Archive for the ‘Security’ Category

Mecklenburg County Server Hack: What You Need to Know

Posted on: December 6th, 2017 by Jessica Diehl No Comments

Residents in Mecklenburg County hoping to get a marriage certificate, or vendors hoping to get paid for work done for the county, may be out of luck, and could be for several days.  Hackers attacked the county servers Monday, locking access to files, and demanding 2 Bitcoins (about $25,000) to decrypt them.

County officials say no resident’s personal information has been exposed, but instead, the hackers encrypted information county employees need to do business.

Like nearly all ransomware attacks, the hackers gained access to the county servers because an employee clicked on an infected attachment in an email.  The county is considering paying the ransom, as well as looking into attempting to decrypt the files themselves.

The Rising Cost of Ransom

TNT has written extensively about the tactics of hackers, and dangers of Ransomware.  And the FBI itself discourages victims from paying the ransom.  But because it is easier for many victims, they do end up paying.  There are many reasons that is a bad idea, and here is just one:

Mecklenburg County Servers

Bitcoin became the standard for ransom in Ransomware attacks in 2016.  In just the past year, its value has gone up more than 1500%, and it continues to rise every day.  That means that on Monday, when the hackers made the demand, the 2 Bitcoins were worth $23,000.  But the value has already increased, and as of the writing of this blog, it’s $25,600.

Criminals Who Can’t Get Caught

These hackers are incredibly smart.  Their use of Bitcoin as a means of ransom is ingenious.  Because it is not considered money, there is often little law enforcement can do, even if they are able to catch the hackers.  Since the hackers are most often located outside of the reach of US law, figuring out who is responsible is a pretty tough task.

Law enforcement – even if they figure out what happened, it may not be considered a crime – reference FBI speaker and chamber presentation – he shared that it is often the case law enforcement can do nothing since bitcoin is not considered ransom or extortion as it is currently not considered legal currency.

 

Not if, but when

Regardless of which route the county takes (paying or not), they simply must come up with a plan to keep this from happening again.  However, the fact is that Ransomware is becoming an increasingly simple and profitable crime for hackers.  Just like there is no 100% sure-fire way to prevent yourself from catching a cold, there is no 100% sure-fire way to ensure you never get hacked.  While you can’t completely avoid catching a cold, you do have a contingency plan in place – you take medicine, you rest.  In the same manner, businesses need to have a business continuity plan in place before they fall victim to hackers.

TNT’s Business Continuity solution would mean a hack like this would have zero impact on business, as everything would have failed over in real time to one of 2 disaster recovery solutions.  Employees would have continued access to the files, applications and servers needed to do business, and the organization would not need to pay the ransom.

Learn more about Business Continuity below, and contact us today to learn more about protecting your data.

Netflix Phishing Scam Underscores Ransomware Risk

Posted on: November 13th, 2017 by Jessica Diehl No Comments

A phishing scam that’s been around for months is hitting the news again.  Hackers targeted nearly 110 million Netflix subscribers in the sophisticated scam that’s bypassing a lot of SPAM filters.

Users receive an email indicating their account has been suspended due to a billing error. They are directed to a fake Netflix landing page. Users are prompted to enter personal and billing information. The page not only looks legitimate, the hackers have found ways to host it on trusted servers.

A recent security survey from Datto shows email phishing remains one of the most common scams hackers use to access your files and information, and/or plant ransomware.

Ransomware is malicious software that blocks your access to your files and information until you pay a ransom.

Datto surveyed IT companies to find out what kind of ransomware attacks their clients were facing.

  • 26% of those surveyed said their clients were hit with multiple ransomware attacks in a single day.
  • 56% of the businesses attacked by ransomware lost critical data.
  • 97% of the IT pros surveyed expect the ransomware problem to continue to increase in frequency over the next two years.

So, what can you do to make sure your company and customer information is as safe as possible from phishing scams?  Education is the number one weapon against phishing scams, and hackers in general.  In the example of the Netflix phishing scam, users should log into Netflix from a new browser window and check the status of their account there instead of clicking on links in the email.

Perimeter and endpoint security cannot be overemphasized.  Have a firewall with layer 7 filtering and cloud-based protection on all your endpoints to be sure that they are safe, both in and out of the office.

Learn more about the dangers of ransomware, including an inside look at the tacticts hackers use by reading our Ransomware Protection page.

 

Cyber Security and the Trust Issues You May Already Have

Posted on: August 31st, 2017 by Jessica Diehl No Comments

We are a civilization built on trust.  We MUST trust, to survive.  That trust is intrinsically being challenged.  Here are three examples of under-the-radar sorts of trust that we build on.

  • We trust the directions we get at a gas station.
  • We trust that our sports teams will one day succeed. Even if they don’t make the playoffs this year, they will one day.
  • We trust that when we dial 911, an emergency operator, trained in how to handle emergency moments, will answer the phone.

We have other institutions that society used to trust but no longer trusts.

  • We no longer trust the media and individual journalist’s ability to let us know what is really happening. We were told how the presidential election would play out by countless pundits only to discover that they were off base.
  • We don’t trust our leaders' ability to ascertain what is really important to us. We hear of what they are doing during the day and can’t fathom why they aren’t working on the problems that oftentimes, most people perceive they should be working on.

At the core of all the trust references above is the art of communication.  Those who clearly hear and see what is happening can get a head start with the formulation of their message.  Those who get their messages intercepted or hijacked are often irreparably damaged.  To that end, I make this hypothesis.

Without making cyber security a priority, an event will occur and people will not trust you anymore.

Once you have shown to be compromised at least one time, people will, by their nature, conclude that you may be compromised again, in the future.  In football, once a player has a torn ACL, that person is considered to be at a high risk for another ACL injury.  The same is true of a company that has their network hacked, and they lose control or access to confidential information.  Once they get hacked, intrinsic trust both from current customers and prospective customers is jeopardized.

Once people don’t trust you, you go out of business.

Despite the volume of people who innately agree with this, it remains an item of intrigue that most small and medium sized business won’t address cyber security with the focus that it deserves.  A seemingly endless stream of front page stories with details of how a company or government gets hacked are consumed by readers, but there isn’t enough thoughtful introspection happening.

TNT has enacted a series of cyber security mandates.  We won’t take on anyone as a managed service customer if they don’t comply with our best practices (or they sign a waiver).  We live in a hospital of sick people, yet a lot of folks still won’t wear gloves and masks when they enter the ER.  TNT is establishing baseline protocols to ensure that our customers are not only protected but also trained in cyber security proactive behavior.

Want to learn more about the cyber security threats facing small businesses?

Cyber security

Could a Whistle Disable Your Cell Phone?

Posted on: March 29th, 2017 by Jessica Diehl No Comments

“Let’s hack and disable your cell phone.  Start whistling in three, two, one, GO!”

Researchers at the University of Michigan and University of South Carolina claim to have discovered that music could be used to disable or, to a certain extent, even control some IoT devices.  The researchers say they were able, through sound waves, to add steps to a Fitbit tracker and interfere with a cell phone app’s ability to control and access Internet of Things devices.

What does this mean?  As IP enabled devices become more and more common, we are culturally on a course that the most likely device that we will use to control and interface with them is our cell phones.  These IoT devices use chip based devices that are built upon the architecture of micromechanical systems (MEMs).  Since these devices lack standards or shared design criteria, there is no governing body to say, “this is good or this is bad,” when a new product comes out.

Common examples where exploits are known and published include the interfaces between fitbits, drones and toy cars with your cell phone.

There are IoT devices in your workplace, today, whether you approved them or not.  For example, I am wearing a Garmin watch that supports Bluetooth and wireless, and it is connect to our office public Wi-Fi.  Since I know the logon information for the corporate Wi-Fi, I COULD put my watch on the private network, and, more likely than not, no one would know that it was a watch.  After all, it has logged on with a valid username and password, and it is logging on from a known location-the office.  What if my watch got hacked and became a proxy for, say, a server that was sending out inappropriate content?

Who is at fault?  The network admin for not having enough security?  Me, for not notifying the network admin that I have an IP enabled watch?  Garmin, for making a watch that is hackable?

The IoT world is changing who we use technology.  The lack of standards or the inability to track device proliferation shall make the news with ever growing frequency.

It is best to respond to this threat before it is a problem.  Mobile Device Management can help.  Learn more about TNT's Mobile Device options here. 

The Network Team