Security Alert Archives

How To Avoid Becoming a Repeat Defender of Ransomware

July 24, 2018/0 Comments/in Cybersecurity, Security Alert /by James Wagner

Can your system be infected with the same ransomware twice?

Technically, yes.

If your IT department does not make the appropriate corrections to your cybersecurity infrastructure following a cyber-attack, leaving your infrastructure essentially vulnerable with the same weaknesses, a hacker will be more than happy to reinfect your systems.

However, performing the appropriate updates and installing the necessary patches does not always secure you against the same ransomware either.

Hackers are using more advanced technology every day, leaving organizations susceptible to new methods of attack.

Defensive approaches aren’t enough

Unfortunately, it isn’t enough to play defence against the tactics that hackers are now using.

One infection could easily lead to another if you prove to be an easy target.

Your main concern should be your overall strength against any attack, rather than concern over the same ransomware breaching your defences twice.

For organizations that utilize constant cybersecurity monitoring and other preventative approaches to their security strategy, their systems are less likely to be infected by the same ransomware or other malware a second time.

But many organizations spend too much time repairing holes made by malicious attempts to access data, rather than reinforcing the entire IT infrastructure.

Cybercriminals are using a classic bait-and-switch

Although the ransomware used is technically not the same, cybercriminals are discovering that they can double their luck by attacking twice in the same email distribution.

Hackers distributing phishing emails will load one set of emails with one ransomware, and another set of emails with different ransomware.

This tricks the organization into thinking they have already set up defences against one strain, only to be taken advantage of hours or days later by yet another strain.

Any ransom paid to retrieve stolen information must be paid again to the very same hackers who had previously demanded payment.

Ransomware is always evolving

The answer to whether your systems can be infected twice by the same ransomware depends more upon your level of cybersecurity than the efficiency of hackers.

New distribution methods are proving successful against organizations of every size and taking a proactive approach to cybersecurity – playing offence and anticipating attacks – is the only way to truly protect your data.

First steps involve educating all employees on what a phishing email looks like, as well as establishing constant monitoring systems that can alert you in advance of breaches.

If you think your systems have been compromised by ransomware, the first step is to immediately mitigate the damages. The next step is to conduct a complete analysis of your systems and implement a proactive action to prevent future breaches and to protect your sensitive data. Hackers will stop at nothing to profit from your data; you should stop at nothing to protect it.

The ITeam understands the cybersecurity issues facing Canada businesses. We are committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.

Why Call Center Fraud is Becoming More Problematic

Hackers are becoming more difficult to detect, and their tactics seem more creative every day.

And while there are those skilled hackers who attempt to breach sophisticated cybersecurity systems, there are many hackers who rely on opportunity more than skill.

Consequently, call center fraud has increased significantly in the past few years, resulting in data breaches coming from areas that organizations aren’t accustomed to managing.

The call center is a weak link

There are several reasons why call centers have become a primary target for cyber-attacks. Online channels are more secure than ever, and EMV credit cards have made it more difficult for purchases to be made without the card or customer present. Therefore, call centers have become one of the easiest ways to gain access to privileged information. Organizations are so busy navigating cross-channel business platforms that they fail to realize the weaknesses that exist within their call center processes. If hackers want access to other networks, the call center is where they will likely start.

Technology makes it easier for hackers

A single call center can offer many opportunities to a basic-level hacker, with technology that is easy to obtain. There are simple programs that will reset PINs and VoIPs to show a false caller ID or an unidentifiable number. Through such methods, hackers can attempt a variety of criminal activities ranging from account takeovers to the gathering of information about either customer accounts or the organizations they are attempting to breach. It only takes a small slip-up from an employee to offer basic information that will provide access to sensitive data.

The customer is always right

The biggest vulnerability at call centers results from the fact that the primary focus is on customer service rather than identifying fraud. The entire premise of a call center is to solve customers’ problems, which is increasingly difficult when hackers are attempting to impersonate legitimate customers. Current methods of authentication are often ineffective since they tend to prompt for basic information, such as a birth date or a social security number, which are easily stolen. If a hacker answers all the right questions, even with a bit of missing information, they can fraudulently gain access to an account.

Two-factor authentication and other secure methods of verifying customer identity are more important than ever. Not every hacker is a computer mastermind, and now, they don’t have to be. Call center fraud will continue to increase unless proactive measures are taken. Call centers are often on the frontline for an organization’s consumer base; therefore, protecting customer data is a crucial task that must be taken seriously.

The ITeam understands the cybersecurity issues facing Canada. We are committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.

Security Alert: Meltdown and Spectre Vulnerabilities

January 11, 2018/0 Comments/in Security Alert /by James Wagner

What Are Meltdown and Spectre?

Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug.

It’s really a design flaw in the hardware that has been there for years.

This is a big deal because it affects almost every computer, including PCs, laptops, smartphones, and servers.

This hardware bug allows malicious programs to steal data that is being processed in your computer memory.

Normally, applications are not able to do that because they are isolated from each other and the operating system.

This hardware bug breaks that isolation.

So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents.

So, What Are We Doing About This?

There are two updates required by all computers.

The Windows updates were approved last week and should already be deployed to your computers.

A firmware update is also required and this is going to take some time; many of the patches are not even available yet.

Our team will work with you to schedule a time when the firmware updates can be applied as they become available.

Thankfully, there are no known active threats exploiting these vulnerabilities.

In the meantime, we need you to be extra vigilant, with security top of mind and Think Before You Click.

Please don’t hesitate to contact your ITeam Account Manager or IT Manager for more details.

Important Take-Aways from the Equifax Data Breach

October 10, 2017/0 Comments/in Security Alert /by James Wagner

If cybersecurity wasn’t at the top of your to-do list, the recent Equifax data breach should have you on high alert.

Between May and July 2017, names, social security and social insurance numbers, birth dates, addresses, and driver’s license numbers were stolen, along with over 200,000 credit card numbers.

This breach primarily affected 145.5 million consumers in the United States, but thousands in Canada and the UK have been affected as well.

This data breach has the cybersecurity community reeling, and businesses and individuals alike are wondering what the next step is.

What’s shocking for many IT professionals is that despite available technology, breaches are usually caused by the simplest mistakes.

Proper preventative measures within the security infrastructure of any business could slow down hackers and even stop them entirely.

Here’s what you can do in light of the Equifax breach:

From the Business Perspective

The fallout of the Equifax data breach has compelled businesses of all sizes to ramp up cybersecurity. It is a critical element of any modern organization, and it’s risky to assume that large companies, such as Equifax, are the only targets, since hackers rely on inadequate security measures that are particularly evident in small businesses.

Unfortunately, breaches are not 100-% preventable. However, this is not to say that with strong security measures, these breaches can’t be drastically mitigated. By adequately preparing for a potential breach, you may greatly reduce the number of people affected and the amount of data compromised. Here are some ideas to help you prevent the next major security breach:

Segment networks – Too many user controls permit too much access. If your infrastructure is properly segmented, a breach can be restricted to small areas, prohibiting access to the entire database.
Require multi-factor authentication – This is a common method of security, requiring more than one method of authentication to verify a user’s identity.
Employ robust data encryption – Design your security system so that even if malicious attempts are successful, a hacker can’t interpret the contents.
Foster a commitment to functionality – Key to any successful cybersecurity strategy is some assurance that systems are working as they should. This involves regular updates as well as internal audits.

From a Personal Perspective

If you have a credit history, there is a chance that your information was compromised by the Equifax breach. Preventative measures can be utilized by consumers as well as businesses, and the following tips will help protect against identity theft:

Check to see if your data was compromised. The Office of the Privacy Commissioner of Canada has instructions and further guidance.
Check credit reports – Many credit card companies now provide your credit score for free. Investigate any changes in your credit, such as new accounts.
Request a credit freeze – Although this doesn’t prevent access to current accounts, no new accounts can be opened in your name.
Monitor your accounts closely –Alert your financial institutions of suspicious activity.
File taxes early – The earlier you file your taxes, the less likely it is that someone else will be able to file using your sensitive information.
Enroll in a credit monitoring service.

There is no such thing as perfect security, but with the right technological overhauls, a data breach does not have to be devastating. Protecting your data is the top priority, so make sure your cybersecurity efforts are at least on par with the existing threats. Let The ITeam help with your security through our managed it services.

The ITeam Security Bulletin: WannaCry Ransomware

May 17, 2017/5 Comments/in Security Alert /by James Wagner

Important information about WannaCry ransomware

You may have seen the news this weekend.

Criminal hackers have released a new strain of ransomware that spreads itself automatically across all workstations in a network, causing a global epidemic.

If you or a co-worker are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your own workstation but immediately everyone else’s computer too.

The initial infection was stopped on Friday, but it has since been rewritten and is again spreading in the wild.

There are 200,000 confirmed infections in over 150 countries as of this afternoon.

While most of the damage has been in Europe, Russia and Asia, there are over 6000 confirmed incidents in North America.

According to CrowdStrike’s Vice President of Intelligence Adam Meyers, the initial spread of WannaCry is coming through phishing, in which fake invoices, job offers and other lures are being sent out to random email addresses.

Within the emails is a password protected .zip file, so the email uses social engineering to persuade the victim to unlock the attachment with a password, and once clicked that initiates the WannaCry infection. Microsoft confirms this in a blog post.

Be very careful when you get an email with an attachment you did not ask for. If there is a .zip file in the attachment, do not click on it but delete the whole email. Remember: “When in doubt, throw it out!”

At The ITeam we work hard to ensure your networks are protected. Technology cannot stop every threat, and the last line of defence is alert and educated users.

Please share this information within your organization and outside your organization as you see fit. If your company requires IT support in Calgary, call us for a quote.