Email Account Attacks & Takeovers by Cyber Criminals

a person sitting at a desk in front of a computer

If organizations thought that cyber criminals have mainly moved on from email exploits to other more lucrative points of attack, they are, unfortunately, mistaken. In fact, email exploits remain a significant contribution to account takeover attacks. This article will discuss some of the stats surrounding email attacks, and ways in which cyber hackers like to exploit email users, and it will also outline some steps organizations can take to combat this persistent security threat.

Stats 

When hackers do attack email accounts, 78% of them do so without the help of any applications outside of email. This overwhelming percentage shows that the use of email alone remains a powerful potential source of unwanted cyber-attacks. Another interesting statistic centers around the length of time that hackers stay undetected while exploiting an email account(s). Researchers show that data thieves were able to linger undetected for an entire week on over one-third of all hacked email accounts. For organizations working with confidential data, this is particularly disturbing, as a week’s worth of email correspondence is often significant.

Other email hacking attempt stats include:

  • 31% of email hackers focus solely on compromising email accounts.
  • 20% of single email attacks affect other email accounts, including personal accounts. 

 If one thinks it is comforting to learn that only 31% of hackers are interested in gaining access to an email account and assume that’s the end of their exploit, it is a false assumption. While the stats show that some hackers only focus on gaining access to the accounts, their next step often involves selling the information they observed to other cyber criminals, who then use the data for blackmail or other criminal purposes. Of course, the other stat which shows that 20% of successful email exploits also involve the exploitation of multiple user accounts, meaning hackers are gaining access to a password for one account and are able to use that same password to exploit multiple accounts.

How They Do It

We’ve already learned that it’s not uncommon for hackers to gain access to multiple accounts, merely by trying to re-use an employee’s password.  Some hackers will research a company to find details about employees who hold significant positions within the organization. They then impersonate a person in power by sending an email to a first-line employee, who in turn gives up confidential corporate information, since they assume they’re interacting with a corporate representative in a position of significant responsibility. 

Hackers may also do online research, looking for clues about a company such as what clients they serve and/or what vendors with which they interact. They then use this information to impersonate employees from these companies and send spear-phishing emails to key members within a targeted organization.

Data thieves may also employ brand impersonation tactics throughout an email and send it to unsuspecting employees. When employees open up the email it looks like it is from a trusted source such as Microsoft, Apple, or Google. The body of the email may state the employee needs to reset their password with a specific company, only to steal the employee’s “new password” after they click on the reset link.

How to Combat Cyber Criminals

Certainly, training staff members on how to spot phishing and other hacking attempts should be part of every organization’s strategy to combat exploits. Computer security specialists have multiple tools at their disposal to help them with early detection and mitigation of compromised emails. Computer security professionals also use software apps that include forensic tools, advanced detection techniques, and incident-response resolutions.

Summary

If the idea of trying to ward off data thieves and hackers seems daunting, there is help available. Third-party computer security specialists are thoroughly trained in providing comprehensive security packages for all sizes and types of organizations. If you would like to know more about how to develop a complete strategy to thwart security exploits, including how to effectively secure an organization’s email accounts, please contact us.

7 Basic Network Security Tips for Small Businesses

a man is looking at his laptop in the server room

Some small businesses might think it’s reasonable to assume that hackers and data thieves only go after large targets. Of course, these same criminals are well aware of this assumption, which is precisely why they know small businesses are often ripe for exploitation. According to CNBC, in 2019 small businesses were the targets of 43% of all cyberattacks, and more than half of them suffered some type of network security breach within the previous 12-month period.

Thankfully, there are some basic strategies that small businesses can employ to help them reduce their risk of ever having to experience a cyber attack.

Strong Passwords

Using a strong password is such a simple way to discourage hackers, yet many people still avoid using them.  Employers can enforce the use of strong passwords by requiring their systems to only accept passwords that consist of a combination of letters, special characters, and/or numbers, and are at least 8 characters long. For even better protection, enforcing the use of two-factor authentication provides another layer of security as it requires those attempting to log in to identify themselves by entering a code sent to their phone or email.

Network Security for your Corporate Wi-Fi

Businesses should always secure their Wi-Fi signal by requiring users to enter a password before gaining access. Leaving a Wi-Fi signal unsecured is simply another point of entry that leaves corporate software and data at risk for exploitation. 

Controlling Access

Employees should only have access to data and software on a need-to-know basis. Access to confidential information should be password protected and access to certain software applications should only be given to those required to use the software. Needless to say, a company should protect access to its network, requiring users to identify themselves before allowing access.

Encrypt Confidential Information

Some employees must use portable and removable media as part of their job responsibilities. Especially when working with confidential data, it’s important for companies to ensure that portable data is encrypted to prevent unauthorized access in the event the media becomes lost or stolen.

Disaster Recovery Planning

Companies should ask themselves if they are fully prepared if a long-term power outage should occur, or worse, an event such as a fire, flood, or some other type of natural disaster. If the answer is negative, they are overdue to get serious about developing a disaster recovery plan. Even small businesses are very dependent upon their hardware, software applications, and corporate data to conduct their daily business operations. Preparing a disaster recovery plan in advance means a company will be able to easily replace vital technology if a catastrophic event should occur.

Applying Network Security Updates/Performing Backups

Applying the latest software and hardware updates and patches allows companies to avoid malware and viruses that hackers often attach to outdated systems.  In addition, performing regular backups and making sure they can be easily restored is vital. Thus, ensuring that a company’s data is secure and readily available.

Educate Employees

Most business owners clearly understand that their ability to successfully conduct daily operations is very dependent upon having accurate and secure data to work with. However, sometimes employees may only consider how inconvenient certain security measures may make their daily tasks more challenging. Using a password of “1234” for every application they log into is convenient since it’s very easy to remember. However, weak passwords also leave business owners vulnerable to exploitation. This is where training employees on the “why” of security measures is so important. Employers can also train their employees to spot potential issues such as suspicious emails or unsecured web pages asking for confidential information.

Network Security Summary 

Companies should not feel discouraged if they find that safely and securely supporting their IT infrastructure is challenging. These types of challenges are precisely why Bluwater Technologies can help.

If you would like more information on how we can provide the technological support and security you need, please contact us.

What Business Owners Should Know About the Twitter #DataBreach

a book with a chain attached to it

One of the scariest things for business owners to see trending is the word #DataBreach. Over the past few days, Twitter has come forward to apologize for a significant data breach that occurred as a result of a nonsecure browser cache displaying sensitive user information. Although it remains unclear just how many businesses were affected, the compromise is believed to have impacted a large number of companies that utilize the platform for marketing and SEO.

If you are one of the thousands of business owners who received an email from Twitter apologizing for the breach — or if you’ve simply seen the hot topic trending on your dash — you may be anxious to learn the details and understand what you can do to prevent future vulnerabilities. 

Take a deep breath. #DataSecuritySolutions is always trending with Bluwater Technologies.

What Happened?

The core vulnerability responsible for Twitter’s security compromise lies in the way the app and website store user information. A browser cache allows platforms to remember details about a user and create key analytics. It relies on the process of saving temporary data, such as passwords and credit card information. Thus, the website or app does not need to download this information each time. This allows the website and app to load faster while keeping us connected with our various clients, contacts, and social media platforms.

Unfortunately, Twitter discovered that the confidential billing information of many of its business accounts had been erroneously stored in the browser’s cache. This made sensitive information visible to potential cyber criminals. Although no exploits have been confirmed, Twitter acknowledged that it was “possible” outside parties could access and view this information.

So what information was exposed? According to the official statement, email addresses, phone numbers and the last four digits of clients’ credit card numbers were the key pieces of data that may have been compromised. 

Who Was Affected by the Twitter Data Breach?

As previously stated, Twitter has yet to give an official estimate on how many businesses were affected.

This isn’t the first time the tech giant has had issues with data security. In 2018, a sitewide bug affected some 330 million users and compromised the password credentials of all business users involved. If this benchmark offers any guess, it’s likely that the current data breach has impacted a broad range of clients.

Non-Twitter users are not thought to be affected. As of May 20th, 2020, the caching issue has been resolved.

What Now?

While news of leaked information is no doubt a terrifying prospect, there’s no need to panic just yet. Modern businesses are more connected than ever through the collaborative powers of social media. That means business owners must prioritize internet security in an increasingly digital world in order to meet the needs of today’s compliance standards.

If your business was affected by the breach, take a moment to review your system information for any indication of a hack. It’s a good idea to call in the professionals. Utilize the knowledge of a trained IT consultant to identify any potential threats or vulnerabilities. Ensure all passwords are changed and updated (sentence-form passwords are best). If your company has suffered a data loss or been the victim of malicious ransomware attempts, don’t give in to cyber criminals just yet. Backup and disaster recovery options are available for small and mid-sized businesses.

Once you’ve assessed the damage and come out on top, consider proactive ways to prevent cyber attacks moving forward. Always clear your browser cache at the end of each day. Or set your browser to automatically clear so that stored information is not visible. Ask your IT consultant about curating how your information is transmitted online. VPNs — or virtual private networks — are a great option for masking and securing your online identity. A robust firewall and a comprehensive network and data security system is the best way to stop cybercriminals in their tracks and protect your valuable information.

Ask our Fort Lauderdale experts for more helpful tips and strategies for making your business #unbreakable.

10 Cyber Security Myths for Small and Medium Size Businesses Debunked

a hand touching the word cyber security

By 2021, the annual global cybercrime damage is expected to reach $6 trillion. The average cost of a cyber security breach for SMBs is $117,000. That’s why many companies all over the world are struggling to maintain high levels of cybersecurity.

Due to the increase in activity related to this issue, false information is starting to appear. Let’s debunk the 10 most common SMB cybersecurity myths.

Myth #1: Cybersecurity is solely a technological issue

Truth: Besides beefing up antivirus software, cybersecurity involves many other actions, including employee training and high-quality IT support as well as clear procedures and guidelines. Without proper awareness, cybersecurity technologies are mostly useless.

Myth #2: Cybersecurity requires a formidable investment

Truth: The majority of the effort required to protect your data needs a reasonable investment. They include:

  • Training employees
  • Using a VPN to work from remote locations
  • Installing software updates in a timely manner
  • Consulting IT experts
  • Planning for disaster recovery
  • Creating proper authentication steps
  • Identifying security information
  • Setting up remote work guidelines.

Any investment you make in cybersecurity is many times smaller than the costs of data breach recovery.

Myth #3: SMBs are less likely to be hit by a cyberattack

Truth: According to Microsoft, about 43% of cyberattacks are aimed at small businesses.

With only a small percentage of SMBs being ready to defend themselves against an attack, cybercriminals target them consistently. Large enterprises tend to invest more time, money, and effort in cybersecurity, thus suffering fewer consequences.

Cyber Security Myth #4: My company doesn’t have anything cybercriminals may want

Truth: Even if you don’t deal with sensitive information, your company can still become a target of ransomware or DDoS attack.

It’s important to know that some cybercriminals assault small companies for fun or to train before a larger attack. Meanwhile, personal information about you and your employees may be a sufficient catch for some hackers.  

Myth#5: Cybercrimes only need attention when they occur

Truth: When a cybercrime occurs, it may be too late to fix the problem without substantial losses. It’s often hard to detect the crime before it causes irreversible damage. About 60% of small businesses stopped functioning 6 months after a cyberattack.  

The key to fighting the majority of cybercrimes is preventive measures.

Myth #6: If you have a firewall, you are safe against cyberattacks

Truth: Firewall and antivirus software are small parts of the big picture. Without a solid cybersecurity plan, you can’t prevent cyberattacks or react to them in a timely and efficient manner.

Cyber Security Myth#7: It’s an IT issue

Truth: Many SMBs believe that the IT department is responsible for cybersecurity. While your IT team players are likely to have an understanding of cybersecurity issues, they may not have sufficient knowledge and training. If you want to set up proper preventive measures and implement security controls, you need an expert’s assistance.

Myth#8: SMBs and enterprises face different cybersecurity threats

Truth: According to Cisco, the types of attacks that SMBs and large enterprises experience are similar. Companies of all sizes face the same amount of downtime related to cyberattacks. However, larger enterprises often have higher recovery potential due to better resources.

Myth #9: SMB leaders don’t take cybersecurity seriously

Truth: Cisco survey shows that 90% of IT decision-makers have knowledge of the company’s data privacy programs.

Cyber Security Myth #10: By taking the right approach, SMBs can be 100% protected

Truth: No matter how excellent cybersecurity preventive measures are or how much money you invest in them, the possibility of an attack exists. That’s why it’s imperative to have a disaster recovery plan.

Implementing security measures and preparing for cyberattacks is essential to SMBs’ stability. To learn more about strengthening your cybersecurity, please contact us today.

What You Need to Know About Containers Security

a large blue container sitting in front of many colorful containers

Containerization has revolutionized software deployment. It allows faster deployment cycles, easier scalability, and consistency across environments. It’s a standard part of the DevOps process. Containers provide clear benefits in security, but they offers their own challenges.

Making a containerized environment run smoothly and securely requires specialized expertise and experience. Bluwater provides the management and support to keep the software running and minimize the risks.

Understanding Containers

Software applications have many dependencies. They use runtime environments, subroutine libraries, and system services. They need to adapt to the operating system on which they run. The container puts all the dependencies into a single package that’s deployed as a unit. The software on which the application depends will always be the same.

For instance, suppose an application runs on a Java Virtual Machine (JVM). Containerization ensures that each instance runs on the same version of the JVM, no matter where it’s deployed. The developers and admins don’t have to worry about having to run under an outdated or unpatched JVM.

However, a container isn’t a monolith that does everything the application needs. More commonly, it’s split up into services, each of which has its own container. Services communicate through APIs.

You can deploy many container instances on one machine. These numbers can be scaled up or down to meet current needs. Each one runs independently of the others. However, a container isn’t the same as a virtual machine. All the containers on the host run under the same instance of the operating system. Containers aren’t as fully isolated from each other as VMs are.

Security Benefits and Concerns

Containerization isn’t a total solution to all security problems. It makes some issues easier to deal with but introduces its own concerns. The NIST Application Container Security Guide gives a detailed summary of the issues and best practices.

Benefits

The big advantage of containers, from a security standpoint, is control. A software release contains tested and trusted versions of all supporting libraries and runtimes. When you keep them up to date, they will be up to date wherever you install the release. You only need to ensure that the latest patches are included once.

When software has to run in a diverse environment, it’s harder to test all the cases. Bugs can slip through, opening the way to attacks. Containers offer a consistent environment that we can test more exhaustively. There’s less need to worry about special cases.

Concerns

The negative side is that containers offer a consistent, predictable target. If a container has a vulnerability, every deployed instance has it. This simplifies the job of anyone trying to attack it.

Containers aren’t as isolated from each other as VMs are. Depositing malware into one container could mean easy proliferation of all the others on the same host. They can re-infect each other unless we take down all compromised instances simultaneously.

How to Heep Containers Secure

With proper management, a containerized environment can maintain a high-security level. The old techniques don’t always work, though. The NIST guide recommends a set of practices for keeping risks low. Here are a few tips based on it.

  • Use an OS tailored for containerization. Containers contain everything they need, so they don’t require many standard operating system components and services. Using a distribution that trims them down to a minimum reduces the attack surface.
  • Use security tools that are designed for a container environment. Developers often do not design standard anti-malware tools to handle large numbers of identical processes that appear and disappear. Ensure that your security software has a rating for containerized deployments.
  • Group only related containers under the same host. Having just one application (including all its services) running on a host reduces the opportunities for cross-application attacks.
  • Use hardware-based security to isolate containers. The less visible containers are to each other, the harder it is for infections to spread.

Bluwater provides the most up-to-date security solutions, letting you focus confidently on your business needs. Consulting, threat detection, removal, vulnerability testing, and user security are just some of the ways we can help keep your systems safe. Each kind of environment poses its own challenges, and we have the experience and expertise to protect them all.

Contact us to learn how we can help you with your security needs.