VoIP: Risk and Reward

By -- 2021-03-10 in Blog

The Evolution of Workplace Communication
Workplace communication has changed significantly over the years. Online messaging services and email have become vital tools. However, the office phone has remained an essential part of communication for decades. Advancements in technology have transformed traditional phone systems, with Voice over Internet Protocol (VoIP) replacing landlines in many offices. VoIP systems enable phone calls over the internet and offer advantages such as lower costs, portability, and accessibility. These features make them especially appealing to small businesses transitioning to remote work.

Hackers Target VoIP Systems
The growing popularity of VoIP has attracted the attention of hackers. Over the summer, a cyberattack compromised VoIP systems in more than 1,000 companies worldwide. Hackers exploited the systems to dial premium numbers they owned, eavesdrop on private calls, and mine cryptocurrency using business networks. While researchers identified the vulnerability that enabled the attack, law enforcement has yet to determine the responsible parties. Despite the benefits of VoIP, the risks of these systems cannot be ignored.

Steps to Protect Your Business

  1. Identify Your VoIP System
    Determine the brand of VoIP system your company uses. The recent attacks targeted Sangoma and Asterisk systems.
  2. Ensure the System is Patched
    If your system is one of the affected brands, check whether the vulnerability has been patched. Apply the update immediately if it has not.
  3. Consult with Experts
    If you are concerned about your VoIP system’s security, contact us at info@optfinity.com. A managed services provider can help safeguard your business from exploits like these.

Confidentiality in the COVID-19 Era

By -- 2021-02-28 in Uncategorized

The Impact of Remote Work on Productivity and Mental Health

The coronavirus has dramatically changed how we work. With new methods of communication, emerging threats, and less time in the office, some businesses have discovered that remote work is boosting productivity. Many remote workers report higher levels of job satisfaction and improved mental health due to gaining more control over their workday.

However, not all work is equally suited to this new normal. Businesses that regularly process confidential information are struggling to adapt their in-office privacy standards for remote work.

The Privacy Risks of Home Printing

A recent study by Go Shred revealed alarming trends in remote work practices. Nearly two-thirds of home workers admitted to printing office documents on their home printers. While some of these materials were not sensitive, others confessed to printing documents containing confidential client and employee data, such as home addresses and personal medical information.

The issues don’t stop at the printer. Disposal methods for these documents are often inadequate. According to the survey, 24% of respondents who printed confidential information had not disposed of the materials at the time of the survey. Of the 76% who destroyed the documents, approximately 20% relied on home shredders and municipal trash removal—another significant privacy failure.

Why Convenience Can Compromise Privacy

Convenience often takes precedence in the home office, leading to risky practices. While understandable, this behavior significantly increases business liability and consumer risk. Remote workers need defined procedures to follow, along with clear consequences for non-compliance. Decision-makers must navigate COVID safety protocols and confidentiality best practices to create these guidelines.

The Path Forward: Balancing Safety and Security

To address these challenges, businesses must prioritize:

  • Worker safety: Ensuring employees feel secure and supported in their work environment.
  • Data privacy: Establishing clear procedures for handling sensitive information.
  • Ease of use: Designing solutions that are practical for remote workers.

Creating comprehensive guidelines is the only way to address confidentiality concerns effectively—at least until we’re back in the office.

Learn More About Data Privacy

If you want to learn more about data privacy, check out this article summarizing Go Shred’s findings. For help developing a comprehensive compliance plan for your company or to explore everyday IT solutions, reach out to us via email at info@optfinity.com or call us at (703) 790-0400.

OptfinITy Recognized as “Best Mid-Sized Business”

By -- 2021-01-29 in Uncategorized

As a leading managed server in the Mid-Atlantic region, we are pleased to announce today that the Mount Vernon-Lee Chamber of Commerce has named OptfinITy as its Best Mid-Sized Business of 2020. This award recognizes exemplary local businesses who best embody the values of the Chamber.

In today’s new and often uncertain business environment, OptfinITy plays an important role in helping companies adopt the technologies they need to stay afloat without straining shrinking budgets. OptfinITy combines efficiency with cost-effectiveness to better serve their clientele, allowing small businesses to make the most of their investments into IT and digital security.

The list of all Mount Vernon-Lee Chamber of Commerce honorees is featured online at https://mountvernonleechamber.org/business-awards/.

Ransomware: Why You Shouldn’t Pay to Get Data Back

By -- 2020-12-28 in Blog

Ransomware attacks have been on the rise for years.  The software necessary for these attacks are more sophisticated, anonymous currencies like Bitcoin are more prevalent, and companies are collecting more data, creating a perfect storm for bad actors looking to make money off of security lapses.  These scams take several forms.  The group could lock workers out of their devices, delete important data and offer to restore it upon payment, or steal data and threaten to release it to the public.  When people are victims of this kind of scam, the hacker offers to delete the data if the victim pays the group.  Some companies take the offer–but the hacker rarely delivers on their end of the deal.

Nearly half of all ransomware attacks include the threat to publish stolen data.  This was not always the case.  Previously, companies with a secure backup of their data could restore their data and ignore the hacker’s threats.  The threat of releasing data removes any leverage the company would have from a backup.  In addition, a company can never have a full guarantee that their data was deleted.  Both sides of the interaction know this, so why do companies pay? Research suggests that fear of the public’s response to a data breach is a major factor.  The backlash against companies who have lost sensitive data to hacks in the past has been severe.  This public pressure combined with hope for a return to before the security breach took place is part of what pushes companies to make deals that are not in their best interest.

So what should you do if a ransomware attack breaches your company’s security? First of all, do not engage with the hackers.  Their goal is to make money, not to help you.  Second, contact a legal expert to understand what liability you might have, and what your options are.  Finally, invest in your security.  Once data has been stolen, it is difficult to get back to ‘normal’.  Prevention is key to keeping you and your data safe.  If you or your company are in need of increased security, you can always reach out to us at info@optfinity.com.

FWD: Hackers Abusing Email Forwarding

By -- 2020-12-23 in Blog

We’ve written a lot of posts about how hackers are infiltrating corporate data and systems, but we haven’t spent much time discussing how they monetize that access.  A recent article discusses how a group of hackers used their access to their victim’s email services to the tune of $1.7 billion in losses.

Threat actors first gain access to an e-mail network through social engineering, the process of manipulating individuals within an organization to gain access to sensitive information or areas.  Once they have that access, the threat actor observes the organization’s pattern of communication so that they can mimic it.  At that point, the infiltrators will impersonate an employee to redirect payments to fraudulent bank accounts

The FBI sent an alert highlighting the dangers of this e-mail forwarding technique, stating that:

“The web-based client’s forwarding rules often do not sync with the desktop client, limiting the rules’ visibility to cybersecurity administrators. While IT personnel traditionally implement auto-alerts through security monitoring appliances to alert when rule updates appear on their networks, such alerts can miss updates on remote workstations using web-based email.”

We need to internalize how impactful these hacks are.  We also need to contrast those costs with the relative cheapness of how to prevent them. While only 7% of spear-phishing attacks use this technique, it is a remarkably effective one.  The almost 2 billion dollars in losses caused by this type of hack makes it the single costliest kind of attack in the past two years.

If you want to prevent these kinds of attacks at your own business, there are several important steps you can take.

  1.  Ensure that your mobile and desktop version of your email application can synchronize with each other, and have the latest updates.
  2.  Set up your email to flag communications where the sender’s address and addresses from replies do not match.
  3.  Enable multi-factor authentication.

If you need help protecting your company from threat actors, or if you’re just looking for new technology solutions,  consider reaching out to us at info@optfinity.com.

Google’s Blackout: What Caused It?

By -- 2020-12-20 in Uncategorized

For 45 minutes on Monday morning, a variety of Google services were inaccessible across Europe and North America.  Google Search, Gmail, and a variety of Drive programs were all down.  Google’s physical devices also reported critical errors during the outage.  Initial reports blamed this on an error in the service’s authentication system, but a new report from the company shows that the problem was more widespread than initially thought.Google revealed that the root issue was a flaw with the company’s storage management system.  The issues only cascaded from there: limiting the authentication system’s capacity meant that the entire identity-management system was broken.  All users of Google Cloud Platform and Google Workspace at the time of the outage were affected.

So what lessons do this outage teach?

Big Tech Companies Aren’t Infallible

This is the third major failure in as many months, along with the five hours Amazon Web Services was disrupted in November and Microsoft Azure’s outage in October.  It can be tempting to trust blindly when a company has a track record of reliability and success, but track records won’t keep you afloat if a failure occurs.

Diversify and Monitor

If all your tools for support, monitoring, servicing, collaborating, etc. are on the same platform, you’ll be wiped out by those platform’s errors.  While it can be tempting to unify your systems for simplicity’s sake, your monitoring tools should always be separate so that you can be notified in case of an outage.  End-to-end visibility is the goal.

Backups Are Your Friend!

Having independent access to your data is crucial when your cloud host fails.  Backups create overlapping coverage so that no one failure impacts your company.  On top of that need for access, backups remove any worries about losing data that’s stored remotely.

 

In short, these failures should keep us from becoming complacent.  Security isn’t just about preventing attacks, it’s about preventing all disruptions in service. Take care of your technology, be aware of what these outages can do to your business, and take steps to prevent failure before it happens.

If you need more information on preventing service disruptions, leave a comment or email us at info@optfinity.com.

 

TA542: It’s Spear-Phishing Season Again.

By -- 2020-12-10 in Blog

When people think of spam emails, it’s usually phishing that comes to mind. These are the emails that make up your junk folder: a truly frightening combination of poor grammar, bad spelling, and vulgarity that makes you question how anyone can fall for a phishing attack. Spear-phishing has become the new way to create a spam email campaign. By targeting specific demographics and crafting believable ‘lure’ emails, cybercriminals can entice people to click untrustworthy links in their emails. In recent years, the group TA542 has been one of the most prolific criminal entities to use spear-phishing as their primary form of cybercrime, sending almost one million fraudulent messages a day.

Their latest attack was a campaign targeting supporters of the Democratic party in the United States. Their lure emails mimic the language on emails sent from Democratic activist groups like ActBlue, leading people to believe that the sender is trustworthy. Once they click on the link in the email, they unwittingly download TA524’s signature malware, a program called Emotet. This does anything from scanning your computer for personal information to downloading your banking credentials. TA542’s combination of realistic lure emails and sophisticated malware makes them a particularly dangerous group of cybercriminals. However, there are still steps you can and should take to protect your data!

Traditional advice about how to avoid phishing scams is not to open links from people or companies that you aren’t familiar with. However, spear-phishing emails mimic those trusted senders. Some ways to stay safe in this new environment is only to open links or documents that you are expecting to receive. When you receive a link in an email that is unfamiliar or unexpected, go to the sender’s website and navigate to the desired page from there. As cybercriminals become more advanced, having outside tech support becomes increasingly important—if someone from your company falls prey to a spear-phishing attack, having secure data backups and a plan for how to mitigate the damage caused by the malware is crucial. If you’re concerned about spear-phishing, reach out to us at info@optfinity.com to learn more.

Is Zoom Back in Business?

By -- 2020-11-30 in Blog, Uncategorized

Work-from-home is the reality for so many of us during the coronavirus pandemic. Being out of the office has its challenges: interrupting kids, spotty internet, and endless miscommunications! However, online meetings have become the symbol of this new working environment, especially the virtual meeting app ‘Zoom’. Part of the app’s popularity was its security. Zoom increased its revenue over 300% during the pandemic, due in part to its security guarantees. That all changed when investigators discovered that the company had not been completely honest about their security protocols.

Zoom had always represented itself as having end-to-end encryption. This meant that no-one except meeting participants could access non-encrypted data on the meeting. It claimed to provide that encryption long as everyone accessed the call using their computers. Instead, users only had access to TLS, transport layer security. This meant that Zoom had access to unencrypted meeting data. The outrage prompted Zoom to release an updated version of their security that included true end-to-end encryption. So now that Zoom’s improved security has been released to the public, is it worth returning to the platform?

The good news is that now Zoom does seem to have full end-to-end encryption. The updated security option is available for everyone, a change from their initial plan to only offer it to paid users.  This makes Zoom one of only a few videoconferencing platforms to offer the service. However, the option does still have its drawbacks. For free users, the feature requires two-factor authentication to enable. Each user has enable the feature, meaning a meeting host cannot enforce the feature. The option is only available in meetings with under 200 members, an 80% reduction in capacity.

In the end, Zoom’s updated security policy makes it a great option for smaller, secure meetings. Individuals and small business owners will love the combination of convenience and security that the free option provides without being inconvenienced by the member limit. However, the removal of features and need for manual authentication from every member makes Zoom’s end-to-end encryption impractical for most large meetings. Cybersecurity has only become more important in the past few months, so making sure your meetings are safe is crucial. If you need help making sure that everything is protected, you can email us here or call us at (703) 790-0400.

Your Computer May Be ‘Fully Compromised’

By -- 2020-11-20 in Blog

The world’s largest software registry, NPM, removed three packages from their site on Thursday after discovering that they contained malicious code.  Each of the packages were ‘libraries’ for the coding language JavaScript.  A library is a collection of resources often used for software development. Because libraries can contain so many different types of data, they are a perfect place to hide malware.  These packages remained on the site for over a year before NPM, the hosting site, removed them.

So what makes this code so dangerous? When downloaded, they create a ‘shell’ on the user’s computer.  This ‘shell’ allows bad actors to connect remotely to the user’s device.  This means that the bad actors had complete access to the information stored on the computer. They could even download more malware to the device so that removing the package did not remove their access.  For this reason, NPM stated that any computer with these packages installed should be considered ‘fully compromised’.

If you downloaded these packages on your devices, you are at risk. You should take some steps to secure your information:

  • Think about wiping your computer.
  • Rotate any sensitive information from a different computer.
  • Remove the package from your computer.

Finally, this is a situation where you should consider seeking outside help.  If you want to keep the compromised device, an outside IT firm is a great resource to make sure that your information is secure.  Contact us here if you think that this may have affected your computer. You can also call us at (703) 790-0400.

The Hack is Coming From Inside the House!

By -- 2020-11-10 in Blog

Sometimes it seems like it’s impossible to keep your business safe. Software is constantly improving. Cybercriminals are becoming more technologically savvy. The list of security to-do’s is growing ever longer. With all that happening, it can be hard to figure out where to start. One option is to hire someone to do the heavy lifting for you. However, taking some simple steps on your own can be a great first start.

The good news is that preventing the vast majority of cybercrime doesn’t require a lot of technical know-how, just some basic knowledge of how cybercrime happens. Most cybercriminals are not spending days writing code to get into your system. Instead, they try to trick you and your employees into opening the door for them. Phishing campaigns are a popular way of doing this: someone sends your employee an unexpected email asking them to click a link or open a file. The next thing you know, your system has been infected with malware and you have to write some very embarrassing emails to your clients explaining why their contact information has been stolen. Most successful cybercrime happens in a situation like this, where someone within the company lets malware in.

So how do you stop it? Have regular meetings with your employees about the importance of information security. Make sure they know the basics. Never open anything from an unfamiliar sender and never install software (or browser add-ons, or applications) unless they are company-approved. Also, don’t click on strange links or visit shady websites. It’s important to ground information security in the real world. While it can be hard to understand how opening a link could cost your company millions, it is a lot easier to get how that same link steals their personal data. That personal touch is a good way to make sure that facts stick. Finally, if you’re in a position of power at your company, take charge! Create complexity guidelines for employee passwords and consider putting a secure password manager on company computers.

If all else fails, feel free to shoot us an email at info@optfinty.com; we’re always ready to help!