By -- 2021-05-30 in Blog

It’s been a cold month in Texas–an Arctic front covered most of the middle and southern American states in snow.  Some parts of the southernmost state received over a foot of icy accumulation, and temperatures fell to single digits.  While areas of the US can handle those conditions, Texas’s infrastructure was drastically unsuited to the task.  When you combine houses with little to no insulation, a lack of snowplows, and a failing electrical grid, you get the kind of tragedy that Texas is slowly recovering from.  So much of the damage done has been to the state’s citizens.  However, the continual power outages and shutdowns are also impacting technology-focused businesses around the world in unexpected ways.

First, some background: a large proportion of the world’s technology requires semiconductors in order to operate.  These are substances that help form most modern circuits, including those in everything from cars to iPhones to refrigerators.  Without semiconductor chips, most modern technology cannot function.  Because they are so important to modern manufacturing, a shortage of semiconductors can transform from a supply issue to a national crisis.  In 2020, experts predicted that a such a shortage was imminent as consumer demand for products like cars outpaced corporate expectations.  By January 2021, that shortage was fully realized. Then, the blizzard hit Texas.

Texas hosts the largest amount of semiconductor manufacturing facilities in the country, each of which relies on Texas’s energy grid in order to function.  When the blizzard began disabling power plants, several of these manufacturers were forced to halt production indefinitely. For some companies, the uncertainty surrounding the power grid made work impossible.  Others shut down voluntarily  so that power could be redirected to nearby hospitals and residential areas.  Either way, the gap in production represents another blow to semiconductor supply.

As of now, the ultimate impact of the semiconductor deficit is unknown. More important than the immediate supply chain failure is what the situation signifies: uncontrollable physical disasters can have major ripple effects.  Whether your business is a semiconductor manufacturing firm or a small local bakery, our modern economy requires some degree of interdependence.  You cannot predict everything, which is why a disaster recovery plan is a crucial aspect of any business.  If you don’t currently have a disaster recovery plan for your business, consider reaching out to us at info@optfinity.com–we’re always happy to help!

 

By -- 2021-05-20 in Uncategorized

Almost 10 million devices have been compromised by a popular scanning app.

Lavabird Ltd’s Barcode Scanner was a popular barcode and QR code scanner downloaded to almost 10 million devices from the Google Play Store.  Android devices, unlike newer generation Apple products, do not have a built in QR code scanner or a barcode reader, making an app like Lavabird’s a must have for many consumers.  Unlike some malicious apps, Lavabird’s Barcode Scanner had been on Google’s official app store for years. The app had a clean security certificate, thousands of positive reviews, and no obvious malicious code.  This meant that security-conscious consumers, who are aware of potential dangers, downloaded the app believing it was safe.  That made it all the worse when what should have been a routine update transformed the app into malware

Malwarebytes, a cybersecurity company dedicated to identifying and preventing malware infections, began receiving complaints from customers in late December.  These customers were experiencing ads opening themselves using their device’s built in internet browser.  This type of malware, sometimes called “malvertising”, is typically connected with new app installations.  However, those consumers had not downloaded any new apps that could have been causing the problem.  The company eventually discovered that this malware was coming from Lavabird’s Barcode Scanner, which had been operating on these devices without issues for years.

The good news is that, if your device has been infected, uninstalling the app seems to remove the malware as well.  What’s more concerning is the fact that an app was able to build up a large following before discretely pushing a malicious update.  For consumers, this means that doing due diligence on an application prior to downloading it is no longer enough.  So how do you keep your devices and your data safe?

The first step is knowing what apps you have downloaded on your phone. Make a point of deleting apps that you no longer use, and monitor your phone for any changes in performance after an app is downloaded or updated.  If you are a decision-maker at a business that issues ‘work phones’ to employees, consider restricting app downloads and updates so that you can monitor the phone’s performance.  If you’re looking for outside assistance in developing a security plan for your company’s mobile devices, you can always reach out to us at info@optfinITy.com.

 

By -- 2021-05-10 in Blog

Everyone is familiar with the uptick in email phishing scams that have come with the COVID-19 pandemic. Workers and employers alike are adapting their security practices to defend company and consumer data. However, cybercriminals are adapting too. One group is combining phone calls and custom phishing sites to corporate VPN credentials. This group acts on a ‘bounty’ system, where a person hires the group to attack a specific company. Worst of all? The attacks have been remarkably successful.

So what does this attack look like? First, the group receives a request to target a specific company. They then create a site that mimics that company’s VPN portal. Once the setup is finished, the group makes a series of phone calls to employees working from home. The callers inform the target that they are with the company’s IT department trying to troubleshoot VPN issues. They then try to coerce the target into revealing their log-in information over the phone or entering their credentials into the fake website. At that point, the phishers have access to the company’s internal information.

This combination of fake websites and fraudulent calls have been more effective than traditional email phishing attempts. Despite that, workers can take steps to prevent being caught up in this scheme. If you receive a call from someone you don’t recognize who is asking for sensitive information, take these steps before disclosing anything.

  1. Ask for the caller’s name.
  2. Hang up and call your company’s IT department or managed services provider—do not just redial the number that called you.
  3. When you reach your company’s tech support, explain that you received a call from someone claiming to be from their department. Once you explain what the caller was asking for, they can confirm whether the call was legitimate.

If the call was legitimate, no harm done! You can continue troubleshooting the issue with only a small delay. If not, you’ve saved yourself and your company a lot of trouble. If you’re concerned about your company’s vulnerability to these types of combination attacks, OptfinITy is here to help! You can email us at info@optfinITy.com or call us at (703) 790 – 0400 to discuss all your cybersecurity needs

By -- 2021-04-30 in Uncategorized

Why Can’t I Be the Admin of My Own Computer?

Everyone who works in IT dreads hearing this question. Admin privileges provide powerful access, enabling major system changes like editing files and downloading software.

Calling your IT provider just to type in a passcode can feel frustrating. If your job involves frequent software downloads, it’s easy to see why you might want to “cut out the middleman.” But what’s the worst that could happen?

Principle of Least Privilege

No two IT providers are exactly the same—each operates with unique approaches. Still, many core principles of IT and cybersecurity remain consistent across the industry. One of these is the principle of least privilege. This concept ensures that users receive only the level of access necessary to perform their tasks. While some users may need admin-level privileges, most do not.

The principle of least privilege aims to minimize the damage that any single account can inflict on a system. For example, a user might delete an important file or accidentally download malware. In other cases, a cybercriminal may compromise the account. By applying the principle of least privilege, organizations can reduce or even prevent these risks.

Every additional admin account on a device increases its vulnerability to threats. When that device serves a business purpose, these risks extend to the entire organization. Threat actors with admin access can make destructive changes that ripple across the company, potentially causing widespread damage before anyone can stop them—if they can stop them at all.

The Bottom Line

Is the principle of least privilege inconvenient? Yes. But it’s far less inconvenient than dealing with a major security breach.

By -- 2021-04-20 in Blog

With work-from-home becoming the new normal, companies are scrambling to adapt their security practices.  Some are hiring an outside firm to handle their transition, while others are trying to cobble together an in-house solution.  Security is difficult to maintain at the best of times, and 2020 is most definitely not the best of times.  Security experts have noticed a large increase in cyberattacks over the course of 2020.  Threat actors have created over 5.5 million Trojan attacks.  Malware has increased by 2000%.  Threat actors are taking advantage of the pandemic, resulting in the loss of crucial data and massive amounts of money.  With all of these threats out there, what can you do to keep your company safe?

In times like these, you need expertise.  While you could hire an outside firm to handle your transition, small businesses often can’t afford that option.  This series of blog posts will go over some of the steps you can take to keep your company’s data safe without going over-budget.  If you’re looking for an in-depth explanation of any of these topics, you can leave a comment here or on any of our social media posts.  We also have a free webinar series starting in January that will cover this transition to the “New Normal” that you can sign up for soon. In the meantime, we’ll be discussing a new step you can take to improve your business’s security every week.

Consider A Password Manager

Do you know how common bad passwords are?  Over 25 million people use “123456”, and another 8 million use “123456789”.  4 million people are still using “password” to secure their data.  Each of these can be cracked in under a second — not much better than no password at all.  One common reason for why people choose non-secure terms for password is their difficulty in remembering complex passwords.  If your company’s security protocols require a certain degree of password complexity, workers might then store their passcodes in a text document that itself is not password-protected.  So how do you solve these issues? A password manager!

A password manager allows employees to generate, store, and fill passwords for various sites. This allows each employee to easily follow uniqueness and complexity requirements. Some password managers even allow employees to securely share passwords with other employees, without allowing them to see the password itself.  Furthermore, password managers are usually either free or available at a low monthly cost, making them a fantastic option for small businesses on a budget. In short, a password manager is the way to go for anyone concerned with improving business security.

Do you use a password manager? Are there questions or concerns you have about using one? Leave a comment here, or email us at info@optfinITy.com.  We’d love to hear from you!

 

By -- 2021-04-10 in Uncategorized

In late 2020, the technology world was shaken by a massive attack involving SolarWinds, the creator of a popular networking software with over three hundred thousand customers worldwide, including 412 of the companies that make up the Fortune 500.  Initially, onlookers believed that the attack was directed at the massive software corporation and their high-profile clients because of malicious code found in SolarWinds networking software and a large initial degree of overlap between SolarWinds clientele and victims of the hack.

However, recent information has revealed that over a third of known victims had no connection to the software company whatsoever, implying that there were multiple, as-of yet unknown, vectors of attack. Even larger government bodies such as the National Telecommunications and Information Administration and the Treasury Department reported that the hackers had limited success in breaching secure data, such as internal government emails.  The full scope of what data was compromised, as well as who launched the attack and how it was initialized, is still unknown.

These types of far-reaching cyberattacks can feel like the stuff of nightmares for everyone involved.  Private citizens may have had sensitive data leaked to malicious third-party actors, the affected corporations lost money and consumer trust, and the full extent of the damage done to United States domestic security is still unknown.  SolarWinds is still currently investigating the root cause of the attack, and allegedly is pointing to Microsoft’s cloud as the potential first attack vector.  Federal law enforcement and Microsoft itself have not yet commented on this possibility.

At this point in early 2021, there’s still a lot we do not know about what was once called the SolarWinds attack.  Everything from a list of affected entities to possible motivations for the hack are still unknown.  In the meantime, all everyone else can do is maintain their cybersecurity standards and keep an eye on the news.  If your company is looking for help designing a cybersecurity plan, reach out to us at info@optfinity.com–we’re always happy to help.

By -- 2021-03-30 in Blog

Remote work has become a way of life for so many of us. It makes a lot of things harder. Communication, focus, and task management have all become more difficult. One of the things hardest hit by remote work is our online security. An overall increase in teleworking makes it harder for companies and workers to maintain cybersecurity standard for several reasons. This means that cybercrime has been more effective during the pandemic. Staying safe despite these threats means that decision makers need to make changes to how telework functions at their companies.

Why is cybercrime so effective now? One reason is that the devices that cybercriminals target are more important than ever. It used to be that if a cybercriminal locked an employee out of their computer, they could get a replacement and report the problem easily. Now, that same computer could take days to fix, with critical work halted in the meantime. A second reason is the added complexity that comes from having employees out of the office. Losing the office firewall means more vulnerable employees. Employees don’t have a security team in their house reminding them to change their passcodes or not to click on strange emails. Finally, work-from-home puts stress on remote security teams. With workers operating from changing locations and at changing times, it’s harder to identify irregular behavior.

You can take control of your business’s cybersecurity with a few simple steps.

  1. Regularly remind your employees about your business’s security protocols and cybersecurity best practices.
  2. Keep personal and work devices separate. Opening personal email or going shopping on a work device exposes a business to increased attacks.
  3. Enable multi-factor authentication on your devices. This is an easy way to keep threat actors from accessing any secure account.

These steps are just the beginning. While individuals should do their best to keep their devices secure, they can’t do it alone. Maintaining security for your business is complex. As cyberattacks become harder to identify and prevent, businesses’ security needs increase. If you want to design a security strategy that takes your work-from-home risk into account, email us at info@optfinITY.com or call us at 703 – 790 – 0400.

 

By -- 2021-03-20 in Uncategorized

What does a cyberattack look like? There’s no specific technique, target, or goal to unite them.  They can be part of an anti-terrorism campaign, like the United States’ Stuxnet attack on Iranian nuclear refineries.  They can be motivated by financial gain, like the recent trend of ransomware attacks that demand payment in Bitcoin before unlocking the target’s data.

Some attacks are simply done for hacker clout, like the spade of DDoS attacks done in the 90s and early 00s.  As time goes on, new cyberattack strategies are emerging that may define the rest of the decade.

In 2020, observers noticed an uptick in attacks that focused on securing and/or releasing corporate data.  Attacks that resulted in a data ‘leakage” increased over the past year, and 2021 has continued that trend through January.  On the first day of the year, over nine thousand data leakages occurred, a larger single day number than any day from 2020.  With 2020 already representing a 93% increase in leakages over 2019, any continuation of the trend is threatening.  Without a strong response to this trend from the

What Does a Cyberattack Look Like?

Cyberattacks vary widely in technique, target, and goal. Some align with anti-terrorism campaigns, such as the United States’ Stuxnet attack on Iranian nuclear refineries. Others aim for financial gain, like ransomware attacks that demand Bitcoin payments to unlock a target’s data. Some hackers execute attacks purely for clout, exemplified by the wave of DDoS attacks in the 90s and early 00s. As time progresses, emerging cyberattack strategies could shape the rest of the decade.

The Rise of Data Leakage Attacks

In 2020, attackers ramped up efforts to secure or release corporate data. Data leakage incidents rose dramatically throughout the year, and 2021 continued this trend. On the first day of 2021, attackers caused over 9,000 data leakages, surpassing any single day from 2020. Since 2020 saw a 93% increase in leakages compared to 2019, this escalation poses a severe threat. Without decisive action from public and private sector organizations that handle sensitive consumer data, the trend will likely continue to grow at an alarming rate.

Steps to Minimize Risk
Organizations can take the following steps to reduce their risk of cyberattacks:

– Identify sensitive data and its storage locations.
– Periodically review and delete unnecessary sensitive data.
– Monitor user activity involving sensitive data and restrict non-essential access.

Responding to a Data Breach

When prevention fails and attackers breach data, timing becomes critical. Developing a strategy for security response teams before an attack ensures faster identification, effective containment, and a reduced scope of leakage.

For help in creating a tailored response plan, contact us at info@optfinity.com.

public and private sector actors who work with confidential consumer data, it is likely to continue its astronomic growth.

So what are some of the steps that possible targets of these attacks can take to minimize their risk?

  • identify what sensitive data your company holds and where it is stored
  • periodically review whether the sensitive data your company holds can be deleted
  • monitor user activity as it relates to sensitive data and limit non-essential access

In the case that prevention fails, and your business is affected by a possible data leakage attack, time is essential.  Creating a strategy for security response teams prior to an attack is crucial to properly identifying the attack, quarantining the data, and limiting the scope of the leakage.  If you or your company are looking for assistance in creating that plan, reach out to us at info@optfinity.com.

By -- 2021-03-10 in Uncategorized

The ways that people communicate at work has evolved over the years, with online messaging services and email becoming more important. However, the office phone has remained a staple of office communication for decades. Recent advancements have changed what that phone system looks like. Voice over Internet Protocol (VoIP) phone systems have replaced traditional landlines in many offices, allowing workers to make phone calls over an internet connection. With advantages like lower costs, portability, and accessibility, VoIP systems have become more popular for small businesses who have transitioned to working at home.

Hackers have taken notice of that increase in popularity. Over the summer, a hacking campaign has compromised the VoIP systems of over 1000 companies across the globe. Their primary goal was using the system to dial premium numbers that they owned. On top of that, criminals were able to eavesdrop on private calls and use the business network to mine cryptocurrency. While researchers have identified the vulnerability that hackers used to exploit the system, law enforcement has not yet been able to identify the group or groups responsible.  While the benefits of VoIP are great, there is a real risk in using these systems to communicate

So what do you need to do to keep your business safe? First, identify what brand of VoIP system your company is using. These attacks were only possible on Sangoma and Asterisk systems. If you have one of these systems, we highly recommend that you identify whether the flaw has been patched, and patch it if it has not. If you have a VoIP phone system and are concerned about your business’s risk, contact us at info@optfinity.com to learn about how a managed services provider can protect your business from exploits like these.

By -- 2021-02-28 in Uncategorized

The coronavirus has changed how we work dramatically.  With new methods of communication, new threats, and less time in the office, some businesses have discovered that remote work is making them more productive.  Many remote workers are reporting higher levels of job satisfaction and even improved mental health after gaining more control over their workday.  However, not all work is equally suited to this new normal.  Some businesses that regularly process confidential information are struggling with how to adapt their in-office privacy standards for home work.

A recent study conducted by Go Shred found that almost two-thirds of home workers admitted to printing out office documents on their home printer.  While some of these materials were not sensitive, others admitted to printing documents that contained confidential client and employee data, ranging from home addresses to personal medical information.  The problems, however, don’t end at the printer.  Disposal methods are also shoddy for many home workers.  24% of those surveyed who had printed confidential information had not disposed of those materials at the time of the survey. Of the 76% who had destroyed the documents, roughly 20% used their home shredder and municipal trash removal to do so–another privacy failure.

It’s understandable why this occurs: convenience is king at the home office.  That doesn’t excuse the practice, which significantly increases business liability and consumer risk. Remote workers need a defined procedure that they can follow, and consequences for failure.  Decision-makers who need to navigate COVID safety protocols and confidentiality best practices to design those guidelines will be the ones who control how secure their data really is.  Maximizing worker safety, data privacy, and ease-of-use will all be crucial components of that process–but creating guidelines to regulate that behavior is the only way we can solve the issue of confidentiality.  Until we’re back in the office, that is!

If you’re interested in learning more about data privacy, check out this article summarizing Go Shred’s findings.  If you’re interested in working to develop a comprehensive compliance plan for your company, or if you’re just looking for everyday IT solutions, you can reach out to us via email at info@optfinity.com, or call us at (703) 790-0400.