16
Oct, 2017
debit_card_lock400.jpg

Swipe With Care: Your ATM Might Be Controlled By A Hacker

debit_card_lock400.jpg

One of the most enticing credentials that hackers desire is your credit card number, along with its expiration date and the code on the back. Hackers are also willing to go great lengths to achieve their goal of stealing these credentials, even so far as to make physical changes to automatic teller machines (ATMs) to do so. In fact, hackers will often install skimming devices on ATMs that are so subtle that they can be difficult to detect.

Take, for example, this news article from July 2017 that showcases a rather specific case of ATM skimming. The device in question simply slips over the ATM card reader in a discreet way to give the user the impression that they are using a legitimate machine. Any unsuspecting user could accidentally throw their credentials right to a hacker.

Furthermore, there have been cases of hackers implementing custom hardware into ATMs designed to harvest credentials. These devices are often installed onto ATMs so that they can wirelessly transmit credentials, to perpetrators lurking nearby. Either way, the result is the same; stolen credentials and upset victims.

Imagine waking up, checking your bank account, and noticing that you’re missing the entirety of your checking account balance. Or, even worse, finding out that your account has sunk into the red because someone in a foreign country has purchased your information and used it for their own purposes. How can you keep this from happening to you? The easiest way is to be wary of ATM skimmers in the first place. You should keep the following in mind when using an ATM.

  • Cameras surrounding the machine: If you are in an area where there are plenty of cameras, there will be less of a chance that the ATM will have been tampered with. In fact, most ATMs actually have built-in cameras, but it helps to have some extra caution to take a look around whenever you want to use one.
  • Tampering with the device: Examine the device before you use it. Are there any issues with the way it looks? Are any faceplates removed or devices plugged into it? If there are, you know that it’s not a machine that you can trust.
  • Additional “testing”: Before you insert your card into the device, try jostling the slot to see if it’s something that was artificially placed over the actual reader. Carefully inspect the machine before you insert your card. Spending a few moments to check the device before using it can save you a whole lot of pain in the long run.

What are your thoughts on ATM skimmers? Are you confident that you can identify one that has been tampered with? Leave your thoughts in the comments.

13
Oct, 2017
ransomware_school400.jpg

TheDarkOverlord Solutions Is at It Again! This Time the Hacker Group Is Targeting Schools

ransomware_school400.jpg

While many youngsters enjoy it when their school shuts down, this was likely not the case in Flathead Valley, Montana, where the cybercriminal group ‘TheDarkOverlord Solutions’ targeted the entire Columbia Falls school district. This attack caused the three-day closure and otherwise disrupted over 30 schools, and the personal information of teachers, students, and school administrators was supposedly to be released if the group didn’t receive a ransom payment.

Furthermore, and more alarmingly, parents received reportedly graphic death threats against their children from the group. These threats alluded to an infamous, and still painfully recent, school shooting. This is the first time that TheDarkOverlord Solutions have gone to these lengths as far as is known.

The district server for Columbia Falls was ultimately targeted; records detailing the addresses, medical history, behavioral history, and other pieces of information valuable to cybercriminals were accessed that detailed the personal data of current and former students, their parents, and the school’s staff members. As a result, the 30 schools closed (as referenced above) and weekend events and activities were cancelled. With a heightened security presence, students returned to classes on Tuesday, September 19th.

TheDarkOverlord is no stranger to the news, or to targeting vulnerable individuals. In July of 2017, there was an online sale for a tantalizing data set that would allow cybercriminals to leverage information harvested from healthcare providers, just weeks after putting almost nine and a half million records for sale. These records came from a clinic, a healthcare provider, and a health insurance provider.

Somewhat less threateningly, the same group also took credit for releasing the fifth season of the Netflix hit series Orange is the New Black before its official release date, despite receiving about $50,000 worth of cryptocurrency in ransom from an audio post-production studio.

This piece of history shows why the Columbia Falls school district is right in their decision to not pay the ransom, as it in no way guarantees that the cybercriminal (or group) responsible will hold up their end of the bargain. Even if they do, it only proves that the victims are willing to pay, designating themselves as the perfect target for repeated attacks.

The key to your safety is to ensure your data is secure against the entire spectrum of threats. NuTech Services can help you to do so. Call us at 810.230.9455 to get started.

29
Sep, 2017
ai_head_circut400.jpg

Artificial Intelligence Can Be Useful To Hackers, Too

ai_head_circut400.jpg

Man matching wits with computer isn’t new territory. In 1830, a locomotive raced a horse to see which was superior in terms of speed and distance. 1956 saw the first time a human played chess against a computer. Today, the time has come when an artificial intelligence has begun to break into a new territory that was dominated by humans for thousands of years: crime.

At a recent technology expo, a human hacker and a sophisticated computer that is capable of machine learning each attempted to spear-phish as many victims as possible through Twitter. For two hours, both entities refined their message in an effort to be more effective against the target. At approximately 1.075 tweets per minute, the human was able to make 129 tweets, 49 of which were successful. The computer was able to make 810 tweets in two hours, which is about 6.75 tweets per minute. In that time, 275 victims were converted.

Even though humans had a higher attempt-to-victim percentage, the machine was able to get 5 times as many victims in the same amount of time.

In a Cylance poll held during ConFab, attendees were asked if criminal hackers will use AI for offensive purposes in the coming year, to which 62 percent answered in the affirmative. Even though no one could cite any specific incidents, the overwhelming consensus among experts is that hackers have already begun using AI. Like all high-tech crimes, AI is a global issue that changes fast and often, making it extremely difficult for law enforcement to find and prosecute perpetrators. Even when they’re able to identify offenders, they often run into issues where the laws and statutes are well behind the technology in question.

Another reason that identifying and combatting AI is so difficult is because there are constant debates among experts around the globe on what exactly constitutes as AI. Think about it like this: millions of people consult virtual assistants, like Siri and Alexa, every day. However, if you ask the majority of them if they were using artificial intelligence, they’d say ‘No.’ In reality, they are both examples of AI being put to use to enhance the lives of its users.

There are a lot of potential uses for AI by cyber criminals. For example, hackers could use machine learning capabilities to write programs that personalize emails with malware attachments. As that technology is developed, there will likely be a time when distinguishing actual email and phishing attacks is nearly impossible. Another probable use of machine learning and AI for hacking is drastically reducing the time and resources it takes to find and exploit vulnerabilities in software though automation.

For a small business, AI might not be not something that you need to concern yourself with – and perhaps it isn’t, at the moment. However, AI is already being incorporated into many aspects of business with great success and many experts feel it will be very important in the near future. What do you think? Would you be willing to give AI a try? Let us know in the comments!

23
Jun, 2017
you_face_security_threats_400.jpg

5 Security Threats that Spell Doom for Any Organization

you_face_security_threats_400.jpg

Fact: your business will always be susceptible to various security threats in at least some capacity. It’s up to you to counter these threats before falling victim to them. To help you with this, we’ll go over the top five threats that you need to be prepared for.

Viruses
Viruses are bits of code that plant themselves in your system and cause a myriad of problems. Viruses can cause system slowdown, problems with performance, and can even open the way for data theft or downtime. Security software like antivirus is usually enough to keep simple viruses out of your network, but more dangerous variants may be sneaky enough to dodge discovery and cause damage.

Malware
Also known as “malicious software,” malware infects a system and performs whatever its programmed function is. There are all sorts of variants out there, including spyware to watch the infected PC and capture keystrokes, and ransomware that can lock down files until a fee is paid. Malware complicates operations and can potentially put your business at risk of further data breaches.

Spam
Spam messages are both annoying and dangerous. Spam is the hacker’s preferred way of spreading viruses, malware, ransomware, and phishing scams, among other threats. They can effectively use spam to send out countless instances of the same attack to recipients all over the world. Thankfully, you can prevent the majority of spam simply by implementing a spam blocking solution. This can keep spam out of your inbox in the first place, eliminating the opportunity for user error or otherwise.

Phishing Scams
Hackers and identity thieves will use whatever tools they can to steal information from whole organizations, or specific individuals via targeted attacks. They may take advantage of the people or organizations with whom individuals associate themselves with, masquerading as vendors or close personal friends in order to gain their trust. The end result could be someone you think you know stealing sensitive information, like financial credentials or personally identifiable information. Take the time to understand some of the symptoms of these attacks, like poor spelling in messages or out-of-the-blue outreaches from the sender. Other common giveaway signs are unexpected urgent final notices or calls requiring immediate action. NuTech Services can help your business successfully identify these scams.

CEO Fraud
Whaling is a trend in which CEO fraud occurs by hackers stealing the identity of a C-level employee. For example, a hacker using the identity of a CEO could send legitimate-looking emails to the finance department asking for an immediate wire transfer. In these cases, the one on the receiving end of the message might not think anything of it and go ahead with the transfer. If you receive such a message, take a moment to question the legitimacy of the request by consulting official records regarding email addresses and telephone numbers associated with the message, or simply contact the CEO yourself. 

Does your business want to take network security to the next level? If so, reach out to NuTech Services at 810.230.9455.

12
Apr, 2017
cybercrime_classificiations_400.jpg

Tip of the Week: 9 Hacker Profiles You Need to Be Aware Of

cybercrime_classificiations_400.jpg

“Hacker” is a word that can bring up many powerful impressions in people. It may very well bring up images of a pale super genius hunched over a keyboard, awash in dim blue light, as it does for many people. However, this extremely specific image does little but pigeonhole the many hackers in the real world into this dramatized caricature.

In reality, there are many different kinds of hacker, each with a preferred target and reason for doing what they do. For your part, it helps to be familiar with the 10 types of hackers that are to be found in reality.

Amateurs

  • Script Kiddies: There’s a reason that this type of hacker is under the “amateur” heading. These are the hackers who are capable of little more than piggybacking onto larger efforts, or dabbling in the more basic forms of cybercrime. They are little more than nuisances, compared to their hacking compatriots.

The Good Guys

  • White Hats: These ethical hackers, usually security researchers, are those that help the average user by using their skills to keep threats at bay.

Political Players

  • Hacktivists: Using DDoS attacks and website vandalism to humiliate and hobble their targets, these actors are usually part of a larger group, working towards an ideologically driven common cause.
  • Nationalist Hackers: These actors are those that, thanks to their sympathies and patriotic motives, are often given a pass by law enforcement.
  • Nation State Agents: These actors typically  for a government body, usually in a military or intelligence capacity. They have access to great capital resources, but will not hesitate to use common tools as well.

The Criminals

  • Cyber Mercenaries: These are hackers-for-hire, who will be brought on to assist other cybercriminals for a share of whatever ill-gotten gains there are to be had.
  • Repeat Offenders: These hackers are skilled, yet disorganized, which keeps them from obtaining the profits that other varieties of hackers do.
  • Organized Crime: These are criminal organizations that focus on cybercrime, with a hierarchy that allows them to reap great profits from their schemes.
  • Malicious Insider: These are the criminals who sit inside your walls, actively working to sabotage your efforts and leak critical information to your competition, often for personal motivations.

These malicious insiders are easily the most dangerous threat to an SMB, but that doesn’t mean that the others don’t cause problems as well. In order to keep them all at bay, you will not only need to encourage diligence in the workplace, but also protect that workplace with comprehensive security solutions.

The experts at NuTech Services are ready to assist you in securing your business assets against external influences. Call 810.230.9455 to get started.

30
Jan, 2017
rootkits_good_or_bad_400.jpg

Rootkit Hacks are Nasty, But Preventable

rootkits_good_or_bad_400.jpg

The challenge for business owners is that there are so many different types of online threats, it borders on impossible to protect themselves from all of them. All of these threats hold limitless possibility to ruin your organization’s operations, either short-term or long-term. One of the most common threats out there is called a rootkit hack, and it’s one that you certainly don’t want to mess around with.

Defining a Rootkit Hack
Rootkits are malware that sit on a device for extended periods of time, often undetected for weeks, months, or even years. In this sense, they are very similar to trojans, which hide on networks and are capable of dodging security tools like antivirus and firewalls. Rootkits, however, aren’t designed to allow for backdoor access at a later date (though they certainly could be capable of doing so). Instead, a rootkit focuses on giving hackers administrator permissions so they can access systems in a pseudo-”legitimate” manner. The unfortunate side-effect for the user is that everything they are using the infected computer to do is being intercepted and controlled by someone else, placing them at the mercy of the hacker.

What’s even more confusing is that not all rootkits place your business at risk. In fact, many organizations that provide technical support for IT assets use rootkits for remote access and maintenance. The problem is that rootkits allow hackers to steal information, which can lead to a disaster.

How a Rootkit Works
The first step in a rootkit’s exploitation is seizing administrator control. Once the hacker has done so, their options are limitless. They can perform tasks such as deleting important files, installing software (like spyware), changing programs, recording keystrokes, and so much more. Hackers could steal vital information like credentials, access logs, or other important data. Furthermore, rootkits are usually software-based, though hardware-based rootkits accomplish a similar role and are arguably easier to identify. Just look for any piece of technology that looks like it doesn’t belong.

How to Prevent Rootkit Hacks
Protecting yourself from hacking attacks doesn’t have to be hard, but the sheer amount of possibility involved with them can be daunting. Rootkits can make their way into your network through the use of infected downloads, phishing scams, malicious URLs, and countless other ways. Always check to ensure the authenticity of what you’re downloading, and make sure to stay away from potential outlets of malware or other sketchy websites known for spreading malicious software.

By keeping these security discrepancies in mind, and by maximizing your use of best practices, you can effectively keep exposure to threats at a minimum. An enterprise-level security solution also goes a long way toward keeping your business safe, along with a firewall, antivirus tool, web content filter, and spam blocker. These solutions all take preventative measures to limit exposure to threats, taking some of the difficulty out of managing network security.

What To Do
If something seems out of place with your computer, disconnect your PC from the Internet and all internal networks immediately. This prevents remote access control and data leakage from rootkit hacks, but most importantly, you isolate the problem so that it can’t spread. If you don’t know how to get rid of the problem, professional technicians like those at NuTech Services have your back.

To get to the root of all manners of cyber threats, reach out to us at 810.230.9455.

6
Jan, 2017
ethics_of_hackers_400.jpg

Hack a Hospital and Get Blacklisted By Other Hackers

ethics_of_hackers_400.jpg

Hackers are notorious for committing cybercrimes and exploiting what seems like everybody and anybody. Yet, just as there exists honor among thieves, there’s an unwritten rule within the hacking community: leave hospitals alone.

Of course, if you’re familiar with the activity of hackers, then you’ve perhaps heard of stories of hospitals and healthcare institutions getting hacked. To be sure, any organization handling healthcare records makes for a tempting target to a hacker. These records contain very personal and sensitive information that can be sold for big bucks on the black market (this is one reason why protection laws such as HIPAA are put into place). However, if a hacker chooses to act on this impulse, they do so at the risk of being shunned by their own.

While it’s one thing to stealthily steal files from a hospital server unit, it’s even more of a dastardly deed for a hacker to unleash a ransomware attack on a hospital network. This is due to the fact that attacks like ransomware will disable a computer until a ransom is paid to the hackers. As you can imagine, if a hospital were to have any of its equipment taken offline, then patients in critical condition would be unable to receive the care they need until the system is back online. Potentially, a move like this could result in death.

What could motivate a hacker to attempt a hack where human life is on the line? For the hacker attempting such a hack, it’s perhaps because the crisis it creates makes for a higher chance of a payout. Compared to hacking a business that’s prepared for a ransomware attack and can afford to brush it off and lose a few hours or a few days-worth of data (depending on when the last backup was made), hospitals must act as quickly as possible to get their system back online, which very well could mean paying the hacker.

What’s worse, even if a hospital pays a hacker’s ransom, there’s still no guarantee that they will regain control of their system, which could translate to a significant loss of life. Given the possibility of such a sad situation, it’s easy to see why hackers will blacklist any of their peers known for going after hospitals. After all, where do the hackers go when they get sick? That’s right, the hospital.

To give you a hacker’s perspective on the matter, ZDNet references a forum where hackers discuss, get this, the ethics of hacking. “Yes, this is pretty sad and a new low. These ransom attacks are bad enough, but if someone were to die or be injured because of this it is just plain wrong.”

While these words may be somewhat comforting for a hospital administrator to hear, keep in mind that there are some hackers who disregard any form of ethics altogether, so the risk is still there. Also, for the average SMB not associated with healthcare, there’s likely no “hacker’s code” protecting your organization from being targeted. In fact, regarding the typical SMB, hackers can build a pretty solid case on why they should pull the trigger on a hack attack.

Therefore, whether your business is in the crosshairs of hackers or not, every organization needs to be prepared and have a security solution in place that can withstand such attacks. This defense plan must include a way to defend against even ransomware, which means backing up your data with BDR and having a means to restore your backed up copy as quickly as possible so that downtime is at a minimum.

To make sure that your business is prepared for anything that a hacker throws at you, call NuTech Services today at 810.230.9455.

28
Oct, 2016
entertainment_hacked_400.jpg

Hollywood is Captivated By Fictional Hackers, But Real Hackers aren’t Entertaining

entertainment_hacked_400.jpg

It’s not an understatement to suggest that hackers are a hindrance to business. They take what doesn’t belong to them, and worse than that, they use that stolen information to make off with money, misrepresent individual actions, and ultimately, just cause a degree of added entropy that any business simply doesn’t need. Recently, with the hacker group Anonymous consistently in the news and dozens of corporate hacks resulting in millions of people’s personal information being compromised, hackers have been an increased part of the public consciousness.

On January 10, 2016, television producer Sam Esmail stood on the stage at The Beverly Hilton and accepted the award for Best Dramatic Television Series for the show he serves as showrunner on, “Mr. Robot”. The Hollywood foreign press had chosen the series for this award, despite the show’s non-traditional plot, which centers on an anti-social (and hopelessly schizophrenic) network administrator that spends his nights as a seemingly benevolent hacker. Earlier in the evening the show’s co-star, veteran actor Christian Slater, took home the award for Best Supporting Actor in a Drama Series.

With the success of “Mr. Robot”, and other high-profile films and shows that tell the stories of hackers, there has been a suggestion that the entertainment industry unwillingly romanticizes hacker culture (not that sitting alone in a dark room, having a bad haircut, and wearing giant black army boots are actions that people would normally emulate). Take 2015’s Blackhat, a drama directed by Michael Mann. The movie stars one of the more bankable stars in the world at present, Chris Hemsworth, as a federal inmate (convicted of hacking) that is given a furlough to help his college roommate (and Chinese cyber warfare officer) solve a series of high-profile hacking attacks that cause destruction and chaos. In the movie, Hemsworth plays the role of anti-hero; a character that would be a villain in society, and makes good by doing the very thing he has been incarcerated for.

The representation of hackers as the good guys, or the popular anti-hero, is something that Hollywood has embraced for some time. Hackers are most prominent in movies about hacking, obviously, but they also show up in heist movies, and any other movie in which the story has a computer system standing in the way of resolving their goals. If the villain of the story is a hacker or computer, rest assured that the man or woman coming to save the day is a hacker; one of the only types of characters that can overcome a rogue hacker or computing system.

In reality, however, hackers aren’t as interesting or benevolent. Many of them will break down the barriers guarding your client’s and employee’s most sensitive information if they think they can squeeze a buck out of it. That kind of dedicated opportunism, and, to a lesser extent, schadenfreude, make hackers a deplorable result of computer systems’ prevalence throughout the culture. In Hollywood’s defense, hacking makes for a pretty boring movie, but human oppression or destruction, themes that you’ll find in nearly every good hacker movie, aren’t.

There have been dozens of movies about hackers that have been produced over 30 years. Some of them, like “Tron” and “The Matrix,” are science-fiction films that as a design, play with the concept of reality, while movies like “War Games” and “Hackers” present hackers as cognizant wrong-doers, but again present the act of hacking as a means to a heroic end.

Some of the most noteworthy “hacker” movies include:

  • Tron (1982)
  • War Games (1983)
  • Sneakers (1992)
  • The Net (1995)
  • Hackers (1995)
  • The Matrix (1999)
  • Swordfish (2001)
  • Live Free or Die Hard (2007)
  • The Girl with the Dragon Tattoo (2009)
  • BlackHat (2015)

How many of these titles have you seen? Do you think that hackers have been fairly represented in film, or do you think Hollywood has glorified hacking? Please feel free to leave your thoughts in the comments section beneath the blog.

At NuTech Services, we don’t glorify hackers. We fight them with proactive monitoring and management to ensure that, if someone that doesn’t belong there does try to get into your network, we are there to ensure your network remains safe. For more information about the steps we can take to keep hackers out of your network, call us today at 810.230.9455.

28
Sep, 2016
best_practices_for_security_400.jpg

Tip of the Week: 5 Steps You Can Take to Foil the Plans of Hackers

best_practices_for_security_400.jpg

Hackers have the ability to cripple systems and steal important (or sensitive) data, and if you’re not careful your business could become their latest victim. Here are five ways that you can make it more difficult for hackers to infiltrate your systems and steal your data.

Protect Important Security Credentials
Hackers naturally target the credentials of important figures within an organization. This could entail stealing the usernames or passwords from someone who has access to crucial, mission-critical information, like the administrator of your IT department or your business’s C-Suite staff. Therefore, it’s important that you ensure these credentials are protected by encryption, and that they’re as long and complex as possible. If you store them anywhere, it should be in an encrypted password manager, where only they can access them.

Restrict Admin Access
Similar to the above point, you want to restrict access to certain locations of your network on a per-user basis. This means keeping the average joe from peeking at information like financial credentials and personally identifiable information, among other things. The fewer people who have access to important information, the less likely it is that this data can be stolen. Therefore, your users should have access to only information that they need to do their jobs properly, and nothing more.

Augment Password Security with Best Practices
If you’re using a password manager, you can implement all sorts of password best practices to further augment your organization’s security. For one, password managers make it so that you can feasibly use different complex passwords for every single one of your online accounts. This is important, seeing how long, complex passwords that utilize upper and lower-case letters, numbers, and symbols are very difficult to remember on their own.

Cut Down on Shadow IT
Hackers love to take advantage of forgotten-about technology solutions to infiltrate networks. While you might be patching all of your organization’s crucial software solutions, you might be neglecting that open source word processor that an employee downloaded one day. You should emphasize to your team that if they need a solution to do their job properly, they should go through the proper channels (like through IT or management) before implementing an unapproved solution.

Train Your Staff on IT Best Practices
While it’s helpful that you understand IT best practices, this can only get you so far. You should make IT security a part of company culture by thoroughly educating your staff on how to stay safe online. Teach them what to do if they suspect that they’ve been hacked, and help them avoid dangerous threats, including malicious links, spam phishing attacks, and unsolicited email attachments.

To learn more about cyber security, reach out to NuTech Services at 810.230.9455.

5
Sep, 2016
windows_10_black_hat_400.jpg

According to Hackers, Windows 10 Security Passes the Test

windows_10_black_hat_400.jpg

Windows is perhaps the most common workplace computing tool, and hackers have been trying for decades to uncover holes in its security. In some cases, like with unsupported operating systems, they’ve succeeded. However, Microsoft’s latest addition to their OS family, Windows 10, seems to have exceptionally potent built-in security measures, many of which have the hackers at the Black Hat conference scratching their heads and scrambling to find threats to talk about.

During Black Hat, the annual hacker convention in held in Las Vegas, Windows 10 was lauded as perhaps the most secure Windows operating system in decades. It was agreed that Windows 10 is much more difficult to break into than its older brethren, but like any software, nothing is impossible with enough funding and research. The Black Hat presenters discussed potential ways that Windows 10 could be hacked, and how Windows 10 makes it more difficult for attackers to breach its systems.

Windows 10 Uses Built-In Anti-Malware Tools
Windows 10 has what’s called the Antimalware Scan Interface (AMSI), which is designed to identify and capture malicious scripts in its memory. Your applications can access the information stored in the AMSI, and can use it to protect your systems. For example, Windows Defender and AVG use AMSI. The primary reason why the AMSI is a huge problem for hackers is because most of their attacks utilize some sort of script. Of course, the AMSI is a valuable tool, but it still needs secondary security protocol (like antivirus or remote monitoring and maintenance) to keep your network safe. While it’s great for detecting scripts executed in PowerShell (since PowerShell records logs), it still requires someone to regularly monitor the logs in order for it to be most effective.

Active Directory
Active Directory has long been a critical part of how Windows administration works, and recent innovations have allowed for the management of workloads through the cloud and identity and authentication management on in-house networks. Microsoft Azure puts Active Directory to good use, allowing for quality security for any Azure-based cloud platform. The problem with AD, though, is that any user account can access it unless the administrator has limited these permissions. Your IT administrators need to restrict access to AD and control authentication procedures for it.

Virtualization
Virtualization-based security features a set of protocols that are built into the hypervisor of your Windows 10 OS. Basically, Hyper-V can create a virtual machine that stands separate from the root partition. This machine can then execute security commands as needed. Hyper-V creates a machine that can’t be compromised, even in the face of hacking attacks that target the root partition. It’s a way to minimize the damage done by data breaches, but it only works if the credentials aren’t found in the root partition. IT administrators, therefore, need to ensure that these systems cannot be compromised.

Eventually, there may come a day when Windows 10 experiences a dangerous flaw that’s exploited in the wild. Hackers are always trying to undermine security measures, but Microsoft engages these attacks with patches of their own, so it’s an endless cycle. Hackers will inevitably find ways to crack Windows 10’s innate security, so it’s your responsibility to complement your OS’s security with your own solutions.

To secure your business’s devices, reach out to us at 810.230.9455.

20
Apr, 2016
ransomware_petya_400.jpg

Alert: New Petya Ransomware Spreads via Fake Online Resumes

ransomware_petya_400.jpg

Next time you see an unsolicited resume in your email, it’s worth scrutinizing before you just click on it. It could be a nasty new ransomware called Petya.

Petya is a particularly mean-spirited ransomware that hackers use to extort money from their victims. Infection begins with a Windows error, followed by the typical “blue screen of death” reboot, and displays a red skull and crossbones. As the computer restarts, a fraudulent “system check” allows the infection to encrypt the master file table (MFT), so the computer more or less “forgets” where, or even which, files it has.

In addition to doing this, instead of barring access from particular files, Petya locks the user out of their system entirely by overwriting their computer’s master boot record. Once this happens, the computer is rendered useless (you can’t even log in), only displaying a list of demands, an online address to appease those demands in Bitcoin, and finally, a decryption code to regain access to the files.

When the user accesses the payment page, they learn that they have a limited amount of time to purchase their key before the price is doubled–from around an initial cost of .99 Bitcoins, which is equivalent to about $430. While many websites claim that there are commands that will allow the user to skip the lock screen, the MFT will still be encrypted, and the files still useless. Additionally, there’s no guarantee that the decryption key provided upon payment will even solve the problem, potentially leaving the user short $430 and all of their digital files.

Business owners and human resource representatives need to be particularly alert, considering that the preferred method of disbursement for Petya is via email, specifically disguised as what would appear to be a message from someone seeking a job. The message contains a hyperlink that directs to a Dropbox containing a “resume” (an antivirus program-blinding Trojan containing Petya) and a stock photo. With these tactics, Petya had been plaguing German businesses, with no telling when it may spread.

Fortunately, a programmer has come up with a fix to remove Petya without paying any ransom after his father-in-law’s system was targeted. Thanks to some purported carelessness by the authors of this malware, the encryption is crackable. To do so, however, isn’t such a simple task – it requires a second, uninfected hard drive, for starters. So while Petya has been cracked, it is still better to not be a target in the first place.

So how does one avoid such an attack? Mainly vigilance, assisted by NuTech Services’s security solutions that help detect and block questionable sources. Call 810.230.9455 for more information about products to keep your company safe from the cyber pirates flying a digital skull and bones.

11
Mar, 2016
b2ap3_thumbnail_cybercrime_black_market_400.jpg

Drugs, Assassins For Hire, Weapon Sales, and More: All Conveniently Found On the Web

b2ap3_thumbnail_cybercrime_black_market_400.jpgThe Internet is a fascinating and wonderful place full of great, informative resources and websites, but it’s also home to online markets for illegal and unethical practices. These hotbeds of criminal activity are a danger not only to your business, but to everyone who uses the Internet.

Specifically, the Internet (or what’s known as the “dark web”) is often used to anonymously distribute drugs, data, and other questionable activity. The Internet itself allows for anyone to take on a pseudo-anonymous nature, but there are other, much darker parts of the Internet that can only be accessed if you’re truly anonymous. Users who are using the anonymity browser Tor can go about their business on the dark web with little to fear. Many online black markets will only allow users to access them if they’re using Tor, primarily because they want to dodge law enforcement as much as possible.

Not all online black markets take this same precaution, though. Some illegal online markets don’t care about staying available to their buyers or hidden from the authorities, and will even sell to the common masses rather than hardened criminals. This sporadic and unpredictable behavior is one reason why everyone should be concerned about the dark web. Since these underground black markets are often available via the “surface web” (the part that the average user sees), this increases the range and scope of who criminals can target with their goods, which allows the cybercrime industry to thrive.

From Trend Micro via TechRepublic, here’s a chart detailing what the online crime market is primarily used for.

ib stats

Drugs are one of the biggest components of the online cybercrime industry, but stolen data dumps and crimeware are the second and third largest threats, respectively. A surprising factor, however, is the presence of illegal online arms manufacturing, and even assassinations. When you consider the fact that anyone can access these assets through the surface web, it’s a frightening concept indeed.

The North American underground dark web network is generally considered what’s called a “glass tank.” It might be useful for its intended purpose, but it’s so transparent and fragile that it can shatter and break at any given moment. Trend Micro reports that the life cycle of most black market sites is very short. The sites could be available one moment, and gone the next.

If you take away anything from this blog article, it’s that cybercriminals are as resourceful as they are slippery, and that they’ll use any means necessary to make a quick buck. This includes selling information they’ve stolen from businesses just like yours on the black market, or selling malicious code to would-be hackers. Business owners need to be exceptionally cautious when dealing with criminals on the Internet, simply due to the fact that they’ll attack for no other purpose other than to cause a little bit of chaos and to throw your sensitive data in the “for sale” window. It’s important to remember that there is, in fact, a market for your stolen data, and that hackers will do whatever it takes to breach your systems and make money off of your misfortune.

NuTech Services knows how to handle the security threats that your business faces every day, and we can outfit your network with the solutions required to eliminate and detect issues before they become bigger problems. Furthermore, we can protect your organization’s end-users from accessing infected or suspicious sites, like potentially malicious web pages, or those designed to sell questionable goods. Perhaps the best way we can protect your business is by offering enterprise-level security solutions, like firewalls, antivirus, content filtering, and spam blocking solutions, effectively mitigating the odds of your business falling prey to a hacking attack.

For more information, give us a call at 810.230.9455.

29
Feb, 2016
b2ap3_thumbnail_stolen_data_problems_400.jpg

736 Million Records Were Exposed to Data Theft in 2015

b2ap3_thumbnail_stolen_data_problems_400.jpg2015 saw a significant increase in high-profile hacking attacks in organizations of all disciplines: healthcare, government, and even large entertainment companies all fell victim to data breaches. In light of these attacks, valuable lessons can be learned through analyzing the types of records that were stolen. In 2015, over half of all records exposed to hackers were passwords and email addresses.

Take a moment to consider the importance of such credentials; they’re used for accessing online accounts and mission-critical information that’s stored on company networks. If hackers and thieves gain access to them, they essentially acquire unrestricted access to certain accounts that may be critical to the functionality of your business. Plus, since many users use the same password across multiple accounts, having one set of credentials may give hackers a lot of access.

Here are some of the statistics revealed by the Risk Based Security report:

  • In 2015, there were 4,000 reported data breaches, which exposed 736 million records.
  • 40.5 percent of reported incidents occurred in organizations within the United States, with the amount of data stolen totaling around 65 percent of the data stolen throughout the entire year.
  • 238 million stolen data records came from just four huge data breaches.
  • 142 organizations experienced multiple data breaches in 2015.
  • The US and UK combined made up 45 percent of all reported data breaches in 2015.

What You Can Do About It
If you want to keep your business safe from the seemingly endless horde of malware on the Internet, you need to be tirelessly working toward integrating proactive security solutions designed to protect your network from potential threats. One way that you can do so is by implementing powerful security measures that are designed to both prevent threats from accessing your network, and detect them from within before they cause unspoken amounts of damage. Enterprise-level firewall and antivirus solutions are great tools meant to prevent breaches, while content filtering and spam blocking solutions make your network even more resilient. These four technologies are what’s known as a Unified Threat Management solution, and it’s a critical investment for any security-minded SMB.

Another way that you can decrease the chances of being hacked is by using complex passwords that are difficult to guess, and to change these passwords consistently. Your passwords should always be long, utilizing lower and upper-case letters, numbers, and symbols. Never use the same password and usernames for multiple online accounts. Always use different credentials. If you have trouble remembering everything, an enterprise-level password manager is a great way to securely store your credentials.

In the end, it comes down to how well you protect your organization from threats. NuTech Services can educate your business on security best practices, while assisting you with the implementation of comprehensive security systems. Our solutions are designed to minimize the chances of data breaches, and to immediately resolve problems that might come up.

For more information, give us a call at 810.230.9455.

15
Feb, 2016
b2ap3_thumbnail_man_in_the_middle_sphero_400.jpg

Man-In-the-Middle Attacks Find App Users Off Guard

b2ap3_thumbnail_man_in_the_middle_sphero_400.jpgThe Internet of Things is practically omnipresent in today’s environment, and many commercial products not only connect to the Internet, but they also come with an app. Due to this type of integration growing more popular, the world is starting to see Internet-connected products that really don’t have much to gain from their connectivity.

One such device is BB-8, a Star Wars-based droid toy built by Sphero. The toy isn’t much different from your typical Sphero toy, with the primary difference being that it’s painted after the insanely popular BB-8 droid from Star Wars Episode VII: The Force Awakens. It’s an app-controlled robotic ball that’s marketed to children who want to control their very own droid.

While this toy might seem to be irrelevant, it’s been reported that there’s an exploit which can hack into a BB-8 via its wireless communication systems. By injecting code into the smartphone controlling the droid, hackers can essentially control BB-8 through the phone, since it acts like a remote for the toy. This kind of hack is called a man-in-the-middle attack. In BB-8’s case, the hack is of little consequence, but man-in-the-middle attacks can be dangerous if targeting valuable information.

What Are Man-in-the-Middle Attacks?
In order to understand how a man-in-the-middle attacks works, let’s compare it to a traditional game that you may have played when you were a kid: “telephone.” One person sends a message and the recipient listens to it, but in the process of delivering the message, someone adds or omits an important part of the message. Just imagine that instead of the sentence, “Jane runs through the forest,” that the message that’s interrupted and manipulated is a customer’s credit card number.

Wireless systems have made it much easier to perform man-in-the-middle attacks, simply because wireless communications are subject to plenty of risk while in transit. This is why it’s especially important that your business implements security measures that can protect your data while it’s moving from one system to the next, be it from a smartphone to an in-house device, or an essential file from a PC to your server. You need to make sure that these commands are sent securely, and as accurately as the sender intended. Remote monitoring and management solutions can help your business by offering intrusion detection, along with several other protocols that work together to provide a comprehensive network security solution.

Attacks Require More Powerful Solutions
Wireless technology is extremely convenient at times, so much so that cumbersome, wired systems are waning in popularity. Despite this huge advantage, people still have to determine whether or not their wireless systems are secure from external threats. If their system security is subpar, there are plenty of solutions available that are capable of shoring up weaknesses for both mobile devices and PCs working on a wireless network. Unfortunately, all it takes is one seemingly inconsequential piece of technology to leave your entire network exposed.

This is where NuTech Services comes in. Our professional technicians can help your business improve its protection from Internet of Things threats. We can do this by performing a thorough analysis of your current IT infrastructure, your projected growth, and the current needs of your business. Together, we can keep your technology from going over to the dark side. To learn more, give us a call at 810.230.9455.

1
Feb, 2016
b2ap3_thumbnail_baseball_hacker_400.jpg

Baseball Executive Pleads Guilty to Hacking Rival

b2ap3_thumbnail_baseball_hacker_400.jpgIT can be like baseball. When a team is up to bat in a game of baseball, the team at bat is allowed to keep two coaches on the field. They are called the first base coach and the third base coach. While both coaches’ responsibilities mostly have to do with baserunning, the third base coach also takes on the responsibility of relaying “signs” from the manager in the dugout to the batter at the plate.

buck ib 1

These signs represent orders or suggestions from the manager, who is in charge of implementing the strategy each pitcher or batter throughout the baseball game. The third base coach is just an intermediary. He relays the orders to the batter, and it’s the batter’s job to execute the direction that’s given. Each team will try incessantly to steal the other team’s signs, as doing so will give them a distinct advantage on the field of play. For instance, if a hitter somehow was tipped off that the pitcher will be throwing a curveball, there is a better chance the player will let the pitch go by because it’s hard to throw a curveball for a strike, and even harder to hit a curveball.

What does this have to do with IT? It suggests just how much your competition gains from having information about your company; the information that only you should have access to. While “sign-stealing” on the diamond is looked on as gamesmanship, stealing information over your business’ network is a crime (or at the very least unethical), and should be thwarted if at all possible. The former scouting director for the St. Louis Cardinals is finding that out the hard way.

Christopher Correa, the former scouting director for the St. Louis Cardinals has plead guilty to five counts of unauthorized access to a private computer for using a former employee’s login information to access a Houston Astros’ secure database that was filled with data that could provide useful information. Correa had accessed both employee emails and the team’s database to gain information, an action that he admitted was, “stupid,” to U.S. District Judge Lynn Hughes.

Correa, who accessed information mainly to gain a competitive advantage over a rival team, was fired from the St. Louis organization after his improprieties came to light. Ironically, Houston, who had been playing in the same division with St. Louis since 1994, moved to the American League before any of these hacks had taken place.

Correa’s former boss, and current Astros General Manager, Jeff Luhnow is likely the “Victim A” from the indictment, and the likely owner of the passwords that Correa used to access the Astros’ system. Luhnow seemingly used the same credentials to sign into the Astros’ environment as he did when he handed over his laptop and password to Correa when he left to take the GM job in Houston in 2011. Luhnow made the following statement:

“I absolutely know about password hygiene and best practices. I’m certainly aware of how important passwords are, as well as the importance of keeping them updated. A lot of my job in baseball, as it was in high tech, is to make sure that intellectual property is protected. I take that seriously and hold myself and those who work for me to a very high standard.”

In this case, however, Luhnow seemed to be lacking somewhat in his conscientious efforts to protect his organization’s intellectual property by using the same credentials he was using while a member of the St. Louis staff five years prior. When someone leaves your company, especially if he or she is leaving for a competitor, it’s important that you get all the credentials that they used to access all data systems. Conversely, when someone joins your company, it’s important to make sure they understand your organization’s cyber security protocols, to keep you from having to deal with data breaches and other situations that may put your business at risk.

Network security, including password management and intrusion detection are essential for every business that doesn’t want to their network hacked by their competition, or by random hackers out to make a quick buck. For more information about the best practices for comprehensive network security, or to talk with a technician about the options we offer to help you protect your network, call us today at 810.230.9455.

30
Dec, 2015
b2ap3_thumbnail_life_threatening_hack_400.jpg

Hacking Attacks Can Have Deadly Consequences

b2ap3_thumbnail_life_threatening_hack_400.jpgWe all know that hackers are never good news. All they want to do is ruin someone’s day by planting a threat in an innocent person’s PC or steal some data from a business. However, some hackers could potentially have much more dangerous (and deadly) agendas, like sabotaging hospital equipment.

We know, you don’t often associate hacking attacks with the physical world, but in many cases, some severe hacking attacks can have life-changing consequences. For example, hospital pumps that are responsible for delivering appropriate doses of drugs and other life-sustaining fluids to patients can be compromised and used for delivering deadly doses. Another example is the insulin pump, which monitors blood glucose levels, or the implantable cardioverter defibrillator, which is responsible for jolting patients back to life if they go into cardiac arrest. Perhaps one of the most nerve-wracking hospital hacks is that of a CT Scanner, where attackers can potentially change radiation exposure amounts and limits.

Now that we’ve completely ruined any further hospital experience for you, basically, what we want to get across to our readers with this article, is that you absolutely CANNOT dismiss hackers as potential threats, especially in a world where wars are being fought over the Internet, and technology aids in war zones in unforeseen ways. Hackers continue to find new and creative ways to engage in cyber attacks, and they will continue to pose a significant threat to your business if you don’t do anything to stop them.

Hacking attacks against hospital equipment are a huge cause for concern, but you shouldn’t underestimate attacks against your own company, either. Hackers access business networks just like yours on a daily basis, hoping to take something important and turn a profit off of it. This could be private employee records (Social Security numbers, dates of birth, etc.), client payment information (like credit card numbers), and other confidential information. Other times, hackers might not have any specific agenda, and could just be looking to wreak havoc with viruses, malware, and other damaging cyber threats. Either way, the introduction of malicious entities into your network could have disastrous effects.

The best way to avoid the fallout from hacking attacks is to prevent them from happening in the first place. Your business needs to take a proactive stance against all of the common avenues that hackers exploit to gain access to your network infrastructure. This means implementing powerful solutions that keep threats out, and those that can detect and eliminate potential threats found within an infrastructure.

A Unified Threat Management (UTM) solution is designed to offer the comprehensive protection that your organization needs to stay safe when it feels like the world is out to get you. A firewall can keep the majority of threats from accessing your network by checking out data traveling to and from your network. Compounded with an antivirus solution, you can effectively keep threats out of your system, and promptly eliminate those that do somehow get through. Additional security measures, like spam blocking and web content filtering, can limit your staff’s exposure to potentially dangerous entities by keeping suspicious messages out of your email inbox, and blocking content that may be compromised while surfing the web.

While your business’s network security might not be a life-or-death situation, a ruined business is a huge first step toward a ruined life. If you want to make sure your network is equipped to handle hacking threats, give NuTech Services a call at 810.230.9455.

28
Dec, 2015
b2ap3_thumbnail_malware_lock_up_400.jpg

Alert: How Hackers are Scamming Users With Fake IT Support Hotline

b2ap3_thumbnail_malware_lock_up_400.jpgThere’s a wicked string of malware on the Internet that locks users out of their browser and directs them to call a phone number. That phone number reaches hackers who have set up a subterfuge as an IT support company. If this happens to you, even if you are in the middle of something important, do not call the phone number.

This particular piece of malware startles the user by blocking their progress within their web browser, suggesting them to contact a fake tech support hotline to “fix” their computer. It will show a screen that’s similar to the Windows fatal system error blue screen, along with a fake technical support message that pops up, informing the user of the “problem.” As you can see by the provided screenshot, this blue screen of death is deceptive because it’s only displayed within the browser, instead of taking up the entire screen like Microsoft’s real blue screen of death.

blue screen

Whatever you do, DON’T CALL THE PROVIDED PHONE NUMBER. The blog Delete Malware explains: “If you call [the number] they won’t actually remove adware from your computer. They will hijack your computer and steal all of your bank information and passwords. They are crooks, don’t call them!”

Fortunately, this error isn’t as critical as what it seems. In fact, this is a common tactic of social engineering: make the problem seem much worse than it is, causing the victim to flip out and do something rash–like call the fake IT support phone number.

What then are you supposed to do? You can make the issue go away simply by closing the browser via task manager (Ctrl + Alt + Delete), or rebooting the PC. However, it’s still annoying to deal with because you’ll lose any unsaved data, along with any progress made to whatever project you’re working on. Plus, rebooting your system won’t technically solve the problem; the malware will still be embedded in your system, waiting for another chance to strike.

Therefore, to get down to the root of this problem, you’re going to want to isolate and properly delete the malicious file. For this level of real IT support, you’re going to want to call the trained professionals at NuTech Services. We’ve got the tools needed to find and eliminate such threats, and even block them from hitting your system in the first place with a Unified Threat Management solution.

Lastly, we’d like to point out that the perpetrators of this hack are relying on the fact that the user doesn’t know who to call for IT support in a crisis situation. It’s reasons like this why you and your staff need to be familiar with who to call in an emergency IT situation, like NuTech Services at 810.230.9455. When it comes to taking care of IT issues, we’re the real deal, and we take offense that hackers these days are posing as trustworthy IT technicians in order to get at a user’s personal data. It’s an unsettling trend that will only be brought down by companies being vigilant about their network security.

To that end, NuTech Services can help. Call us today to find out how we can protect you from the worst of the web.

30
Nov, 2015
b2ap3_thumbnail_distributed_denial_of_service_400.jpg

Pay a Hacker Ransom Money and Risk Getting Bamboozled Twice

b2ap3_thumbnail_distributed_denial_of_service_400.jpgRequesting a ransom from victims is an unfortunate trend gaining momentum in the hacking world. This is typically done using ransomware (where hackers encrypt data and request money for the key) and distributed denial of service attacks (where hackers threaten to overwhelm a system with traffic, thus knocking it offline). In both scenarios, hackers are looking for the victim to pay up, or else. Should they?

The answer should be obvious; absolutely not. However, when a person’s valuable data becomes encrypted or they receive a legitimate threat to take down their servers, emotions often get in the way and they’ll end up “paying the piper.” Hackers know this, which is why their ransom methods employ fear tactics.

For example, ransomware like CryptoLocker will lock the user out of their computer while the screen displays a clock counting down to when their data will be deleted. And with DDoS attacks, a hacker may contact the victim mid-attack and promise to cease the attack for a fee. Both of these situations play straight into a person’s irrational fear, causing them to cough up cash.

Before reaching for your credit card to pay a hacker’s demands, stop, take a deep breath, and think objectively about the situation. What guarantee do you have that these hackers will actually make good on their promise to turn over your data or cease the attack? This guarantee is only as good as a hacker’s word, which is pretty worthless seeing that, you know, they’re criminals. Therefore, whatever you do, DON’T GIVE MONEY TO A HACKER!

By paying hackers money, you’ll only add fuel to the fire and help fund the spread of their devious acts. Plus, there are several reported cases where a victim pays the ransom, only to still have their data deleted or the attacks on their site continue. What’s it to them if they go ahead and follow through with the attack? They have your money, so who cares? It’s a classic case of adding insult to injury.

Need proof? There’s a recent example of this happening to ProtonMail, a Switzerland-based email encryption service. On November 3rd, ProtonMail was threatened with a DDoS attack by the hacking group Armada Collective. Like many companies would do, they ignored the threat, deeming it to not be credible. Soon afterward, their servers became overloaded to the point where they had to cease operations.

As reported by ZDNet:

The encryption service says the assault reached 100Gbps and not only attacked the ProtonMail datacenter but routers in Zurich, Frankfurt and other locations linked to the ISP — eventually bringing down the datacenter and ISP. This not only took down ProtonMail, but other companies were affected, too.

To get the attackers to stop, ProtonMail paid the hackers a $6,000 ransom. The hackers happily took their money and kept up the attack. In addition to losing a cool $6k, the company was out a vast sum for all the downtime they experienced.

How much would it cost your company if you lost revenue for a full day of work, and you still had to make payroll? For a medium-to-large sized company, losing a full day’s work would likely come to much more than a few thousand dollars. In fact, hackers understand how downtime can be so costly, which is why they feel justified asking for such an exorbitant fee.

What are you supposed to do if you were asked to pay a ransom by a hacker? The first thing you’ll want to do is contact the IT professionals at NuTech Services. We’re able to take an assessment of the attack to determine how bad it is, and restore your data to a backed up version that’s not infected with malware. When facing a hack attack, we can present you with all the options you can take, none of which will include paying a hacker money.

Call us today at 810.230.9455 to learn more, and don’t give the hackers have the upper hand.

13
Nov, 2015
b2ap3_thumbnail_cell_phone_hack_400.jpg

How a Nearby Hacker Can Access Your Phone Through Google Now and Siri

b2ap3_thumbnail_cell_phone_hack_400.jpgThese days, mobile exploits aren’t anything to be surprised about. Most people consider their smartphones to be more secure than their desktops or laptops, but the fact remains that there are just as many exploits, if not more, for mobile devices as there are for PCs. One of the latest mobile threats that can infiltrate your iPhone or Android device takes advantage of Siri and Google Now.

This exploit can use Siri and Google Now to perform any number of actions using your mobile device. The hacker can silently issue commands to devices that have headphones plugged in, acting as a receiving antenna. For example, the headsets that business owners love to use to communicate while out and about could work for this exploit. The headphones antenna acts like an FM radio chip that can communicate with mobile devices.

ZDNet explains further how this particular exploit works:

With the open source GNU Radio software on a laptop, electromagnetic signals can be sent to those devices. Depending on the sent command, Siri or Google Now can be told to open up a website, send a text, place a call or do any other number of things.

In order to pull this hack off, the attacker only needs to use a laptop with some sort of antenna apparatus to broadcast the signal. All of this could easily be concealed in a backpack and taken on the move. Granted, this exploit is also dependant on whether or not users will leave headphones plugged into the device when not in use, which is relatively unlikely.

Researchers further explained that this hack can work from around six feet from the phone, meaning that the hacker still has to get somewhat near the victim. Furthermore, the signal could potentially extend up to 16 feet from the victim, if the hacker has a powerful enough battery and antenna. Of course, this kind of powerful equipment isn’t nearly as portable as a laptop, making it somewhat inefficient to use, despite the further range.

Finally, it’s very likely that users will notice that their devices are being tampered with before the hacker manages to do anything fishy. The hack doesn’t disable the display of the device, so anyone who is currently using their device will notice what’s happening and react to it, hopefully. These types of hacks are one reason that you should always practice proper smartphone security and use a lock screen. It’s not known if this trick can bypass the lock screen, but either way, it’s a best practice to always be using one. You never know who could get into your device if you’re not using it, especially if you lose it or it gets stolen in a public place. This is why you need some sort of login credential for your device, just like you would for your laptop or desktop PC.

What are your thoughts on this new exploit? Do you think there’s a chance that this kind of vulnerability could be a threat to the business world, or do you think there’s little chance of it having any practical use? Let us know in the comments.

9
Nov, 2015
b2ap3_thumbnail_cia_hacked_400.jpg

If a Teenager Can Hack the CIA, You Can Be Hacked Too!

b2ap3_thumbnail_cia_hacked_400.jpgWith new threats emerging all of the time, it’s no wonder that cybersecurity is such a major part of any technological endeavor. Your should be using the most powerful security solutions on the market in order to avoid intensive hacks. Despite the emphasis that our society places on security, it takes a high-notoriety hack to truly shake the public into action; for example, what if the Central Intelligence Agency were hacked by a teenager?

Well, that kind of happened. As reported by WIRED, CIA Director John Brennan had his email broken into by the hacker in question. By posing as a Verizon worker, the hacker was able to gain access to Brennan’s AOL email account. The hacker used a targeted spear phishing tactic, where he posed as a worker to trick real Verizon employees into handing over sensitive information about Brennan’s account. Surprisingly, all they needed were the last four digits of Brennan’s bank card.

Then, to add insult to injury, the hacker and his associates changed the password on Brennan’s account, locking him out of it and gaining access to his inbox. Since this was his personal email account, you’d think things wouldn’t be any different from a normal hack; well, the problem here is that Brennan’s inbox contained secret government documents from Brennan’s work email address, which he forwarded to his personal inbox. You don’t need us to tell you that this was a bad move on Brennan’s part. According to WIRED:

After providing the Verizon employee with a fabricated employee Vcode—a unique code that he says Verizon assigns employees—they got the information they were seeking. This included Brennan’s account number, his four-digit PIN, the backup mobile number on the account, Brennan’s AOL email address and the last four digits on his bank card.

“[A]fter getting that info, we called AOL and said we were locked out of our AOL account,” he said. “They asked security questions like the last 4 on [the bank] card and we got that from Verizon so we told them that and they reset the password.” AOL also asked for the name and phone number associated with the account, all of which the hackers had obtained from Verizon.

The most unnerving part of this entire situation is the fact that Brennan wasn’t necessarily at fault for the hack itself. The only thing he did wrong was send sensitive information from his work email to his private email address. The real issue at hand should be the fact that these hackers easily wound up accessing an important government worker’s email address. Simple security questions aren’t going to be enough to stop hackers from accessing your accounts. If they really want to, they can get whatever information they need.

Therefore, taking advantage of several security layers is the best way to protect your accounts. Part of this is practicing a quality password security protocol. You should be using secure passwords with several different types of characters, including upper and lower case letters, numbers, and symbols. Strong passwords help keep hackers from cracking your login credentials.

Another best practice is to integrate two-factor authentication into your account logins. This type of solution requires a secondary credential in addition to your normal username and password, making it much more difficult for hackers to attack your accounts. These credentials are usually sent to your smartphone in the form of a SMS message, an automated voice message, or even to your secondary email account. In other words, hackers need physical access to your device in order to obtain this credential.

You don’t want to be stuck in an embarrassing (or potentially incriminating) situation like the one the CIA Director is in now. Give NuTech Services a call at 810.230.9455 and ask us about how we can improve your business’s network security.