IT Support

During the pandemic, organizations were forced to rely on devices the company did not own

By |2022-03-23T07:38:38-04:00March 23rd, 2022|Hosting, iMIS, IT Support, Uncategorized|

As the pandemic advanced and many countries adopted obligatory stay-at-home orders, the rapid digital transformation caused hackers to have more opportunities to exploit companies, especially since most employees started using personal devices and networks.

There are still companies that take cybersecurity for granted and are in denial that it’s likely that an attack could happen to them. In reality, it’s only a matter of time when a cyber felon will attempt to exploit existing vulnerabilities. While such tools as password management or VPN solutions are important for enhanced security, companies should also focus on employee education, investing in such services as cybersecurity awareness training.

We invited Simmer Principio, the Cyber Security Analyst of E-Tech – a company that offers system support and information technology consulting services, to discuss cybersecurity trends, threats, and how to handle them in the most efficient way.

E-Tech has grown exponentially since its launch in 2005. What was your journey like?

I have been with E-Tech since 2019 right before the pandemic hit. I was hired as the Cyber Security Analyst for the company. Since then, I have seen a huge growth in the number of companies seeking Cyber Security Awareness Training (CSAT), Dark Web Monitoring, Vulnerability Scans, Penetration Testing, and Security Audit Services. My journey has been amazing. E-Tech has been extremely successful these past years I have been with them. We have been awarded by Acquisition International two years in a row as the Leaders in Cyber Security Awareness Training for Canada in 2020 and 2019 and we ranked #1 In Canada and #14 in the World among the World’s Most Elite 501 Managed Service Providers.

We’ve put a lot of time and effort into perfecting our CSAT program. It is a continued success and our customers appreciate being proactive to train their employees before a crisis happens. Our team of CSAT experts has grown over the past two years and this is due in large part to my persistent dedication and hard work along with the rest of the E-Tech team.

Can you tell us a little bit about what you do? What are the main challenges you help navigate?

I am the main person in charge of the Cyber Security Awareness Training, Dark Web Monitoring, Vulnerability Scans, Penetration Testing, and Security Audit services. I help our clients by educating them on the best cybersecurity practices and generating assessment reports for improvements to their organization’s overall security and resilience plan. Because of the pandemic, many companies changed their views and realized that they need Cyber Security Awareness Training due to the simple fact that there are so many malicious and phishing scams out there. And since everyone transitioned from in-office to remote work, they are even more susceptible to falling victim to these scams, causing companies major financial consequences.

Out of all your services, dark web monitoring may be lesser known by the general public. Can you tell us more about this practice?

When we talk about dark web monitoring, a lot of people still do not know what the dark web is in general. To understand what the dark web is, you need to have a basic understanding of how the Internet works. The Internet can be broken up into two parts, the surface web or open web, and the deep web. The surface web is anything on the Internet that can be accessed for free; things that can be found using a search engine. But the deep web is the part of the Internet where you typically need credentials to get to. A great example of the deep web that people use every day is their email. The dark web falls in an even deeper part of the deep web. Dark web websites are only accessible using a special browser software – the most common being the Tor browser.

Dark web websites are very safe for criminals because the fundamental aspect of them is the anonymity of the users. The dark web is a huge marketplace for illegal activity, including stolen credentials from major data breaches. This is where dark web monitoring comes in. There are multi-millions of stolen credentials being sold at any given time on the dark web. It is critical to know if and when your credentials have been bought and sold so you and your company can take proper precautions towards cyber theft. Dark web monitoring is a crucial aspect of cybersecurity, and it often gets overlooked. You can have the most secure systems, but all it would take is having the administrator’s credentials stolen, and all the safety precautions you took would come crumbling down.

What was it like providing IT services during the pandemic? Were there any new challenges you had to adapt to?

Not only did Covid-19 force organizations to accelerate their digital transformations, it also caused worker transformation. Most organizations had to urgently implement work-from-home business solutions and a large majority of organizations were forced to rely on devices the company did not own and could not manage or trust. This, of course, provided a lot of urgent work for our team. Not only did we have to change our policies in which we transitioned to a remote working team, but we were also asked to implement the change for a multitude of clients transitioning as well. The increased workload led us to expanding our team. Our talented managed IT support team continues to grow in size as well as skill.

What security risks do new business owners often fail to take into account when launching their website?

Some important things to remember when launching a website are:

  1. To constantly run updates on your website or else it could get easily infected with threats like SQL injections or viruses.
  2. Lack of security products, such as a firewall or SSL certificate. If your website is secure, it should start with ‘HTTPS’ before the website link so a secure connection can be established.
  3. Improper server setup/configuration. Security misconfiguration gives hackers access to private data or features and can result in a complete system compromise.

It is important to keep everything in your website, from the theme to the plugins to the SSL certificates, updated – it must all be current to the technologies of today.

What cybersecurity threats do you think can become a prominent problem in the near future?

Ransomware continues to be the number one threat to businesses of all sizes and industries. Damages from ransomware are expected to be more than $20 billion US by the end of 2021, according to Acronis Cyberthreats Report 2022. Phishing also continues to be a major threat vector along with malicious emails still being at an all-time high. Cyberattacks are currently on the rise in the World due to the recent Russian invasion of Ukraine that started on February 24, 2022. To counter Russian abilities, Ukraine has called on global hacktivists and cyber experts to join its international “IT army” to help defend the Cyber front. Due to this people should be more vigilant and remember to:

  1. Think before you click and don’t believe everything you see online
  2. Use strong and unique passwords
  3. Use a VPN on the public internet
  4. Update everything – including software
  5. Turn on multi-factor authentication
Additionally, what are the best cybersecurity tools do you think everyone should have in place to combat these threats?

Use a multi-layer approach to protect your organization’s data and information. Install security software on your business computers and devices to prevent infection, including:

  1. Malware solutions to weed out malicious emails coming through
  2. Endpoint protection to protect devices against known infections
  3. Firewall to protect networks against unauthorized access

Keep systems updated, ensuring operating systems and security software are kept up to date automatically (or manually, if necessary). Enroll your organization in Cyber Security Awareness Training and phishing simulations to test and train good security habits. Also, make sure you have contingencies in place, including data protection and disaster recovery plans, in the event of a disaster. And very important – use a password manager application to help create, manage, and protect your credentials.

And finally, what’s next for E-Tech?

The luxury of working in the IT industry is that even amidst natural disasters, like Covid-19, there is always work as well as the opportunity for growth. Since 2005, our primary sector of focus has been the not-for-profit sector and small business, but we are starting to see heavy increases in other industries as well. Over the past couple of years, we have begun taking our first steps in the entertainment industry with website designs for award-winning director and actor Karena Evans, and world-renowned choreographer and creative director Tanisha Scott. Also in the past few years, we have seen a huge increase in the health services industries, where we now supply managed IT support for over 20+ long-term care homes. We believe this is also just in the beginning stages of potential revenue. As industries continue to become more technically advanced, businesses like ours will always have opportunities to explore in terms of cybersecurity services and managed IT services.

iMIS Security: How to Disable the access of an Administrator

By |2022-02-07T16:15:51-05:00February 7th, 2022|Hosting, iMIS, IT Support, Uncategorized|

As your organization continues to move forward and grow, you typically cycle through many staff and volunteers, which can also extend to the administrative level. Whether an administrator is let go, leaving for another opportunity, retiring, etc., the issue remains that they have access to sensitive data.

Here, we outline a guide on how to disable the access of an administrator in iMIS:

We would advise you not to delete the user from IMIS. In certain scenarios, deleting the user would affect records that were updated by the user in the past. Instead, disable the user’s account in iMIS or change the user type from ‘full’ to ‘public’. This will allow the user to still login to the system from public websites and update their profile, but any administrative level access would be revoked.

You can do this by going to the staff site -> community -> security -> users and finding all users. Find the account you wish to change and click on the logon name. Scroll down to staff access and modify the permissions. Make sure the account no longer contains a ‘SysAdmin’ role if it had it before. Change the manager’s password (If the user had access to the manager’s account). If the user had access to any of the other staff passwords, please update those passwords also. Changing passwords for the account can be done by simply entering in a new password and pressing the save button in the bottom right corner.

At E-Tech, we are iMIS experts with over 25+ years of experience in consulting, hosting, and maintaining clients. E-Tech was also awarded Authorized iMIS Consultant of 2020 in Canada by Advanced Solutions International (ASI). Please Contact Us for more information or if you need any assistance with iMIS.

2021: Breach News, Year in Review!

By |2022-01-13T11:53:05-05:00January 13th, 2022|Business Continuity Solutions, Cyber Security Awareness, Dark Web Monitoring, Infrastructure Security, IT Support, Website Security|

For most people, the year 2021 will be remembered for the infamous COVID-19 ongoing pandemic. However, for cyber criminals, it will be remembered as one of the most lucrative years to date. Cyber crime continues to grow, and in 2021, it reached heights like never before.

Take a look back at some of the biggest data breaches of 2021:

robin hood

Financial services platform Robinhood made the news after disclosing a data breach on November 3. The company blamed the security incident on vishing. Threat actors obtained access to the organization’s customer support systems by obtaining system access over the phone. This is the same technique that proved successful in the 2020 Twitter hack. According to reports, after accessing the data, the cybercriminals then demanded an extortion payment to keep the data safe.

Bleeping Computer reported that two days after Robinhood disclosed the attack, a threat actor named ‘pompompurin’ announced that they were selling the stolen information of 7 million Robinhood customers’ for at least five figures, which is $10,000 or higher on a hacking forum.

Key Takeaway: Stock trading became trendy with meme stocks gaining traction on social media as new investors entered the market quickly and easily through apps like Robinhood. But FinTech and similar sectors also caught the eye of cybercriminals who stepped up their hacking efforts looking for quick scores of cryptocurrency and financial data.

Helpful Resource: Make sure you’re protecting your client’s credentials with strong security. That starts with building strong passwords with our resource Best Password Security Tips – How Hackers Steal Your Passwords.

ea sports

On June 10, the hackers posted a thread on an underground hacking forum claiming to be in possession of EA data, which they were willing to sell for $28 million. According to reports, the hackers used the authentication cookies to mimic an already-logged-in EA employee’s account and access EA’s Slack channel and then tricked an EA IT support staffer into granting them access to the company’s internal network.

EA did not pay the extortionists, who then dumped the data on the dark web. Hackers leaked an estimated 751GB of compressed EA data containing FIFA 21 source code on a dark web forum.

Key Takeaway: Cybercriminals are hungry for data and that includes proprietary data about projects and products. This trend also tracks with medical research and pharmaceutical data.

Helpful Resource: Develop expertise in all things ransomware that will help you defend against threats to your data. This breach could have been prevented with Cyber Security Awareness Training.

Microsoft-Logo-2012-present

Microsoft reported that suspected Chinese nation-state actors that it identified as Hafnium exploited a flaw in Exchange that gave them access to an unspecified amount of data or email accounts. In its blog, Microsoft stated that Hafnium had engaged in a number of attacks using previously unknown exploits targeting on-premises Exchange Server software.

Microsoft estimated that 30,000 or so customers were affected. This flaw impacted a broad range of customers, from small businesses to local and state governments and some military contractors. The hackers were able to steal emails and install malware to continue surveillance of their targets. Patches were quickly made available, but the damage had been done.

Key Takeaways: This incident had an impact that is still being measured. Companies that quickly patched the flaw fared better than companies that didn’t. This incident is a reminder that risk can come from unexpected directions at any time.

Helpful Resource: Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to identify the different types of cyber attacks and how to combat them with our resource 7 Types of Cyber Security Attacks with Real-Life Examples.

Newfoundland and Labrador

A cyber attack crippled the healthcare system of the province of Newfoundland and Labrador on October 30. The ransomware attack hit scheduling and payment systems, causing interruptions in patient care including the cancellation of all non-urgent imaging and medical appointments as well as a reduction in chemotherapy sessions and significant complications for the province’s COVID-19 response.

Eastern Health reported that their payment systems to suppliers and vendors were also targeted by the attack.

Hackers stole personal information connected to both patients and employees in the Eastern Health and Labrador-Grenfell Health regions of Newfoundland and Labrador’s healthcare system in this attack.

Key Takeaway: Hacking and ransomware against everything medical was the big trend of 2021 as COVID-19 treatment and research data became valuable in dark web markets. Bad actors will continue to hunt for data from medical sector targets because it often results in a quick harvest of valuable PII and financial information.

Helpful Resource: Securing against ransomware has become so essential. Hackers have no conscience, and will use your data against you to extort you. You can protect yourself against ransomware with proper Business Continuity Solutions

jbs

International meat supplier JBS SA was hit by a crippling ransomware attack in late May 2021. The world’s largest meat producer, Brazil-based JBS has operations in 15 countries and serves customers worldwide including the US, Australia and Canada.

The company said that it was immediately in contact with federal officials and brought in a “top firm” to investigate and remediate the incident. JBS initially stated that the attack only impacted some supplier transactions and no data was stolen, but later admitted that data was exposed. JBS ended up paying an $11 million ransom to the REvil ransomware group after the attack caused meat shortages across the US, Australia and other countries.

Key Takeaway: Industrial production of all sorts from food to computer chips was firmly in cybercriminals sights in 2021 as part of double and triple extortion ransomware operations, and that likely won’t change in 2022

Helpful Resource: How healthy is your cybersecurity culture? You should be testing your Network Security on a quarterly basis!

Colonial Pipeline Company logo

On May 6, 2021, a major Russian hacking gang successfully mounted a ransomware attack on major US fuel transporter Colonial Pipeline. The company is the operator of the largest fuel pipeline in the US, moving fuel into states on the Eastern seaboard, transporting more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor.

The point of entry for the gang was reportedly a single compromised employee password. Using that stolen password, the DarkSide affiliate slipped inside Colonial Pipeline’s security and inserted DarkSide’s ransomware. The company purportedly paid a ransom of 75 bitcoin or $4.4 million. In addition, the gang stole an estimated 100 gigabytes of data that had the potential to be highly sensitive. Shortly after this attack, DarkSide went dark for good.

Key Takeaway: Cyberattacks against infrastructure targets have become a hot topic, and companies that own and operate them should be cognizant of their elevated risk.

Helpful Resource: The hackers will always go after the weakest link in the cybersecurity chain, the end user. This hack would have never happened with proper Business Continuity Solutions, and Cyber Security Awareness Training.

Title

Go to Top