LSeven Solutions Blog

Do you remember how your bank issued you a new debit or credit card with a built-in, security-enhancing chip? There are now ATMs specially designed for use with these chips. Unfortunately, the same technology that was originally meant to secure your finances can also be used against you in the form of fraudulent cash withdrawals.

If your employees are given an Android device to use for work, or if they bring in their own as a part of BYOD, you may want to pay special attention to what follows.

Online threats against healthcare organizations are currently one of the biggest cybersecurity issues. A reported 100-million-plus total medical records have been compromised, according to IBM’s 2016 Cyber Security Intelligence Index. How could a hacker profit off of accessing someone’s medical records? Simply put: ransomware.

The short, yet devastating, history of ransomware is littered with what amounts to individual horror stories. As you may well know, ransomware, is a particularly devious and potentially devastating strain of malware that, when enacted, locks a computer’s files down so that the user can’t access them. In their stead, a message is relayed that instructs them to contact a third party to pay a ransom for access to the files. This is where the threat gets its name.

There aren’t many instances of hackers targeting physical infrastructure, but the few that make themselves known tend to be quite catastrophic. Take, for example, the devastating cyber attack on the Ukrainian power infrastructure, which left thousands of citizens powerless. Now, several months later, authorities believe that other major countries could also become a target of similar attacks.

Time hasn’t been kind to the password. It’s continuously put down as one of the least secure methods of protecting systems. It’s not due to any fault of the password, though. People just have a hard time remembering long and complex passwords. To aid in security, it’s recommended that you use some sort of multi-factor authentication. While some users prefer easy SMS message two-factor authentication, there are actually many different types of multi-factor authentication available.

In a bizarre reminder of why security best practices are so critical to the world of IT, it has been reported that one of the largest collections of hacked and stolen login details are currently making the rounds in the Russian black market.

Ransomware is still on the rise, and the Federal Bureau of Investigation has labeled it as one of the biggest dangers to businesses of all kinds. Compared to other methods of spreading malware, ransomware has a unique return on investment that keeps hackers wanting more. One new variant of ransomware uses a phishing attack that’s tailored to your real-world address, which is exceptionally concerning for victims.

Ransomware has been spreading like wildfire over the past few years, but up until very recently, Mac users were spared from this troubling development. Now, security researchers at Palo Alto Networks have discovered what they believe to be the first instance of completed ransomware on an Apple device. As this threat is “in the wild,” Mac users should be wary of it and see it as a potential threat.

Small and medium-sized businesses continue to have problems shoring up their cyber security. Even with the latest solutions, like antivirus and firewalls, they still need to be wary of impending attacks. New threats are created on a daily basis, all of which want to infiltrate your network and cause harm to your business. In fact, 27.3 percent of all malware in the world was created in 2015 alone. Will we ever escape from the clutches of malware?

Virtually every kind of online account requires a password. Yet, due to the aggressive nature of hackers, passwords alone are no longer enough to protect your information. The best way to approach network security is to have more protections in place than just a flimsy password.

Most computer users should practice the policy of ensuring optimal security on their PCs. To this end, assuming that you’ll be hacked (or at least targeted) at some point is pretty reasonable, as it allows you to plan ahead and take preventative actions. Still, there are plenty of people in the world who don’t care enough or worry enough to make security-minded decisions. Contrary to popular belief, there are countless ways that a hacker can take advantage of a hacked PC.

Security is a top priority in today’s business environment, especially following high-profile hacks of notable enterprises. Unfortunately, the fact of the matter is that these hacks could have been prevented if both the employees and employers of these organizations followed strict security best practices for their technology. Thankfully, it doesn’t have to be hard to teach your team how to properly use technology.

A good business practices extreme caution when using the Internet, thanks to hackers using any means possible to unleash threats against organizations of all sizes. You teach your employees how to avoid threats and to avoid suspicious websites, but what if that’s not enough to keep hackers out of your network infrastructure?

It’s natural to replace older technologies with better, more recent models. However, the future isn’t looking too bright for the world’s most common website encryption method, SHA1, which will soon be replaced by a more secure protocol. Pretty soon, browsers and devices may have some difficulty reading the latest security certificates, which could cause quite a problem if it’s not remedied.

As mentioned, there are other types of malware that target ATMs almost exclusively, including a backdoor called Ploutus. Just like GreenDispenser, Ploutus originated in Mexico, and allowed criminals to steal money from ATMs by sending commands through the PIN pad or through a keyboard. Later versions allowed hackers to send a text message to the ATM to distribute cash. While this ATM malware originated in Mexico, it’s suggested by Ploutus’s English localization that it was designed for use in other countries.

The chances are actually very high that your organization will be targeted if you don’t take action to stop it. Here are three reasons, according to StaySafeOnline.org, that the small business is a key component of a hacker’s hit list.

Small Businesses Are More Exposed
While large enterprises have the funds and personnel available to enact strict security protocol and regulations, the small business doesn’t. Instead, they rely on their staff’s limited knowledge of cybersecurity to protect their data. It’s reported that 71 percent of security breaches are small businesses, which you wouldn’t be able to tell from the attention given to recent high-profile hacks, like Target and Sony.

Small Businesses Have Sensitive Data
Believe it or not, it doesn’t take much to attract hackers to a business. They understand the true value of data, and even a few credentials or records are enough to attract unwanted attention from these criminals. The typical small business has employee records that hold personal information, financial records like credit card numbers, and some even have health records on file that are in high demand. Hackers take this information and sell it on the black market, which make it a lucrative source of revenue for criminals.

Small Businesses Are Vulnerable to Phishing Attacks
Hackers don’t want to take any risks that they don’t have to. Small businesses are often targeted by spear phishing tactics, which is when a hacker attempts to steal credentials by posing as someone with authority. Hackers will often take on the identity of an organization’s IT technician or vendor in order to acquire credentials for internal network access. This, in turn, leads to hacking activity that’s difficult to trace, and is ultimately much safer than other hacking methods.

The good news about these common weaknesses and shortcomings of small businesses is that it doesn’t have to be challenging to protect your business from hackers. All it takes is some proactive monitoring and a quality security solution from L7 Solutions. By actively monitoring your organization’s network for potential weaknesses in your infrastructure, it becomes much more plausible to keep threats out of your system. Hackers love to take advantage of weaknesses in the source code of operating systems and applications, but if you apply the proper patches, you can dramatically increase your network’s security presence.

Similarly, you want a quality security solution, like a Unified Threat Management (UTM), which can protect your network from all manners of threats found on the Internet. By blocking threats through a combination of a firewall, antivirus, spam blocker, and content filter, you can keep dangerous entities out of your network and destroy those that make it through your defenses. Give us a call at (954) 573-1300 to learn more.

Ransomware is one of the most devastating computer viruses in today’s computing landscape. You may have heard of one of its most famous variations, Cryptolocker. It received a lot of attention when it dramatically hit the scene two short years ago. Thankfully, the threat from CryptoLocker has decreased after the GameOver Zeus botnet was taken down last year. Although, now we’ve got a new, more contagious strain of this ransomware to deal with known as Cryptowall.

If you feel that there’s an increase in ransomware activity, don’t worry; it’s not just you. Hackers are now taking greater advantage of ransomware, a threat that locks down files and returns them in exchange for a payment. This is wreaking havoc on the computing world. Even the FBI has acknowledged the threat, and has issued a warning that the most likely type of cyber extortion users will encounter is probably going to be DDoS attacks.

For argument’s sake, do you think society today relies too much on technology? In the Information Age, both businesses and governments have to be more careful than ever about how they approach cybersecurity. However, what would happen if a massive cyber war were to render any and all computing systems in the United States inert? Granted, such a powerful, in-depth attack is unlikely, but it’s sometimes fun (and frightening) to examine the worst-case scenario.