Month: July 2019

Categories
Blog

Your MacOS Is Under Attack: 2019’s Biggest Malware Threats

Your MacOS Is Under Attack: 2019’s Biggest Malware Threats

MacOS and Malware

The Mac operating system (MacOs) has frequently been hailed as one of the best systems for its resiliency to malware and typical viruses. But the days of MacOs standing strong and tall with no worries have really always been a misconception. Mac systems are just as vulnerable to the beefed-up, intelligent malware threats that are out there today.

SentinelOne published a lengthy review of the MacOs malware at the end of 2018, but in a new release, SentinelOne also stated that there has actually been an uptick in the numbers of new types out there attacking users. Here is a look at some of 2019’s biggest MacOs malware threats that every Mac-reliant business owner should know.

1. OSX.Siggen: A Malware Download from a Malicious Domain

Masquerading as a helpful app called WhatsApp, OSX.Siggen is actually a latched-on malware that slips in during a regular app download. WhatsApp is a fake social media platform, and the download looks super enticing when users come across it. However, once added to MacOs, the app runs with a backdoor designed to take administrative control over the system.

2. KeyStealDaemon: Password Hijacker

This dirty malware showed up in February of 2019, but by June it was still running strong. Apple allowed a patch several years ago designed for another purpose, but KeyStealDaemon can create administrative privileges for itself by slipping through. Unfortunately, this malware allows the person behind the scenes to get into the system and steal pretty much any password you have stored. The good news is, if you have properly updated your system, KeyStealDaemon can be booted out because it cannot break through.

3. CookieMiner Slips In and Steals Credentials

Toward the end of January 2019, a cryptominer showed up with its own installed backdoor to induce a threatening combination of technologies to steal cryptocurrency exchange cookies and passwords for Google Chrome. The worrisome thing about CookieMiner is this: experts believe that the malware could potentially have the rare ability to bypass things like authentication processes that involve multiple factors. If CookieMiner is capable of gathering enough cookies and credentials, cryptocurrency wallets can be virtually pickpocketed right in plain sight.

4. Mokes.B Puts On a Good Act

Persistence agents running amuck on your MacOs with familiar names may never be spotted, especially if they are calling themselves things like Firefox, Skype, or Chrome. This is precisely how Mokes.B avoids suspicion when it latches onto the operating system in application support folders and tracking files. Mokes.B is super-scary because it can gain the ability to take actual screenshots whole you are on pertinent screens, but it can also record keystrokes to steal date you are keying in.

5. A Variant of OSX.Pirrit Has Shown Up

OSX.Pirrit caused a lot of problems a few years ago, but this malware never really disappeared altogether. Instead, new family members under the old parent app are still being found on MacOs, and they are not being detected as they would otherwise be when acting as OSX.Pirrit. The aim of this malware is to make money from redirect actions that occur as a result of a browser infection, but there are rumors that PIRRIT is potentially capable of stealing data as well.

6. OSX.Dok Reroutes User Traffic

OSX.Dok gets into a system and installs a securely tucked-away Tor version location on a Mac system. User traffic hitting a site gets sent to an onion server instead of where it should be, which is a major problem for business owners needing to protect sensitive customer actions when they think they are on an e-commerce website. One of the scariest things about OSX.Dok is the fact that it can steal even SSL encrypted internet traffic maneuvers. Older versions of this software were thought to be banished, but new versions continually pop up.

Even though there are so many Mac users who think they are covered by some unseen immunity from malicious software, these risks are there and the growing list of 2019 proves that fact. Attackers deploying these software programs are targeting those easy-to-break barriers, so something like an improperly updated computer or even an unsuspecting employee can leave a business computer wide-open for an attack.

Categories
Blog

How Much Should Managed IT Services in Dallas Cost?

Managed IT Services in Dallas

Technology is evolving so fast these days that it’s hard to keep up. There are new and amazing breakthroughs each day. One day you hear of a new cellular fabrication technology that makes it easier to build homes with 3-D printing. The next day someone has developed software that merges the digital world with the real world. These types of innovation are so exciting and yet it can be unsettling for the business owner.

On one hand, you want to take advantage of the best technology so you can beat out your competition. On the other hand, you don’t want to waste money on fly-by-night devices that won’t be around next year.

How can you tell the difference between a world-changing invention and just another fidget spinner?

For most business owners, though technology is an essential part of getting the work done each day, they aren’t experts. That’s where managed service providers can be so helpful. If you’re wondering whether you could benefit by moving to the cloud, a managed services provider can give you the scoop. They’ll outline the pros and cons. They’ll tell you the costs. And they can give you a realistic time frame for getting it all done.

Regardless of how good you are at running a company, it’s not possible to keep up with technology trends. You can’t be expected to know the difference between a hybrid cloud and a private cloud. You may have a small IT department that handles everything from computer problems to network outages. They may struggle just to keep up with your daily IT needs. That means that your business isn’t taking advantage of everything that modern technology has to offer. And this can cost you in more ways than one.

What’s the Solution to Our Technology Needs?

At the end of the day, many business owners turn to managed IT service providers. In fact, some companies have completely phased out their in-house IT department and now depend solely on a managed services company. With the salaries of IT people now soaring, this can be a sensible decision. You not only have to pay salaries, you have to pay for insurance, vacations, time off and bonuses. Plus, you must maintain a space and office area for your IT department. When you figure in all the costs, managed IT services can be the better choice.

So How Much Should We Pay For Managed IT Services?

The vast majority of Managed Service Providers (MSP) operate on a “per user” or “per device” basis. Therefore, charges are based on the number of users or devices on the network. The MSP incurs cost for the agent (a management device that is installed on all devices), anti-virus, any extras, and of course the support for each endpoint. This number can range from $10 to $250 per user/device per month.

You may think that $10 per month sounds great. Or that $250 a month is way too much, but there are some business owners that will happily pay $250 per user a month to eliminate the worries of hardware costs, employee salaries, hidden costs and so much more. Your in-house staff will get to you when they have time, but a managed service provider wants to keep your business so they have more incentive to show up fast and do a great job.

What Are The Different Service Models?

For managed service providers, you can just about get any type of customized plan you want. They’ll take care of everything or they’ll just provide help with special projects. It’s up to you. Most MSPs try to make it easy for business owners to get the level of support they feel they need and can afford.

What Is The “All-In” Model?

For about $100-$300 per user/device per month, you can sign up for the all-in service package. This model can contain everything including:

  1. Firewalls & antivirus
  2. Hardware upgrades every 3-4 years
  3. Dedicated technology consulting
  4. Disaster recovery
  5. Licensing
  6. Project work
  7. Remote & onsite support
  8. Business continuity
  9. Applications (Office 365, G Suite, etc.)

With this model, you can focus on running your company and let the pros handle all your technology needs. For some business owners, that peace of mind is worth an awful lot. When you have specialists handling your IT infrastructure you’ll see better productivity out of your employees. There’s no way to determine how much you make or save simply by having your network and computers working optimally all the time.

What Determines the Final Price?

Much of the cost of anything and everything depends on where you live. In some markets, things are just cheaper. For instance, a nice 3 bedroom 2 bath home in Dallas could cost around $300,000. That same home in New York City could cost upwards of a million dollars. What you can do is check with several managed service providers in your area. Shop and compare prices. Check feedback to make sure the company will stand behind its promises. Remember that you get what you pay for. One company might be a few dollars more than another and yet, their services could be well worth the difference.

How Much Should Managed Services Cost?

Technology is evolving so fast these days that it’s hard to keep up. There are new and amazing breakthroughs each day. One day you hear of a new cellular fabrication technology that makes it easier to build homes with 3-D printing. The next day someone has developed software that merges the digital world with the real world. These types of innovation are so exciting and yet it can be unsettling for the business owner.

On one hand, you want to take advantage of the best technology so you can beat out your competition. On the other hand, you don’t want to waste money on fly-by-night devices that won’t be around next year.

How can you tell the difference between a world-changing invention and just another fidget spinner?

For most business owners, though technology is an essential part of getting the work done each day, they aren’t experts. That’s where managed service providers can be so helpful. If you’re wondering whether you could benefit by moving to the cloud, a managed services provider can give you the scoop. They’ll outline the pros and cons. They’ll tell you the costs. And they can give you a realistic time frame for getting it all done.

Regardless of how good you are at running a company, it’s not possible to keep up with technology trends. You can’t be expected to know the difference between a hybrid cloud and a private cloud. You may have a small IT department that handles everything from computer problems to network outages. They may struggle just to keep up with your daily IT needs. That means that your business isn’t taking advantage of everything that modern technology has to offer. And this can cost you in more ways than one.

What’s the Solution to Our Technology Needs?

At the end of the day, many business owners turn to managed IT service providers. In fact, some companies have completely phased out their in-house IT department and now depend solely on a managed services company. With the salaries of IT people now soaring, this can be a sensible decision. You not only have to pay salaries, you have to pay for insurance, vacations, time off and bonuses. Plus, you must maintain a space and office area for your IT department. When you figure in all the costs, managed IT services can be the better choice.

So How Much Should We Pay For Managed IT Services?

The vast majority of Managed Service Providers (MSP) operate on a “per user” or “per device” basis. Therefore, charges are based on the number of users or devices on the network. The MSP incurs cost for the agent (a management device that is installed on all devices), anti-virus, any extras, and of course the support for each endpoint. This number can range from $10 to $250 per user/device per month.

You may think that $10 per month sounds great. Or that $250 a month is way too much, but there are some business owners that will happily pay $250 per user a month to eliminate the worries of hardware costs, employee salaries, hidden costs and so much more. Your in-house staff will get to you when they have time, but a managed service provider wants to keep your business so they have more incentive to show up fast and do a great job.

What Are The Different Service Models?

For managed service providers, you can just about get any type of customized plan you want. They’ll take care of everything or they’ll just provide help with special projects. It’s up to you. Most MSPs try to make it easy for business owners to get the level of support they feel they need and can afford.

What Is The “All-In” Model?

For about $100-$300 per user/device per month, you can sign up for the all-in service package. This model can contain everything including:

  1. Firewalls & antivirus
  2. Hardware upgrades every 3-4 years
  3. Dedicated technology consulting
  4. Disaster recovery
  5. Licensing
  6. Project work
  7. Remote & onsite support
  8. Business continuity
  9. Applications (Office 365, G Suite, etc.)

With this model, you can focus on running your company and let the pros handle all your technology needs. For some business owners, that peace of mind is worth an awful lot. When you have specialists handling your IT infrastructure you’ll see better productivity out of your employees. There’s no way to determine how much you make or save simply by having your network and computers working optimally all the time.

Categories
Blog

Arming the Next Generation of Cyber Warriors

Cyber Warriors

There are everyday warriors in businesses across the country, but these individuals may never have worn the uniform of their country. This next generation of cyber warriors is being groomed by organizations of all sizes in an attempt to overcome the growing skills gap in the cybersecurity world. While many current cybersecurity analysts started in general IT, there are individuals throughout the business and technology world that are moving towards this lucrative career path. Unfortunately, there are few set career paths already in place and no firm list of skills to develop to move in this direction. See what Under Armour’s VP & CISO, Matt Dunlop, is doing to arm the next generation of cyber warriors that he knows his organization desperately needs.

Background of a True Cyber Warrior

One of the key reasons that Matt Dunlop sees the value of developing these skill sets is because he’s worked throughout the fields of mathematics and computer engineering since his time in the U.S. Army as a colonel. After starting as a network engineer, he further developed his skills by completing a master’s degree in computer engineering and ultimately a doctorate in a related field. When the U.S. Army Cyber Command was created, he was a logical choice to help stand up this new division — partially due to his status as a computer science educator at West Point. In his position as CISO with Under Armour, he’s able to bring together his passion for teaching and marry it with his deep knowledge of technology and cybersecurity. “As we look into the future and project this huge job shortage, companies are looking for the silver bullet,” says Dunlop. “But I look at it as a long game.”

Creating Lifelong Learners

Cybersecurity is an ever-changing landscape and one that doesn’t have a set career path or an endpoint. Dunlap is currently working with the National Cyber Education Program to help create a generation of students that are interested in the exciting field of cybersecurity. There is a major deficit of individuals who have the breadth and depth of knowledge that would allow them to effectively provide cybersecurity protection for an organization. Sparking the interest of the next generation of smart workers is crucial, especially as automation takes the place of low-level activities and leaves plenty of room available for strategists and individuals who are able to implement more complex — and therefore more challenging — environments. Historically, cybersecurity professionals begin as entry-level IT professionals and work their way through the ranks to ensure that they gain the necessary knowledge about infrastructure and integrations to help protect an organization from both malicious actors and internal business challenges.

Cloud is Changing the Face of Cybersecurity

As cloud-based applications gain prominence in today’s business world, cybersecurity professionals will need a better understanding of data and integrations as well as hardware and servers. Transitioning from general IT to cybersecurity requires in-depth knowledge of how and where weak points can occur in an organization’s security net. From next-generation firewalls to strategies for warding off malware and phishing attacks, there are integration details that require recognition of how data flows throughout your business — and beyond. Pulling together information from disparate cloud-based platforms leaves a fail point that needs to be monitored, especially when you consider the proliferation of third-party vendors in the business ecosystem. Each link in the chain that passes data between organizations and customers must be analyzed and monitored for compliance and security throughout the sales and manufacturing cycle.

Arming the next generation of cyber warriors starts with firing the imagination of generations of children and young adults as they enter the formative years of their education. Cybersecurity is an exciting career path and one that will continue to morph as threats emerge. Encouraging staff members to become lifelong learners is one of the shorter-term ways that Dunlop encourages individuals to enter the cybersecurity field, but he is the first one to recognize that we need a broader group of future professionals to enter this critical field and support the security of businesses in the future.

Categories
Blog

A Law Firm’s Guide To Managed IT Services

Law Firm Managed IT Services

Technological downtime can make or break a law firm. Even an hour of downtime can cost a small or medium firm as much as $250,000.

What Exactly Can Go Wrong?

Unfortunately, Murphy’s Law has been known to apply in legal cases, meaning if there is an opportunity for things to go wrong they will. It is important that your firm has a dedicated professional, our team of professionals, either inside or outside the firm that can honor your firm’s confidentiality and keep potential problems at bay and/or under control. Some potential issues include

Case Management Issues

Filing is most efficient when stored electronically. They manage related documents, billing, and customer relationships

Security Problems

Reputation is everything for a law firm, and that extends to the attorneys and other staff at the firm. Still, even with so much on the line, the American Bar Association found that as many as a quarter of firms did not have security policies in place. Nothing puts a damper on a firm’s reputation, or even on specific lawyers than a security breach,

Compliance Issues and Software Integration

Various industries and professions have their own set of confidentiality agreements, that any legal team that works with the company needs to follow in order to protect clients, consumers, and any others involved. Some of these include Health Insurance Portability and Accountability (HIPAA), the Gramm-Leach-Billey Act of 1999 (GLB) and the Sarbanes-Oxley Act (SOX). Following these privacy acts means that legal professionals are prevented from disclosing information. The same discretion needs to translate to technology compliance.It is necessary to have software in place that can handle this responsibility, and see to it that attorneys and anyone else with access can run any necessary software correctly and efficiently without violating compliance standards.

Internal Collaboration

Internal Collaboration is an issue that needs constant monitoring due to the way social media quickly evolves. It is common for attorneys to use the internet for communication, however, it is less common for them to communicate internally about a case, which would make their casework more efficient. The right social media integration can help improve communication and make casework more thorough and efficient. Salesforce, customer relationship management solutions are a common tool used by attorneys and their firms in order to produce better results for clients.

How a Managed Service Provider Can Help

Proactive and Regular Maintenance at a fixed can cost can help with all these issues by applying the knowledge to give your firm or business the right IT infrastructure that will support your needs. That means that attorneys and other employees will receive the training they need to serve your clients confidently and safely. if you have an existing system in place, we can analyze what you have been doing so that any necessary changes can be quickly set in motion.

Categories
Blog

Scale and Protect Your Business with Cloud Storage and Applications

Maintaining a secure infrastructure is crucial in today’s fast-paced business world, allowing you to differentiate your business from your competitors by offering a trusted platform and a solid base of operations for your business. Scaling a business using traditional infrastructure management can be a challenge; even the time and cost required in spinning up a new server can be prohibitive and slow down your growth. The rise of cloud-based applications and storage provide businesses with a nearly-unlimited virtual inventory of data and applications that can be utilized from any physical location. This is particularly important with today’s on-the-go business professionals who are accustomed to working from remote locations. Fortunately, you don’t need a degree in computer science to understand the cloud options that are available for your business.

How Does Cloud Help Your Business Scale?

Unlike traditional infrastructure models, cloud-based technology can be easily scaled up or down based on the needs of your business. You’re not spinning up or decommissioning servers, you’re not researching whether you have the licenses available to switch around between users to stay compliant with software manufacturer requirements. Scaling with your applications and infrastructure in the cloud is often as easy as adding a new user and assigning a license. The heavy lifting is completed in the background so you can focus on what’s most important — running your business.

Are Cloud Applications More Secure Than On-Premise Hosting?

There is a great deal of argument in technology circles around the security of cloud-based applications and infrastructure. While it’s true that you are relying on others for the security of your virtual servers, it’s likely that these servers are stored in a more secure location and monitored more closely than any individual company could handle inside their physical location or co-location facility. With cloud applications, you’re relying less on third-party applications from different vendors and more on a single trusted vendor that you can thoroughly vet and ensure their security is top-notch. Plus, you’ll have greater access to your stored data than you would if you were utilizing on-premise hosting.

Is It Easier to Access Data and Applications with Cloud Storage?

Today’s workforce is geographically diverse, with professionals working remotely several days a week or collaborating closely with different offices on a regular basis. This makes it extremely important that everyone is able to access the same information regardless of their physical location. With cloud-based storage, you can confidently provide your staff members with access to the applications and data that they need on a regular basis without resorting to frustrating solutions like using remote desktop to log into business-critical applications. With cloud storage of your data and applications, your staff can log in remotely and interact live with data as long as they are utilizing a secure connection.

Your business runs most efficiently when your technology simply works. At Data Magic Computer Services, our team’s proactive approach is targeted at providing you with the most effective engine possible to fuel your business growth. Contact our digital wizards at 469-635-5500 today or contact us if you’re ready to see how we can improve your business technology without a lot of techno-speak.

Categories
Blog

How to Password Protect an App on Your Android Device

Password Protect Android Device

Have you ever wanted to put access to certain apps on your phone or tablet under an extra layer of security? There are all sorts of reasons people might want this. Maybe you want to share your phone with a child, but you don’t want little Johnny messing with work apps or your grown-up Netflix account. As another example, maybe you want to let a fellow salesperson review a presentation on your phone without having access to your contacts and sales leads. Some people may have sensitive chats that they want to keep safe from inquisitive eyes, too.

Whatever your reason for wanting to protect certain specific apps, we have good news and bad. First, the good: On Android, there’s an app (or 3) for that! The bad news: there really isn’t any kind of equivalent function on Apple beyond the content restrictions found in Screen Time. If this is something you want to do, you’ll need an Android Device.

How to Password Protect Individual Apps on Android Devices

Password protecting individual apps isn’t something that you can do natively on Android phones. In other words, the functionality is not a standard feature that’s part of the operating system. That said, there is a way to add this functionality. You just need to download the right app.

Step 1: Download AppLock by SuperTools

The first step is to download an effective app-locking app from the Google Play store. There are several to choose from. We recommend AppLock – fingerprint lock & phone cleaner, by SuperTools.

Remember that the Google Play store has plenty of lookalike and copycat apps. If you search for an app protector app, make sure you select this one or another that has very strong reviews.

Install the app, then click OPEN once it’s installed.

Step 2: Set an AppLock Passcode

Once you open AppLock, you’ll be greeted with a landing screen with a big START button. Tap it. The next screen prompts you to create a new password. Don’t be fooled if this screen looks like your Android login screen! It’s something different entirely. This is where you create the password you want to use to access your password-locked apps.

Pick something you can remember but that’s different from your phone’s main lock code. Otherwise, you’re more or less defeating the purpose of this added security. If your kid or your coworker knows your main password, he or she can just guess that same password when trying to access a sensitive app and bingo, they’re in.

When you finish setting up your passcode, you’ll get a couple screens asking if you want to give AppLocker permission to draw over other apps. Set this to Allow/enable/permit, whatever your version of Android calls it. You may need to do this in 2 consecutive screens.

Step 3: More Configuration

Once you’ve taken care of your permissions settings, head back over to the AppLocker app. You should see a list of other apps. Find the ones that you want to lock and click the icon on the right that looks like an open padlock. It will change to a colored, closed padlock when you tap it.

Once you’ve selected all the apps that you intend to lock, click the LOCK button at the bottom.

Step 4: Test It Out

Now that you’ve configured your AppLocker app, it’s time to test it out. Exit to your main screen and open an app that you’ve locked. You should see a secondary login screen with the app’s icon at the top. Enter the passcode you created earlier, and you’re good to go.

Wrap-Up

Adding an app locker to your Android device is a simple way to add an extra layer of security. You’ll gain the freedom to share your device with more people knowing that your sensitive apps are protected.

Categories
Blog

Are Cheap Computers Letting You Down?

Are you paying as little as possible but expecting the usual from your computers? Is it possible to avoid full price and still get what you need from IT?

No one wants to spend money they don’t feel they have to.

Especially when it comes to a carefully planned budget, you hate to have to go over it in any way. That’s why, in business, corners are often cut when and where they can be.

This commonly happens with IT.

People often rely on cheap, second hand or inherited technology. Or, they don’t even bother upgrading when expected, and use the same old computers for years on end, even after they start causing problems.

What you may not know is that saving money by buying cheap may cost you more in the long run. The fact is that cheap computers typically don’t last very long – you might get a couple of years of service out of one, whereas better-made brands can last more than 5 years.

And that doesn’t even take performance into consideration…

Are Cheap Computers Fast Enough?

No.

If you buy cheap, it means you’re paying for cheap hardware – i.e. an “entry level processor”. You can forget about streaming video on a computer like that.

But maybe you just need it for document processing, email, etc. The fact is that, for those working in any type of business, slow processing speed will always mean waiting for something to load.

You also need to invest in RAM – if the ad says 2GB of RAM, then it’s not worth your time. It will struggle to run programs like Microsoft Office 365, Adobe, and other software suites (many of which you’ll want to use at the same time).

Can You Afford The Repair Bills?

Beyond the cost to outright replace the computer every few years, and the wasted time you’ll spend waiting on it to load, you also have to factor in the cost of repairs – because cheap computers break down. A lot.

As soon as something goes wrong, you’ll have to start paying. The repair guy will want at least a hundred bucks just to look at it. If you’ve already spent a few hundred on the computer, then it just doesn’t make sense to spend another few to fix it, right?

Computer repair costs can be high, and they won’t be going down – but you can avoid all that by investing in a reliable computer that won’t need to be repaired until it gets really old.

What About Resale Value?

Maybe you’re thinking you can sell your cheap computer to help make up some of the cost of the next one you’re buying.

Sure – you may be able to sell your 3-year-old, $300 computer… for $50? Tops?

The point is, it’ll barely be worth your time, and it won’t make much of a dent in your next purchase.

Is There A Way To Avoid Cheap Computer Problems?

Absolutely – invest in a better product from the beginning.

It’s all about considering each and every cost that comes with a given computer.

On one hand, you have a cheap, $300 computer that will only last a few years, require repairs on occasion, slows down your work processes, and will be worth next to nothing when you’re done.

On the other hand, you have an expensive, $1000 computer, that could last three times as long, run fast and effectively, require little repairs or support, and can be sold for a few hundred when you need to replace it.

Doesn’t the choice seem obvious?

An expensive computer requires more capital at the start, but it’ll mean less work, stress and ongoing expenses over the course of its life.

Categories
Blog

How Can You Focus Your Company on Reliable Anti-malware Strategies?

antimalware

Organizations across the country are learning from cyber attacks perpetrated in Atlanta, Newark, and Sarasota. Similarly, large targets such as San Francisco’s transit authority and Cleveland’s airport have also been targeted. The growing threat from ransomware, which locks up the victim’s device and files, is hard to track down to the source. Fortunately, many attacks are preventable with the right training and compliance with company policies.

Where to Focus Cyber Hygiene Efforts?

Cyber hygiene involves putting processes into place to make it more difficult for hackers to attack your network. First, use two-factor authentication. Also known as dual-factor authentication, this creates an additional layer of security since it requires two proofs of identity. The most common method includes both a password and a one-time code texted to the user. Individual users should also back up data offline using an external hard drive or another device.

Internal firewalls deter malicious actors attempting to access your computer. When suspicious activity is detected, the suspect device is locked and denied access to the rest of the system. It’s similar to quarantining sick people to protect healthy ones.

Require staff members to regularly update passwords since cybercriminals can sometimes buy stolen passwords through the dark web. Take special precautions for remote access, which creates unique vulnerabilities. Make sure that your IT team has a process for detecting and eradicating threats associated with remote access to the company’s network and data.

How Can Staff Members Reliably Detect Phishing Emails?

Most ransomware attacks begin with what’s known as a phishing email. The hacker tries to get users to open attachments or links — which install ransomware on the computer. Here are a few tips on identifying phishing emails:

  • Strange word choices
  • Odd links
  • Misspelled words
  • Weird attachments, especially .exe or .zip files

If an odd-looking email seems to be coming from a friend, verify its validity before opening the email.

How Does Updating Your Software Help Prevent Infection?

Hackers exploit vulnerabilities in software, and patches are released to fix them. When your computer prompts you to update the software, do it.

What’s the Best Way to Stay Prepared?

According to a recent 60 minutes episode, hackers shut down systems at a hospital in Indiana. The hospital had to pay a $55,000 ransom to unfreeze its systems. Other organizations should learn from this experience and establish a robust security protocol.

How You Can Prevent Astonishing Impacts of Scareware?

Anti-malware programs cannot scan your PC without permission. No reputable company sends you scary emails or pop-ups as a marketing ploy. These messages are scams and are commonly referred to as scareware. They may even introduce infectious viruses on your computer. Avoid opening emails from senders you aren’t familiar with. Never give your computer credentials, personal information or credit card information to these bad actors.

There are things you can do to avoid scareware threats. First, avoid programs that pester you to register your device or buy software to clean up your computer. You could end up paying to clean up your working computer. Even worse, you could end up giving unknown cybercriminals access to your personal information. When you want to purchase malware protection, go directly to a reputable provider. Many companies offer free software to scan your system from their home page.

What are the Dangers Associated with Bundled Software?

Sometimes, when you download software, you get a prompt asking if you wish to download toolbars or change the home page of your browser. Don’t do it. Even though this is becoming common with legitimate software, it puts your system at risk. Known as “crapware,” these extras are often harmless and may even be quite helpful. However, there are times when adding these components open you up to cyber theft. It can also display annoying pop-ups and impact your computer’s performance.

You can avoid these attempts to bundle software. Extra apps that companies sneak onto your device aren’t always malware initiatives. They are, however, very annoying. Your computer can become so bogged down it’s practically inoperable. If you download the latest version of software such as Adobe Flash, reach every screen during the installation. Uncheck all boxes regarding additional toolbars.

Categories
Blog

Why Is Cybersecurity the Number One Concern for CEOs in 2019?

CEO Cybersecurity

While some might assume that fear of an economic recession would be at the top of the list of key issues CEOs concern themselves with, a recent survey found that another issue is of much greater concern: Cybersecurity.

This is no surprise.

For the past several years, cybercrimes and data breaches among companies large and small, governments, and even individual citizens have risen drastically. While it’s true that many CEOs still assume a data breach at their own company is highly unlikely, with the ultimate price tag of such attacks ramping up to the millions of dollars (and recovery being hardly successful), it makes sense that CEOs are taking notice.

What Does a More Concentrated Focus on Cybersecurity Mean for Companies?

Corporate chiefs and C-suites who are most concerned with cybersecurity are naturally becoming more involved in their companies’ defense strategies. After all, a breach of data isn’t just about the loss of money. It can also mean the loss of a job for a CEO or C-suite member and a permanent label as someone who can’t secure their company.

Furthermore, even if a breach doesn’t cost a corporate leader their job, customers, clients, and investors are sure to drop their interest in a company that’s lost data, money, and trustworthiness after a cyberattack. Large companies like Yahoo, Target, Equifax, and others have all felt the blow of such fallout.

How Do Most Cyber Attacks Originate?

When most people think of a cyberattack, images of an ultra-sophisticated Russian hacker sitting in a darkened basement with glowing green and blue lights comes to mind. However, cyberattacks can come from anywhere and from anyone. They may be performed on public computers, from office buildings, at public Wi-Fi cafes, from residential homes, or even in airports.

Your own cyber attacker could be coming from across the world … or down the street. Once you find out that your company’s data’s been compromised … it may not really matter anyway.

Because of their cloak and dagger way of operating, cyber attackers and criminals are rarely located and seldom caught or prosecuted. Part of being a cybercriminal, after all, means knowing how to confuse and reroute IP addresses through a multitude of countries. This makes retracing the invader’s steps a serious challenge — even for the most advanced IT specialists.

Therefore, the key to avoiding such attacks is, of course, to prevent them in the first place. This is the goal of an increasing number of savvy CEOs. It means putting cybersecurity first and foremost on their priority list and recruiting the help of highly-educated and trained information technology specialists.

How Can CEOs Prevent Cyberattacks in Their Companies?

The key to preventing cyberattacks is knowing how they start in the first place — and remember, it’s not where most people would think.

Again, many people assume that cybercriminals work by being absolutely amazing at breaking into super-advanced and complicated security systems. But nearly all mid- and large-sized companies have advanced security systems, and they still get hacked. Assuming that cybercriminals can simply break into these systems is giving them too much credit. Instead, most cybercriminals gain access much in the way vampires are said to gain access to their victims: Essentially, by being invited.

While lore claims that vampires must be invited into a home before they can step foot inside, cybercriminals also work their magic by essentially being given access to sensitive data by unknowing company employees — or even CEOs and other upper management members themselves.

It’s called phishing, and it’s the number one way cyber attackers gain security access to companies’, organizations’, governments’, and individuals’ data.

What Is Phishing and How Can You Prevent It?

Phishing generally takes place via email. The target receives a fraudulent email that claims to be from someone the target trusts, like the institution they bank at, human resources at their company, or upper management.

Somewhere in the email, the target is asked to send sensitive information for a “security check” or similar. Alternatively, they may be asked to “click here” for more information or to receive a coupon special, for example.

This is all with the goal of getting the target to do something that will allow malware onto their computer. Once this happens, the hacker who sent the phishing email will be able to steal, ransom, or corrupt sensitive company data.

The best — and in some ways, the only — way to combat phishing is to adequately train your employees and entire staff. You’ll need to teach them to:

  • Be suspicious of any unanticipated or surprising emails — especially those that ask the recipient to take certain steps
  • Double check email addresses for authenticity
  • Double check web addresses for authenticity
  • Be wary of threatening or enticing language
  • Never click on unsolicited links or attachments sent to them

If you are a CEO or C-suite member who’s concerned about the cybersecurity of your company in 2019, you’re on the right track. While the growth of your business and the frightening possibility of a recession are surely important to you as well, everything can be lost in an instant if your company is attacked by a cybercriminal. Taking steps now to better train your employees and enlist the right cybersecurity professionals to protect your business is wise and responsible.

Skip to content