Are Distractions at Home Increasing Vulnerability to Cyber Attacks?

a woman sitting at a desk in front of a computer

A lot of people are still working from home right now. Furthermore, many are not working from home under ideal conditions. They may be sharing an “office” with somebody else working from home, trying to care for children, dealing with pets, etc. On top of that, everyone is rather stressed right now. Could this be causing problems with cyber attacks?

Distractions and Cybersecurity

A study done by Tessian in April showed that 43% of a sample of employees in both the UK and the US admitted to errors that could have cybersecurity repercussions.

These errors included sending emails to the wrong person, clicking on links in a phishing email, and employees blaming fatigue, stress, and distraction. Furthermore, the worst offenders were in the tech industry…closely followed by banking and finance. These kinds of errors endanger companies and customers.

To make things worse, cyberattack attempts are also up as criminals take advantage of the shift to remote working. Scammers are using fears over COVID-19 to sell fake masks, trying to use stimulus checks to get personal information, etc. So, not only are workers more inclined to fail to notice a phishing attempt, but they may be receiving more of them.

Some people struggle more than others with working from home, but everyone is likely to be distracted right now, whether it’s by their family, the news, or the climbing case numbers.

What Should Employers Do About Cyber Attacks?

Unfortunately, reopening the office is unlikely to be an option for most companies before at least the fall, if not the end of the year. Schools also remain virtual in many areas, leaving employees stuck with childcare or trying to monitor remote learning. Meanwhile, employees, feeling the situation to be temporary, are unable or unwilling to make major changes to their lifestyle to accommodate remote work.

Employee training is, thus, the best and perhaps only option to resolve this situation. It’s important to continue to refresh cybersecurity training while employees are working from home.

Giving advice and tools to reduce distractions could also be helpful for many employees, especially those for whom a separate office with a closed door is not an option.

Simple ways to help focus include:

  • Playing music, ideally without lyrics.
  • Using the Pomodoro or similar technique to force alternating periods of focus and break.
  • Putting on street clothes rather than trying to work in your pajamas. For many people, this helps the brain get into work mode.
  • Planning out a schedule for the week.
  • Work out what distracts you and deal with it before work.
  • Use timers to block social media and other distracting sites.
  • Turn off your personal phone unless you need it for work.
  • Stick to your normal work schedule and hours.

None of these require that employees invest heavily in a temporary situation, and they can make a huge difference in productivity and focus. However, it’s best to avoid trying to force the removal of distractions. One university got into a PR mess by saying that workers could not care for their children while working from home. Sadly, this is unavoidable for many right now.

Working from home is making all of us more distracted (in some cases even including people who were already working from home, but now have to deal with spouses, children, and the overall stress of the situation). Employers need to make sure that these distractions don’t result in security breaches with improved training and by helping employees learn how to better focus when their office is in their living room.

For help with your IT problems and more advice on cyber attacks and employee training, contact Bluwater Technologies today.

7 Basic Network Security Tips for Small Businesses

a man is looking at his laptop in the server room

Some small businesses might think it’s reasonable to assume that hackers and data thieves only go after large targets. Of course, these same criminals are well aware of this assumption, which is precisely why they know small businesses are often ripe for exploitation. According to CNBC, in 2019 small businesses were the targets of 43% of all cyberattacks, and more than half of them suffered some type of network security breach within the previous 12-month period.

Thankfully, there are some basic strategies that small businesses can employ to help them reduce their risk of ever having to experience a cyber attack.

Strong Passwords

Using a strong password is such a simple way to discourage hackers, yet many people still avoid using them.  Employers can enforce the use of strong passwords by requiring their systems to only accept passwords that consist of a combination of letters, special characters, and/or numbers, and are at least 8 characters long. For even better protection, enforcing the use of two-factor authentication provides another layer of security as it requires those attempting to log in to identify themselves by entering a code sent to their phone or email.

Network Security for your Corporate Wi-Fi

Businesses should always secure their Wi-Fi signal by requiring users to enter a password before gaining access. Leaving a Wi-Fi signal unsecured is simply another point of entry that leaves corporate software and data at risk for exploitation. 

Controlling Access

Employees should only have access to data and software on a need-to-know basis. Access to confidential information should be password protected and access to certain software applications should only be given to those required to use the software. Needless to say, a company should protect access to its network, requiring users to identify themselves before allowing access.

Encrypt Confidential Information

Some employees must use portable and removable media as part of their job responsibilities. Especially when working with confidential data, it’s important for companies to ensure that portable data is encrypted to prevent unauthorized access in the event the media becomes lost or stolen.

Disaster Recovery Planning

Companies should ask themselves if they are fully prepared if a long-term power outage should occur, or worse, an event such as a fire, flood, or some other type of natural disaster. If the answer is negative, they are overdue to get serious about developing a disaster recovery plan. Even small businesses are very dependent upon their hardware, software applications, and corporate data to conduct their daily business operations. Preparing a disaster recovery plan in advance means a company will be able to easily replace vital technology if a catastrophic event should occur.

Applying Network Security Updates/Performing Backups

Applying the latest software and hardware updates and patches allows companies to avoid malware and viruses that hackers often attach to outdated systems.  In addition, performing regular backups and making sure they can be easily restored is vital. Thus, ensuring that a company’s data is secure and readily available.

Educate Employees

Most business owners clearly understand that their ability to successfully conduct daily operations is very dependent upon having accurate and secure data to work with. However, sometimes employees may only consider how inconvenient certain security measures may make their daily tasks more challenging. Using a password of “1234” for every application they log into is convenient since it’s very easy to remember. However, weak passwords also leave business owners vulnerable to exploitation. This is where training employees on the “why” of security measures is so important. Employers can also train their employees to spot potential issues such as suspicious emails or unsecured web pages asking for confidential information.

Network Security Summary 

Companies should not feel discouraged if they find that safely and securely supporting their IT infrastructure is challenging. These types of challenges are precisely why Bluwater Technologies can help.

If you would like more information on how we can provide the technological support and security you need, please contact us.

The Home Chef Data Breach Affected 8 Million Customers

a box of home chef next to some vegetables

On May 20, 2020, customers of Home Chef got the unpleasant news that 8 million of their data records had been breached. The stolen information included names, email addresses, phone numbers, the last four digits of credit card numbers, and encrypted passwords. Other information, including mailing addresses and frequency of delivery, “may also have been compromised.”

The announcement came about two weeks after Home Chef learned of the breach. This is within a generally accepted time frame; the company’s first priority is to verify what happened and prevent further damage. What’s disturbing is that Home Chef learned of the breach only by discovering that its data was being offered for sale.

How Home Chef learned of the breach

An online criminal gang calling itself Shiny Hunters had announced that it was offering databases from eleven companies, Home Chef among them. In early May they offered 8 million records for $2,500. No details were publicly available on how the breach occurred, but Shiny Hunters apparently gained direct access to Home Chef’s customer database. The largest set of records the gang claimed to have was 91 million from Tokopedia, a major Indonesian online store. This number hasn’t been confirmed; the low-end estimate is 15 million.

The price might have been higher, except Home Chef did some things right. It didn’t store full credit card numbers, and it encrypted all the passwords in its database. Stolen information could make it easier to match credit card numbers with people or to crack passwords, but the breach didn’t outright expose that sensitive information. Even so, Home Chef is advising its customers to change their passwords.

What businesses and customers should do

The breach offers lessons to businesses and customers. Businesses need to remember the importance of network monitoring. If the security incident had been caught earlier, the thieves might have been stopped before they could steal the data. In the worst case, Home Chef would have known about the breach more quickly and started remedial action sooner. The process of acquiring the 8 million records could have taken weeks. Grabbing and exfiltrating that many records all at once could trigger alarms, so thieves prefer to acquire them slowly.

These events show why businesses should never store unencrypted sensitive information in their databases. Home Chef protected itself and its customers from a worse disaster by following this principle.

On the customer side, the breach shows the need for strong passwords. Depending on the details, thieves may be able to test long lists of passwords against the encrypted ones and discover the ones that match. A long and complex password is more resistant to this kind of cracking. When they learn of a breach, users should change their passwords immediately.

Home Chef warned customers to be wary of scams. Fraud operators can better target their phone calls and spam by knowing that a phone number or email address belongs to a customer. The company has reminded its customers that it will never ask for sensitive information by email. People getting phone calls claiming to be from Home Chef should likewise be wary of any odd requests.

Costs

Data security is a constant challenge. A typical data breach costs millions of dollars in downtime, reporting, mitigation, and liability. Businesses need to maintain a multilayered defense. It has to include not just technical protection but cybersecurity awareness training so that employees don’t give away authentication information or let malware get into their systems. System monitoring is important so that IT people can catch security incidents when they happen and not after massive data loss. Investing in data protection pays for itself by safeguarding a business’s operations and reputation.

Investing in data protection pays for itself by safeguarding a business’s operations and reputation. Bluwater’s network and system security services will reduce your company’s chances of suffering an expensive data breach.

Contact us to learn how we can help.

The RobbinHood Attack Could Cost Baltimore $18 Million

a skull and crossbones on a red background

In May 2019, the city of Baltimore found itself in major IT trouble.

A crippling ransomware attack took down systems in almost every government department. The files became encrypted and couldn’t be recovered. The perpetrators demanded 13 Bitcoin — about $76,000 — to restore the files.

To its credit, the city refused to pay the criminals. To its discredit, the city’s IT management was in such bad shape that fixing the damage cost the city millions. Baltimore was not prepared at all for any large-scale data disaster. Other IT operations should learn from Baltimore’s example and avoid its mistakes.

The Attack on Baltimore

The ransomware that hit Baltimore goes by the name of RobbinHood. It’s an aggressive piece of malware that attacks Windows computers. It starts by stopping services that could interfere with encryption, including security software. It disables Windows automatic repair. Only then does it encrypt the documents on the computer and display a message demanding payment.

Currently, there’s no known way to recover the files without paying.

The attack on Baltimore’s systems disabled email and other services. They lost a large number of important records. The city’s emergency services, including the police and fire departments, withstood the attack apart from losing email access. A few other systems did as well.

Email and payment processing systems remained down for weeks. People were unable to pay taxes and fines. The lack of access to data held up real estate transactions.

According to current estimates, recovery has cost the city $18.2 million, including lost revenue. It could be even more. They diverted money from services to pay the costs, and taxpayers will certainly experience the consequences. The good news is that it will pay for major improvements in IT security.

Baltimore Mistakes

No network on the Internet is 100% immune to ransomware. They should be prepared for the worst, but Baltimore’s IT setup was not prepared at all. Some of the problems were so plain that city councillors called them “mind-boggling.” Critical data was stored on desktop machines, with no systematic backup.

The city had no IT disaster recovery plan. It had no insurance against data disasters. Ransomware insurance is a growing business, but the city of Baltimore hadn’t taken advantage of it.

They didn’t regularly patch computers to remove Windows vulnerabilities, and the systems contained weaknesses that were waiting to be exploited.

The city’s CIO received the blame and became suspended from his job. He faced criticism for poor communication after the attack. He took measures to improve security after the 2018 ransomware incident, but they proved to be insufficient.

How to Avoid a Ransomware Disaster

Every IT department should assume a ransomware attack can happen. Preparing requires two things. The first is to make the systems as resistant to harm as possible. The second is to be able to recover quickly and without permanent data loss.

Businesses need to keep all important data on well-protected servers and regularly back it up. The Internet highly exposes desktop machines and allows them to run all kinds of software. Most of their users lack skills in data management. Entrusting important data to those machines is an invitation to disaster.

Cloud storage is the best choice in many cases. Companies store it off the premises and professionally manage it to provide the best protection against all kinds of failures

The network should have a disaster recovery plan in place. It protects not only against ransomware but against natural disasters and physical theft. Disaster recovery requires offsite backup and a way to get systems running again quickly. You should periodically test the plan to ensure that it works.

Is Your Security Up to Par?

You need to create and update security plans that have multiple layers. You can’t just throw something together and hope it’s good enough. Bluwater understands ransomware, hardware failure, human error, and other threats to data. We provide assistance ranging from consultation to full security management.

Contact us to learn how we can help you avoid scenarios like the one Baltimore faced.

Top Cloud Security Threats Include Misconfiguration

a red wrong way sign sitting on top of a wooden pole

The shared, on-demand nature of cloud computing can only lead to more concerns about data security on the one hand and often forgotten areas like misconfiguration on the other.

Best Practices Begin with a Solid Cloud Adoption Strategy

The Cloud Security Alliance (CSA) pegs misconfiguration as a very real component to security threats. The Alliance is a leading global organization that not only sets “standards, certifications as well as best practices,” but annually lists top threats to cloud security. The biggest risks to today’s cloud strategy are related to an overall, poor cloud adoption strategy. 

Invariably, overlooking these areas can torpedo a company’s risk-management game plan. Generally, these sectors include data breaches, of course, but also:

  • Misconfiguration and improper change control
  • Overlooking the importance of cloud security architecture/strategy
  • Faulty permissions strategy and credentials
  • Threats from inside the company
  • Accounts ‘stolen’ by a hacker
  • Vulnerable APIs and interfaces
  • Vulnerable routing protocols (control plane)

Secure Your Single and Multiple Cloud Networks

According to CSA, these ‘call-to-actions’ should be a high priority for SMB decision-makers in order to secure their single, or multi, cloud strategies. 

“The complexity of the cloud can be the perfect place for attackers to hide, offering concealment as a launchpad for further harm. Unawareness of the threats, risks, and vulnerabilities makes it more challenging to protect organizations from data loss. The security issues outlined….are a call to action for developing and enhancing cloud security awareness, configuration, and identity management,” said John Yeoh, Global Vice President/Research for CSA.

Contact us to discover how you can partner with a proven, managed service provider (MSP) to achieve your security goals. Our expertise can not only help you deploy your programs and apps to the cloud but provide all the necessary security backups in a timely manner—and with minimal disruption to your network.