Posts

Phishing and Spear Phishing

This post is part of our Cyber Threat Series.

The Challenge:

Cyber criminals prefer Phishing attacks. Phishing and Spear Phishing remain the primary vector for Malware attacks. Hackers evenly distribute attacks between two variants: Malicious Email Attachment (39.9%)  and Malicious Link (37.4%).

Leveraging human nature, phishing attacks look and feel like legitimate emails. Recipient often miss the cues that the email is fraudulent. We respond by clicking links to malicious websites, opening pictures or videos with hidden downloads, or opening infected attachments.

Advanced phishing attacks correlate public information from social media and pirated information from compromised systems to further personalize the attacks. These advanced attacks do a better job of hiding the malicious intent. As such, even savvy users fall prey.

What to Do:

The best protection is multi-level and multi-vector:

  • Teach your users about the risks and how they can help prevent attacks. User awareness leads to smart decisions on when to trust and when it’s safe to click.
  • Protect your devices with “Next Gen” endpoint protection. This includes your desktops, laptops, and mobile devices. Phishing attacks are usually platform independent and, therefore, trigger from most any email client or application.
  • Protect your email with an independent advanced threat protection (ATP) service. ATP covers inbound and outbound traffic.  ATP uses pre-analysis and testing of links and attachments for mismatched domains, copycat content, and malicious behavior. This “sandboxing” lets the ATP service block attacks from reaching your inbox.
  • Add a DNS and Web Protection solution to your environment.  Web protection blocks infected or fraudulent web sites, including blocking malware on infected sites we trust. DNS protection prevents hackers from corrupting and using your domain identities.
  • Deploy backup/recovery and continuity services that protect your on-premise and cloud data. Should an attack make it through your protections, you should be able to keep your business running while you clean up the damage.

Contact us to discuss your cyber threat protections. The Cloud Advisory session is complimentary and without obligation.


 

Upgrade Your Endpoint Protection


Most malware and virus protection takes the form of an endpoint protection solution that resides on each PC or Mac. As the system accesses files, the content is compared against a database of malware profiles. These types of solutions are failing more frequently as the number of malware variants skyrockets and the threats get more sophisticated.  Detecting malware depends more on analyzing file behavior patterns than it does the file content.

Cloud-based Alternatives offer Better Solutions

Traditional endpoint protection software is limited by the local device resources and the need to minimize performance degradation.  Instead of using a database with megabytes or gigabytes of information, cloud-based solutions compare file content and behaviors against terabytes of information, improving accuracy and dramatically reducing risks. The footprint on the endpoint can be significantly less, avoiding the performance impact of most endpoint protection software. Cloud-based endpoint protection solutions offer the ability to protect users across devices — PC, Mac, iOS, and Android — through a single system and management console.

Leveraging a cloud-based endpoint protection solution can improve your protection against current and evolving risks, at a more cost-effective price.

Our Recommendation

We recommend Webroot SecureAnywhere as our preferred solution for several reasons:

  • Webroot is better at catching behavioral malware, such as ransomware
  • Webroot can coexist or replace your current endpoint protection solution
  • Webroot can protect individual devices, or users across multiple devices and device types
  • Webroot has a small, secure footprint that does not create performance issues

And, we can offer you Webroot SecureAnywhere for 25% off the published price. Learn More.

Our Offer

Try Webroot SecureAnywhere for free for 21 days and let’s see if your current solution is missing any risks. If you like what you see, we can save you money on licenses and support.  If not, we discontinue the service.

Interested?  Let us know.

That Time Your Security Company Sold You Out

Privacy Button
As recently reported in Wired magazine, security firm AVG is updating its privacy policy and openly telling customers of its free services that it will sell some of the personal, non-identifying information about you to third parties. The new policy takes effect on October 15, 2015 and while the data may not identify you personally, it will certainly give advertisers, scammers, and hackers a clear idea of who you are and which of your interests they may be able to exploit.

As the policy states:

“We collect non-personal data to make money from our free offerings so we can keep them free, including:

  • Advertising ID associated with your device
  • Browsing and search history, including meta data
  • Internet service provider or mobile network you use to connect to our products
  • Information regarding other applications you may have on your device and how they are used.”

Granted, AVG gets credit for being upfront and honest.

But do you want your security software giving others your browser and search history, a list of applications on your devices, and a history of how you are using your apps?

The Advertising ID being shared means that so long as you have AVG on your device, third parties will know it is you even if they do not know specifically who you are (yet!).

Free is not free.  Lesson Learned.  AVG is telling you that in exchange for free security software, they will sell information about you to people that will use that information to advertisers, marketers, and those will try to scam you, steal your identity, and get you to bypass the very security you want to maintain.

Yes, you can upgrade to AVG’s paid services, but is this a company you still want to trust? Maybe it’s time for a new solution and a realization that even in IT, you get what you pay for.


If you prefer an endpoint security solution form a trusted vendor, contact us to discuss solutions or visit our web site for more information.


 

Security Alert: New Malware Wipes Hard Drives to Prevent Detection

computerkey
As first published on ZDnet’s Zero Day Blog, Cisco System’s Talos Group has identified a new strain of malware that will render systems useless to avoid detection and analysis.

Named as the Rombertick strain, the spyware collects data on everything a victim does online, indiscriminately, without focusing on specific areas such as online banking or social media.

Most concerning, however, is the Rombertick’s built in defenses. If the virus detects that it is being analyzed it will attempt to overwrite the Master Boot Record, rendering the PC inoperable. If that fails, the virus will destroy all files in a user’s home folder by encrypting each file with random keys.

In short, once infected, it is nearly impossible to remove without rendering you PC useless.

As Rombertick infection rates are still low, the best protection is good security practices:

  • Make sure you anti-virus software is up to date and switch to (or add) a cloud-based AV solution with continuous updates.
  • Do not click on attachments from unknown senders
  • Block email attachments that include executable scripts or code

While these steps are helpful, a defense-in-depth approach is best at identifying and preventing malware, particularly for viruses that are designed to evade detection.


If you would like to verify the robustness of your anti-virus protection, we can add a cloud-based layer of protection at no cost for a month and help you analyze your results. Contact us for additional information.

Click these links to learn more about our Webroot solutions and additional data protection and security solutions.


 

Ransomware Still Crippling “Protected” Networks

cyrptovirus
The rate of infections from crypto-viruses and other ransom-ware continues to rise. Even networks with traditionally strong malware protection are getting caught.

And while with good backups in place, it is possible to recover without paying the ransom, the process time consuming, frustrating, and expensive.

We outline the reasons for the broad failure of anti-virus/malware protection software in this prior blog post, providing 5 failings of most antivirus solutions.

Now, we are offering a risk-free way to assess if your malware protection is up to par.

The Offer

We will install Webroot Secure Anywhere Endpoint Protection, a cloud-based malware protection service that avoids the 5 failings of other solutions, at no cost for 30 days. Based in the cloud, Webroot will not interfere with your current protections.

At the end of the 30 days, you will see what malware, if any, was caught by Webroot that your existing solution has missed.

If your existing solution is not up to par, and you want better protection, we can activate a full subscription to Webroot for you $18 per year per device or less (more than 25% off).

Simply contact us if you are willing to see if your protection is enough, or if you would like more information.

USPS Data Breach: What SMBs Can Learn


As a small or mid-size business, you probably do not worry about hackers and data breaches. Your information is safely stored in-house or in a secure cloud service.  You do not have trade secrets or intellectual property coveted by foreign governments or industry. You accept credit cards, but those transactions are processed, saved, and secured by the credit card processor … you do not even have credit card numbers in your files or systems. It is not unreasonable for you to think that you are not a data breach target.

You are wrong.

The recent data breach at the US Postal Service should, however, serve as a wake up call. Hackers breached USPS systems not for customer data or credit card information; the hackers stole HR records for hundreds of thousands of postal employees and retirees (customer data was just a bonus). And, while the hackers were not able to go on an immediate debit-card spending spree, they captured all of the data necessary to steal identities — names, addresses, social security numbers, and more.

Regardless of your size, any personally identifiable information in your possession is an incentive for criminals. And you don’t need to be big to be caught. A stolen laptop, compromised account, or lost USB stick can enable data breaches in systems you think are secure.

Malware is the inbound marketing tool for hackers and identity thieves. 

When malware spreads, it makes its way onto business computers that the hackers may never have known existed. Malware often sits in wait, capturing passwords or other information and communicating the information to servers half way around the world. Hackers can then use this information to assess the value of the target and to gain more access to even more data. Hackers may also sell this information to other criminals.

Your business needs protection in place, and awareness of the scope of the problem is the first step.  Permissions monitoring and management, web filtering, device protection, endpoint protection, mobile device management, and user data protection may all be components of your solution.


Please contact us for a complimentary review of your current data protection coverage.

 

How eBay Can Destroy Your Business


eBay is putting your business at risk … and not in the way you might think.

This is not about lost productivity, eBay stores, or your merchant account. This is about eBay letting hackers attack your computers.  This is about hackers using eBay to steal usernames and passwords, employee data, and customer data.

As reported by ComputerWorld, eBay is under attack by security professionals for allowing “active content” in ads, which allows hackers to create listings and fake pages with malicious code.  Over 100 eBay listings have already been found to include malicious code designed to steal usernames and passwords.  Many of these listings were hijacked from sellers with 100% ratings and years of successful sales, creating a false sense of trust.

Employees shopping during their lunch break can unwittingly open up your corporate network to hackers, enabling theft of personal and customer information.

While eBay promises to monitor and assess the situation, one simple fact remains:

Even trusted web sites from major corporations can be compromised and pose a threat to your data … and your business.

While preventing people from using the Internet is an option, it is not a realistic option in today’s world.  Active protection is your best option.  Web filtering solutions not only block known malware sites, these services examine the code, content, and behavior of sites for malicious activities like those embedded in the corrupted eBay listings.  Combined with solid endpoint/user protection, you can defend your staff, your data, and your business from attack and data loss.


Web filtering solutions cost less than $3.50 per user per month with an annual contract. Please contact us to learn more or request a quote.

Click these links to learn more about Security Threats and Web-based Malware.

 

 

A New Approach to Protection

Security Key
One of the challenges in today’s world is that malware can come from anywhere.  Traditionally, viruses and other malware travelled by disk or thumb drive.  As our desktop protections improved, malware appeared in infected files attached to emails, or spam.  Today, malware is more likely to come from a web site you visit — even legitimate sites have been hacked — than anywhere else.

Additionally, malware targets every platform.  Once thought immune to viruses, MACs face some of the same risks as PCs.  Our smartphones and tablets, running iOS and Android, are also under attack with malware built specifically for those platforms and the information they often hold and access.

The problem with protecting all devices, is that we have historically needed a solution for each platform.  For those with laptops, smartphones, and/or tablets, as many as three solutions may be needed — each with purchase and subscription costs as well as administrative time and costs.  Additionally, historical malware protection focuses on infected files and malicious code on each device … even though the web is the greatest source of danger.

Looking forward, we need a better way!

Instead of working to protect devices and data, let’s focus on protecting the users.  Let’s offer protection through a single system across all devices.  Let’s offer protection that not only looks for traditional viruses and malware, but prevents malicious code and activities from hacked web sites.  Let’s deploy a solution that works with they way our users work — on smartphones and tablets, as well as PCs and MACs.  And, let’s do this without breaking the bank.

Does such a solution exist?

YES!  And, we are launching it soon.  Fill in the form, below, for pre-launch information and pricing.