Technology Advisor Blog

Are your passwords really keeping you safe?

Posted by Ann Westerheim on 9/11/18 3:18 PM

Did you know, half of cyber attacks hit small businesses, and only 14% of small businesses rate their ability to mitigate threats as effective.  Cyber attacks on big businesses make the headlines, and too many small businesses think they’re under the radar.

Weak passwords account for the majority of data breaches.  60% of SMBs have no visibility into employee password habits and have no password policies.  Almost 2/3 of employees in small business use the exact same password for everything.

10% of all passwords are either “password” or “123456”.  No wonder our data isn’t safe!

Best practices for passwords call for STRONG passwords, which include at least eight digits mixed with uppercase and lower case letters, numbers, and symbols.  Also, a DIFFERENT password needs to be used for every application, which for many users can be over 50 passwords!

Can you spot the problem?  How can anyone remember all these passwords, and change them frequently enough? 

To keep your data secure, we recommend using a password manager.  Are your employees re-using passwords? Are they using very weak passwords, are they writing them down on post-its or little notebooks? 

Stop ignoring this important part of your security plan.  Create a clear password policy, educate your employees,  and consider implementing a secure password manager. 

Protect your digital footprint before it’s too late! 

Want to learn more?  Get the infographic.

Wait a minute! The minute by minute cost of Cybercrime

Posted by Ann Westerheim on 8/29/18 5:17 PM

HackerThe cost of cybercrime is no joke. This is easy to say from the perspective of someone whose business it is to know all about cybercrime trends, attack vectors, etc.  But to really quantify how big of a problem cybercrime is in the world of business, it is often easier to compare it to day to day things… like a doctor explaining a complicated procedure or a mechanic telling you why your car is making that noise. So today I would like to compare the cost of cybercrime to the most universal understanding that there is… time.

The cost of cybercrime each minute globally: $1,138,888

The number of cybercrime victims each minute globally: 1,861

Number of records leaked globally each minute (from publicly disclosed incidents): 5,518

The number of new phishing domains each minute: .21

As you can see, cybercrime builds by the minute.  


Read the full article on Dark Reading.

Tags: cybersecurity

Cybersecurity is Everyone's Job - Recommended Summer Reading.

Posted by Ann Westerheim on 7/24/18 2:56 PM

App_Security_400A new NIST (National Institute of Standards and Technology) guidebook says Cybersecurity is everyone's job.  While many people may believe that cyber threats are a technology problem looking for a technology solution, the data shows otherwise:  people are the weakest link.  Whether your organization is large or small, a mindset of security and ongoing user education will help keep your data safe.  Sometimes all it takes is ONE user clicking on the wrong link to cause a lot of damage.  

A recent article in SecurityIntelligence provides some helpful highlights of the report (this is a quick read), and the full NIST report is worth a review with your team.

We see too many small businesses that assume they're "under the radar" with respect to cyber attacks.  What too many people don't realize is that the modern threats are automated and all it takes is a few clicks to cause a lot of damage.  A mindset of security is needed to make sure ALL users take the threats seriously and can make informed decisions.  

We strongly recommend considering putting a formal training program in place to make sure your employees are educated.  The MA Data Security Law, HIPAA, and other industry regulations require employee training as part of their required standards.  The training platform is an easy and affordable way to do this, and you can also go with an ad hoc approach, but DO SOMETHING!

Tags: cybersecurity

A Creepy Twist on Ransomware - Using your hacked passwords

Posted by Ann Westerheim on 7/19/18 10:21 AM

HackerRecently there have been many reports on a clever twist on an old scam that's made more believable with your hacked password.  The email purports to be from a hacker who has compromised your computer and recorded you watching porn and will release the information to all your contacts if you don't pay the ransom (payable to a crypto currency account so it's not traceable).   

The added twist is that the the email opens with "I'm aware that <substitute password formerly used by recipient here> is your password".

Apparently the bad-actors have run scripts to pull emails and passwords from the Dark Web from major breaches such as the LinkedIn breach not too long ago.  In many cases, the recipients will note that the password hasn't been used in years, but it IS a password that they recognize, which still makes the threat very scary.  It does not mean that anyone was actually on your system.  

Whenever a major breach occurs, usernames and passwords wind up on the Dark Web and are bought and sold.  If you use Yahoo, EVERY credential has been breached, as an example.  LinkedIn and many popular sites have been hacked more than once in the past few years.

This underscores the importance of password management:  Use STRONG passwords, use DIFFERENT passwords for different sites, and CHANGE your passwords.  To help promote good password policies at your business, our recommended best practices include using a password manager and including Dark Web monitoring as part of your security policy.

For more detail, read the full article at Krebs on Security.

Tags: cybersecurity, ransomware, cybersecurity

Another Scam to Watch Out For:  "Neighbor Spoofing"

Posted by Ann Westerheim on 7/10/18 9:30 AM

cell phoneHave you experienced an increase in the number of "local" junk calls to your cell phone?  You're not alone.  Scammers have yet another tactic to get through to you by "spoofing" a phone number.  When your phone rings and you see a local number, you're more likely to pick up.  After you pick up, your number is proven to be a "real" number which is more valuable to scammers and the number of calls increases.  

In many cases, the calls are just your spoofed to be from your area code and the first three digits of your phone number, but keep in mind that the spoofed calls may be created to look like they come from your children's school or doctors office.  If you can't authenticate the caller, don't give any information over the phone.

What can you do?  Your phone carrier may allow you to block calls, but the scammers just keep changing the numbers.  Adding your number to the National Do Not Call Registry will help (worked well for me when I added my cell number!).   As always, make sure your employees are aware of these kind of scams.   We talk so much about cybersecurity and computers, we also want to remind users that phone scams are still in play.  The "human firewall" is important for phones too:  Think before you click AND think before you answer!

For more information check out this article from the Better Business Bureau:  https://www.bbb.org/en/us/article/news-releases/16670-a-new-kind-of-phone-scam-neighbor-spoofing

 

Tags: cybersecurity, spoofing

Whats New in SMB Tech?  Internet (VoIP) Phones!

Posted by Ann Westerheim on 6/5/18 1:04 PM

Ekaru-Jive-Lunch-EventIn case you missed it:  Last week we hosted a technology lunch and learn event with our partner, Jive Communications.  Local business owners enjoyed networking, lunch, and technology.   

Verizon is phasing out old copper phone lines, and if you have an old phone system, you may be in need of a change (even if you aren't excited about the latest and greatest features!). We still see SMBs with phone technology that's over 10 years old!  If its been that long, its time for a change.

One of our missions at Ekaru is to help SMBs get more from the technology you already have and to learn about the new technology you need to know about!

Some of the highlighted features covered in the presentation include:

  • Auto Attendants - You can add multiple Auto Attendants for your business at no additional cost.
  • Call Queues - Instead of needing to do a rapid-fire "please hold" for multiple inbound calls, you can set the calls in a queue with a pre-recorded message (with an escape hatch to voicemail) and then pick up when you're free.
  • Custom Schedules - Need to send calls to an answering service after hours - just program it in.
  • Mobile App - You can send and receive phone calls with your office caller ID from your cell phone - bring your office phone anywhere you go!
  • Hot-Desking - Get your customized phone settings to appear on another office phone.  This is great if you have shift workers or mobile workers who work out of different offices.
  • International Calling - Free calls to over 50 countries.
  • Reporting and Call Analytics - What are your busiest phone times?  How long are your average calls?  How many calls go to voicemail.  With a modern system, all the data is at your fingertips.

These are just some of the features we discussed.   For more information, check out the presentation slides.  If you're already using the system, we recommend starting with a simple plan and then building in new features as you learn about them and how they may help your business.

We've been using the Jive system for a few years and you can stop by our office to see the system in use, try a loaner phone, or get a full on-line demo.  If you haven't looked at phone systems recently, we highly recommend that you check out Jive!

Sign up for a Demo!

 

Tags: VoiP,, SMB

Important Notice Regarding Your Domain Name(s)

Posted by Ann Westerheim on 6/4/18 2:15 PM

Internet WHOISA few clients have asked us about recent notifications received from Network Solutions (and others):    "Action Required: Notice Regarding Your Domain Name(s)".  In this day and age, we recommend that all users stay alert when opening email, and we welcome questions about the legitimacy of received mail - better safe than sorry!

This notification states as follows:

"This notification is being sent to you as a contractual requirement of the Internet Corporation for Assigned Names and Numbers (ICANN) WHOIS policy. When you registered your domain with us, you agreed to keep your contact information in Account Manager current, and the WHOIS policy mandates that we ask you to verify and/or update this information periodically. Further, ICANN requires us to remind you that providing inaccurate or dated contact information may be grounds for domain name cancellation."

In this case the message IS legitimate, and we always recommend as an extra precaution that you go straight to the website in question (in this case, the company you registered your domain name with, typically Network Solutions), rather than clicking through the link in the website.  Yes, we just said the email was "real", but as a "best practice", don't follow links in emails when you don't have to. 

You don't have to reply to the email, it's just a reminder to check that the current information is still valid, and to update it as necessary.

ICANN (the Internet Corporation for Assigned Names and Numbers) is a non-profit organization committed to maintaining a number of databases associated with domain names.   ICANN is committed to maintaining the WHOIS directory, which is a directory of contacts associated with all domain names - much like a telephone book.  In order for the information to be useful, it must be up to date, and anyone who registers a domain name must agree to keep the information up to date.  Domain name registrants, businesses, individuals, consumers, and law enforcement are all stakeholders in this directory.

As part of your contractual agreements when you registered your domain name, you agreed to keep the contact information accurate and current.  If you use a private registration, you must keep the contact information current at your registrar.   Note that all your renewal notices, etc, will be sent to the current contact on file, so its also in YOUR interest to keep the information current.  Even if you have a credit card on file for automatic renewal, if the card expires or gets replaced, without out accurate contact information you won't get the notification and you could lose your domain name.  

To look up your own information, go to the Network Solutions WHOIS lookup tool.  The Registrant organization should be your company name (not an employee or webmaster! - this is VERY important!  Does the business own the domain name, or does the employee or webmaster who set it up own it?  Make sure this is correct!.  Also check that the registrant, administrative, and technical contacts are all current.  

Check the WHOIS Primer for more information on the role of ICANN and the WHOIS directory.

 

 

 

Tags: eMail, Internet, web site

Got a consumer class router?  Power cycle it NOW!

Posted by Ann Westerheim on 5/29/18 4:02 PM

FBI - Cyber WarningThe FBI has issued an important warning about certain consumer-class routers after a massive malware attack was detected.  Turning the router off, then on again is a simple and important step to help stop the malware.  Additionally, it's recommended that you update the password and make sure the firmware is up to date.  The malware is capable of blocking traffic,  collecting information that's transmitted through the device, and disabling devices entirely.

The devices affected include Linksys, MicroTik, Netgear, and TP-Link.  The malware attack is being linked to Russia.

We strongly recommend that all businesses, no matter how small, always use a business-class firewall.

For additional information, we recommend excellent summaries in The NY Times and Krebs on Security (a lot more technical detail).

 

Tags: cybersecurity, malware

Cybersecurity - What is the cost to Small Businesses? Another factor to think about related to Microsoft Security Patches...

Posted by Ann Westerheim on 5/14/18 10:55 AM

App_Security_400We've all seen the headlines of the major cybersecurity incidents:  Target, Yahoo, Equifax, Sony, etc... Cybersecurity is a topic that affects everyone, and we view it as a public safety issue.  With all the headlines over the past years, at this point, most people "get it" that cybersecurity is a big problem, but the education can't stop there.   

Too many SMBs see the big companies listed in the headlines and  think they're "under the radar" when it comes to cybersecurity, but half of all attacks hit small businesses.   A big part of our mission at Ekaru is to bring enterprise class IT to small businesses, and security is a big part of it.

And there's more:  The headlines tell just part of the story -it takes a little more digging to identify the real costs.  As an example, the San Francisco metro system was hit by Ransomware over a year ago.  At the time, the network was held hostage for $73K.  All ticket point of sales systems were rendered useless, so to keep people moving, free fares were offered for the busy holiday weekend.  With an estimated 700,000+ rides per day at a fare of  $1 to $2.25, the system lost between $1.3M and $3.3M.  This figure includes lost revenue, and doesn't include all the round the clock work to restore systems from backup.

The cost analysis doesn't stop there, though.  Last week Microsoft released a critical zero-day security alert.  As bad actors continue to find and exploit cyber vulnerabilities, the major tech vendors continue to update products to address the vulnerabilities.

In the case of security patches, these are actually required by law by the MA Data Security Law, HIPAA, and other industry-specific regulations.  

 "For files containing personal information on a system that is connected to the Internet, there must be reasonably up-to-date firewall protection and operating system security patches, reasonably designed to maintain the integrity of the personal information. "

So here's the curve ball.  The critical security patch released by Microsoft last week had a bug:  systems that got the security patch lost their ability to connect to the network!  This meant that these PCs became basically useless until the network connections were restored.  This led to downtime at customer sites, and enormous efforts by IT support firms like Ekaru to restore connectivity for affected users.  As we consider the overall cost of security, the downtime associated with failed security updates is also a major consideration. 

To secure networks and comply with regulations, we rely on Microsoft to continually address security vulnerabilities with security patches.  With the complexity of modern computing systems we realize that things are changing all the time.  Going forward, more diligence by Microsoft in testing of security updates is needed - 2018 has gotten off to a rough start!  That said, our message to all SMBs is that the risk of not complying with security updates is far greater than the risk of the rare problem update. 

So we continue our message to all users that cybersecurity is a public safety issue and we're all in this together and we all need to do our part!

 

Tags: cybersecurity, ransomware, cybersecurity

Ekaru Now Delivers Dark Web Monitoring Services through ID Agent Partnership

Posted by Ann Westerheim on 5/9/18 8:29 AM

Ekaru Offers Monitoring and Alerting of Stolen Digital Credentials, Increasingly Valuable Asset on Dark Web

Hacker_BlogEkaru announced its new Dark Web monitoring services provided through its partnership with ID Agent, provider of Dark Web monitoring and identity theft protection solutions. With Dark Web ID, Ekaru offers around the clock monitoring and alerting for increasingly compromised digital credentials, scouring millions of sources, including botnets, criminal chat rooms, peer-to-peer networks, malicious websites, bulletin boards and illegal black market sites.

 “Too many small businesses think that they’re “under the radar” when it comes to cybersecurity.  Users have weak passwords and often reuse passwords at multiple sites.  About half of all cyber attacks hit small businesses, but they just don’t make the headlines like the big companies.  It’s been Ekaru’s mission from the beginning to support and protect small businesses”, said Ann Westerheim, PhD, President at Ekaru.

 The Dark Web is made up of various digital communities, and while there are legitimate purposes for the Dark Web, it is estimated that over 50 percent of all sites on the Dark Web today are used for criminal activities, including the disclosure and sale of digital credentials. 

 “Digital credentials such as usernames and passwords are widely used to connect to critical business applications – the reason these credentials are among the most valuable assets found on the Dark Web,” said Kevin Lancaster, CEO of ID Agent. “Unfortunately, the unaffordability of cyber offerings has played into the cyber poverty line experienced by small businesses. Dark Web ID, however, delivers an affordable model that provides small businesses with the same advanced credential monitoring capabilities used by Fortune 500 companies to organizations in the SMB and mid-market space.”

Dark Web ID is the industry’s only commercial solution available to detect customers’ compromised credentials in real-time on the Dark Web. It vigilantly searches the most secretive corners of the Internet to find compromised data associated with your customers’ employees, contractors and other personnel, and notifies them immediately when these critical assets are compromised. There are a few competitors in the market but none completely focused on the Dark Web as ID Agent’s solution.

About ID Agent

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and to millions of individuals impacted by cyber incidents. The company's flagship product, Dark Web ID, combines human and sophisticated Dark Web intelligence with capabilities to identify, analyze and monitor for compromised or stolen employee and customer data, mitigating exposure to clients’ most valuable assets – their digital identity. From monitoring your organization’s domain for compromised credentials to deploying identity and credit management programs in order to protect the employees and customers you serve – ID Agent has the solution. For more information, visit: http://www.idagent.com or go to LinkedIn, Twitter or Facebook.

About Ekaru

Ekaru has been a leading provider IT support services, hosting, and data protection to small and medium businesses since 2001. Our curated technology platform is designed to give you the level of support you need, with a budget that fits, so you can focus on your business.  For more information, visit www.ekaru.com or go to LinkedIn, Twitter, or Facebook.

 

Contact:                                                          

Ann Westerheim, PhD

Ekaru

978-692-4200

awesterheim@ekaru.com

Tags: cybersecurity, data security

Subscribe by Email

Most Popular Posts

Browse by Tag

See all tags...

Connect With Us

Older Blog Posts

For older Ekaru blog posts, go to ekaru.blogspot.com.