Positive Technologies released an article on October 26, 2021 discussing the creation and development of rootkits in cyber attacks. Their research discovered that 77% of rootkits are used against government agencies. Rootkits, a dangerous type of cyber attack, are designed to intercept system calls, replace software and system processes, and may also contain keyloggers that can be used to steal your data. While this type of cyber attack is dangerous, they are far less common than other forms of malware. Due to their complex nature, the majority of rootkit attacks come from advanced persistent threats (APTs), cyber criminal groups who have the resources to create and carry out more complicated and expensive attacks. Therefore, because of the difficult in creating them, the target must be considered “high-value”. The majority of the time, the attackers using rootkits are attempting data-theft, but there are cases where the goal is strictly financial. While the majority are used against government agencies, rootkits have also been used against telecommunication companies, manufactures, and financial institutions. In addition to business, rootkits may also target specific individuals considered to be “high-ranking”. This could be political figures, military officers, and even business owners. It is important that you learn to protect yourself from these types of attacks. At Hammett Technologies we put your online security as a top priority. We treat your network as our own, with regular maintenance and updates to keep your company’s data secure. Be with a team you can trust, become a Hammett Technologies Partner today!
If you are in the health care business, chances are you have heard the phrase “HIPAA Compliance” before. However, what you may not know is how truly important HIPAA Compliance is for your business, or even what HIPAA Compliance is. No need to worry; Hammett Technologies is here to help! What is HIPAA Compliance HIPAA or the Health Insurance Portability and Accountability Act was is a set of rules and restrictions established to outline the lawful use and disclosure of Protected Health Information (PHI). *a more complex outline of HIPAA can be found here: https://www.hammett-tech.com/how-we-protect-you/hippa-compliance/ Why Being HIPAA Compliant Is Important If you are in the healthcare business, there are numerous reason you should be HIPAA Compliant. From lawsuits to fines from the government, HIPAA Compliance is to be taken seriously and followed completely. Some of the most important reason to be HIPAA Complaint are: Fines Fines for not meetings HIPAA Compliance have increased substantially. These caps on these fines have increased from $25,000 per year to $1,500,000 per year. Furthermore, if you ignore HIPAA Compliance and encounter a breach or receive a complaint, your business can be investigated for breaches, compliance failures, and other issues which can lead to further fines. Other Organizations Other organizations that work with you are most likely HIPAA Compliant themselves, especially if they are a larger corporation. Each Business Associate or Covered Entity your healthcare business works with must following HIPAA Privacy and Security Rules. This, in turn, means that if your business if not HIPAA Compliant you will lose their assistance, as well as, lose business in general. Blacklisted If a breach does occur, and the breach results in more than 500 individual’s Protected Health Information being affected, your business is required by law to report it to the Health & Human Services Department, as well as, the public and media. Other companies will not hold back comparing their HIPAA Compliant organization to yours, stealing both business in the present and future. If you are fearful that you do not meet all the HIPAA guidelines and regulations or are having trouble understanding HIPAA Compliance and how to become compliant, call Hammett Technologies! We have a devoted, professional IT team that can help you meet all HIPAA requirements stress free! HIPAA Compliance is essential for any business that handles Protect Health Information. Hammett Technologies will ensure that your business meets every requirement.
If you are like many users, you visit many different sites and have a plethora of passwords between those sites. The idea of creating a strong password consisting of letters, numbers, special characters, symbols, etc., can be quite daunting. Not to mention it is recommended that you have a different password for each site your register an account on. With all of this considered, it is no wonder many become overwhelmed when trying to think of a secure password. I mean, who can remember “J%^dh@udS!@#$”? Because of this, you may have fallen victim to using the same password for most, if not all, of the websites you hold an account on. This is not only a safety hazard, it also spells disasters if one of these websites gets compromised. Or perhaps you use numerous passwords, but they consist of simple words and numbers that relate to your life. These kinds of passwords are easier to guess than you can imagine. Maybe you do have long, complicated passwords, but in an attempt to remember them you have written them down and placed them next to your computers. This is dangerous as well, especially if other use your computer as well! However, with this guide, we hope to guide you down the right path to making safe, secure, and easy to remember passwords! First, to understand what a strong password is, we must understand what makes a password strong. The key features of a strong password are its length, a variety of letters (using both upper and lower case), symbols, and numbers. Make sure you leave all personal information out of your password. However, what is the use of a complicated strong password, if you cannot remember it? Not to worry, we will arm you with advanced password creating techniques that will not only keep your online identity secure! Your first strategy in creating a strong password is to make it easy to remember but hard to guess. Avoid the pitfalls of making your password “password”. This password is laughably weak. A password this simple is easily guessed by both humans and machines and will leave your online identity in shambles. Some of you may be asking, “Who on Earth is using “password” as a password?”. Well you would be surprised to know that it is one of the most commonly used passwords to date. There are also the passwords that use a persons last name and birth date. These kinds of passwords are also easy to crack by those who are close to you. I know your neighbor Bill seems like a nice guy, but maybe he’s too nice. However, perhaps you have been trying to make a strong password and have created “P0W3Rful”. First you must be aware of the length. Length of this password is far to short and the substitutions you have made are easily guessed by both human and machine as well. Now that we are aware of the numerous pitfalls, we can begin to discuss how to create a strong password! Here are a few examples of good passwords: G00D_2H4v3_$$: You could use this one for a bank account (Good to have money). 4sh00Ping_0NAMZ: This could be used for your Amazon account (4 shopping on amazon). Having now thought of a password that is perfect in length and randomness, you have begun your march down the correct path to internet safety. However, you are not safe yet. You must remember to not reuse the password, write them down anywhere, or share them. After spending all that time thinking of a good password, last thing you want is for someone to crack it by seeing it written down next to your computer. Or if you are to get hacked, at least you can rest easy knowing your other accounts are still locked away because you used a different password for each site! The last rule is extremely important but can also be given some slack. If you are to share your password, make sure that you only do so with someone you trust 100%. If you have even a shred of doubt that they do not take internet security as seriously as you, do not share your password with them. Another option for those who have too many accounts, or are too nervous to create their own passwords, is to use a password manager! Password managers like LastPass can generate completely random passwords up too 100 characters in length. All you must do is think of a super secure master password and you are ready to go! Now that you have been armed with the tools to create smarter, safer passwords, go forth and secure your defenses! If you have any questions about cyber security or want a partner that will take your businesses cyber security seriously, consider Hammett Technologies! At Hammett Technologies we put your online security as a top priority. Be with a team you can trust, become a Hammett Technologies Partner today!
Earlier this week, a massive Twitter hack occurred, involving famous individuals and high-profile politicians. These hacked accounts asked for bitcoins and offered to “double the amount” to “give back to the community.” Twitter, while conducting its investigation, has commented on the situation, stating that the hackers had specifically targeted employees who had access to internal systems and tools. Twitter is calling this attack a “coordinated social engineering attack.” Furthermore, Twitter has also stated that they are investigating other potential “malicious activities” that may have taken place during the attack. However, these have not done much to help calm down the victims of the hack. US Sen. Edward Markey commented on the situation and stated that this kind of attack is “extremely troubling.” “While this scheme appears financially motivated and, as a result, presents a threat to Twitter users, imagine if these bad actors had a different intent to use powerful voices to spread disinformation to interfere without elections potentially, disrupts the stock market, or upset our international relations.” Twitter has confirmed that the hackers while targeting 130 accounts, were only able to access a small portion of them. This “small portion” was then used to create cryptocurrency fraud, stated the FBI. The FBI went on to mention the importance of practice cybersecurity and becoming knowledgable in common internet scams and schemes. Bitcoin, while the cryptocurrency itself is not malicious, is often used by cybercriminals for transactions and scams. The Twitter hack furthers the point we try to make towards business. Cybersecurity is critical, and if a multibillion-dollar company (Twitter) can be breached, then so can your company. We understand that this truth can be scary, but it is a truth many companies refuse to face, and many companies do not want to face it. Many choose to cut corners to save many, leading to a poorly designed cybersecurity team and system. We urge you to think carefully about your company’s cybersecurity. Hammett Technologies offers cybersecurity support for companies of all sizes to ensure that your business stays out of the hands of criminals. We help install firewalls, set up Virtual Private Networks (VPNs), and much more for a fraction of the cost of other companies. At Hammett Technologies, we want to work with you, as partners, to ensure your company is as safe as possible. Wanna find out more about how Hammett Technologies can help your business? Find out how we can help your business stay safe!
“Mass Logger,” a new keylogger on the market, has the potential to become extremely dangerous for businesses and individuals. Keyloggers are a type of malware, usually found within phishing campaigns, that store all information you type into your computer. These malicious programs can lead to many of your passwords becoming compromised. Why is This Key Logger so Dangerous? Mass Logger is different from other key loggers. The developer of Mass Logger is frequently updating this key logger to help it remain undetected through automated antivirus solutions. Furthermore, support from the developer allows other cybercriminals to assist with and make requests for the malware. Cofense Intelligence has already identified a phishing campaign hiding Mass Logger. Emails loaded with GuLoader, a popular malware delivery mechanism that downloads encrypted payloads hosted on legitimate file-sharing platforms is also being used to deliver Mass Logger. A New Kind of Keylogger Additions and features, such as the ability to spread itself through USB ports, set Mass Logger apart from other key loggers. Mass Logger is also able to search for specific file extensions and exfiltrate them. These “features,” and the key loggers continued support from its developer, could see Mass Logger being adopted by a large portion of cybercriminals. Defending Yourself from Mass Logger Defending yourself from malware is tiresome but a necessary task when online. Ensure that you are watching out for suspicious emails from unknown senders. Never open attachments from people you are unfamiliar with or do not know. Merely opening an infected attachment is all malicious programs need to begin infecting your system. Ensure that you trust the sites you are downloading programs from and that they are reputable. If you are worried about your company and want your employees to understand the importance of practicing cybersecurity daily, call Hammett Technologies. We are certified experts and will ensure your business runs at top speed without cutting corners on cybersecurity.
After the death of Iran’s General Qassem Solelmani, the United States may end up dealing with some serious cyber-attacks. Since 1984, the United States has recognized Iran as a nation that supports terrorism and terrorist organizations, which has led to previous conflicts between the two nations. However, after the recent assassination of General Qassem Solelmani, the United States may face fierce retaliation. We have already seen government sites become hacked and defaced with Pro-Iran propaganda. Therefore, while we are unsure which shape their “revenge” will take, it is important that all US citizens prepare for all aspects, especially cyber. The Department of Homeland Security has issued the following statement urging US citizens to be cautious when browsing online over the next couple of weeks. Many of us are aware of the basics when it comes to browsing online safely, but it is important to review. Be cautious of suspicious emails It is better to be safe than sorry. Do not download any attachments, or click any links, from emails unless you are 100% certain the email originated from a trusted sender. Be aware of suspicious websites If a website seems off or is asking for your credentials where it has not before, close the browser and attempt to navigate to the proper website. Fraudulent banking websites are extremely common and usually appear due to simple typos. For businesses, make sure your cybersecurity team has your network locked down and protected against cyber-attacks. It is extremely important that one’s network is protected at all times. This is especially important if you are a business that transports customer confidential data or uses credit card transactions. If you are worried that your business’s network may be easily accessible by criminals, do not hesitate to reach out to Hammett Technologies. With over 20 years of IT and Cybersecurity experience we will help identify flaws that allow attackers to enter your network ensuring your network is protected. Our team will ensure your company’s and customer’s data is secure and encrypted, without interrupting the day to day processes. Contact us today and figure out why we are the #1 growing MSP in Maryland!
Its no denying that Windows Defender has come a long way since its debut in 2006. When it was first revealed, Windows Defender was a laughable attempt at an antivirus solution, however, Microsoft, with the release of Windows 10, had started to show neglect for the free antivirus solution. After a while, Microsoft was able to create a competitive, free, antivirus solution for its customers. Although, what they didn’t consider was how often their updates affect other areas of their operating system. Shooting Themselves in the Foot While patching an error within Windows Defender, Microsoft unknowingly gave themselves another, equally worrisome problem to deal with. The update to Windows Defender on September 16th was to patch out a coding flaw that would send an error to users when a file system was scanned and needed repair. However, when the update was pushed out to users, it was discovered that both the quick scan and full scan options were broken. Most of the time, when running a full or quick scan on your machine, you can expect to wait anywhere between 15 minutes to 4 hours, depending on how much used space you have. However, users were reporting that, after the update, when running a quick or full scan on their machines, Windows Defender would scan only a small amount of their files before completing. However, if you still wish to run a scan on your machine, or need to run a scan, there is a workaround. By running a Custom Scan, you can specify which drive you wish Windows Defender to inspect, and the scan should run and complete normally. What You Need to Do Reported by numerous other sites, such as Forbes and BleepingComputer, Microsoft has already released a fix for the issue! So, while it can be said that they broke Windows Defender, they also fixed it within a day, showing they are capable of maintaining their antivirus solution. The update should automatically trigger for users, but to be sure, make certain you manually check for updates! Furthermore, it is important that those who are using Windows Defender as their antivirus solution do not adopt the policy of not updating their machines. Microsoft is usually upfront and honest about errors that occur with their operating system due to updates while following up that honesty with a quick response time to get a patch out to all users. It is important to remember that not updating your machine is usually worse than dealing with the occasional breakage that may occur. That said, waiting a day or two before updating, to make sure the update is clean of bugs and errors, is always a wise route to take!
New ransomware, Nemty, has been discovered according to the report from BleepingComputer. Nemty, as security researchers are calling it, has the possibility to spread using compromised Remote Desktop Protocol (RDP) connections. Nemty, like all other ransomware, holds the victim’s files hostage, deleting all shadow versions of the files while disabling the victim from any attempted recovery options. Payment is then required via bitcoins, which average about $1,000. Those infected will be prompted with this message: Unfortunately, being so new, a known fix is not available, but security researchers are working diligently to find a fix. While RDP is suspected to be the method of distribution for the ransomware, researchers have not yet confirmed this finding. Most ransomware is distributed through phishing emails. If RDP is the method of distribution, confirming hackers have gained higher access to the machine, cutting out the middleman, and giving them full control of the computer. If you would like to find out more about how Hammett Technologies can keep your company safe, click here!
Computers around the world are continually generating records that occur. While some of these are routine checks, others are hostile, aimed at gaining access to or even destroying your network. However, by checking and reviewing the log files, you can stay on top of these issues. From malware, damage, and loss and legal liabilities, log files contain all the day to day information of your network. Therefore, it is important to practice event log management daily. It must be collected, stored, analyzed, and monitored to meet and report on regulatory compliance standards like PCI and HIPPA. WHY LOG MANAGEMENT IS IMPORTANT Every transaction and event that takes place on a machine on your network generates a log file. Microsoft-based systems use Windows Event Log files. When working on Windows, monitoring the event logs is crucial. Windows Event Log files all contain crucial information, but of all of them, the Security Log is the most important. The security log provides log in events as well as what each user is doing. It is vital that your IT security team understands the Windows Security Log to spot a vulnerability or attack accurately. However, this information can be overwhelming and exhausting to look through. If you use an Event Log Management tool, you can accurately and precisely navigate through log files, allowing you to find that single file that is causing an issue. Event Log Management is a crucial component in ensuring security and compliance, and it is essential to review all logs. SECURING THE CASTLE The top priority for any company should be security. Keeping the company safe from outside attacks that aim to disrupt customer’s data, exploit employee data, or crash a company’s server. However, attacks from the inside are just as real and can cause catastrophic damage. This is not to say that keeping your network safe from the outside is any less important, but you must be mindful of an attack from the inside. Perhaps you have an employee who is curious about financial records and wants to start drama among the workers or an employee who is upset about a decline for a promotion or pay increase and wants to delete years of data. These employees can create a backdoor into the network or give themselves admin privileges, attempting to fly under the radar from security. However, if you have a well-established ELM strategy, you can monitor these internal attacks accurately and stop them before they turn nuclear. PCI – DSS AND HIPPA COMPLIANCE Payment Card Industry Data Security Standard (PCI-DSS) provides IT professionals that handle consumers credit cards data. Any business that claims PCI compliance have to be able to show compliance in their yearly audit. If it is discovered that they are not, denial of processing and storing credit cards can occur. HIPPA requires a reliable audit trail to protect the personal data of all medical patients. HIPPA has two different significant rules: Privacy and Security. Medicaid and Medicare require, along with building an IT infrastructure and strategies to protect against threats to personal information, but there must also be preparations made for investigations of security breaches should they occur. Furthermore, you must be able to provide enough information to be able to establish occurred events, when they occurred, as well as what or who has caused them. Ways to Manage Events and Logs There are numerous ways to go about handling the logs for your networks, and WhatsUp Gold offers some of the best ways to do so: 1. Define your Audit Policy Categories Audit policies in Windows record the security log events found on your network’s log files for your company. With Microsoft Windows NT systems, audit policies have to be put in place manually on each server and workstation. However, Windows 2000 and 2003 Active Directory domains allow for Group Policy, which enables you to set universal audit policies for groups on the servers and even the domain. 2. Log Records Are Merged Automatically By default, decentralized records, such as Windows events logs and Syslog files, record their log activity. However, if you want to gain a “big picture” view of what is going on within your network, admins in charge of security and compliance need to be able to merge Windows event logs and Syslog files into one another in order to be able to monitor thoroughly, analysis, and report. It is necessary that you maintain your log data! Many compliance standards require data to be stored up to seven years. However, if you automate the process, life can become much more accessible. Automation can assist in data retrieval and the longevity of log data. It is important to remember: Archived logs must be readily obtainable. Automation helps reduce the risk of corruption. The larger the company, the more users and machines. With more users and machines comes an increase in bandwidth and network traffic, which will only further complicate the log file. Automation can greatly assist in making sure all data is collected. Usually, administrators use an event log management tool to record log event data from the servers and workstations. Make sure you find an event log management tool that supports a method to re-import collected log files into the database if they are needed. 3. Event Monitoring, Real-Time alerts & Notification Policies While your company may have most, if not all, Windows-based machines, it is important to branch out from the Windows event log monitoring system. Consider using Syslog as well. They have support for switches, routers, firewalls, IDS, as well as support for UNIX and Linux based systems. Most products that perform real-time scanning and monitoring of logs require the use of an agent. However, if you can find a software package that can be used without an agent, go for it. This avoids many issues upon initial setup and continued maintenance. Every company has a different classification of what they find important, and what they want to be listed in the logs. The one security research
In 2017, Equifax had just suffered a massive data breach, resulting in the theft of over half of all American adults’ personal information. Now, 2 years later, Equifax will pay a total of $700 million in fines for laws they broke and their negligent handling of consumer data. Reuters stated that of the $700 million, Equifax is set to pay $300 million in damages to consumers, a number that could climb as high as $425 million depending on how many people claim damages. LifeHacker has outlined exactly what to expect if you were a part of the 147 million Americans who had their data stolen. If you were to file a claim now, expect one of the following outcomes: 1. Free credit monitoring for four years through Experian, or six years through Equifax. However, if you already have credit monitoring for the next six months, you could file a claim for the sum of $125 cash. 2. Up to $20,000 cash if you can prove damages due to the data breach. However, to claim, let alone obtain such a large sum of money will require that you are able to prove without a doubt that you suffered damages directly related to the Equifax data breach. 3. Identity restoration services for free for the next seven years. Chief Executive Mark Begor from Equifax said that he expects the $425 million would be enough to ensure all those who suffered damages would be financially compensated. However, US consumer advocates voiced several concerns regarding the supposed “substantial” amount. Ed Mierzwinski of the U.S. Public Interest Research Group regarded the fine as “…a parking ticket, not a penalty.” He also finds the number of hoops consumers must jump through, in order to be compensated for Equifax’s negligent handling of consumer sensitive information, ridiculous. Concerns about the short-sightedness of these “penalties and fines” is also on the minds of some. Chi Chi Wu, the attorney for the National Consumer Law Center stated that “The settlement provides some compensation right now, but the risk of identity theft is forever.” Many believe Equifax has been “let off the hook” for the largest data breach in American history, a viewpoint hard to argue with. After reading this, you are probably wondering yourself if your information had been compromised due to the breach. Well, the good news is that I can provide you the link to the website but can promise nothing in terms of the outcome of your discovery! Equifax has provided a website for consumers to review their data information. If you are a business owner and are worried about the security and safety of your business’s sensitive information, contact Hammett Technologies! We are experts in data security and can guarantee the safety and security of all your company’s sensitive information! Click here to learn how we can help your company stay secure!
- 1
- 2