National Cyber Security Awareness Month

Cyber Security Awareness Week 3 – Verify Messages!

By |2021-09-30T10:36:48-04:00September 30th, 2021|Cyber Security Awareness, National Cyber Security Awareness Month, Uncategorized|

Week 3 - Verify Messages
Verify and report

This week, read about how the employees of FireEye and SolarWinds responded to a hack and where a timely verification would have changed the outcome.

SolarWinds hack — Supply chain hack

The SolarWinds hack was first spotted by someone at FireEye, a cybersecurity company. A staff member noticed that an employee signed in using their username and password but a new phone number.

This suspicious behavior set off alarms.

The staff member needed to verify if the employee had a new phone number. In this case, they did not. Once this was confirmed and they realized that an attack was underway, people jumped into action.

  • SolarWinds is a software company. In this hack, network management software was compromised.
  • Many large organizations such as Microsoft, Intel and even the U.S. Department of Homeland Security were using SolarWinds. This meant their organizations were compromised too.
  • Sudhakar Ramakrishna, CEO of SolarWinds, immediately announced this issue to the world. He said, “The right thing to do is report.”
  • What is a supply chain hack? A supply chain hack is an attack on one part of a supply chain. This hack is efficient because it can get hackers into multiple organizations quickly.

Cyber Security Awareness Week 4 – Report & Follow the Policies!

By |2021-09-30T10:18:37-04:00September 30th, 2021|Cyber Security Awareness, National Cyber Security Awareness Month, Uncategorized|

Week 4 - Follow the Policies - Print
Week 4 - Report
Follow policies and procedures

This week, read about how one empl
oyee helped make a difference by taking quick action.

Colonial Pipeline attack — Ransomware

A little before 5 a.m. on May 7th, 2021, an employee at the Colonial Pipeline noticed a ransom note on the computer, demanding cryptocurrency. This employee followed the company’s policies and procedures and immediately reported the situation.

The Colonial Pipeline attack might be one of the largest and most impactful cyberattacks in history. It started when the hackers gained access to the Colonial Pipeline networks by using a leaked password to enter the company’s VPN (virtual private network).

  • The VPN did not use multi-factor authentication, a cybersecurity tool that adds an additional layer of protection.
  • After extensive research, they found no evidence of a phishing attack. This led them to believe that the password used was the same password for another account that had been previously hacked.
  • One of the country’s largest pipelines was shut down, impacting gasoline accessibility and prices for about two weeks.
  • What is a ransomware attack? A ransomware attack is when hackers gain access to an organization’s system, encrypt and lock all of the data and then demand payment.

7 Types of Cyber Security Attacks with Real-Life Examples

By |2021-09-16T09:51:52-04:00September 16th, 2021|Cyber Security Awareness, Infrastructure Security, IT Support, National Cyber Security Awareness Month, Website Security|

With every passing day, cyber crime is a continuingly increasing methodology in the criminal industry with no signs of slowing. Every day, there are new tools and strategies that allow cyber criminals to target you and your company’s data with increasing success rates. You may be asking yourself, Why do criminals want my data? As society continues to progress with technology, the data produced also increases in value drastically; which directly correlates to how much you integrate your daily life and/or corporate life with online tools and apps. With the above mentioned, sometimes it gets to a point where separation from their data, people and businesses cannot function; thus putting themselves at a severe disadvantage against their competitors. With the high and rising value of data, the risk of losing it increases as well. How? Cyber crime! Having no cyber security plan for you or your business is like a bank with an open vault. Knowing what kind of attack criminals can use is key to keeping you and/or your business from falling victim to these crimes.

Phishing example
Malware

Malware can be described as any malicious software that is installed on your device after a user may click on a dangerous link inadvertently or open an attachment. There are many forms that malware can take, with some of the most common being Viruses and Trojans. Viruses are coined after biological viruses, in that they replicate themselves, and can infect applications in the user’s device. Trojans, or Trojan horse malware term came from the ancient Greek story of the fall of the city of Troy due to the deceptive trojan horse. This malware spreads by pretending to be a useful software while secretly containing malicious instructions. In July 2016, a Japanese travel agency, JTB Corp, suffered a data breach compromising almost 93 million user records. The data breach was a result of an employee opening a malicious document which he received via a phishing email. The malicious document included a trojan horse, that is designed to steal user information. It was reported that 7.93 million user records from Japanese Travel Agency were compromised. 1

Ransomware Attacks

Ransomware specific type of malware that gains control of your system and blocks access to your files. It can infect your computer from an email attachment or through a bad website. Upon infection, a ‘ransom note’ pops up, offering to restore your system back to normal in exchange for compensation. With ransomware, we always recommend to never pay the ransom! Why? There is absolutely no guarantee that you’ll get your files back. You simply cannot trust a criminal to adhere to their promises. Secondly, you’ll be putting a target on your back. If you pay the ransom once, you’ll be flagged as a user who pays the ransom, and the criminals will be back to take advantage of you again.

wannacry ransomware attack

This is an example of Ransomware and this was called the WannaCry attack, and at the time it was the biggest ransomware attack ever. It hit earlier in 2017 in over 150 countries and over 200,000 organizations. How did this even happen? Well, the hackers found an exploit in older Windows operating systems that had already reached its end of life. When an operating system reaches its end of life, it means the company is no longer making security updates. Why is this important? A lot of people and companies continue to not update their systems. Its so important to update all your operating systems from your Samsung Galaxy, Windows desktop, iPad or iPhone and everything you use on a daily basis with critical updates to keep your systems protected.

Man in the Middle Attacks

The man in the middle attack is where a cyber criminal is intercepting your data or information while it is being sent from one location to another (ie. communications system to a server). This type of attack is very common with vulnerable Wi-Fi connections like at coffee shops, hotels, and restaurants. While your out in public, always be wary of open Wi-Fi networks. These can be set up as traps by cybercriminals to lure people into accessing websites with sensitive information, all the while they are snooping on your activity. In 2017, credit score company Equifax removed its apps from Google and Apple after a breach resulted in the leak of personal data. It was found that the attackers were intercepting data, in the form of a man in the middle attack, as users accessed their accounts. 2

equifax
Distributed Denial of Service (DDoS)

In this cyber attack, the criminals are basically trying to overload the system you would have in place, either it be a website, server, etc., with traffic. This will typically cause the system to crash or shutdown, resulting in downtime. These types of attacks typically do not result in stolen information. Most of the time, these attacks are a form of bombardment from the cyber criminal meant to shut your system down, resulting in lost revenue from downtime and recovering your files. On Sept. 9, 2021, there was a huge cyber attack on the Russian Tech powerhouse, Yandex, and is believed to be the biggest DDoS attack ever seen. Yandex reported that their “experts did manage to repel a record attack of nearly 22 million requests per second (RPS). This is the biggest known attack in the history of the internet.” 3

Password Attacks

This can be described as any attack designed to steal a user’s passwords or credentials. There are basic techniques that even non-hackers can use like manual guessing. This is where a bad actor can guess your password based on the information they learn from your social media. Or even basic shoulder surfing, where someone literally watches you as you type in your password, or even if you have a sticky note of your password on your desk. And there are more advanced techniques like a brute force attack. This is where a hacker has a program that can guess literally millions of passwords at a time. That’s why we say that having a weak password is like not having a password at all. They can even use programs that have key logging. This is when you’re on a malicious website or even if you’ve accidentally installed a key logging program, and now the hacker can see anything you type. They’re basically waiting till you go to your banking website or social media and type in your credentials.

Back in August of 2021, the Canada Revenue Agency was a victim of a password cyber attack, whereas their online systems were shut down for several days, and over 5000 accounts were compromised! This was due to the technique called credential stuffing. This is where the hackers buy or steal users’ passwords from other sources and data breaches, and they use those passwords to try to log into the CRA accounts. This can be a huge problem, especially if users use the same password across multiple platforms.

password cracked
Drive-By Download Attacks

Drive-by attacks happen when you’re surfing the internet and enter a website that has malware code on the page, and you inadvertently download the code. It is also one of the most common ways of spreading malware. All the hacker has to do is to plant code on the page. A common example of this is when you’re on a website and an ad pops up that has nothing to do with the site’s information. Most times, clicking the ad will result in malware being downloaded onto your computer. Unlike other cyber-attacks, a drive-by attack does not need you to do anything to enable the attack on your computing device.

A popular form of drive-by attack is cryptojacking. This is where there is code on a website that is stealing your device’s processing power to mine cryptocurrency. Mining cryptocurrency requires a lot of processing power, so this attack is not designed to steal any information from you, but rather steal your computer’s power. If you’ve read this post and you’re thinking you need help with keeping your network secure, contact us to get professional help!

What is the Dark Web? – Screenshots from the Dark Web

By |2021-04-20T08:05:30-04:00April 20th, 2021|Cyber Security Awareness, Dark Web Monitoring, National Cyber Security Awareness Month, Website Security|

With all of our seemingly trustworthy big businesses constantly getting attacked by cyber criminals, you may have wished upon a star for a place on the internet where you are untraceable – a place you can explore with complete anonymity. That virtual haven is known to its users as the Dark Web.

Although complete anonymity is nearly impossible, surfing the Dark Web is the closest you can get to it. But what is it? To understand the Dark Web, you must have a good understanding of how the internet works.

When we’re looking at the internet, a great analogy to use is the famous iceberg:

How the Internet works Iceberg

Looking at this iceberg – what the common user thinks the whole internet consists of is actually only the Surface Web. This is the portion of the World Wide Web that is readily available to the general public.

What it consists of is anything you can access for free, which is also why its called the Open Web. Most of the websites you can access on search engines like Google and Bing, these are all considered to be part of the Surface Web.

We are all familiar with this part of the internet since we use it to run businesses and connect with family, friends, and customers, and much more. But what’s crazy is that The Surface Web only consists of about 4% of the information that is on the internet.

Now as we start to move below the surface on our iceberg, an estimated 96 percent of the internet lives here in what is called the Deep Web. No one really knows how big the Deep Web really is, but it’s hundreds (or perhaps even thousands) of times bigger than the Surface Web.

What this part of the internet consists of is data that you won’t be able locate with a simple Google search and is not open to anyone to access. Most sites that require credentials to get into can be categorized as the Deep Web.

In reality, most of us use the Deep Web everyday without even realizing it with things like email, online banking, and pretty much everything that requires a username and password to access.

There’s a flip side of the Deep Web that’s a lot murkier, and sometimes darker. This is why it’s known as the Dark Web. That is represented by the bottom portion of the iceberg.

In the Dark Web, the users really do intentionally bury data. Often, these parts of the Web are accessible only if you use special browser software. You won’t be able to get the dark web websites with Google Chrome, Mozilla Firefox or Internet Explorer. The most common dark web browser is called the Tor Browser, and what the Tor browser does is it makes the user anonymous, so it becomes extremely safe for criminals.

Tor Browser Logo

However, the dark web isn’t all bad; it’s used for an array of purposes of everyday people. For example, journalists use the dark web to help protect their sources, there are social media websites, and the government may also use it in whistle blower situations.

But unfortunately, the dark web carries a notorious reputation as the haven of criminals, terrorists, nefarious sites, and everything in-between. It is a huge marketplace for stolen data and personal information. After a data breach or hacking incident, personal information is often bought and sold on the dark web by identity thieves looking to make money off your good name.

The Dark Web attracts all types of crime, simply because of the anonymity of it. In fact, it’s estimated that 50% of all Dark Web sites are used for criminal activity. This criminal activity can include the selling of narcotics, illegal weapons and firearms, hired assassins, child pornography, malware, and anything else cyber criminals can do over a wired connection.

How does this cyber criminal underworld affect you?

When data breaches occur to big corporations, the credentials, SIN, banking info, etc. – it all starts to get sold all over the Dark Web. That stolen data is then used to steal your identity, your money, and further spread the computer diseases to your friends and colleagues.

Just to show you how legitimate the sites are on the dark web, we’ve taken some screenshots to share with you!
Clone Card Crew Dark Web Website

This dark web website is called the Clone Card Crew, and it’s a criminal website where you can buy and sell real credit cards. The selling of Credit or Debit card information is very popular on the dark web, with this site selling information from $5-$110.

What they’re selling is a “full” package purchase for the fraudsters: including the stolen name, SIN, birth date, account numbers… really anything you need to use the card effectively. Sites like this will even discreetly mail you the card, so your neighbors have no idea what you are up too! And to ensure the validity and trustworthiness in the purchase, buyers can even leave reviews for sites like these, similarly to how someone would leave your company a google review!

300 Fullz on the Dark Web

This is an example of a post on the dark web were a cyber criminal is selling 300 “Fullz” of Californian business owners. The word fullz is a slang term used by credit card hackers and data resellers meaning full packages of individuals’ identifying information. Fullz usually contain an individual’s name, SSN or SIN, birth date, account numbers and most other data. With this post in particular, the price was extremely low; for only 15 euros, you can steal the identity of 300 people and possibly ruin their lives. As we can see, it was so popular that it sold out.

How can you stay protected from the Dark Web?

Here’s a step by step process to ensure greater security:

1 – Knowledge is Power:
With our Dark Web Monitoring, you can receive up to the minute alerts as to when your business credentials are being sold on the dark web. This is one of the best ways to stop cyber attacks towards your business before they happen.

Register for a free domain check to see if you or your organizations credentials are being sold over the Dark Web.

2 – Password Protection is key:
About 80% of people will use the same password or a derivation of the same password for multiple different services [2]. This makes it extremely easy for hackers to gain access to multiple services if they buy only one on the Dark Web. “P@ssw0rd1!” is not hard to crack – check out our password tips to become more secure.

3 – Use multi-layered security solutions for your services:
This is great protection in the event that a cyber criminal gets access to your credentials and is actively trying to log into your accounts. Wherever possible, enable 2-Factor Authentication or Multi-Factor Authentication.

For example; you can set most of the popular social media websites to send you a verification text message every time your account is signed into, to ensure that it’s actually you signing in. This extra layer could be the difference between safety and a huge cyber attack.

4 – Keep your software up to date: In 2017, the infamous Wannacry ransomware ran rampant throughout the world whereas over 150 countries and over 200,000 organizations were impacted. This was simply because the hackers found an exploit in older Windows operating systems. Security updates can seem mundane, but they’re there for an ever-important reason.

Antivirus services are constantly finding new threats and updating their procedures. Make sure to update your software so you are protected from the newest and more sophisticated threats.

5 – If you’re breached, call in the experts:
When you deal with cyber crime, it’s especially hard to fight back without the help of an expert. Not everyone or every organization can spend all day thinking about security, but there are experts like E-Tech who do.

Feel free to Contact Us for more information.

You shall not pass! Protecting customer information!

By |2020-10-30T10:01:50-04:00October 30th, 2020|Cyber Security Awareness, National Cyber Security Awareness Month, Uncategorized|

personal data is more important than ever. Lots of companies collect information while doing business, and that means when those companies get hacked, that customer info gets exposed to the world. Your smarts, though, can make a difference and help protect those people who trust you with their data. Let’s talk about protecting customer information. First, it’s important to know what you can and can’t collect. You can usually find that information in your handbook, or by asking HR; they should be able to point you to the right rules. It all depends on the laws. Making sure you know ahead of time will save you a lot of headaches later! Second, be aware of possible trouble. Some data, like email addresses, seems harmless enough, but it can be exploited by a scammer. If someone approaches you and asks for customer information, you’ll be the first line of security between an innocent person and someone wanting to steal their identity. Always be suspicious when someone asks for info! Third, check out our infographic for more great tips on customer data protection:Can’t view the pdf? Download it here. PROMO: We are also offering Working from Home Cyber Security Packages starting from $30.>

Title

Go to Top