Technology Advisor Blog

Cryptocurrency is a term that we hear a lot, but for many of us, it remains a bit of a mystery.  We’ll take a look at it from a high level to provide some understanding.  Why? Well, it isn’t going away, and it only seems to be gaining popularity.  And also, because if you are a target of a ransomware attack, it could very likely be how the hacker demands payment. Now, we are not suggesting you pay that ransom demand - in fact, the US Department of the Treasury has issued warnings against paying -  but getting familiar with cryptocurrency will help you in understanding how these cybercriminals are able to fly under the radar.

It's Tax Season (with an extra month extension for COVID) which means its also the season for tax scams.

If you're a user of ParkMobile, the popular parking app, your credentials were just leaked on line after a breach.  KrebsonSecurity reported this week that someone is selling account information for 21 million customers of Park Mobile.  The stolen customer data includes email addresses, dates of birth, phone numbers license plate number, hashed passwords, and mailing addresses.

The FBI's Internet Crime Complaint Center (IC3) has just released its annual report.  Over 700,000 complaints were filed - an increase of more than 300,000 from the previous year -  and reported losses exceeded $4.2B.  

Here's a re-cap of our recent community cybersecurity training event.  Cybersecurity these days is like a game of chess.  For every move, there's a counter move.  As people put more technology protection in place, the cyber criminals just get more clever.  User awareness is often the key to staying safe!  Will your employee click on that dangerous link?  It takes just one wrong click to do a lot of damage.  The more you and your team know about the latest threats, the better.  We were pleased to host close to 100 local small business leaders from Westford, Acton, Littleton, Chelmsford, Concord, Waltham, Southborough, Northborough, and Wellesley during our recent small business cybersecurity awareness training session. Education is a key part of Ekaru's mission, and here are a few highlights from the event.

An important part of staying secure on line is keeping your technology up to date.  If you're running old technology, you're not benefitting from the latest security protections.  In January of 2020, Microsoft ended support for Windows 7. This led to a massive worldwide effort to get systems upgraded to Windows 10.  However, a recent report on The Verge indicates up to 100 million PCs are still running Windows 7.  Ouch!  If you made the move to Windows 10, kudos for you, but have you kept the rest of your technology up to date?

It's hard to believe we're approaching the one year anniversary of COVID pandemic related shut-downs.  Thanks to technology like laptops, Zoom, high speed Internet, VoIP phones, and more, the scramble to work remotely was possible for many.  With all the associated distractions, cybersecurity often winds up being an afterthought for many.  As a technology service provider in the greater Boston area, we've worked with many local small businesses to enable a smooth transition to remote work, and we strongly encourage a continuing culture of cybersecurity to keep your business safe.

Image Source: Krebs on Security

Technology is an important part of any cybersecurity plan, but technology can only take you so far.  Getting the right firewall, security patches, antivirus, and other protections are an important part of your small business security foundation, but the last line of defense is your employees.  Will they click on that link?

Bell bottoms, neon colors, Rubik's Cube, pet rocks, kale…  Trends come and go, and generally, we’re not one to care much about what’s in style, but cybersecurity trends? That’s one we can get behind and think that there can never be enough of!

So, what can you expect to see as both a consumer, employee, employer, business owner or just a member of the general public who has a computer? Let’s take a look at what we are seeing.

Home is where the heart is.
And it is where the school is, and the office, and unfortunately it is where the likelihood of an attack or breach happens as well. That means that you need to ready your home and prepare to not only protect but also respond in the event of your network or smart devices being compromised. Ensure that as a worker or student, you are well protected and working with your IT support staff to have all security measures in place. It won’t be easy since many of us are playing catch up to the unexpected transition from last year to work from home scenarios, but it will be of the utmost importance as we move forward with this being the structure for the foreseeable future.  Don't get overwhelmed as there are many smart and affordable options for security.

Inside Job
There is a horrible phenomenon that is growing in popularity known as insider-threat-as-a-service. Yes, you can buy a disgruntled employee to sabotage a business and compromise data integrity by stealing information or breaking the business from inside. While this has been around for longer than 2021, with the hiring process for remote employees being done via video or other long-distance methods, it isn’t always easy to gather and gain the trust you might have had from years of sharing office space.  A solid onboarding AND offboarding process are important parts of any business plan.

Fake ID
Stolen credentials can be used for more than obtaining a credit card. Yes, you can build up an identity and establish credit, but you can take it a step further and build up a history that doesn’t exist in reality to the person it is being created for. This is a step up from the insider job that can happen, but you do need to be aware of who you are hiring and providing your confidential information to.  "Deep fakes" are a big trend, and we can't always believe what we see. 

Bigger Phish
With humans being the biggest risk to cybersecurity and working from home being the norm, you can expect a rise in attacks. Why? Because humans are the easiest point of entry for any hacker, and unmonitored humans are even easier to trick. So phishing scams will be even more popular when it comes to attack attempts. No one thinks they'll be the one to click on the wrong email, but people do.  These types of emails are designed specifically to trick people into opening them.  You can mitigate your risks by using a training platform to make sure everyone on the team is up to date with the latest threats.

The bottom line with any trend is that it will increase and decrease in popularity over time, but the one trend that isn’t going anywhere is the threat of data breaches.  There's no such thing as 100% security, but some basic and affordable solutions will help your organization drastically improve your protection.