Attacking Businesses During COVID-19 The deadly novel coronavirus is still in the forefront of most people’s thoughts, and as a result, many people remain home. With so many people kept from going out, people are relying on the Internet. Some businesses have shifted to remote, some haven’t but rely on online orders and support, and many others are effectively out of work, putting a lot of people online at once. For scammers and hackers, this is an ideal situation. They have taken this opportunity to set up spoofed websites that are designed specifically to get people to let their guard down enough so they can gain access to their accounts, including their business’ accounts. Unfortunately, this has become extremely common. Of the 1.2 million new COVID-19-related domains that have been built during the time spanning March 9-to-April 26 nearly 86,600 malicious websites have been created. 80 percent of those distribute malware if interacted with. An incredible amount of COVID-19 spam and phishing messages have also appeared. Some fraudulent email campaigns have claimed to come from the IRS, the CDC, healthcare organizations, and other companies. Protecting Your Business from Scams What are you to do with so many obvious (and some not-so-obvious) scams? You need to stay vigilant and remember that even though you are at home, on your home computer, that you need to function like you are on your workstation in the office. All the best practices you’ve been trained on in the office apply now and should be maintained. They include: Watch out for phishing – Whether it’s through email, messaging, or social media, keeping a skeptical eye out for phishing emails and spoofed websites will go far in keeping your business secure. Use strong passwords – Managing your passwords and keeping them up-to-date with the latest security best practices can go a long way toward securing your business. Keep data backed up and safe – Just because you are working from home doesn’t mean that your data is any less important. Keep it backed up and secured with antivirus and a comprehensive firewall. The IT professionals at SRS Networks have the experience needed to keep your business’ network secure during these hard times. Call us today at (831) 758-3636 to learn more.
One of the major cybersecurity concerns of today is how attacks are now frequently automated, making it intensely difficult for a human being to successfully keep up with threats. As a result, it only makes sense to automate your cybersecurity measures as well. There are a few ways that you can do just that. Crunching the Numbers Regardless of how much data you collect, just collecting it isn’t going to benefit your organization all that much – especially when it concerns your security. It also needs to be processed and analyzed, which is simply too big of a job to be done manually. By compiling data from multiple internal and external sources, a business can better predict how threats will play out, as well as identify those that it hasn’t yet encountered. By utilizing machine learning and automation technologies, this compilation and processing is a much simpler, faster, and more accurate process, bringing your business improved security measures. Furthermore, many businesses face a lack of security-oriented employees. Automation can help make up the difference, reducing the burden on whatever resources they do have to protect their network. How Automation Benefits Cybersecurity There are multiple ways that adopting automation can deliver improvements to your cybersecurity. Data-Supported Inferences By sequencing data collected from within your organization, along with data provided by security vendors and other sources, you can use this data to draw conclusions and make predictions about threats, enabling you to catch them more effectively. Outpacing Attacks with Protections Cybersecurity is effectively an arms race – as new threats are discovered, new preventative measures need to be implemented to keep them from spreading. Of course, by the time a threat is discovered, it has often already moved on to its next step. This means that these steps need to be predicted and protected in order to stop them. Automated defenses are the most effective means to foil an automated attack, as they are more efficient and accurate. Detecting Threats in the Network When a network fails to deter a cyberthreat, it doesn’t immediately become a data breach – and automated protections can effectively analyze data to prevent such an outcome. Since a human being can’t hope to keep up with one of these threats, automation is your best bet at detecting, identifying, and resolving them. SRS Networks is here to help you implement the cybersecurity necessary to protect your business’ resources, including automated measures. To learn more, reach out to us at (831) 758-3636.
To accomplish this, let’s examine the various types of hackers out there, and what it is that drives them to do what they do. Identifying Hackers, Based on Why They Hack “Hacker” is one of those blanket terms that most people take a lot of liberties with. However, like most blanket terms, one of its potential uses is focused upon much more heavily than the others. When you hear the word, what picture pops into your head? If you’re like most people, probably the image that pop culture has encouraged: someone sitting in a dark room, only lit by the glow of their monitors, typing furiously at their keyboards while line after line of data scrolls down their screens. This isn’t all that accurate. The Types of Hacker In actuality, there are many distinct categories of hacker, based on the motivations they have and their approach to accomplishing their goals. Originally, there were just two categories, inspired by the costuming conventions once found in Western movies. The hero typically wore a white Stetson, while the villain’s hat was traditionally black. However, as more complicated motives became apparent, more categories of hacker arose. Primary Varieties of Hacker and Their Motivations White Hat: These hackers are those who, going through the proper established channels, hacks into programs to help improve these programs’ security protocols. Anyone who assists you in running penetration tests or vulnerability assessments fits into this category, as their intention is to help keep your systems safe. Black Hat: These hackers are the ones most people think about – the ones who you are afraid of targeting your business. Motivated by their own personal gain or ill will towards their target, these hackers intend to do some kind of harm by stealing credit card information or by leveraging other methods. Grey Hat: Much like the color grey is the combination of black and white, a grey hat hacker is a blend of black hat and white hats. As such, while grey hat hackers have helped bring quite a bit of evidence to light and share it with the public, the tactics they leverage come from a black hat hacker’s playbook. Red Hat: While grey hat hackers use exposure as a weapon against wrongdoing, red hat hackers go on the offensive. By waiting for other black hat hacks, and intercepting them, a red hat hacker will attack a black hat hacker’s system to stop the attack and potentially take the other hacker out of commission. Green Hat: The greenhorn of the hacking community, a green hat hacker will commonly have no hand in any practical hacking attempts themselves, but is committed to acquiring as much knowledge about these attempts as they can. Blue Hat: Another amateur, blue hat hackers rely on preexisting attacks and techniques to go after their targets. These attacks are typically rudimentary, and are often motivated by some personal offense or argument with the target. But Why? The motivations of a hacker can be as varied as the types of hackers are, and some hackers don’t necessarily have a single motivation driving them. Stealing Information for Profit or Distribution This is perhaps the most well-known of a hacker’s motivations. Once data has been stolen, a hacker can leverage it for profit in various ways – identity theft, blackmail,
You are the only thing that can truly protect you from a phishing attack. Without participation, it simply is a phishing attempt. Hackers are always looking for clever ways to fool their potential victims, so can you trust your employees to recognize the telltale signs of a phishing attempt? Habitual Efforts to Foil Phishers Learning to do things the correct way is a lot easier than breaking a habit. Here are a few habits you can train your staff to do to recognize and avoid phishing attempts: Check Links BEFORE Opening Them Getting in the habit of clicking links without checking the URL is an all-too-common mistake amongst staff. If you receive a link and want to know where it will take you, all you have to do is hover over it. If you aren’t able to see the link, or the entire link, you can also right click it and copy the address it will take you to. From there you can paste it into a notepad and further examine it. While a trained eye can detect a phishing attempt, some phishers cleverly disguise their links. Learn How to Spot Fraudulent Links If your eye is untrained, and you aren’t able to identify the legitimacy of these two links, SRS Networks is here to help. amazon.com/deals/offers amazon.com.deal/offers Which of those two links would you confidently click on? Hopefully you said the first one. The tell-tale sign that a URL is coming from a fraudulent website is there will be a “dot” after the domain. The domain (example.com, example.net) is typically read as example dot com. So, if you see a link that says example dot com dot something, the link is more than likely a phishing attempt. If you aren’t entirely sure, your best bet is to avoid the link entirely. Another method phishers will often use is slight alterations in domain names. Our minds are trained to read words even when the “in between” characters are incorrect, or characters are in the wrong order. As long as the first letter and last letter are correct, typically we can make out the words without issue. Don’t believe me? Quickly skim through this list: amazon.com google.com ebay.com payal.com reddit.com visa.com Did you notice the incorrect link right away? If not, take a closer look. This simple practice is used by phishers with great results. Emotions Lead to Phishing Vulnerability Becoming a victim of a phishing attempt is easier than you might think. Once emotions are involved, instincts often kick in and result in an easy hookset. Let’s take a look at a few scenarios. “Congratulations! You have won a free iPad!” If you are lucky enough to win an item for absolutely no reason, chances are you are unlucky enough to fall victim to a phishing attempt too. Avoid these links at all costs. “You have been issued with a driver’s violation:Type: SpeedingAmount due: $143 This fee will be forwarded by mail to your address. However, you can screen it now by pressing here: DMV Notification” This one is more difficult to recognize, and frustration can easily get in the way of habitual email awareness. It is important to train your staff to recognize all different types of attempts. Examples are the easiest way for your staff to understand just
Double Pulsar could be used to install additional malware on a target PC. At the time the threat could only be leveraged against 32-bit operating systems, but the Chinese-hacked tool struck later in the year versus 64-bit machines and newer operating systems. Symantec has found evidence that this threat was utilized, hypothesizing that the Chinese hackers built the tool after analyzing network traffic during a legitimate Double Pulsar attack. The possibility that the hackers discovered the threat through a different vector exists, such as stealing the threat from an unsecured server, but the fact remains that this sets a dangerous precedent for tools like these being taken and used against their intentions. It’s noteworthy to mention that the hacking group that utilized Double Pulsar is no longer active, but this shouldn’t mitigate the risks associated with it–especially since the tool is still out there for use by other threat actors. Thankfully, the Chinese tool also took advantage of a Windows vulnerability that has since been patched… so there’s that. This isn’t the first time that hacking tools utilized by the NSA were stolen and utilized by hackers. In 2017, a group called the Shadow Brokers stole and dumped several hacking tools online, which is where the name Double Pulsar was originally discovered. If anything, the revelation that this threat existed at some point in the past only further exacerbates the need for proper network security–especially state actors that take more liberties with the development of these types of tools. What are your thoughts on these developments and the possibility that these threats could be used to attack organizations like yours in the future? Let us know in the comments and be sure to ask us how you can secure your network from these threats. We have all kinds of tools at our disposal that can keep your business safe from harm. Call us today at (831) 758-3636 to learn more.