How cave fish may help prevent IoT jamming

Jamming is a potential crippling blow to internet of things-enabled hardware. It can bring down drones from the sky, disrupt network connections and lead to economic downtime. In the cybersecurity arena, jamming is more commonly known as dedicated denial of service attacks. According to a CORERO DDoS trend report, this method of cyberattack increased by an incredible 91 percent in 2017.

IoT devices are behind this surge in DDoS attacks, as many lack comprehensive cybersecurity protocols and can be easily jammed. While this deterrent is not enough to slow the pace of IoT adoption, enterprises hoping to make use of mass IoT market penetration must be aware of the risks, as well as what is being done to prevent IoT jamming.

Luckily, a recent study published in Optics Express gives some hope against rampant DDoS cybercrime. As with many technological innovations, the potential salvation is inspired by a system that already works inside the animal kingdom.

Studying the Eigenmannia
The Eigenmannia are a species of cave fish that exist in total darkness. Without light, these creatures need another way to hunt, communicate and otherwise "see" within the perpetual darkness. The researchers studying these fish discovered that they emitted an electric field to sense the environment and communicate with other fish.

Because two or more of these animals could emit the field near one another, the species had to have a way to stop the signal from getting disrupted, otherwise the fish couldn't thrive. The scientists learned the Eigenmannia have the ability to alter their signals. This capability is due to a unique neural algorithm in their brain activity. The purpose and function of the field remains in tact, but its frequency is changed just enough to avoid confusion.

This same trait can be harnessed to help create a light-based jamming avoidance response device.

Drones if jammed run the risk of damaging hardware and products. If jammed, drones run the risk of damaging hardware and products.

Creating a jamming avoidance response device
When two IoT devices operating on the same frequency come close to each other, the fields become crossed, and jamming occurs. The closer the two pieces of hardware drift, the more the disruption intensifies.

However, with a JAR device, similar to the natural solution used by Eigenmannia, these IoT components could adjust their frequency, preserving the function of the signal while avoiding jamming. Using a light-based system would enable IoT devices to shift through a wide range of frequencies.

The resulting machine, created by the research team, shows promise.

"This could allow a smarter and more dynamic way to use our wireless communication systems without the need for the complicated coordination processes that currently prevent jamming, by reserving whole sections of bandwidth for specific phone carriers or users such as the military," said team lead Mable P. Fok.

While it won't single-handedly eliminate the threat of DDoS attacks, JAR device usage on a large scale has some advantages. Essentially, it is a low-cost solution for any agency that utilizes a plethora of IoT content. In addition to the aforementioned military use case, health care facilities like hospitals, air traffic control towers and even educational institutions could find immediate value in this technology.

Since a JAR device would likely lower the bandwidth needed for IoT hardware interaction, DDoS attacks could become less expensive. As these attacks continue to become more prevalent, the value of this research will likely increase. Designing IoT devices on software that can shift frequency will reduce costs and, hopefully, a more secure IoT landscape.

How a holistic approach to data analytics benefits cybersecurity

Almost everyone, regardless of industry, recognizes the growing importance of cybersecurity. Cyberattacks are on the rise and growing increasingly varied and sophisticated. According to data collected by Cybersecurity Ventures, the annual cost of cybercrime is estimated to reach roughly $6 trillion by 2021. An effective information security policy is, in many cases, the only thing standing between companies and possible financial ruin.

The danger is especially real for small- to medium-sized businesses. Data from the U.S. Securities and Exchange Commission found that only slightly more than a third of SMBs (40 percent) survive for longer than six months after a successful data breach. For these types of organizations, cybersecurity is literally a matter of life and death.

The good news: Many businesses recognize the need for effective cybersecurity strategies and are investing heavily in personnel and software solutions. The bad news: Many of these same companies are only reacting, not thinking about how to best deploy this protective framework. Effective cybersecurity isn’t as simple as applying a bandage to a cut.

It can be better equated to introducing a new nutritional supplement to the diet. The whole procedure is vastly more effective if integrated into every meal. To best use modern cybersecurity practices, businesses must rethink their approaches to corporate data structure. Data analytics is a vital tool in providing the best in information protection.

“Segmenting data spells disaster for an effective cybersecurity policy.”

Siloed data is unread data
As organizations grow, there is a tendency to segment. New branches develop, managers are appointed to oversee departments – in general, these groups tend to work on their projects and trust that other arenas of the company are also doing their jobs. The responsibility is divided and thus, easier to handle.

While this setup may make the day-to-day routine of the business easier on executives, it spells disaster for an effective cybersecurity policy. This division process creates siloed or segmented data pools. While a department may be very aware of what it is doing, it has far less knowledge of other corporate branches.

Many organizations may figure that an in-house IT team or chief information security officer can oversee everything, keeping the company running at full-tilt. However, this assumption is only half-true. While these staff members can and do oversee the vast majority of business operations, they will lack the data to make comprehensive decisions. A report from the Ponemon Institute found that 70 percent of cybersecurity decision-makers felt they couldn’t effectively act because of a surplus of jumbled, incoherent data.

Data analytics, or the study of (typically big) data, provides facts behind reasoning. To gather this information, companies need systems and software that talk to one another. Having the best-rated cybersecurity software won’t make a difference if it can’t easily communicate with the company’s primary OS or reach data from several remote branches.

CISOs or other qualified individuals can make practical, often less-expensive strategies with a clear view of the entire company. Without this type of solution, a business, no matter its resources or personnel, will essentially be operating its cybersecurity strategy through guesswork.

Separated data creates bubbles where information can be misplaced or duplicated, resulting in a slower data analysis process. Separated data creates bubbles where information can be misplaced or duplicated, resulting in a slower data analysis process.

Centralized businesses may miss real-time updates
Businesses face another challenge as they expand. Data collection has, in the past, slowed with remote locations. Before IoT and Industry 4.0, organizations were bound with paper and email communications. Remote branches typically grouped data reports into weeks or, more likely, months.

This approach meant that the central location effectively made decisions with month-old information. When it comes to minimizing the damage from data breaches, every hour matters. Luckily, many institutions can now provide data streaming in real time. Those that can’t must prioritize improving information flow immediately. Cybercrime looks for the weakest aspect within a company and tries to exploit the deficiency.

For data analytics to work properly, businesses need access to the full breadth of internal data. The more consistent and up to date this information is, the better CISOs and IT departments can make coherent and sensible decisions.

Visibility may not sound like the answer to fighting cyberattacks, but it is a crucial component. Companies need to be able to look within and adapt at a moment’s notice. This strategy requires not just the ability to see but also the power to make quick, actionable adjustments. Those organizations that still segment data will find this procedure difficult and time consuming.

As cybercrime becomes an expected aspect of business operations, those who still think in siloed brackets must change their mindsets or face expensive consequences.

4 Financial Industry Cybersecurity Trends for 2018

Without a doubt, cybersecurity is and will continue to be the top concern from financial institutions big and small. In 2017, the IBM X-Force® Research 2016 Cyber Security Intelligence Index study reported that the financial services industry was the most targeted-industry for the second year in a row; experiencing the highest volume of security incidents and third-highest volume of attacks. This is not surprising considering the large amount of personal data, intellectual property and physical inventory, in addition to the massive financial assets that companies in this industry hold. To protect your company, it is important to stay on top of the top cybersecurity challenges financial institutions are currently facing. Read more

Exploring the true value of a CISO

As cybersecurity issues become more prevalent, one position within the corporate ladder is gaining new attention: the chief information security officer. The financial burden of data breaches continues to rise. One recent report from Accenture stated that the average global cost of cybercime reached $11.7 million in 2017. This was a 27.4 percent raise from $9.5 million in 2016.

Along with the rising expenses of cyberattacks, companies have been spending more on protection, primarily on CISOs. Security Current data indicated that the overall average salary for an CISO was $273,033 by end of 2016 and this number is only expected to have increased. As organizations continue to pay more for CISO expertise, the question becomes: What value do CISOs truly bring to the organizations they serve?  

Distilling decision-making to one person
Cybercriminals have certain inherent advantages over the companies they target. For one, their anonymity. Hackers typically research an organization's staff as this aids with spear phishing and other data breach initiatives. By contrast, businesses have no certainty they're even being targeted until they've been attacked.

Another crucial advantage on the side of hackers is that many corporations, especially those small- to medium-sized businesses, don't have CISOs. This means that all cybersecurity policies and initiatives must go through the IT department or other group. When a chief technology officer has to deal with cybersecurity on top of other duties, the initiatives can be slowed, in some cases encountering month-long delays or more.

Cybercriminals are constantly adapting and incorporating new malicious software into their arsenals. In order to keep pace with this rapid innovation, one person within the organization must function as the hacker's opposite, keeping the company cybersecurity policies fluid and responsive. As Helpnet  Security pointed, CISOs must not only be leaders but also serve as the link between innovation and defense. A single, dedicated person can do this much more effectively than a distracted team.

Having a leader creates a clear, authoritative flow for decision making. Having a leader creates a clear, authoritative flow for decision-making.

Presenting a single, unified cybersecurity vision
Likewise, a C-level executive is typically the only class of employee capable of making real, impactful decisions within a corporate structure. Unfortunately, many executives and decision-makers remain uneducated about issues of cybersecurity. A BAE Systems survey found only 42 percent of executives felt they were very or extremely knowledgeable about their company's cybersecurity policies.

In order to create comprehensive, overarching information security standards, businesses need a respected voice in the room who can articulate and educate other executives on the need for cybersecurity initiatives. CISOs have this presence and, unlike CTOs, they are not hindered by distractions that can occur in other business segments. 

"Think in terms of 'when' instead of 'if.'"

Creating and updating corporate response strategy
Experts agree that companies that develop cyberattack response strategies minimize losses and more quickly seal breach points. While it is nice to hope that your organization will never be affected, the far more prudent strategy is to think in terms of "when" instead of "if." When a cyberattack occurs, organizations must have a clear, itemized response plan.

According to Risk Management, the best plans are proactive; changing biannually or even quarterly to adapt to new methods of cyberattack. A comprehensive plan includes steps like workforce education, breach detection tools, consumer alerts and legal recourse tools.

Once a data incursion occurs, the CISO and his or her team must be able to detect it immediately. With cyberattacks, the longer they go unnoticed, the worse they are. Placing a CISO in charge of maintaining and updating this response plan will ensure that it gets done and comes from a point of clear authority.

When a data breach occurs, the last thing that decision-makers want or need is to be arguing about what to do and who should do it.

Allowing the IT team to focus
IT teams within companies are frequently overburdened. In addition to maintaining and updating company software, IT personnel regularly respond to the daily crises of other employees. Every hardware, email or other type of problem distracts IT groups from performing their primary duties.

While typical employees tend not to notice whether or not an operating system is updated, it is these performance checks that ultimately help keep company networks safe from unauthorized access.

Bringing in a CISO allows the IT group more time to focus on their core responsibilities. The CISO may even operate alongside regular IT staff during certain times, however, it is best not to overlap duties too much. CISOs can handle red flags, such as phishing emails and imbedded malware that may otherwise escape detection or occupy IT manpower.

CISOs don't need to be paid a quarter million dollars a year to be valuable. Essentially, they act as a point person in  the realm of cybersecurity, a clear head that can dictate commands and formulate strategy. Too often, companies take a relaxed approach to cybersecurity, which almost always results in lost income and damaged reputation.

For organizations that cannot afford to keep a full-time CISO, other options remain. Cloud solutions tend to be more secure than in-office networks and some managed IT providers offer the same level of oversight and proactive planning. Regardless of who or what is in charge of information security, companies must prioritize all compliance and protection development as crucial issues.

Data Madness: Physical and digital, ensuring that critical data stays safe

With March winding down, it is important to remember the significance of confidential corporate information. Data has been called the new oil, however, as Business Insider pointed out, this is not a great comparison. Unlike oil, more data does not intrinsically mean greater value. The nature of this information greatly matters.

So really, data is more like sediment. Some bits are just pebbles – numerous beyond count and basically interchangeable. However, certain information – like say personal identification information and dedicated analytical data – is immensely valuable. These are the gemstones, the gold, and this data must be protected.

To avoid data madness, or the immense financial and irreparable damage done by lost confidential information, follow these tips to safeguard valuable data:

"Around 23 percent of IT thefts occur in office."

Securing physical data
While many organizations worry about theft from cars, airports or other public places – not enough information is paid to a real danger: the office. According to a Kensington report, 23 percent of IT thefts occur in office. This is nearly 10 percent higher than hotels and airports.

The same report found that over a third of IT personal have no physical protection in place to prevent hardware from being stolen. Only 20 percent used locks to protect hard drives.

While organizations worry about small devices like wearables and smartphones, basic security cannot be overlooked. Companies must take steps to ensure that only employees or approved guests have access to the premises. Even then, not every worker needs universal access. Server rooms and hardware storage should be kept behind additional locks.

IT teams should also be required to keep a thorough inventory of all network-enabled data devices. This will alert the organization quickly should a theft occur. While cybersecurity grabs headlines – the importance of a good, strong physical lock cannot be overstated.

Malicious third parties are not above using simple and primitive tactics.

Protecting digital data
While physical protection is essential, cybersecurity is rising in importance. Gemalto data states that, since 2013, more than 9 billion digital records have been stolen, misplaced or simply erased without authorization. More troubling is the recent increases in data loss. Gemalto also recorded a steady rise data breach occurrence and a dramatic uptick in misplaced or stolen information.

Cybercriminals adapt quickly and their tools are constantly evolving. Deloitte released a report chronicling the increasing tenacity and sophistication of ransomware, a disturbing cyberattack that strips away essential data access from organizations and charges them to get it back. Infamous attacks like WannaCry made headlines last year and unfortunately these incidents are expected to become more common.

When enhancing cybersecurity, take a company-wide approach. Every employee with network access needs to be educated on basic risks. Network administrators should also structure internet connectivity to run on the principle of least privilege. As with the physical server room, not every employee needs access to every file. Permissions should be given sparingly.

Lastly, businesses need a concrete plan if and when a data breach do occur so that they may respond efficiently and swiftly to contain the attack. 

Finding  the point of breach quickly can reduce the damage done by cybercriminals. Finding the point of breach quickly can reduce the damage done by cybercriminals.

The Cloud Advantage
One of the reasons that cloud services are so popular is that they alleviate certain cybersecurity concerns. Many businesses, especially smaller organizations, have budget restrictions, whereas a cloud services provider like Microsoft annually invests $1 billion in cybersecurity, according to Reuters.

Handing off information security concerns to a trusted organization with more resources is a way to help safeguard your data, backing it up so that it will never be lost or stolen by a malicious third party.

Data Madness: The importance of deleting/removing critical data from old devices

You arrive at work and get an immediate call to see the CEO. Upon entering the office, you notice that the CIO and other executives are in the room, as well as several people in suits you don't recognize. Everyone is looking stressed, brows furrowed and heads bent.

Those new people in suits are lawyers planning the company's defense to the major data breach that was just detected. The malicious activity occurred last month and the hacker supposedly used your information.

After frantic moments of head scratching, you remember: You sold your smartphone last month. While it was a personal device, you used it to check office email and it had stored access to the company network password.

While data madness often happens when vital data goes missing, it can also occur when data isn't properly disposed of. Too often, organizations fail to stress the importance of information security at every phase of the hardware's life cycle. Before a machine can be decommissioned, data must first be thoroughly purged and, in some cases, destroyed.

A broken phone can still house perfectly working data. A broken phone can still house perfectly working data.

Sanitizing data vs. deleting data
In some companies, the temptation is to delete data by moving it to the recycling bin and pressing "empty." However, this is not enough. According to Secure Data Recovery, data emptied from the recycling bin is not permanently deleted – at least not right away. The computer simply deletes the pathing and labels the information as "free space," meaning that it can be overwritten by new data.

For all intents and purposes, data deleted from the recycling bin is gone, at least as far as the layperson is concerned. Those with computer programming and specialized skills or software, however, can recover the information and restore it. If you've ever done a search for "data recovery" – you will see that these skills are not in short supply.

Yet companies make this mistake all the time. A survey conducted by Blancco found that almost half of all hard drives carried at least some residual data. The same was true for over a third of smartphones. Files such as emails, photos and sensitive company documents were recovered from these devices. To securely delete files requires a more thorough process.

The University of California, Riverside defines data sanitization as "the process of deliberately, permanently, and irreversibly removing or destroying the data stored on a memory device." Sanitized data drives typically carry no residual data, even with the aid of recovery tools. However, this solution often times requires additional software that will erase and rewrite information multiple times.

Companies have a wide variety of options to choose from when it comes to securing data sanitization software. Microsoft even provides an in-house solution in the form of its tool, data eraser – which has been optimized for PCs and tablets. It's important to remember that different types of data drives will only be compatible with certain software.

Given the sensitive nature of the material in question, companies should only choose data sanitization software from trust organizations.

Recycling bins - like their physical counterparts - are not known for permanently disposing of trash. Recycling bins – like their physical counterparts – are not known for permanently disposing of trash.

When physical destruction may be needed
However, for some kinds of data, sanitization may not be enough. This can be regulated by internal business policy (such as placing employee payroll information as the most sensitive data) or by government laws like HIPAA – which mandate time-effective data destruction.

In this case, the storage device matters more. Hard disk drives, commonly found in computers and servers, are the easiest to destroy as they operate on magnetic fields. A hard drive degausser can permanently alter these fields, leaving the device completely unreadable.

Solid state drives and flash media are more difficult. Their data storage is circuit-based, rendering a degausser ineffective. These drives should be shredded or destroyed by quality equipment expressly designed for the task. Hard drive data can be recovered after improper destruction, even in extreme cases. ComputerWorld reported that data was restored from the wreckage of the Columbia space shuttle tragedy, illustrating the hardiness of certain drives and the effectiveness of professional data recovery tools.

Safely disposing of data is no easy task and innovations like the internet of things have made it more difficult. Cybercriminals may be developing more sophisticated ransomware but they are also still routinely diving in dumpsters and scoping out secondhand stores for improperly deleted data. Make sure your company is taking the necessary steps to avoid data madness. 

How schools can upgrade their online infrastructure

Nothing is perhaps more important to the U.S.'s future than maximizing the potential of education. It is through mass schooling that children learn the essential social and learning skills that will prepare them for adult life and professional work. While education is a complex process with many different factors affecting outcomes, access to technology clearly plays a role in children's learning.

It is unfortunate then to learn that 6.5 million students in the U.S. still lack broadband, according to Education Superhighway. Broadband is an essential communication medium for educational facilities with large student and teacher populations, as it allows for messages and online actions to be completed simultaneously.

However, broadband is only one crucial aspect of improving online infrastructure in schools and other educational facilities. Further complicating the matter are tight budgets that many of these institutions must operate within. As the Center on Budget and Policy Priorities reported, state and local funding is still recovering and is well below what it was in 2008.

With this in mind, schools may have to focus on the most essential upgrades first, spreading out the investments in a way that maximizes learning potential.

The advantages of a fiber connection
Sites like Education Superhighway are big on the advent of fiber in the classroom. According to Techno FAQ, one of fiber's biggest advantages is its reliability. Fiber functions on symmetrical connections, allowing downloads and uploads to happen at the same time without impacting connection speed. The system also tends to be more passive and separated from power lines, meaning that it will likely remain operational during a storm.

Time is precious in schools and fiber is designed for high-speed connections, typically over 1Gbps. This allows educators to stream video content in seconds, without having to pause constantly for buffering videos.

A fiber connection allows for high bandwidth and enables faster broadband. A fiber connection allows for high bandwidth and enables faster broadband.

Planning for increased bandwidth usage
Think of bandwidth like a highway: the more lanes there are, the more easily traffic can flow. In a school situation, every student and teacher is a car on that highway – meaning that things will slow down very quickly with only a couple of lanes. Without proper bandwidth, hardware investments will not work the way they should. Even the most up-to-date tablet cannot magically conjure efficient internet connection on its own. 

Bandwidth management can keep everything flowing smoothly. While schools can (and should, up to a point) purchase more bandwidth, management will help reduce the amount of spending while maximizing efficiency. Techsoup for Libraries recommended bandwidth management to help prioritize which programs get access to the connection speed first.

For instance, a student wrongly downloading a new mobile game should never receive the same bandwidth as a teacher trying to stream a news program for a class. Student devices can even be put on a separate, slower network, freeing up room for the educators to use on lessons.

While schools can have their own servers – many universities do – a cloud services provider can help alleviate this investment. Just be sure that any contracted third party has the proper security certification to be a trusted partner.

"Wearable technology like smartwatches are starting to enter the educational space."

Factoring in IoT and BYOD
Whatever the plan, make sure spending accounts for more than just the computers in the classroom. Everyone, student and teacher, has a smartphone. Numerous other wearable technology like smartwatches and similar products are also starting to enter the educational space. As the internet of things continues to grow, each one of these devices could sap bandwidth away from where it is needed.

This represents a cybersecurity issue, especially as most faculty and students are bringing their own devices. School online infrastructure should carry a layered password system to ensure that access is restricted to authorized users. In addition, the principle of least privilege should be applied.

This will ensure that students on have as many permissions as they need, keeping them away from confidential teacher data. Ideally, the IT team will have oversight and the only administrator privileges on the network. This way if there is a breach, the potential damage will be contained.

Remote monitoring programs are useful tools for school systems that cannot afford to keep a dedicated IT staff in every building. While this software is convenient, schools should be wary of investing in any solution without doing the proper research. A report from Schneider Electric analyzed a possible danger in certain solutions as, if compromised, they provide an open window for cyber criminals to inflict damage.

Students can be placed on a separate network, freeing up bandwidth and reduces the likelihood of a school data breach. Students can be placed on a separate network, freeing up bandwidth and reduces the likelihood of a school data breach.

Preparing for 5G
Any education institution investing in wireless internet infrastructure needs to consider 5G. While not readily available now, 5G has already begun limited rollout and is expected to start becoming widespread in 2020, according to IEEE 5G. This will serve as not only the next telecommunication standard but will also empower higher capacity, massive machine communications.

Essentially, the bandwidth concerns of today may be outdated and a whole new set of possibilities and problems will open up. While it is still too soon to definitively say with certainty what kind of wireless internet infrastructure 5G will bring, schools that need to design systems between now and 2020 should incorporate easy scalability into the infrastructure. It makes no sense to optimize exclusively for platforms that may soon be obsolete.

As schools and other education establishments begin improving online infrastructure, a solid IT solutions provider can help smooth the transition and reduce cost spending. ISG Technology stands ready to do its part in ensuring that the U.S. education system empowers the most complete learning experience in the world. Contact us today to learn how we can help update your infrastructure.

Why phishing is so dangerous

As 2018 begins, the total number of cyberattacks continues to rise. Data from the Identity Theft Resource Center and CyberScout showed there were 1,579 successful data breaches in 2017. This figure represents a nearly 45 percent uptick from the year before. The numbers turns especially troubling when broken out by industry.

On the whole, most sectors are tightening their security measures and reporting fewer breaches. Health care, government, education and financial industries all reported a continued decrease in successful data breaches. While this is good news, there is one market that more than made up for this gradual decline: business. In 2017, the business sector accounted for nearly 60 percent of all breaches. This trend has been steadily increasing since 2013, according to the report.

Part of this is the pace of cyberattack evolution. Businesses invest heavily in methods to prevent one type of cyberattack, only to have hackers change their strategy within months. At that point, the organization has already spent its budget in information security and may be scrambling to allocate more. However, data suggests that one of the simplest forms of cyberattack is still among the most effective: phishing.

"Less than half of all executives understand their company's information security policies."

False sense of safety
While ransomware and other, more elaborate types of cyberattack routinely make the news, phishing has been flying under the radar. Many equate it with stories of foolish people falling for schemes from a Nigerian prince or believing that they had suddenly acquired millions from the government – fantasies that businesses tell themselves they would never fall for.

Data from a couple years ago may also have looked hopeful. A 2016 Symantec report concluded that the overall email spam rate was falling and that fewer phishing bots were being used. This information, likely the result of email server providers like Gmail and Outlook stepping up their sorting technology, may have given a false sense of safety to business executives.

Compound this will another major problem in the business sector: Most executives are in the dark when it comes to understanding cybersecurity concerns. A cybersecurity survey report from BAE systems in 2016 found that less than half of all executives claimed to understand their company's information security policies.

This same survey found that only 60 percent of companies had formal cybersecurity training sessions in place, and that 70 percent of that number only had training roughly once per year. Given how rapidly cyberattacks change and adapt, this strategy would leave companies exposed to vulnerabilities – perhaps more so than other organizations because of the misplaced sense of safety.

"Cyber criminals now create fake websites that look legitimate."

Phishing is getting smarter
Part of Symantec's data – the decline of phishing bots – should not have been received with good news. Especially when, according to Comodo Threat Intelligence Lab data, the overall number of phishing attacks continues to increase. Bots are, for lack of a more proper term, dumb. They follow predictable formulas that can be easily filtered into spam boxes and out of employees' vision.

However, phishing has gotten smarter. One of the new methods outlined in Comodo's report is called "clone phishing." In this scenario, hackers intercept an authentic email communication, typically from an executive, and recreate it nearly flawlessly. The fake email is then sent to the employee in the hopes of getting a response.

In addition, the practice of spear phishing is on the rise. Most early phishing was a mass attack – the same email or recorded message sent to many people, hoping to snag a minority of those contacted. Spear phishing is more precise. This phishing tactic learns of the victim's personal information and uses it. This means that the phishing message may include real names, dates and relevant organizations – all factors that will make the communication look more genuine.

Phishing has also gotten more complex in the sense that it has evolved past emails, phone calls and text message. Cyber criminals now create fake websites – similar to originals – that look legitimate. However, these malicious sites often betray themselves in the domain name, which is typically longer or more complicated than it needs to be. These website forgeries will almost never use common domain names like .com or .org.

Everyone is a target
According to the Comodo report, 50 percent of employees will open an email from an unknown sender if it lands in their inbox. This number alone explains the increasing amount of phishing attacks, as well as why they are such a prevalent method. Every employee is a potential target.

Phishing stresses the need for comprehensive employee training at every level. Even one person being compromised can put an entire organization at risk. For example, if an entry level analyst is targeted and successfully breached, the hacker or malicious group may be in possession of the network passwords, meaning that they suddenly share his or her level of access. This can be used to install ransomware or other harmful programs. 

Every employee who receives corporate emails on a professional or personal device is the potential victim of phishing.Every employee who receives corporate emails on a professional or personal device is the potential victim of phishing.

Training to beat phishing
Information shows that training sharply decreases the likelihood of phishing success. A PhishMe report concluded that susceptibility fell to roughly 20 percent after relevant sessions on improved cybersecurity practices occurred.

Even these newer, smarter methods of phishing have telling signs. CSO stressed that malicious emails are usually more threatening or urgent than typical office communication. This is part of cyber criminals' strategy, as panicked employees are less likely to think clearly if they legitimately believe their job is on the line.

Employees should also be advised to carefully check the sender's name. If it is an unknown sender, all emails should be double-checked with the supervisor before response. Spelling and grammar are also more likely to have mistakes as cyber criminals have no corporate standard or editing department.

Business companies should be willing to partner with the experts to ensure the best training and prep programs for their employees. IT service providers like ISG prepare cybersecurity compliance as part of our extensive product portfolio. Consult with us today to find out how we can help secure your company against future data breaches. 

Critical Cisco Systems Vulnerability: Patching Needed

On January 31st, Cisco Systems disclosed a vulnerability allowing up to complete control of a device from the Internet, affecting Cisco ASA Software that is running on several Cisco products.  The purpose of this blog post is to:

  • Help you understand the issue
  • Point you to trusted resources to explain it in more depth
  • Determine how you can protect yourself against it

The Issue

Cisco Systems released an advisory and a patch for a vulnerability allowing up to complete control of a device from the Internet.

What You Should Do

Check the following systems for the webvpn configuration, and if enabled for external communications, the systems need the patch from Cisco.

Vulnerable Products[1]

This vulnerability affects Cisco ASA Software that is running on the following Cisco products:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)

What ISG Is Doing

Currently, the ISG Data Centers are following our normal process for patching, with additional analysis for the critical configuration problems.  Our service engineers are available to assist any customer with any Cisco product help in regards to this issue and any other issue.

References & Further Information

Please view the Cisco advisory linked below for more technical details on the products and vulnerability.  Ars Technica also produced a story about the issue: https://arstechnica.com/information-technology/2018/01/cisco-drops-a-mega-vulnerability-alert-for-vpn-devices/

[1] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 

3 things SMBs need to know about cybersecurity

If you run an SMB, cybersecurity should consistently weigh on your mind. Cybercriminals are extremely common these days, and fighting them off can be quite the challenge. In fact, the Duke University/CFO Magazine Global Business Outlook Survey found that more than 80 percent of companies in the U.S. have been hacked.

While this should make any company administrator worried, this is an especially frightening statistics for those that run SMBs. While larger organizations certainly receive more attention when they’re hacked, they also have the money and public image to bounce back when a data breach occurs. Smaller businesses, on the other hand, don’t have this luxury. A single hack can be a signal to your customers that you aren’t trustworthy, regardless of what actually happened during the hack.

With your entire business’ image on the line, it’s clear that cybersecurity needs to be a major focus n 2018. That said, this topic is so complex that finding a place to start can be difficult. Cybersecurity is vital, and not beefing up your protections simply because you don’t know where to begin is a bad idea. Therefore, let’s take a look at some of the most important areas of security today, as well as tips for SMBs to avoid these issues.

1. BYOD is vital, but it needs a security upgrade

If you run a small business, there’s a good chance you have a solid familiarity with the bring-your-own-device (BYOD) trend. This is where employees are encouraged to bring their own gadgets into the office for work-related purposes.

The benefits of such a system are obvious and very compelling for smaller organizations. The biggest of these is the cost advantages BYOD brings. The traditional model of getting devices into the hands of workers is to simply buy these devices, which can take a huge chunk out of your budget. However, by allowing workers to use their own tablets, smartphones and computers, SMBs can put the money they would have spent on gadgets toward objectives that can further the company’s success.

On top of the cost advantages, BYOD also allows for a level of familiarity that you won’t be able to produce with company-owned devices. According to a study from CIsco, U.S. employees that were allowed to use their own gadgets at work saved about 81 minutes every week. Clearly, BYOD allows for a big boost to productivity.

“There is a major drawback to BYOD in the form of cybersecurity.”

Despite all of these obvious benefits, there is a major drawback to BYOD in the form of cybersecurity. The issue is that most people simply don’t secure their own devices properly. While the lack of antimalware software on personal mobile devices is certainly an issue, the fact that many people don’t even use PINs to acces their phones is disturbing. If such a person were to lose their phone, quite literally any person that finds it would be able to access sensitive data.

While there are some clear downsides to BYOD, that doesn’t mean you shouldn’t allow for such a system within your company. You simply need to prepare your employees. This begins with some sort of meeting where teh security needs of the company are outlined. On top of that, it may be a good idea to install protective software on any device that has access to the company’s network and data.

2. Ransomware isn’t going away

In a similar vein, ransomware has also reared it’s ugly head and is making moves against SMBs. At its most basic, a ransomware attack is where the attacker encrypts a certain device or multiple devices on a network. The idea is that companies need constant access to the data contained on these gadgets, and that encrypting this information would be a major blow to operations. Therefore, the hacker is able to name his price in order to decrypt the captured data.

While this is a major issue for all the devices your company uses, one area you may want to focus on is how ransomware might affect your mobile infrastructure. Kaspersky Lab reported a 253 percent increase in ransomware attacks in Q1 2017 over the previous quarter. That’s an enormous uptick, and this is very clearly a mounting trend within the enterprise.

“Going after mobile devices simply makes sense to a ransomware hacker.”

Going after mobile devices simply makes sense to a ransomware hacker. Due to BYOD, these gadgets often contain incredibly important information, and companies can’t simply ignore how much data they contain. What’s more, smartphones and tablets often have a lower level of security than traditional computers, which is the perfect opportunity for a hacker to strike.

While the tips above can help prevent such an attack, an additional piece of advice is to back up every scrap of data that you consider important to the company. In fact, the 3-2-1 Backup technique is generally though of as the best way to protect data security from a ransomware attack. This is where you have three copies of a piece of data, kept on two different mediums with one of these mediums being kept offsite. By doing this, you can simply wipe any device hit by a ransomware attack without having to worry about losing precious information.

3. Social engineering should be your biggest concern

Social engineering is a topic we’ve touched on before, but its importance deserves constant attention, especially within smaller businesses. You can think of these attacks in the way you might think of a conman. They generally involve preying on people’s kindness in order to accomplish some sort of malicious task. For example, a hacker dressed up as a plumber might be able to talk a receptionist into letting him into a secure part of the building without clearance.

Are you sure you know who the plumber is? That handyman may not be who he says he is.

The reason this is such an issue for small businesses is that these organizations generally have a more neighborly feel to them. The entire point of hiring a small business is the friendly personal touch these companies can provide, which is a major selling point. However, this attribute can allow for hackers to get away with more than they would have if they’d attacked a larger organization.

The sad truth is that the only way to lower the threat of a social engineering attack is by hardening your employees to sob stories. Hackers will usually spin a yarn about how they lost their ID card or their login credentials, and this story is often convincing enough to get them everything they could ever want out of a company.

Therefore, organizations need to teach employees that being nice isn’t always the best thing to do. Losing login credentials may get a person in trouble, and its human nature to want to help someone in such a situation. However, doing so could be disastrous for the company.

At the end of the day, a company is really only as secure as you want it to be. You can purchase all kinds of cybersecurity software, but if you aren’t willing to take step to prevent an attack, you’re no more protected than someone who avoided these services. By increasing your knowledge and working to ensure your employees understand the importance of security, you can help keep your company’s data safe.