might imagine, those crimes ranked as low threats suggested little value to the cybercriminal, creating little harm and bringing no profit while being difficult to pull off and easy to overcome. In ascending order, the conference ranked low threats as such:

1. Forgery
2. AI-assisted stalking and AI-authored fake reviews
3. Bias exploitation to manipulate online algorithms, burglar bots, and evading AI detection

(In case you were wondering, “burglar bots” referred to the practice of using small remote drones to assist with a physical break-in by stealing keys and the like.)

Medium Threats

Overall, these threats leveled themselves out. The considerations for most canceled each other out, generally providing no advantage or disadvantage to the cybercriminal. The threats included here were as follows:

4. Market bombing to manipulate financial markets through trade manipulation, tricking face recognition software, blocking essential online services through online eviction, and utilizing autonomous drones for smuggling and interfering with transport.
5. Learning-based cyberattacks (or an artificially intelligent distributed denial of service attack), fake AI sold in a snake oil misrepresented service, data poisoning by injecting false numbers, and hijacked military robots.

High Threats

Finally, we come to those AI-based attacks that the experts felt the most concerned about as sources of real damage. These columns broke down as such:

6. AI being used to author fake news, blackmail on a wide scale, and disrupting systems normally controlled by AI.
7. Tailored phishing attacks (what we call spear phishing) and weaponized driverless vehicles.
8. Audio/visual impersonation, also referred to as Deepfakes.

Deepfakes are a digital recreation of someone’s appearance to make it appear as though they said or did something that they didn’t or were present somewhere that they never were. You can find plenty of examples on YouTube of Deepfakes of various quality. Viewing them, it is easy to see how inflammatory and damaging to someone’s reputation a well-made Deepfake could prove to be.

Don’t Underestimate Any Cyberattack

Of course, now that we’ve gone over these threats and described how much of a practical threat they really are, it is important that we remind ourselves that all of these threats could damage a business in some way, shape, or form. We also can’t fool ourselves into thinking that these threats must be staged with AI. Human beings could also be responsible for most of them, which makes them no less of a threat to businesses.

It is crucial that we keep this in mind as we work to secure our businesses as we continue to operate them.

As more and more business opportunities can be found online, more and more threats have followed them. Keeping your business protected from them—whether AI is involved or not—is crucial to its success.

NuTech Services can help you keep your business safe from all manner of threats. To find out more about the solutions we can offer to benefit your operations and their security, give us a call at 810.230.9455.

Jun, 2020

Don’t Let Scammers Scare You with COVID-19

The COVID-19 pandemic has resulted in a great number of people working from home. While this is good for the public health, it may unfortunately lead your employees toward a laxer view of cybersecurity. Cybercriminals are sure to take advantage of this if you aren’t careful, so it is important to be particularly aware of your cybersecurity right now.

The Advantage COVID-19 Gives Hackers

To put it bluntly, diversion. With so much attention rightly given to COVID-19 right now, there are many who are remaining in their homes as much as possible to try and prevent the pathogen from propagating. This approach makes the Internet even more important to so many people. Not only are many businesses operating remotely, many rely on support services and other online functions for their in-house processes. Otherwise, people who cannot work remotely are seeking ways to pass the time, turning to social media and other online services for that.

As a result, a huge number of people are online.

This creates the perfect storm for a scammer or hacker to take advantage of, as they now have a larger pool of potential victims. On top of that, the COVID-19 situation also gives them another opportunity to fool people into handing over their access credentials to personal and business accounts.

Between March 9th and April 26th, a total of 1.2 million domains were created that have something to do with COVID-19. 86,600 of these domains lead to malicious websites, 80 percent of which distribute malware to anyone unlucky enough to interact with them.

As far as phishing attacks and spam go, more of these are also popping up. COVID-19-themed scams are popping up in the form of fake emails, spoofed to look like they come from the IRS, the CDC, healthcare organizations, and various other companies.

Preventing the Influence of Scams

With so many scams and threats out there, vigilance is crucial… especially when you and your team may be working remotely. Any of the security best practices that people should be following in the office need to be particularly focused upon when you’re in the home. For instance:

Phishing awareness – Phishing can strike through a variety of outlets, from email, instant messaging, social media, and even telephone calls. Being able to spot these attempts is needed if your business is going to remain secure.
Maintain password standards – Many people have separate standards for their home passwords and their business passwords. You need to discourage this by reinforcing the importance of good password hygiene in all environments.
Back up your data – Data is important, regardless of where it is accessed. Maintaining a backup and securing it with antivirus and firewall is important.

At NuTech Services, we have the professionals with the experience needed to properly secure your network as you continue your operations. To learn more about what we can offer, give us a call at 810.230.9455.

Dec, 2019

Recent Data Breaches You Should Know

Imagine for a second what would happen if your business’ data was exposed and stolen. You’d have a really difficult time going forward as your client-base dwindled and you opportunities for growth dried up. The amazing part is that some very successful companies have this type of thing happens all the time. Today, we will look at some of the largest data breaches since September 1.

September

9/5

Providence Health Plan – 122,000 members of the Providence Health Plan had personal information leaked when an unauthorized party accessed the company’s servers. Information that was stolen included plan member names, addresses, email addresses, dates of birth, Social Security numbers, member ID numbers, and subscriber numbers.

Facebook – Facebook had an unprotected server with over 419 million records accessed. Users had their Facebook’s user ID and phone number exposed. In some cases, user’s names, genders, and locations were also leaked.

9/16

Dealer Leader, LLC. – 198 million prospective car buyers were left exposed by an unprotected server. The information that was left out there included names, email addresses, phone numbers, addresses, and IPs.

9/27

DoorDash – The popular food delivery app had 4.9 million customers’ information breached by a third-party. The information left exposed included the names, delivery addresses, phone numbers, hashed passwords, order history, and the last four numbers of each’s credit card number. In the same hack, over 100,000 delivery drivers had their driver’s license information leaked.

9/30

Zynga – The mobile game maker, Zynga, the developer of popular mobile games such as Farmville and Words with Friends has announced that 218 million players had their data exposed after their network was breached by a hacker. The company had player names, email addresses, login IDs, phone numbers, Facebook IDs and more left exposed.

October

10/17

Methodist Hospitals of Indiana – The Methodist Hospitals of Indiana fell victim to an email phishing scam and it allowed hackers to steal 68,000 records that included names, addresses, dates of birth, Social Security numbers, driver’s licenses, and more.

10/21

Autoclerk – Autoclerk, a hotel property management software developer had an open database infiltrated exposing data that included names, dates of birth, home addresses, phone numbers, dates of travel, travel costs, room numbers, and some masked credit card details of hundreds of thousands of guests.

10/22

Kalispell Regional Healthcare – Over 130,000 Social Security numbers, addresses, medical record numbers, dates of birth, medical histories and treatment information, and names of treating physicians were exposed by hackers.

10/26

Adobe – Data was exposed that included email addresses, usernames, location, Adobe product licenses, account creation dates, and payment statuses. 7.5 million users were affected.

10/27

Network Solutions – The world’s oldest domain name provider has been exposed in a hack. Millions of individuals’ data that included names, addresses, phone numbers, email addresses, and service information was compromised.

November

11/9

Texas Health Resources – The Texas-based health care provider reported a data breach where 82,000 patient records were exposed. Included in the breach were names, addresses, email information, health information, and more.

11/16

Disney Plus – The brand-spanking-new Disney+ streaming service had new user account information hijacked by hackers. Login credentials wound up on the Dark Web soon after.

Magic the Gathering – The popular online strategy game has reported that an unsecured website database has exposed 452,000 player records that include names, usernames, and more.

11/18

State of Louisiana – The State of Louisiana has been a victim of a ransomware attack that took down many state agencies’ servers. Although no data is said to be lost, the state’s crucial computing infrastructure was down for several days as systems were restored from backup.

11/19

Macy’s – Macy’s had their ecommerce site hacked. Hackers embedded malicious code into their checkout page and put a skimming code on the company’s Wallet page. The malware retrieved names, addresses, phone numbers, email addresses, payment card numbers, card security codes, and card expiration dates.

11/22

T-Mobile – T-Mobile had over a million customers’ information accessed by a hacker. Information accessed included names, billing addresses, phone numbers, rates, and calling features.

Unknown – An unsecured server containing over 622 million email addresses and 50 million phone numbers, and millions of pieces of other information was discovered. It is unknown what organization this data is tied to as the time of writing.

With hundreds of millions of records being exposed each month, it’s hard to feel confident about giving your personal or financial information to anyone in the current threat landscape. If your business needs help trying to be secure, call us today at 810.230.9455.

Oct, 2019

URL Manipulation and What to Do About It

Most people know what a URL is. It’s the address of a website, typically starting with http:// or https://, and it is essentially the location of a web page or application that can be accessed through a web browser or application. Nowadays, URLs are being manipulated by actors for both positive and negative means. Let’s take a look at URL manipulation and how it could affect you.

The URL

Before we get into the manipulation of the URL, let’s define its parts.

The first part of the URL is called the protocol, which tells the computing network which language is being used to communicate on said network. Most of the time, the URL will use the protocol “HTTP”. The HyperText Transfer Protocol makes it possible to exchange web pages. Other protocols that are used include File Transfer Protocol, News, and Mailto.

The second part of the URL is the ID and password, which makes it possible to access secure servers on the network. This part is typically removed because the password will be visible and transfer unencrypted over the computer network.

The third part of the URL is the server name. It allows users to access information stored on specific servers whether through a domain or the IP address associated with the server.

The fourth part of the URL is the port number. This number is associated with a service and tells the server what type of resources are being requested. The default port is port 80, which can be left off the URL as long as the information that is being requested is associated with port 80.

Finally, the fifth, and last, part of the URL is the path. The path gives direct access to the resources found tied to the IP (or domain).

Manipulating the URL

By manipulating parts of the URL, a hacker can gain access to web pages found on servers that they wouldn’t normally have access to. Most users will visit a website and then use the links provided by the website. This will get them to where they need to go without much problem, but it creates their own perimeters.

When a hacker wants to test the site for vulnerabilities, he’ll start by manually modifying the parameters to try different values. If the web designer hasn’t anticipated this behavior, a hacker could potentially obtain access to a typically-protected part of the website. This trial and error method, where a hacker tests directories and file extensions randomly to find important information can be automated, allowing hackers to get through whole websites in seconds.

With this method they can try searching for directories that make it possible to control the site, scripts that reveal information about the site, or for hidden files.

Directory traversal attacks, also known as path traversal attacks, are also popular. This is where the hacker will modify the tree structure path in a URL to force a server to access unauthorized parts of the website. On vulnerable servers, hackers will be able to move through directories simply.

What You Can Do?

Securing your server against URL attacks is important. You need to ensure that all of your software is updated with the latest threat definitions, and keeping a detailed configuration will keep users in their lanes, even those who know all the tricks.

The IT experts at NuTech Services can help you keep your business’ IT infrastructure from working against you. Call us today at 810.230.9455 for more information about how to maintain your organization’s network security.

Jul, 2019

Even Amazon Can Be Hacked

In 2018, Amazon was struck by a considerable attack, with hackers taking funds from approximately 100 seller accounts, according to a Bloomberg report. Between May and October 2018, Amazon sellers were struck approximately 100 times, draining funds from the seller control platform to augment their own funds. According to the investigation, the first fraudulent transaction took place on May 16, 2018, with an undisclosed amount being stolen. The hackers utilized phishing attacks in order to scam their targets.

“Unknown Hack”

On May 8, 2019, almost a year to the day after the first transaction was made, an Amazon spokesperson claimed that the company had completed investigating the compromised accounts, and had been the victim of an “extensive” fraud. The extent of the fraud was large enough where two banking companies, Barclays and Prepay Technologies (who is a partial subsidiary of Mastercard) are caught up in the crime.

Ultimately, Amazon neglected to disclose the true scope of the hack, but a report by Bloomberg indicated that over one billion dollars were dispersed to merchants in 2018 via Amazon Capital Services U.K. While there is currently no figure provided by the company, if large portions of that money was subverted, it could rank as one of the largest hacks in the history of online commerce, and certainly the biggest fraud that has involved Amazon.

Amazon, which has a business model built to be largely automated, has done a remarkable job of keeping personally identifiable information from being hacked over the years, but in today’s threat-persistent culture, even the most secure companies can have situations happen to them that jeopardize their ability to complete financial and information transactions, regardless of how much they invest in cybersecurity.

Phishing Attacks

Just because this article mentions a major fraud involving the world’s largest online retailer in no way means that hackers have moved on from trying to hack small businesses. Small businesses face the majority of hacking attacks, mainly because they have the least amount of security to thwart. In fact, if Amazon can fall victim to phishing attacks, it’s not a stretch to believe that your company is susceptible. With millions of phishing messages sent every day, many of which target small businesses, having a strategy to educate your staff is extremely important.

The best way to go about doing that is to be proactive. Getting your staff to understand that they are on the front lines of a never-ending cyberwar and what they need to learn in order to keep themselves, and your organization free from the serious risks that come from falling victim of phishing attacks. Some things you can prioritize:

Annual education and training – Have a comprehensive plan in place to educate new and current staff that is updated and required annually.
Having strong passwords – Since phishing is a form of social engineering, the hackers on the other end of the phishing attack are simply looking for access. Having strong passwords will keep them out much longer than weak ones.
Avoid shadow IT – Make it clear that all software has to pass through IT first, before it is downloaded onto a workstation. It may seem inefficient at first, but the company will be better off vetting a software solution before it gains access to your organization’s network.
Provide cloud storage – When people are constantly on the move and have a lot of responsibilities, they will often upload their work into their personal cloud-based file storage. This can be risky behavior, even if the employee’s motives are solid. Keep your company’s data hosted on its own infrastructure.

With these four tips you can go a long way toward protecting your business, and your staff, from the detrimental characteristics of a phishing attack.

If you need help with your organization’s cybersecurity, or if you simply want some help outlining a strategy to use, contact the IT professionals at NuTech Services today at 810.230.9455.

Jun, 2019

Even Small Businesses are Targets for Hackers

Do you ever think of your business as too small of a target to matter to hackers? Some organizations actually do believe this, and that notion is effectively a trap. The thing that all businesses need to keep in mind is that all organizations, regardless of which industry they fall into, as all companies have data that’s valuable to hackers. We’re here to prove it and ensure you know the best way to protect your data.

Profitable Types of Data

Believe it or not, even a small business with a handful of clients has data worth stealing. You’re in business to make money, and by virtue of this fact, you likely collect and store financial information. In fact, you collect a ton of valuable data. The type of data that hackers are looking for.

In addition to all of the financial details you collect, there is also all of the contact information regarding leads, clients, and customers. With so many emails and phone numbers stored on your infrastructure, hackers can have a field day. They will have all the information they need to steal funds, distribute malware, and create unpleasant situations for your business.

The Unpredictability Factor

Not all hackers have any specific goal in mind when they hack you. Sometimes all they want to do is make your life miserable. The unpredictability associated with hackers is one of the most dangerous parts of them, as they can take advantage of any overlooked vulnerabilities to create a problematic situation for you.

The Impact of Security Negligence

If your business falls victim to a hacker, it’s certain to affect your business’ operations. In some cases, it could be subject to compliance fines that could break your budget and put your business at greater risk. Furthermore, you could lose access to important data that makes your business work, threatening its future and all but guaranteeing that recovery can never happen. Therefore, the importance of protecting your network can never be overstated.

NuTech Services can help your business implement the security solutions needed to maximize protection from threats. To learn more about what we can do for your organization, reach out to us at 810.230.9455.

Jun, 2019

Is Blockchain a Shield for Cybercrime?

Blockchain technology is all the rage these days. Business owners are going to start hearing this buzzword as a bullet point in software solutions. Developers from all over the world are trying to harness the power of encrypted, distributed data, mainly due to the reputation that blockchain has regarding the “unhackable” permanence of the data stored upon it. However, it as powerful as blockchain is purported to be, it isn’t totally infallible.

How Blockchain Has Been Shown to Be Vulnerable

Let’s face it… blockchain technology is a human invention, which means that there are going to be some flaws.

Admittedly, the concept behind the blockchain makes this hard to believe: every transaction made through the blockchain, financial or data-based, is given a permanent, designated “block” in the chain. Before the transaction is completed, the rest of the network needs to approve this new block’s validity. The block is then added to the chain, where it cannot be altered and provides an unchangeable record of the transaction – to undo it, a new block would be created. It is only then that the transaction is completed.

While this method may seem foolproof, even “unhackable”, this just isn’t the case. In March of 2014, cybercriminals managed to steal $450,000,000 worth of Bitcoin through a transaction mutability vulnerability, and in June of 2016, cybercriminals managed to steal approximately $60,000,000 by leveraging a recursive calling vulnerability.

Additional Blockchain Vulnerabilities

Again, as a human creation, there are going to be some flaws in blockchain platforms. One investigation revealed that some blockchain and cryptocurrency platforms had over 40 vulnerabilities.

51% Vulnerabilities

Many of blockchain’s vulnerabilities have more to do with the nature of the platform as well. One such vulnerability is known as a 51% vulnerability, and is associated with mining cryptocurrencies. Let’s assume you are a cryptocurrency miner. If you manage to accumulate hashing power that exceeds more than half of what the blockchain contains, you could leverage a 51% attack to manipulate the blockchain to your own advantage.

Naturally, more popular blockchains, like Bitcoin, are far too expensive to be practical targets, but smaller coins are much more affordable to attack and can be lucrative for hackers. In 2018, 51% attacks were leveraged against less popular cryptocurrencies, netting the attackers approximately $20 million.

Security of Private Keys

Using a blockchain requires a user to have a private key. Naturally, if this key were to be stolen, those cybercriminals who stole it would be able to access and tamper with that user’s blockchain. What’s worse, because the blockchain is decentralized, these kinds of actions are difficult to track and even harder to undo.

Breach Examples

As you might imagine, most breaches involving a blockchain are in some way tied to an end user. In 2017, a fraudulent cryptocurrency wallet service was left up for months as the cybercriminal responsible allowed people to funnel their cryptocurrencies into it before stealing $4,000,000 – out of a reported total of $2 billion being stolen since 2017 began. In January 2018, it was disclosed that hackers stole private keys with malware, taking over $500,000,000 in NEM coins (a now-effectively-worthless cryptocurrency established by a nonprofit).

If hackers are able to steal from a purportedly “unhackable” technology, what’s to stop them from stealing from your business?

Cybersecurity solutions from NuTech Services, that’s what. We can set up the security solutions your business needs to protect its data, and monitor your systems to detect breaches preemptively, preventing a security issue from happening. To learn more about what we can do, reach out to us at 810.230.9455.

May, 2019

Taking an Exploratory Stab at Spear Phishing

Chances are, you’ve heard of “phishing” – a cybercriminal’s scam that steals data, access credentials, and other sensitive information by fooling a user into thinking they are providing this information to someone who is supposed to have access to it. However, there are a few different kinds of phishing, based on how it is carried out. Here, we’ll discuss the realities of spear phishing, and the risks it poses to your business.

What Makes Spear Phishing Different?

As a rule, spear phishing is a much more precise and personalized process. To keep to the “fishing” analogy, a generalized phishing campaign casts a wide net, trying to snare as many victims as possible with their scam. Utilizing vague and generic language, the ‘typical’ phishing attack is made to appear to come from a large organization, informing the user of some need for the user to take action, resulting in the hacker gaining access to the user’s information. This methodology makes the typical phishing attack fairly effective against many people, while simultaneously easier to spot if one knows the warning signs.

By comparison, spear phishing is far more precise. Instead of trying to find value in the quantity of targets snared in a trap, spear phishing takes the opposite tack. Using a highly targeted approach, spear phishing attacks are directed toward a specific individual within an organization.

This specified approach means that the generic messages that many phishing attempts leverage simply won’t be enough to fool the intended target. Instead, the hacker has to play investigator, seeking out as much information as they can about their intended target. Where do they work? What is their position in the company? Who do they frequently communicate with? Once the hacker has collected enough information to create a convincing message, they will typically spoof an email to their target. This email will usually contain some reference to a known contact or some in-progress project to make it more convincing and will request that the recipient download a file via a provided link.

However, while the link will direct to what appears to be a Google Drive or Dropbox login page, it is just another layer to the deception. Entering credentials into this page will give them right to the hacker for their use, breaching the user’s security and putting the entire business at risk in one fell swoop.

What Methods Do Spear Phishers Use?

Due to how spear phishing works, the messages sent by hackers need to be as convincing as possible. Combining extensive research with some practical psychology, a hacker has more ammunition to power their attacks.

As mentioned above, spear phishing is far less generic than the average phishing attempt. By referencing specific people, things, and events that mean something to the target, or appearing to come from an internal authority (a manager, perhaps, or even the CEO), the hacker can create a message that is less likely to be questioned. If the hacker writes their messages without any spelling or grammatical errors, as many spear phishers do, it only becomes more convincing.

These hackers are so reliant upon their target being fooled; many will purchase domains that strongly resemble an official one. For instance, let’s say you owned the domain website-dot-com. If a hacker decided to pose as you to launch a spear phishing attack, they might purchase the domain vvebsite-dot-com. Without close inspection, the switch may not be noticed – especially if the hacker creates a good enough lookalike website.

Am I A Target?

Of course, the research that a hacker has to do to successfully pull off a spear phishing attack is extensive – not only do they have to identify their target, they also have to figure out the best way to scam this target. Generally speaking, a hacker seeking to leverage spear phishing will focus their efforts on anyone in an organization who could potentially access the information that the hacker wants but isn’t high up enough in the organization to question an assignment from above.

Or, in more certain terms, a business’ end users.

In order to minimize the chances that a spear phishing attack will be successful against your company, you need to make sure that everyone subscribes to a few best practices. For example:

Pay attention to the finer details of an email. Is the message actually from christine@contactcompany.com, or does the email address actually read kristine@companycontact.com? Did Christine/Kristine include any attachments? As these can be used to spread malware via email, you should avoid clicking on them unless you are certain the message is legitimate.
Is the message written to sound overly urgent? Many phishing messages, especially spear phishing messages, will try to push an action by making it seem as though inaction will lead to a critical issue. Another warning sign to look out for: any deviation from standard operating procedures. Don’t be afraid to question a sudden switch from Google Drive to Dropbox – it may just be the question that stops a spear phishing attack.
Speaking of questioning things, don’t hesitate to make sure that any messages you suspect may be spear phishing aren’t actually legitimate through some other means of communication. A quick phone call to the alleged sender will be well worth avoiding a data breach.

While spear phishing is a considerable threat to your business, it is far from the only thing you need to worry about. NuTech Services can help your business secure its IT solutions and optimize them for your use. To learn more, subscribe to our blog, and give us a call at 810.230.9455.

Sep, 2018

The Most Devastating Hacks of 2018… So Far

Network security is a crucial consideration for every contemporary business owner, as there are just too many threats that originate from an Internet connection to be overlooked. One only has to look at what businesses of all sizes have dealt with, even within this calendar year, to gain an appreciation for how crucial it is that every business owner consider their cybersecurity.

Here, we’ve assembled a few statistics and examples to illustrate just how serious the threat of cyberattack can be, hopefully inspiring you to prioritize your company’s network security. Consider these cybersecurity figures:

In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016.
Nearly 1-in-3 organization have experienced some sort of cyberattack in the past.
Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017.
100,000 organizations were infected with the WannaCry ransomware (400,000 machines).
5.4 billion WannaCry attacks were blocked in 2017.
The average monetary cost of a malware attack is $2.4 million.
The average time cost of a malware is 50 days.
Ransomware cost organization’s over $5 billion in 2017.
20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation.
Phone numbers are the most leaked information.
21 percent of files are completely unprotected.
41 percent of companies have over 1,000 sensitive files left unprotected.
Ransomware is growing at 350 percent annually.
IoT-based attacks are growing at about 500 percent per year.
Ransomware attacks are expected to quadruple by 2020.
7.7 percent of web requests lead to malware.
There were 54 percent more types of malware in 2017 than there were in 2016.
The cybersecurity market will be worth over $1 trillion by 2025.

If that wasn’t convincing enough, what follows is just an assortment of the attacks that 2018 has seen (as of July). To simplify things, we’ve organized them by the intended targets: public (like individuals and government bodies) and private (such as businesses):

Public
January

The Department of Homeland Security was affected by a data breach that exposed information about 247,167 current and former employees.

March

Atlanta, Georgia was targeted by a ransomware attack called SamSam. This resulted in a massive problem for their municipal infrastructure. The ransom price given was $51,000, but Atlanta’s leadership refused to meet these demands. Overall, the numbers show that Atlanta has spent more than 10 times that number in the fallout of the attack. Some estimates place the actual cost of this event at nearly $20 million.
India’s national ID database, Aadhaar, leaked data of over a billion people. This is one of the largest data breaches in history. A user could pay 500 rupees, equal to about $7, to get the login credentials that allowed anyone to enter a person’s 12-digit code for their personal information. For 300 rupees, or about $4.20, users could also access software that could print an ID card for anyone associated with the database.
Cambridge Analytica, a data analytics company that U.S. President Donald Trump used to help his campaign, harvested personal information from over 50 million Facebook users without asking for their permission. Facebook hasn’t called this a data breach, but Cambridge Analytica has since been banned from using the service thanks to this event.

June

A hack of a U.S. Government-funded active shooter training center exposed the personal data of thousands of U.S. law enforcement officials. This also exposed which police departments aren’t able to respond to an active shooter situation.

Private
January

280,000 Medicaid records were exposed when a hacker attacked the Oklahoma State University Center for Health Sciences. Among the information exposed were patient names, provider names, and full names for affected individuals.

February

An unsecured server owned by Bongo International, a company acquired by FedEx, leaked over a hundred-thousand files of FedEx customers. Some of the information leaked included names, drivers’ licenses, national ID cards, voting cards, and utility bills.

March

Orbitz, a travel booking site, fell victim to a security vulnerability that exposed 880,000 customers’ payment card information. There was also about two whole years of customer data stolen from their server.
French news site L’Express left a database that wasn’t password-protected up for weeks, despite being warned about the security issues regarding this.
134,512 records regarding patients and financial records at the St. Peter’s Surgery and Endoscopy Center in Albany, NY were accessed by hackers.
MyFitnessPal, an application used by Under Armor, exposed about 150 million people’s personal information to threats.
The WannaCry ransomware claimed another victim in Boeing, which stated that “a few machines” were protected by Microsoft’s 2017 patch.

May

Thanks to Twitter storing user passwords in a plaintext file that may have been exposed by internal company staff, the social media titan had to force hundreds of millions of users to change their password.
An unauthenticated API found on T-Mobile’s website exposed the personal information of all their customers simply through the use of their cell phone number. The following information was made available: full name, address, account numbers, and tax IDs.
A bug found in Atlassian development software titles Jira and Confluence paved the way for hackers to sneak into IT infrastructure of several companies and one U.S. government agency.
Rail Europe, a popular server used by American travelers to acquire rail tickets, experienced a three-month data breach that exposed credit card information to hackers.

June

A marketing company named Exactis had 340 million records stolen from it, but what’s most shocking about this is that they had accumulated information about nearly every American out there. In response to the breach, there was a class action lawsuit made against the company.
Adidas’s website was hacked, resulting in a loss of a few million users’ personal and credit card information.
A hacker collective called Magecart initiated a campaign to skim at least 800 e-commerce sites, including Ticketmaster, for sensitive information.

Clearly, if these lists are any indication, companies of all sizes need to commit to maintaining their network security, holding it to a higher standard. For assistance in doing so, you can rely on the professionals at NuTech Services. We can design and implement security solutions to protect you from threats like these, and others that may rear their ugly heads. Give us a call at 810.230.9455 to get started.

Sep, 2018

Hackers Target Major Sporting Events

There are literally billions of sports fans in the world, and the popularity of these events brings in big money; and big money typically attracts hackers. Using all types of methods, there has been a history of hacking in almost every sport. Today, we take a look at some of the most famous hacks that have shaken up the sports world.

The World Cup
The FIFA World Cup is one of the, if not the, most popular sporting events in the world. Held once every four years, it attracts the attention of billions of people. Since the event is held every four years, it gives the host city a lot of time to get ready for possible hacker attacks. In fact, each new venue spends years and tens of millions of dollars ramping up on their cyber security.

The 2018 event held in Russia proved to be one of the most successful insofar as there wasn’t a major hack of the tournament in any way. It’s not a coincidence that typically state-sponsored Russian hackers are well known to be at the forefront of a lot of the major international sporting hacks. Fans that visited Russia from abroad during the World Cup were warned (mostly by their own governments) that they needed to be diligent not to fall into any tourist traps that would leave their cyber welfare in the hands of the thriving ecosystem of hackers that call Russia home.

Previously, in the 2014 World Cup in Brazil, the World Cup website was taken down by a distributed denial of service (DDoS) attack and thousands of visitors had their data breached through sophisticated phishing attacks. Each World Cup, especially the next one that will be held in the Middle East (Qatar) for the first time, is a goldmine for hackers.

The Olympic Games
International competitions like the Winter and Summer Olympic Games grab the eye of world for a couple of weeks. Unfortunately for athletes, coaches, and fans from all over the world, they also catch the eyes of hackers. Again, since these events are held every four years there is a long time for administrators to get ready, but that doesn’t stop those inside the host cities (or often outside of them) from trying to get over on the hundreds of thousands of people that show up to watch the events.

At the past Winter Olympics, held in Pyongyang, South Korea, the opening ceremonies were hacked by what turned out to be a Russian hacking collective. The hack caused delays in the festivities and infiltrated the games’ website, so administrators, fearing significant data loss, took down the website. Initially they had masked the attack as coming from North Korea, but it didn’t take long for professionals to ascertain that the hacks were retribution for Russia’s prohibition from the games as a result of a decade-long antidoping policy that found state-sponsored use of performance enhancing drugs; a revelation that many had suspected for decades.

While local hackers spoofed Wi-Fi and targeted athletes and guests during the 2016 Summer Olympics held in Rio De Janeiro, Brazil, Russian hackers from “Tsar Team” and “Fancy Bear” were busy hacking into the Olympic databases to gain access to athletes’ personal information. They subsequently have released some of that information, including information about gold medal gymnast Simone Biles, and tennis legend Venus Williams.

NFL
In the United States, it doesn’t get much bigger than the National Football League. In fact, one study showed that about one-third of all church-going males don’t go to church from Labor Day to New Years. Nearly 30 million people tune in to watch the NFL each Sunday. With this popularity comes attention; and hackers have used this popularity to their advantage.

In 2016 NFL commissioner Roger Goodell’s Twitter feed was hacked with a message that announced that he had passed away. The perpetrator happened to be a teenager from Singapore. In February 2017, 1,135 NFL players had their personal information stolen by hackers when the NFL’s union, the NFLPA, was hacked. Hackers made off with 1,262 people’s personal information, their financial data, their home phone numbers, their addresses and more.

In 2009, a man named Frank Tanori Gonzalez was given an extremely lenient sentence for hacking into the standard-definition communications feed at Super Bowl XLIII with a clip from an adult film that aired unedited throughout the greater Tucson area (the game was held in Tampa, FL).

MLB
Major League Baseball makes over $10 billion a year, and they do a phenomenal job of protecting their brand online. MLB makes a lot of their money in media and has made it a point to prioritize cyber security for league business. With individual teams handling their own cyber security, there have been small hacking cases, but unlike most other sports the biggest hacking scandal in baseball history was carried out by a team executive.

From 2013 to 2014, St. Louis Cardinals’ former scouting director, Chris Correa, repeatedly accessed the internal communications server of former division foe Houston Astros. The Astros had moved to the American League from the National League after the 2012 season, and they had hired former statistician Sig Mejdal from the Cardinals. When Mejdal left St. Louis he turned in his laptop. Using the information he got off this laptop, Correa figured out Mejdal’s new password and started entering the Astros network. For his indiscretions Correa got 46 months in federal prison.

NBA
The most famous hack in NBA history is hack-a-Shaq, which was a strategy used to limit Shaquille O’Neal’s effectiveness by making him shoot free throws (with which he struggled mightily), but there have been a few other hacks that have affected NBA players. The most notable, was NBA player Ty Lawson having his computer hacked and held his personal data for ransom in 2016.

Another situation was what is called a catfishing scam that involved NBA forward Chris Andersen and model Paris Dylan. A woman named Shelly Chartier had used multiple people’s online messaging accounts to manipulate Anderson and Dylan into bad situations. Andersen ended up being raided by the Douglas County sheriff’s department because Dylan was 17 at the time and any digital possession of lewd material would be legally considered child pornography. After investigators uncovered the scheme, Chartier was arrested and sentenced to 18 months in prison. Anderson continued his NBA career and Dylan was able to put the situation behind her and is now is an Internet model.

PGA
Recently, the PGA of America held the 100th PGA Championship at Bellerive Country Club just outside of St. Louis, Missouri. As the golfers were navigating their first rounds, the PGA was under attack by hackers. A message was sent to administrators that read, “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorthym[sic].” The hackers also sent a Bitcoin wallet number with instructions on how to deposit money.

The PGA of America immediately hired a third-party IT security firm to solve the problem. Since security professionals from all over the world consider these extortion attempts to be futile against the diligence and expertise of security professionals, the line is usually to not pay and hope that the data can be recovered without the encryption key. Only time will tell how the situation is resolved.

Other sports leagues and athletes have had to deal with major problems from hackers over the years, including the English national rugby team’s website being hacked by the Islamic State in Syria (ISIS), and four-time Tour De France champion Chris Froome’s performance data was hacked as a rival team was convinced he was using performance enhancing drugs.

There are dozens of ways that you can fall victim to hackers. If your business isn’t already doing all it can to protect your digital assets, the time is now. Reach out to the IT professionals at NuTech Services for more information on the best way to protect your business from outside (and inside) threats at 810.230.9455.

Sep, 2018

Hackers Plus Artificial Intelligence Equals Big Trouble

Thanks to the advent of artificial intelligence, cybersecurity professionals have to reconsider how they approach these threats. Machine learning is one option, as it can help today’s modern solutions learn how to be more effective against advanced threats. On the other hand, what’s stopping the other side from also taking advantage of artificial intelligence? The answer: nothing, nothing at all.

If you think about it, this makes a lot of sense, as computers are capable of working much faster than humans. Plus, they are less prone to user error. Hackers have found A.I. to be effective for the deployment of phishing attacks. According to a study conducted by ZeroFOX in 2016, an A.I. called SNAP_R was capable of administering spear-phishing tweets at a rate of about 6.75 per minute, tricking 275 out of 800 users into thinking they were legitimate messages. In comparison, a staff writer at Forbes could only churn out about 1.075 tweets a minute, and they only fooled 49 out of 129 users.

A more recent development by IBM is using machine learning to create programs capable of breaking through some of the best security measures out there. Of course, this also means that we’ll eventually have to deal with malware powered by artificial intelligence, assuming that it isn’t already being leveraged somewhere.

IBM’s project, DeepLocker, showcased how video conferencing software can be hacked. The process involved the software being activated by the target’s face being detected in a photograph. The IBM team, including lead researcher Marc Ph. Stoecklin, has this to say about these kinds of attacks: “This may have happened already, and we will see it two or three years from now.”

Other researchers have demonstrated that A.I. can be used in cyberattacks, even going as far as using open-source tools to make them happen. What do you think about this development? Do you think that these threats are already present, or do you think that the biggest threat is yet to come? Let us know in the comments.

Mar, 2018

IRS to CPAs – Hackers are Targeting You

The IRS has issued a warning to tax professionals to step up their cyber security to prevent sensitive taxpayer information from being stolen. CPA firms, large and small, are being targeted by hackers and identity thieves, especially during the high traffic tax season.

CPAs collect and store a treasure trove of sensitive information that is deemed valuable to cybercriminals. This includes client contact information, credit card information, and social security numbers. Plus, the bad guys know that even though smaller, local tax professionals might not have as many clients as a nationwide firm, but the chances that their data is easier to get to makes them a viable target.

How easy could it be for someone to steal all of your clients’ sensitive information? Depending on the security you have in place, it could be shockingly simple. All it takes is parking near a CPA firm and finding an exploit to get connected to their Wi-Fi. If proper measures aren’t in place, that is enough to give the criminal carte blanche access to any data that isn’t properly protected. Then they can simply drive up to the next tax professional in town and attempt it again.

If the hacker wants to save on gas, they could also target hundreds of thousands of tax professionals at once with a single mass email. The email could look like a legitimate message from a client or organization, but contain an attachment that installs malware and instantly gives the hacker access to what they want.

The time to protect yourself (and your clients) is now. The IRS is urging tax professionals to encrypt all sensitive data and ensure that their network is equipped with the proper measures to protect data. Educating employees on how to not get baited into fake phishing emails is also critical. NuTech Services can audit your network and help you protect the identities of your clients. Don’t wait. Give us a call today at 810.230.9455 to get started.