To say that cybercrime is an issue in today’s modern environment is something of a dramatic institute. According to research conducted by the Ponemon Institute, the average cost of just a single breach eclipsed $3.8 million in 2015. This breaks down to roughly $154 per compromised record, on average. With this in mind, it should come as a surprise to absolutely nobody that the Australian government has just announced a plan to spend $230 million to execute a new cybercrime strategy in that country. While the fact that they’re spending so much money isn’t necessarily noteworthy, exactly what they plan to do and how they plan to do it is something that businesses all over the world will want to pay attention to. What Spawned These Actions? If you had to make a list of all the countries that are being massively impacted by cybercrime, Australia would undoubtedly be right at the top. After experiencing an increased number of attacks including ransomware, DDoS (denial of service), cyberespionage and more, the cybercrime problem in the country has grown so great that it costs Australian citizens an estimated $1 billion each year. That $1 billion figure only takes into consideration “on-the-surface” costs of dealing with such an attack. When you consider all the factors that are difficult to put a price on, the real impact is estimated to be as high as $17 billion annually – or roughly 1 percent of the country’s entire gross domestic product. The major reason why Australia is launching this new initiative is to attempt to reduce that number as much as possible. What is Australia Doing? The $230 million Australia is planning to spend takes the form of a five part “plan of action” that will be executed over the next four years. The lion’s share of that money will go towards investment, both in terms of cybersecurity innovation in the country itself and to the creation of global partnerships with countries like the United States in an effort to shut down the various resources criminals use to thrive online. According to a report issued by The Guardian, the Australian government is expected to hire in excess of 100 new cybersecurity experts across all of its agencies in the short-term. An additional $20.4 million of that money will also be going to Australia’s federal police, with an additional $16 million investment headed to the crime commission to help threaten both their threat detection and their analytical and assessment capabilities. Australia’s plan may have the best of intentions, but it is certainly not without its criticisms. Many experts are deriding the Australian government due to their overall lack of transparency on the issue. They may be willing to specify exactly what they’re going to do to combat cybercrime, but they’ve been less than forthcoming about how bad the issue in the country has really been to this point. Many people also disagree with how such a large investment is being spent. While innovation is important, the majority of these funds seem to be attempting to solve a problem just by throwing as much money at it as possible. Many experts have also criticized the government’s plans as being reactive to past events instead of proactive to future ones, which is always considered to be one of the best ways to stay protected on a large scale in today’s modern environment. Instead of spending money to close gaps that have already been exploited, the government should be spending money to identify certain problem areas that still exist so that these types of issues can be avoided altogether as much as possible. If you’re in {city} and are interested in finding out more information about how countries like Australia are battling cybercrime, or if you’re trying to find answers to all of your important IT questions, please don’t hesitate to pick up the phone and call {phone} or email {email} to speak to someone at {company} today.

One of the most common types of cyber attacks that both businesses and personal users have to contend with today’s is called a “phishing” attack. In An attacker will pose as a legitimate company or other business contact in an attempt to steal valuable information from their victim. For, example, they may send a seemingly-legitimate e-mail asking for key information including passwords, financial data and more. If the victim falls for this scam (or gets “phished”) they’ve potentially exposed themselves and (in the case of businesses) their customers to harm. If you think that all phishing attacks are easy to spot if you know what you’re looking for, think again: toy giant Mattel recently lost $3 million after their own CEO became the sudden victim of a particularly sophisticated phishing attack. Phishing and Mattel: What Happened? On April 30, 2015, one of Mattel’s top-level executives based out of China received an e-mail that at first glance appeared unremarkable. It was a simple request to make a $3 million wire transfer to pay a new vendor based in that region. What followed was a perfect storm of failure and vulnerability all of which left Mattel’s bank account $3 million lighter. The phishing e-mail was impeccably timed. A new CEO had taken the company reins only during the previous month and Barbie sales numbers, particularly in areas like China were hitting lows they hadn’t seen in years. Against this background, the executive who received the e-mail was incredibly eager to please her new leader and followed Mattel’s protocol for wire transfers to the letter. Any transfer of this size required no less than two approvals both of which she received in the coming days. Only hours later after speaking directly to the new CEO who confirmed that he did not ask for any such wire transfer did panic set in at the administrative level. Mattel immediately called not only the sending and receiving banks but also the police and the FBI. The response they got was not what one would call “good news” – all entities confirmed that the funds were gone for good. Luckily, however, the story did not end there. Mattel did eventually get all $3 million back with the help of local and federal law enforcement but from a certain perspective the damage was already done. They were publicly embarrassed on a grand scale at a time where their reputation was wavering and confidence in their leadership was shaken to its core. Even if you don’t work at Mattel, there are a number of valuable lessons to take with you from this situation. Not only is phishing becoming increasingly common by the day but attackers are also becoming increasingly bolder – targeting a major corporate CEO directly was practically unheard of up to this point. Mattel’s public embarrassment also makes an incredibly compelling argument about the need for security awareness training for all employees, including those in HR, accounting and even the ones at the top of the proverbial food chain. If you’re in {city} and you’d like to find out more information about how to keep you and your data safe from phishing attacks, or if you’d like to make sure that you’re protected from the wide range of other cyber threats that we now face on a daily basis, please feel free to call {phone} or email {email} to speak to someone at {company} today.

Social media continues to be a primary method of keeping in touch with friends and family — whether they live near or far. The average American does not just sit down on their couch after a long day at work and browse through their favorite site for a few minutes, though. Today. people access these sites from their mobile devices while they are on the go as well. This constant exposure to these sites means that it is more likely that you will fall victim to an innocuous-looking scam. Sunglasses Scam Who hasn’t seen a post by a friend on their social media page prompting them to purchase a pair of their favorite sunglasses at a steep discount? This is the result of your friend’s account being hacked, though it might not be apparent that this is the case at first. Instead, you might think that they are actually doing you a favor. After all, with the many outlet shops and overstock opportunities today, it makes perfect sense that your favorite type of sunglasses would be heavily discounted and that your friend would think of you. How the Crooks Scam You Once you click on the link included in the ad your friend posted, you’ll typically see an array of sunglasses from your favorite brand. Curiously, all them will be marked down by the same percentage points. Perhaps, though that does not seem strange to you, so you decide to purchase a few pairs at the great, heavily discounted price. Instead of going to a secure site that is protected by an industry-standard SSL certification, so that your credit card information is encrypted, you’ll be taken to a non-secure website that offers no protection whatsoever. Instead, your credit card information is transmitted to the scam artist in plain text and can be exploited in the future. How to Protect Yourself First, if it looks like it is too good to be true, then it nearly always is. Don’t fall for heavily discounted items and inquire on the manufacturer’s website or social media page about the validity of the ads claims before you complete on online transaction. If you are the person whose account is generating these ads, first change your password, then remove all apps that look suspicious. Finally, run a thorough virus scan from a trusted manufacturer on your computer. Looking for a reliable IT support partner in {city} that offers security protection for your small business? We can help! Contact {company} us at {phone} or drop us an email at {email}.

Despite warnings from the United States Department of Homeland Security about two unpatched security holes in Apple’s QuickTime for Windows, it is estimated that at least half of all Window computer owners will not hear about the call to delete QuickTime immediately or have heard but will not get around to doing it. In addition, programs such as Adobe use QuickTime for Windows codecs in its “professional video, audio and digital imaging applications and native decoding of many .mov formats is available today.” Adobe at Risk Causes Users to Be at Risk While Adobe has promised to fix these dependencies quickly, if you run Adobe your computer may still be at risk after you remove QuickTime for Windows from your computer. Or, Adobe may not work at all until it is patched. Given Adobe’s general laziness when it comes to vulnerabilities in its software and especially its plugins, it might be best to avoid this program until Adobe or someone else releases a security patch. What Happened to QuickTime for Windows? QuickTime for Windows has two known security flaws uncovered by Trend Micro, an Internet security company that owns the Zero Day Initiative (ZDI). Although once a popular video software program, the technology spans more than 20 years and is outdated. ZDI notified Apple in late 2015 about these two flaws, but the public was not warned about the vulnerabilities until mid-April 2016 when ZDI in accordance with its own policies released to the public the information that there are two security vulnerabilities that the early January 2016 update did not repair. Apple’s response was to announce it was not going to update the security flaws and was stopping support for QuickTime for Windows. For the first time in a long time, Apple and the United States found something they can agree on – if you use QuickTime for Windows stop! – and immediately uninstall it from your machine. However, this only applies to QuickTime for Windows, if you run QuickTime on an Apple System you are safe. Until 2011, Apple included in downloads for iTunes for Windows the video player QuickTime for Windows, so there are tons of the software out there on Windows computers. Estimates are that at least half of users will not hear about this problem and of those that do, half will forget to remove the software. Any Solutions? Every computer owner knows that to keep his or her machine operating properly you need to apply all software patches, especially security updates. Apple has discontinued support for the program so there will be no updates. It seems that Homeland Security and Apple have the only solution possible – uninstall the program before it causes damage to you, your privacy, and confidential information. To do an uninstall on a Windows computer is easy. Step 1: Go to programs and features Step 2: Click on QuickTime for Windows Step 3: Click uninstall That’s it, your computer has eliminated this threat. Speaking of threats, ZDI says that it’s unaware of anyone being hacked from these security failures, but the threat is real and any black hat hacker can find his or way into a vulnerable Windows computer. Ironically, Apple continues to offer a free download of the unsupported and vulnerable software, but if you want to play . mov files on your Windows computer download the latest version of the Windows Media Player or software offered by sites such as VLC.

You Might Want to Think Again   With flash-based storage devices like USB thumb drives becoming more affordable with each passing day, it’s common to find one – or many – laying around offices, classrooms and more. If you’re the type of person who stores important documents on a thumb drive and then doesn’t immediately put it away for safe keeping you may want to think again. According to a new study, many people almost instinctively plug USB flash drives that they find into the nearest computer and take a look at all the information contained inside. The Study The study in question was conducted by Google in association with both the University of Illinois and the University of Michigan. Researchers placed 297 different USB drives at different locations around campus always making sure to leave these little devices sitting around at different times of the day. The results were startling: between 45%-98% of all people who eventually found a drive eventually plugged it into a computer despite the fact that they did not own it. The shortest amount of time someone waited before plugging in a drive was just 6 minutes, meaning if you ever forget a flash drive behind in class you’d better act sooner rather than later to retrieve it. Interestingly, researchers tried a number of different ways to see if physical characteristics made a difference when people found flash drives that they didn’t own. Some of the 297 flash drives had labels on them while others didn’t. Some were sitting by themselves, while others were attached to a set of keys. Ultimately this made no difference: if someone found a flash drive, regardless of where, what time of day it was or how it looked they were incredibly likely to run to a computer and take a look at the contents. So What Does This Mean? Researchers indicated that the majority of people who found themselves unwitting participants in the study were victims of their own curiosity above all else. All of the flash drives had identical contents – a mixture of personal and professional materials. Instead of opening a resume (which one could assume had contact information that could be used to help the owner of the drive recover his or her property) the “participants” instead chose to look at personal items like vacation photos first. In the end, the study paints an important picture of the types of threats that are facing both personal and business users today. Everyone thinks that they must prepare for a massive hack or other cyber attack but this study shows that less advanced and almost naively technical attacks continue to be one of the most pressing threats facing computer users today. In terms of the business community the study also sheds light on just how important security awareness training really is. Remember that it isn’t just the personal documents on the flash drive that could be exposed – if an employee plugs in a flash drive that they don’t own that is loaded with malicious software they could be exposing themselves and an entire business to digital harm. If you’re in {city} and you’d like to find out more information about keeping your important data safe while storing it on a USB flash drive, or if you’re in need of any other assistance regarding IT and technology-related topics, please feel free to call {phone} or email {email} to speak to a representative at {company} today. We’re always available to answer any questions or address any concerns that you may have.

In its long-awaited Phase 2 audits, the Health and Human Services Department’s Office for Civil Rights (OCR) moved forward with ensuring compliance with federal privacy laws. The first phase, which launched in 2012, involved an OCR assessment of 115 covered entities. In March 2016, this second phase of audits was announced. During it, the procedures and policies that these entities ‒ as well as their related business associates ‒ currently have in place will be evaluated with an eye to their compliance with the requirements and regulations of the Health Insurance Portability and Accountability Act, better known as HIPAA. A Multi-Step Process Phase 2 will encompass several different steps. The first step involves the verification of an entity’s contact information and address. The OCR is sending out emails to those entities that are covered ‒ as well as their business associates that are also covered ‒ urging them to provide this information. It should be noted that entities that do not comply with this request could still be subjected to an audit. The OCR reminded these firms to be diligent about checking their spam folders and to update any filters that might stop emails from the agency. Step Two of Phase 2 Step two of Phase 2 of this process will involve OCR sending covered entities a screening questionnaire that asks for more detailed information. Once this information is received, the agency expects to create audit pools that represent a broad range of covered entities, such as health plans, health care providers and other categories. From these audit pools, random entities will be chosen for the auditing process. Two Kinds of Audits The audits expected to be performed during Phase 2 include both those on-site and the desk. OCR issued details about the audit timelines on its website. At this writing, the agency expects to complete all desk audits by December 2016. OCR has not divulged the number of audits it aims to complete overall during Phase 2. The information will be used by the agency to develop audit reports that are designed to improve compliance and reduce the number of breaches within the system. Ensuring that your business is HIPAA compliant is vital to its success. Partnering with a reliable IT support firm in {city} will protect your small business against potential issues. Give {company} a call at {phone} or drop us an email at {email}.

By now, most people are aware of the harm that both viruses and malware can do to your sensitive information. This is also an issue that small businesses need to be concerned about as their financial and customer information could be compromised. A new threat, USB Thief, means that computer users might not even realize their data has been hacked because the mechanism that has done so is armed with a method of self-protection. How USB Thief Works As researchers have recently discovered, USB Thief relies on using a USB device to attack an air-gapped computer or an isolated server. Once it attacks, USB Thief leaves nothing behind to alert you to its presence. While other types of malware use traditional methods of spreading, such as attaching itself to shortcuts and autorun files that then enable it to spread, USB Thief is a different animal altogether, making it a challenge to discover. Piggybacking on USBs Much like its name suggests, USB Thief gains entry to your system by piggybacking on portable thumb drives that contain those applications that you use the most, such as Firefox, TrueCrypt and NotePad++. It then takes up residence within the application’s chain command using a plugin or a library that is dynamically linked. The result? When the target host is running, the malware is also running quietly and unobtrusively in the background without your knowledge. It does so by utilizing six files — four that are executable and two that are loaded with configuration data. How to Protect Yourself from USB Thief The research firm that discovered USB Thief noted that the malware was particularly difficult to break down. This is partially due to the fact that the malware executes three payloads with the ability to steal data with each instance. USB Thief also protects itself by making a different filename with each piece of malware that it executes. While this particular piece of malware is not widespread as of this writing, it has the potential to do a great deal of damage. It is advisable to turn the autorun feature of any computers off and to avoid using thumb drives from any unknown sources. Malware can cause numerous problems for your small business. Protect it and yourself by engaging a reliable IT support partner in {city}. Give {company} a call at {phone} or drop us an email at {email}.

As the owner of an IT company, we take the risk of your cybersecurity threats very seriously. In April 2016, Samba and Windows users discovered the potential dangers of the Badlock bug. This bug is in its infancy but could get worse. By understanding what Badlock is now, how it affects users, what signs to look out for, and how to get rid of it, you can prevent Badlock from ever worming its way into our clients’ computers. What Is Badlock? This new bug was discovered in March 2016 with its own .org site. It began affecting Samba and Windows users by April. Any Samba users running 3.6.x, 4.0.x, 4.1.x, 4.2.0 through 4.2.9, 4.3.0 through 4.3.6, and 4.4.0 could be targeted. Any Windows users running Windows XP, Windows 2000, Windows 2003, Windows 7, Windows Vista, Windows 8, Windows 8.1, and Windows 10 can be affected as well. What Does Badlock Do? Badlock affects both the Local Security Authority Domain Policy or LSAD and Security Account Manager or SAM protocols. This bug can then attack users’ computers in one of two ways: Denial-of-service attacks: Also known as DoS attacks, denial-of-service attacks can kill service, preventing users from getting online and doing other basic computer functions. Man-in-the-middle attacks: Also known as MITM attacks, man-in-the-middle attacks can affect up to two users at once, as the name suggests. A hacker or attacker can glean information and gain private access by changing the conversation stream and other data between two users. How Do You Know If You Have Badlock? It can be difficult to know if your clients have Badlock. To be on the safe side, you should consider sending out an email or making a video informing all your clients of what Badlock is and what it could do. If any of your clients report that their computer has been acting strangely, it’s best to address this as soon as possible. How Can You Prevent Badlock? At this point, the respective Samba and Windows teams are working tirelessly to prevent the spread of Badlock to any other users. Samba users can download an office patch that was released for SAMBA+ and Enterprise SAMBA. Windows users can report any instances of Badlock. However, Microsoft is optimistic that the company is doing a good job containing the bug. Badlock: The Verdict While Badlock sounds risky and scary in name alone, the consensus is that it’s not as detrimental as other bugs and vulnerabilities. Microsoft has an Exploitability Index where bugs are rated on a scale of one to 10. The tech giant rated Badlock a three out of 10. One reason Badlock isn’t causing a huge panic is because of its MITM method of attack, which requires any hacker to know a bit about the network they’re invading. That takes more time, patience, and dedication than random attacks. Overall, you shouldn’t overlook Badlock entirely (especially if your clients use Samba or Windows), but with some education, your clients can prevent the spread of Badlock relatively easily. With enough awareness, it seems like the potentially dangerous Badlock bug can be contained and prevented from more widespread attacks. Are you concerned about the spread of Badlock? Our {company} in {city} can educate people about what Badlock is, which preventative measures to take, and how to remove it from computers and other devices with training seminars and other helpful courses. To learn more about our services, call us today at {phone} or contact us by {email}.

In the last few years, the concept of “ransomware” has evolved from a rare occurrence to one of the more dominant forms of cyber threats that both business and personal users face on a daily basis. Ransomware is a type of malware that encrypts all files on a computer’s hard drive including photos, documents, databases and more. In order to regain access to that data, the user is required to pay a fee to the attacker; however, there is no guarantee that the files can ever be recovered. Recently, a nasty strain of ransomware called CTB-Locker has created a particular cause for concern. What is CTB-Locker? What makes CTB-Locker such an interesting ransomware variant is that it doesn’t go after the files on a user’s hard drive – instead, it goes after entire websites. When an administrator uploads new files to a file server and pushes that data through to the website, the ransomware takes hold – displaying a message to all users that the site has been compromised. Administrators are completely locked out of all site data, preventing them from making any changes unless they pay a ransom of 0.4 Bitcoin. When a site has been compromised, CTB-Locker replaces the index page on the file server – either the index.php or index.html file. The new version of that file not only displays the ransom demand, but also starts a ticking clock. Users have a limited amount of time to pay the ransom before the site is gone forever. In an interesting twist, CTB-Locker often comes with a random generator decryption key that allows the site’s administrators to unlock two random files from their website. From a certain perspective, this is actually a brilliant bit of marketing on behalf of cyber attackers. Not only does it prove that the decryption keys that site administrators will supposedly receive after they pay the ransom works, but it also provides the administrators with additional incentive to comply with the demand instead of attempting to figure out a solution on their own. Ransomware Live Chat Support? Another factor that makes CTB-Locker so interesting is that it often gives users the ability to communicate directly with their attackers, which is something that other strains directed at computer hard drives often lack. The developers of the CTB-Locker ransomware strain make a chat room available, creating a communication channel between themselves and their victims. What CTB-Locker Actually Does When CTB-Locker infects a website, it utilizes a variety of different files in an attempt to make the situation as difficult to untangle as possible. In addition to the aforementioned index.php or index.html files, it also uses an allenc.txt document to keep a list of all files that have been encrypted during the attack. A test.txt file is also often present, which contains both the directory path and the filenames of two files that have been chosen that the victim can decrypt for free. Though the FBI has previously stated that victims of ransomware attacks should just pay the ransom, CTB-Locker and the complexity of this situation cast doubt on that idea. One thing is for sure: cyber security has never been more important, particularly when it comes to a business’s website, which is often the first point of contact and the first impression created between the customer and the organization. If you’re in {city} and you have any other questions about the CTB-Locker Ransomware, or if you’d just like to discuss other security and IT-related topics with someone in a little more detail, please feel free to call {phone} or email {email} to speak to a representative at {company} today.

Many Americans put their money in the bank as a method of keeping it safe and secure. Most do not realize, though, that one policy employed by financial institutions which is meant to protect them could actually be putting their sensitive financial information at risk. In fact, according to the Cyber Forensic Research and Education Group at the University of New Haven, most financial institutions have less stringent password requirements than other types of businesses including social media sites. Research Group Surprised by Results The research group looked at the password policies of 17 banks. Of those, the group raised concerns about the password policies of six. It found that the password requirements of some of the country’s largest banks — including Wells Fargo, BB&T Corp., Citibank, Chase, Capital One and Webster First Federal Credit Union — had flimsy policies that did not require industry standards. These six financial institutions represent about 350 million accounts — a staggering number considering the vulnerability of the information. What Makes These Policies Weak? What the research group — which was made up of five undergraduates — discovered is that the above-mentioned banks did not differentiate between upper and lower case letters when it comes to their account holders’ passwords. That is, they did not require that the passwords be case sensitive. A cyber security expert and assistant professor at the University of New Haven, Frank Breitlinger, noted that the failure of banks to support case sensitive passwords is both surprising and troubling. He pointed out that many people naturally use both types of letters when they are formulating their passwords. Because banks do not take the simple step of supporting these efforts within their passwords, the security of their account holders’ financial information is significantly reduced. Another Troubling Discovery Not only did the research group discover that these financial institutions do not support using case-sensitive passwords, they did not make the experience of reporting security issues user-friendly. Many of them had no listed phone numbers or email addresses to report a troubling security problem. Instead, researchers notified these banks by using their phone hotlines. Representatives for the banks that were reached on these hotlines didn’t seem to understand how to handle the researchers’ concerns or the potential for severe security issues. In addition, they did not notify their in-house IT or security department or seem to understand the need to do so. If you are looking for a reliable IT support partner in {city}, we can help! As experienced IT professionals {company} offers secure solutions that are designed to protect your sensitive financial information. Give us a call today at {phone} or send us an email at {email}.