10
Mar, 2017
business_data_breach_400.jpg

20% of Customers and Revenue are a Lot to Lose From a Single Data Breach

business_data_breach_400.jpg

Data breaches are common problems for businesses of all shapes and sizes. In fact, they often have huge repercussions that aren’t initially seen in the heat of the moment. How can you make sure that a data breach won’t negatively impact your business, even well after you’ve fixed the initial problem?

Cisco, for example, claims that out of all companies that experienced a major data breach in 2016, over one-third of them lost more than 20 percent of their customers, opportunities, or revenue. This clearly shows that your business has far more than just data on the line when it comes to cybersecurity. Simply put, by not taking measures to keep your organization secure, you stand to put the future of your business itself at risk.

This makes sense, especially when you consider a consumer’s natural reaction to a poor experience with a specific vendor or brand. If you were a customer at a store that experienced a major data breach (one in which your financial information was stolen), would you still want to shop there? Many organizations will reassure their customers that the vulnerability has been resolved, and some might even offer to make amends for their careless handling of customer data. Yet, sometimes even this isn’t enough to retain customers, and often times, you won’t find this out until it’s too late.

As a small business owner, can you imagine what it would feel like to lose as much as 20 percent of your current clientele? Large organizations might have enough resources and offerings to make the loss seem more manageable, but chances are that a 20-percent loss would be a huge hit for any smaller organization.

Furthermore, it’s likely that such a loss of customers, opportunities, or revenue would affect long-term growth. If your organization loses 20 percent of its customers, that’s not just lost business for you–that’s a whole bunch of customers who won’t recommend your organization to new clients. What’s worse, they may even tell others about your business, but not in the way that you want them to. Before you know it, you’ll have former customers telling their contacts all of the ugly details about their experience with your business, data breaches notwithstanding.

In other words, not only does a data breach represent a loss of revenue, but also a loss of potential resources that could be utilized to further advance your business in the future.

Thus, a relatively small issue could transform into a major problem that puts the future of your business in jeopardy. Cisco also found that the following problems were concerning for organizations that experienced a data breach:

  • Cyber threats in 2016 increased in power and sophistication.
  • Cybersecurity efforts by organizations aren’t able to investigate all of the alerts they get in a single day (56 percent is the average).
  • However, despite cyber attacks growing in complexity, hackers still utilized “classic attack methods seen in 2010.”

Cyber threats continue to evolve into bigger, more dangerous threats that are harder to counter and prepare for. Despite this fact, it’s still your responsibility to make sure that any potential data breach doesn’t spell the end for your enterprise. It’s clear that, in order to guarantee the success of your business’s future, you need to implement powerful and focused security solutions designed to prevent breaches in the first place.

NuTech Services can help your business implement technology solutions designed to limit breaches and manage risk more effectively. With a Unified Threat Management device and remote monitoring and management service, you will have little to fear. To learn more, reach out to us at 810.230.9455.

14
Dec, 2016
breach_of_your_security_400.jpg

Tip of the Week: How to Know if You’ve Experienced a Data Breach

breach_of_your_security_400.jpg

Your data is vital to the success of your business, and as such, it needs to be protected. Can you identify the warning signs that someone has managed to get past your protections to access your data?

According to the Identity Theft Resource Center, or ITRC, there were 781 data breaches in 2015 within the United States alone. This marked the second-highest number since 2005, when the ITRC began to track these occurrences. Of particular interest, the ITRC report noted that, in 2015, the business sector saw the highest percentage of publically reported breaches with almost 40 percent of all reports coming from business organizations. What’s more, motive analysis saw that more and more thieves sought financial gain through accessing sensitive personal data.

Presumably, the report for 2016 should show more of the same.

Business owners should therefore be extremely cautious and prepared when it comes to possible data breaches, not only in terms of preventing them but also in terms of identifying them within their organizations. What follows are some best practices to assist you in determining if a data breach has occurred on your systems.

First, determine what is normal within your systems.
After all, you will need to know what is right to identify if something is going wrong. This can be largely accomplished by familiarizing yourself with the typical goings-on of your employees at different times of day, and with different levels of access.

Keep an eye out for unusual activity.
There are numerous warning signs that a data breach has occurred in your systems. These warnings might be as subtle as a piece of equipment suddenly becoming slower. They may include:

  • Unusual/unapproved programs: If there are suddenly unauthorized programs appearing on the company’s workstations, you may have a breach. You must be diligent in keeping an eye out for such red flags, as well as encouraging employees to do the same by insisting that they report any sudden appearances of new software that were not mandated by the company.
  • Unexplained “employee” activity: Have records suddenly shown users logging on to the system at odd times and from odd locations? Are your accounts being altered without your knowledge or approval? Have employees suddenly had unexplainable difficulties in remembering their passwords? These are also indicators that your system has been breached.
  • Other breach attempts: Have you had to fend off an overt cyber attack recently, such as a Distributed Denial of Service attack? If so, these attempts may have served a secondary purpose as a smokescreen to conceal a more insidious attack. It’s becoming a best practice to assume that an attack isn’t over, even when it’s over (because it may not be).

Educate your employees.
The first and last line of defense against most cyber threats is educated vigilance, including from your end users. Make sure your employees are also aware of the signs of a data breach, as well as other security threats. NuTech Services can help you to keep your systems safe from these attacks as well. To see what we can set up to keep you secure, reach out to us at 810.230.9455.

12
Sep, 2016
deployment_of_nsa_malware_400.jpg

Exploits From the NSA are Now on the Black Market

deployment_of_nsa_malware_400.jpg

If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools–a dangerous concept.

Granted, there’s no proof that the tools are legitimate exploits used by the NSA, and they certainly won’t admit to being hacked. Yet, some security professionals hint that the hackers might actually be telling the truth this time. Researchers have found sample files provided by the hackers to contain some legitimate exploits that could realistically be used to launch hacking campaigns. In fact, some of the stolen exploits take advantage of widely-used security services and firewall solutions, which could be used to infiltrate countless infrastructures around the world.

The hackers responsible for this crime claim to have stolen the exploits from the Equation Group, which is a cyber espionage organization that supposedly has ties to the NSA. The Equation Group is most notorious, perhaps, for their probable role in the development of the Stuxnet computer worm and other advanced malware. The group of hackers who stole the NSA’s exploits–aptly titled the Shadow Brokers–desire to auction the exploits to the highest bidder on the black market.

More specifically, the exploits for sale target the firewall technology of some big names in the cyber security industry, such as Cisco, Juniper, Fortinet, and Topsec (a Chinese brand). Despite suspicions, many security professionals are labeling the code as legitimate, and one has even managed to confirm that one of the exploits uses an IP address that’s registered to the United States Department of Defense. However, rather than the exploits being stolen directly from the NSA, it’s thought that they were discovered on another system that the NSA was in the process of monitoring and that the hackers stole the code in order to turn a profit off of it.

These hackers are currently selling the exploits on the black market in exchange for Bitcoin, but even if they were to receive a value proposition, who can say if it’s likely that they’ll actually hand over such valuable information? There are some researchers who believe that it’s nothing more than an elaborate scam, primarily due to the fact that the NSA hasn’t confirmed any affiliation with the Equation Group or the exploits. Perhaps the Shadow Brokers aren’t telling the truth, but either way, we can expect some dire consequences of such powerful exploits being leaked to the world.

The Shadow Brokers have claimed that they will publicly expose the exploits if they can acquire one million Bitcoins, which presents an interesting (and terrifying) gambit; what would happen if these exploits were to be made public? Hackers around the world would be able to exploit government-grade malware for espionage and network infiltration. It’s a nightmare just waiting to happen.

What are your thoughts on this development? Let us know in the comments.

12
Aug, 2016
verizon_network_security_400.jpg

Study: 95% of All Cyber Attacks are Financially Motivated

verizon_network_security_400.jpg

Businesses need to take security into account and make it a priority. In fact, security is so important that Verizon has compiled a report of the various types of attacks and data breaches that occurred in the past year. This is Verizon’s Data Breach Investigations Report, or DBIR, and it offers insights into how you can protect your business and secure your assets.

The DBIR has a method of outlining data breach types into nine separate categories. In particular, your business should focus on four of them. We’ll provide you with a basic outline of what the threat entails, as well as how your organization can protect itself from them.

Crimeware
The DBIR reports that crimeware is one of the most common trends in the business environment, citing that 39 percent of all attacks in 2015 involved ransomware. The DBIR’s definition of “crimeware” is quite large, and is used to refer to “any use of malware that doesn’t fall into a more specific pattern.” This lack of predictability makes crimeware rather dangerous, and only serves to show business owners just how many different types of threats exist that fall into this category.

The DBIR recommends that all workstations and servers be patched and maintained at all times, and that organizations have backup and disaster recovery solutions put into place to prepare for the worst. Additionally, it’s recommended that you monitor your systems for any changes to system configurations.

Web Application Attacks
E-commerce platforms are some of the most common targets, and it’s simple to understand why. In the DBIR, 95 percent of all web application attacks had some sort of financial motivation. These attacks are caused by successful phishing attempts to steal credentials and infiltrate networks. Additionally, content management system data breaches have become quite common, with some aiming to infiltrate and repurpose sites as phishing centers.

The DBIR suggests using two-factor authentication, and to promptly update and patch software as needed.

Cyber Espionage
Some criminals will primarily target intellectual property. These cyber-espionage tactics will stick to your typical methods of network breaches and utilize sophisticated means to meet their goals if simple tactics don’t work. Therefore, many of these attempts to steal sensitive data can be undermined by basic protection, like firewalls and antivirus, but these solutions shouldn’t be counted on to keep out more advanced threats.

Additionally, you need to take advantage of advanced security solutions, like remote monitoring and management, to ensure that your infrastructure’s configurations aren’t being tampered with, and implement a mobile device management solution to protect your organization’s mobile data infrastructure.

Miscellaneous Errors
This category consists mostly of mistakes of all kinds that leads to compromised security. Verizon reports that around 40 percent of miscellaneous errors are caused by server issues, and about 26 percent are caused by simple employee mistakes, like sending a message filled with sensitive data to the wrong person.

The DBIR suggests that business owners or technology professionals strengthen control over how sensitive data is distributed. Verizon suggests the thorough and proper disposal of any unneeded or irrelevant hardware, and we’d like to mention how employee education as a preventative measure. By ensuring that your team is informed of industry best practices and data management techniques, you’ll drastically cut down user errors.

The takeaway: Basically, the majority of security discrepancies were due to, with varying degrees, human error. This is natural, as hackers actively look to exploit the weaknesses of the human mind. Therefore, if the people that make your business tick are the weakest link in the chain of operations.

What can you do to safeguard your data? For starters, stay up-to-date on the various trends in security breaches, and always keep your systems prepared by installing patches and security updates. To learn more about cyber security and preventative technology solutions, reach out to NuTech Services at 810.230.9455.

18
Jul, 2016
badtunnel_vulnerability_400.jpg

Newly Discovered Vulnerability Gives Reason to Worry for Every Windows User

badtunnel_vulnerability_400.jpg

A vulnerability has been discovered that affects all versions of Microsoft’s Windows operating system, including the long-unsupported Windows XP, going all the way back to Windows 95. The vulnerability, called BadTunnel, allows attackers to directly bypass system defenses and initiate a man-in-the-middle attack. The vulnerability isn’t limited to just Windows, either; it also affects Internet Explorer, Edge, and other Microsoft software.

This vulnerability is largely being called “probably the widest impact in the history of Windows,” making it quite a big deal indeed. Yang Yu, a security researcher at Tencent’s Xuanwu Lab, is the one responsible for finding the bug, and his actions in doing so were rewarded handsomely; he’s one of the few who have managed to earn more than $100,000 through Microsoft’s “bug bounty” program, and the discovery of BadTunnel netted him a modest $50,000.

Forbes reports: “This vulnerability can be exploited through Edge, Internet Explorer, Microsoft Office and many other third-party software on Windows. It can also be exploited through web servers … or even through thumb drives – insert the thumb drive into one of the ports on the system and the exploitation is complete.”

Perhaps the most disconcerting thing about this vulnerability is that it’s left Windows PCs vulnerable to attacks for the past 20 years. A successful exploit of the flaw can spoof connections over NetBIOS that allows computers to communicate with one another over a local area network. Essentially, the hacker could route traffic on a user’s Windows PC to their own. Forbes explains further: “Not only could the hacker spy on non-encrypted traffic, they could intercept and tamper with Windows Update downloads. And they could inject further attacks in web pages visited by the victim. For instance, they could ensure that the “tunnel” between the target and the hacker would remain open by inserting code into web pages cached by the browser.”

But, fear not – a patch for BadTunnel was issued in Microsoft’s June 14th Patch Tuesday. However, not all businesses automatically deploy patches and updates, so communicate with your IT department to ensure that your business is protected from BadTunnel. If you ignore this vulnerability, there’s a chance that your Windows PCs could be monitored and controlled remotely by malicious entities. You can view the official Microsoft security bulletin here.

Yu believes this vulnerability to be the first of its kind, and it’s understood that Windows users should update as soon as possible. Yet, some users, like those who have Windows XP (still), will be out of luck. In these circumstances, researchers have recommended disabling NetBIOS over TCP/IP. However, it might just be easier, and more secure, to just upgrade to a supported operating system. Whatever you decide to do, NuTech Services has your back.

Yu plans to discuss the finer details of BadTunnel later this month at the 2016 BlackHat Conference in Las Vegas, July 30th through August 4th.

For more technology news and security tips, reach out to NuTech Services at 810.230.9455.

17
Jun, 2016
ai_human_security_400.jpg

Researchers From MIT May Have Found the Holy Grail of Network Security

ai_human_security_400.jpg

When it comes to cybersecurity, maintenance is key. Whether you choose human-based security or an automated security solution, running into shortcomings is still possible. Human security tends to rely on the word of experts, and anything that doesn’t fit into the guidelines is missed and may therefore get through and wreak havoc. Network security can be a touch overzealous, in a way “crying wolf,” with an excess of false positives that ultimately require human analysis, leading to human frustration.

Blending the two in the past has proven difficult, as the experts with the necessary skills aren’t usually available for the time it takes to label the data for the programs to work properly. However, a team of researchers assembled from MIT’s CSAIL (Computer Science and Artificial Intelligence Laboratory) a PatternEx (a machine-learning startup) recognized these issues and have developed a platform that blends AI and human security attributes in a way that shields from the shortcomings of either.

Dubbed A.I.², this new platform is capable of detecting 85 percent of incoming attacks while reducing reported false positives to 20 percent of what they were originally. To achieve this, the “untrained” machine reports what machine learning tells it are the 200 most important problems in the sample set to a human expert, who then corrects the machine’s work. As the machine progresses through sets of data, it reports fewer and fewer false positives.

In doing so, A.I.² demonstrates machines effectively learning from human teachers, cooperating for the sake of security analysis accuracy.

The implications to the realm of security in the future are massive. It’s difficult not to let the imagination run wild with thoughts of upcoming technologies being influenced by this human-artificial intelligence hybrid.

However, since there is no telling how long it may be before a system like A.I.² could be available to users for purposes of data defense, business owners should still follow best practices. Users should not only be educated on the importance of avoiding typical security risks. They must also be reminded of the importance of compliance to regulatory standards for business security, such as those set by organizations like HIPAA, DSS, and others. They should also be encouraged to review the reports generated by security software.

Additionally, you could always allow NuTech Services to help manage your cybersecurity. By intelligently implementing security solutions, we can help your company avoid security issues and keep your IT in top working order. To set up a remote monitoring and maintenance solution, call 810.230.9455 today.

30
Dec, 2015
b2ap3_thumbnail_life_threatening_hack_400.jpg

Hacking Attacks Can Have Deadly Consequences

b2ap3_thumbnail_life_threatening_hack_400.jpgWe all know that hackers are never good news. All they want to do is ruin someone’s day by planting a threat in an innocent person’s PC or steal some data from a business. However, some hackers could potentially have much more dangerous (and deadly) agendas, like sabotaging hospital equipment.

We know, you don’t often associate hacking attacks with the physical world, but in many cases, some severe hacking attacks can have life-changing consequences. For example, hospital pumps that are responsible for delivering appropriate doses of drugs and other life-sustaining fluids to patients can be compromised and used for delivering deadly doses. Another example is the insulin pump, which monitors blood glucose levels, or the implantable cardioverter defibrillator, which is responsible for jolting patients back to life if they go into cardiac arrest. Perhaps one of the most nerve-wracking hospital hacks is that of a CT Scanner, where attackers can potentially change radiation exposure amounts and limits.

Now that we’ve completely ruined any further hospital experience for you, basically, what we want to get across to our readers with this article, is that you absolutely CANNOT dismiss hackers as potential threats, especially in a world where wars are being fought over the Internet, and technology aids in war zones in unforeseen ways. Hackers continue to find new and creative ways to engage in cyber attacks, and they will continue to pose a significant threat to your business if you don’t do anything to stop them.

Hacking attacks against hospital equipment are a huge cause for concern, but you shouldn’t underestimate attacks against your own company, either. Hackers access business networks just like yours on a daily basis, hoping to take something important and turn a profit off of it. This could be private employee records (Social Security numbers, dates of birth, etc.), client payment information (like credit card numbers), and other confidential information. Other times, hackers might not have any specific agenda, and could just be looking to wreak havoc with viruses, malware, and other damaging cyber threats. Either way, the introduction of malicious entities into your network could have disastrous effects.

The best way to avoid the fallout from hacking attacks is to prevent them from happening in the first place. Your business needs to take a proactive stance against all of the common avenues that hackers exploit to gain access to your network infrastructure. This means implementing powerful solutions that keep threats out, and those that can detect and eliminate potential threats found within an infrastructure.

A Unified Threat Management (UTM) solution is designed to offer the comprehensive protection that your organization needs to stay safe when it feels like the world is out to get you. A firewall can keep the majority of threats from accessing your network by checking out data traveling to and from your network. Compounded with an antivirus solution, you can effectively keep threats out of your system, and promptly eliminate those that do somehow get through. Additional security measures, like spam blocking and web content filtering, can limit your staff’s exposure to potentially dangerous entities by keeping suspicious messages out of your email inbox, and blocking content that may be compromised while surfing the web.

While your business’s network security might not be a life-or-death situation, a ruined business is a huge first step toward a ruined life. If you want to make sure your network is equipped to handle hacking threats, give NuTech Services a call at 810.230.9455.