If you own a smart device—or expect to receive one this holiday season—you may be worried about its security. Devices from Apple, Amazon, and Google offer convenient ways to access information or communicate. However, these companies have faced criticism for recording and reviewing voice data without users’ consent. A bit of skepticism is reasonable.

In 2019, Amazon, Google, and Apple temporarily suspended human review of user audio recordings. This decision followed widespread outrage over privacy concerns. Contractors were listening to anonymized audio clips to improve AI capabilities. Google, in particular, has been criticized for its lack of transparency about whether these recordings are shared with third parties for ad personalization.

Thankfully, if you own a Google Home, Apple HomePod, or Amazon Echo device, there are steps you can take to stop strangers from accessing your voice commands.

To stop Amazon employees from listening to your Alexa voice recordings:

1. Open the Alexa app.
2. Go to Settings > Alexa Privacy > Manage Your Alexa Data.
3. Select Choose How Long to Save Recordings > Don’t Save Recordings, then confirm.
4. Scroll down to Help Improve Alexa and turn off Use of Voice Recordings.

For Google Home devices:

1. Open the Google Home app and click on your profile icon.
2. Navigate to My Activity > Saving Activity.
3. Turn off Include Audio Recordings.

For Apple HomePod or iPhone:

1. If you’ve opted in to share audio data, open Settings.
2. Go to Privacy > Analytics and Improvements.
3. Turn off Improve Siri & Dictation.

Protecting your privacy doesn’t have to be complicated. If you’d like assistance securing your devices—smart or otherwise—feel free to reach out to us at info@optfinity.com.

In the past few weeks, hundreds of WordPress sites have experienced an onslaught of ransomware attacks. The hackers implement encryption notices and demand a ransom of 0.1 Bitcoin, which equates to roughly $5,500 dollars.   The hackers include a countdown timer and tell the website owners that they will delete their entire website, which for a small business can be very costly.

The interesting aspect of this attack though is that it is FAKE.

Researchers have discovered that the websites were in fact not encrypted. Instead, threat actors changed an installed plugin called Directorist to display a ransom note and countdown. Researchers have also noted that hackers used admin credentials to get into these sites, likely as the result of brute-force or stolen credentials purchased through the dark web. However, these attacks appear to be only a part of a much larger campaign, suggesting the latter to be the avenue through which criminals gained access to private information.

So, what can you do? If you’re a WordPress user, review the plugins you use, as WP Reset Pro, OptinMonster, and Hashthemes Demo Importer have all been discovered to have vulnerabilities that hackers could exploit. Additionally, watch for and install software patches and updates to decrease the possibility of your site being attacked. If you’d like to learn more about website development and ransomware protection, you can reach out to us at info@optfinity.com or call us at (703) 709-0400.

The Transportation Security Administration (TSA) recently announced that it will soon implement new cybersecurity requirements on the railroad and airline industries. To many, this comes as no surprise, as critical infrastructure has been subject to a slew of high-profile cybersecurity attacks this past year. The new directives will all but waive existing voluntary cybersecurity measures for these industries in favor of a mandatory cybersecurity baseline. These new guidelines will be implemented by the end of the year, and fines will be imposed on noncompliant contractors and entities.

The Railroad Industry: Now, TSA will require higher-risk railroads to report cyber incidents to a federal agency. Creating cybersecurity point persons and contingency and recovery plans are also part of the forthcoming security directive.

The Airline Industry: As for the airline industry, the TSA will require designated cybersecurity coordinators and reports on cyber incidents to the Cybersecurity and Infrastructure Agency. Entities ordered to follow these new guidelines include critical US airport operators, passenger aircraft operators, and all-cargo aircraft operators.

Though many are familiar with the Colonial Pipeline hack that disrupted access to gas and created a hike in prices, different incidents’ have been of particular concern to policy makers. The Southeastern Pennsylvania Transportation Authority, Cape Cod’s ferry services, and New York City’s Metropolitan Transportation Authority have all been hit with similar malware in the past 2 years, demonstrating the importance of securing the nation’s critical transportation services. If you’re concerned about malware hitting your business, reach out to us at info@optfinity.com or call us at (703) 790-0400.

Many cybersecurity experts are now warning of a new ware called killware. Unlike ransomware and malware, which primarily aim to gain money and access to sensitive data, killware’s aim is to take lives. Authorities warn that these types of attacks could impact hospitals, transportation, law enforcement agencies, banks, and even the water supply. Hospitals specifically are of great concern to officials due to underreporting. As they increase their use of digital tools, they become more dependent on technology to deliver treatment and keep patients safe.

These types of attacks have already forced hospitals to cancel or defer procedures, including critical surgeries. This not only put lives at risk but leaves hospitals vulnerable to HIPPA violation fines and liability lawsuits. Gartner estimates that the financial impact of cyber-attacks resulting in fatalities will exceed $50 billion within the next few years.

Though authorities are now warning that killware will likely become more common and devastating in the near future, these types of attacks are not new. In fact, a recent and prominent example of this occurred earlier this year. Hackers were able to infiltrate a Florida water treatment facility and alter its chemical mixture to a dangerous level before operators noticed and quickly changed the levels back to normal.

One of the best ways to protect your organization from these types of attacks is to implement a strong security policy and train employees to know the warning signs of a cyberattack. To learn more or implement a strong security policy in your organization, contact us at info@optfinity.com or via phone at (703) 790-0400.

In early October, an anonymous 4chan user posted a 125GB torrent link to the 4chan site containing breached data from the popular streaming platform Twitch. The hacker claimed that the intent of the leak was to “foster more disruption and competition in the online video streaming space”, suggesting that the breach was driven by spiteful intent.  Twitch has since confirmed the breach and stated that it is still working to comprehend the full impact of the incident.

So, what happened? According to Twitch, an error in a server configuration allowed the unknown hacker to maliciously gain access to sensitive reports and unreleased information. Fortunately, there has been no indication that login credentials were accessed and because the platform does not store full credit card numbers, full credit card numbers had not been retrieved. In an attempt to prevent similar breaches from occurring, Twitch has recently increased its bug bounty pay-outs from $3,000 to $5,000.

Bug bounties are deals offered by organizations and websites that promise monetary pay-outs in exchange for reporting bugs that may lead to security exploits and vulnerabilities. Twitch appears desperate to seal off any and all entry points, as labeling of the leak as “part one” suggests that more hacking attempts are likely. If you’re concerned about the security of your organization’s endpoints, feel free to contact us at info@optfinity.com or at (703) 790-0400.

Cybersecurity Awareness Month 2021: Week 3

Last week, we discussed email phishing and the red flags you need be aware of. This common yet effective method of harvesting personal data laid the foundation for attacks that target mobile devices. Though many people are aware of phishing email campaigns, not the same can be said about mobile phishing campaigns.

Hackers use social engineering techniques to target services like Facebook, WhatsApp, SMS, and malicious apps to exploit users who are less suspicious of these new avenues of cybercrime.

Perhaps this explains why research has found that mobile users are three times more likely to fall victim to phishing attempts compared to desktop users.

The goal of mobile phishing attempts is often the same as email phishing attempts, and as such, warrant awareness and attention. Below, we outline the four most common ways hackers are infiltrating mobile devices.

Malicious Apps

Hackers try to trick users into downloading malicious apps in two ways. One method involves using legitimate app stores like the iOS or Android stores. They use these markets to broadcast harmful apps that use phishing tactics to steal personal information.

Though these stores constantly remove malicious apps, some are able to slip through the cracks amidst the torrents of official apps uploaded to these stores on a daily basis. Secondly, cybercriminals create unofficial app stores. Here, fraudulent apps mimicking legitimate ones are riddled with malware that activates only after they are installed.

These two means of infiltrating devices have become more common as corporate desktops have begun implementing pre-approved lists of software. This limits the success of hacking devices through application stores. Meanwhile, mobile devices can download any app from any network, broadening cybercriminals’ points of entry.

To keep yourself safe, never download apps from a browser; only use apps in your device’s official store. Within legitimate stores, keep an eye out for apps from unknown developers or those with few or negative reviews. Lastly, if an app is no longer supported by your device’s store, there’s probably a good reason it isn’t- so just delete it

Smishing

Text messaging is an often-overlooked segment of organizational cybersecurity, making “smishing” (SMS phishing) a newly popular way of hacking into mobile devices. Further, the success of these attacks has only incentivized hackers to continue deploying smishing attacks, as open rates are at an astounding 98%. Smishing primarily exploits devices through encouraging users to click on a link. Opening these links either loads a fraudulent landing page that asks for a user’s login credentials, or secretly downloads spyware onto the device.

Both tactics have been successful in gaining access to personal and corporate data. Be wary of links within texts, and if you are unsure if a link from a seemingly legitimate text is safe, reach out to the company it claims it’s from and confirm if they sent a text to your device from the number you have.  Always use the phone number from an official source and not one which has been sent to you.

Whishing

After hackers saw the success in smishing, they began launching phishing campaigns via a medium commonly used as an alternative to SMS messaging: WhatsApp. “Whishing”, or WhatsApp phishing, operates in the same way that smishing does; through sending malicious links over text. Whishing has risen in prevalence due to its relatively cheap and easy implementation.

WhatsApp allows communication with anyone else on the app, enabling hackers to send mass phishing messages to a plethora of unsuspecting app users.

Whishing can be neutralized by using a web gateway to block connections to a phishing server, so make sure you are connected to your organization’s corporate network before inspecting any strange WhatsApp messages. Whether using a corporate or personal phone, never disclose sensitive information over Wi-Fi unless you know that the network is secure.

Social Media

Lastly, hackers use social media to exploit mobile devices. Malicious links can be embedded into posts that appear innocent and uploaded to many social media sites. Facebook, Twitter, Instagram, and even LinkedIn have been known to host these types of posts. The links within these posts redirect users to phishing sites that ask for sensitive credentials.

Phishing posts may appear as ads, giveaways, or contests that seem too good to be true. When clicked on, they take users to phishing sites that look real, but are simply fronts for stealing data. Be wary of any post that urgently encourages you to click on a link, especially if it involves a purchase or giving out personal information like an address.

If you’re worried about hackers gaining sensitive information through mobile attacks, contact us about network security at info@optfinity.com.

In recent years, end-to-end encryption has risen in popularity as cybersecurity concerns have become more prevalent in popular culture.

End to end encryption makes it very difficult for anyone to be able to see messages and platforms like Google, Facebook, and Twitter have taken to implementing this encryption method for the safety of their users- a beneficial feature for users, but very frustrating for governments trying to spy on terrorists and criminals.

Enter Pegasus: A Surveillance Solution by NSO Group

It recently came to light  that the Israeli tech firm NSO created a software called Pegasus to alleviate this issue for governments and other entities, although the firm doesn’t disclose which entities have purchased it.

The software can stealthily infiltrate a smartphone and gain access to everything on it, including the camera and mic. Gaining access to devices running on Blackberry, iOS, Android, and Symbian operating systems allows governments to turn them into surveillance devices.

Are You at Risk? Protecting Your Device Against Spyware

One of the most popular ways it does this is through spearfishing, in which accepting an unsuspecting call on WhatsApp gives the software unbridled access to the device’s capabilities. Recently, we have learned that the software now is a zero-click exploit, in which the software can simply call a user’s WhatsApp number, delete the call, and gain access to a smartphone without the user ever knowing anything suspicious occurred.

Additionally, the spyware can infiltrate devices through sending messages that contain gifs. A user doesn’t even need to open the message; once it’s received, the phone is compromised.  Are you safe?

If you’re wary of falling victim to spyware or malware, you can reach out to us at info@optfinity.com

Hackers Exploit Poly Network, Stealing Over $600 Million

Hackers recently breached Poly Network, a cryptocurrency platform, and stole over $600 million in digital assets. This incident marks the largest crypto hack to date. However, the attack did not compromise blockchain technology itself. Instead, hackers exploited a vulnerability in Poly Network’s system, allowing them to take ownership of funds processed through the platform.

Poly Network reported that attackers stole $611 million in digital tokens. In a surprising twist, a significant portion of the stolen assets ended up in the hands of nonprofits and charities, resembling a modern-day Robin Hood scenario.

Rising Threats to Cryptocurrency Platforms

As Bitcoin, Ethereum, and other cryptocurrencies gain popularity, hackers continue to target crypto firms. Past incidents highlight this growing risk. In 2019, attackers stole $195 million from the Italian exchange BitGrail. The year before, hackers breached Tokyo-based Coincheck, making off with $530 million in digital tokens.

Protect Your Digital Assets

Cyber threats against cryptocurrency platforms are increasing. If you want to safeguard your accounts and assets, contact us for virus protection at info@optfinity.com.

The Rise of Cyber Threats in a Remote Work Era

Since the coronavirus pandemic began, remote work has become a major part of the new normal. Cybercriminals have taken advantage of this shift, launching an increasing number of attacks. Large-scale cyberattacks have disrupted critical infrastructure, making systems unusable. Incidents like the SolarWinds hack, JBS hack, and Colonial Pipeline hack have highlighted the urgent need for stronger cybersecurity measures. Governments and organizations now recognize the necessity of increased investment and research in cybersecurity.

New Cybersecurity Funding from the Senate

To prevent recurring cyber incidents, the Senate recently approved $1.9 billion in cybersecurity infrastructure bills. This funding is part of a $1 trillion infrastructure package passed on August 10th. The allocation aims to secure critical infrastructure, assist vulnerable organizations in strengthening their defenses, support a key federal cyber office, and enhance cybersecurity for state and local governments.

State and Local Cybersecurity Improvement Act

One of the most significant bills, the State and Local Cybersecurity Improvement Act, allocates $1 billion to government entities over four years. A quarter of this funding specifically supports vulnerable rural communities. This act is crucial, as cyberattacks on school systems or electrical grids could jeopardize essential services. Many state and local governments lack the resources to defend against these threats, making this funding a necessary safeguard.

Protect Your Organization from Cyber Threats

If you have fallen victim to recent cyberattacks, we can help. Contact us for malware protection and data recovery at info@optfinity.com.