October Is National Cybersecurity Awareness Month

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Online security is something that should get everyone’s attention. Threats exist all around us: ransomware, viruses, spyware, social engineering attacks and more. There’s so much you need to know to keep your personal and business information safe.

But where do you start?

As trusted cybersecurity professionals, we want to help you get educated and stay informed.

That’s why during National Cybersecurity Awareness Month our goal is to give you all the information you need to stay secure.

How can we help? We’ll be sharing valuable and timely information on cybersecurity in blogs, in our newsletter, and on all of your favorite social media sites. [Read more…]

The Ransomware Threat Is Growing – Here’s Why

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

One of the biggest problems facing businesses today is ransomware. In 2017, a ransomware attack was launched every 40 seconds and that number has grown exponentially in 2018. What are the main reasons for this type of escalation and why can’t law enforcement or IT experts stop the growing number of cyber-attacks?

Ransomware Trends
One of the reasons involves the latest trends. The art of ransomware is evolving. Hackers are finding new ways to initiate and pull off the cyber-attack successfully.

Hackers rarely get caught. So, you have a crime that pays off financially and no punishment for the crime. The methods of attack expand almost daily. Attack vectors increase with each new breach. If cyber thieves can get just one employee to click on a malicious link, they can take over and control all the data for an entire company. [Read more…]

Attackers Embed Malware In Microsoft Office Documents To Bypass Browser Security

Chris Myers is a field service technician for Tech Experts.

Cyber attacks continue to increase at a rapid rate. In 2016, there were 6,447 software security vulnerabilities found or reported to authorities. In 2017, that number rose to 14,714, more than double the previous year. Halfway through 2018, we are at 8,177 with no signs of slowing.

One of the biggest avenues of attacks is Adobe Flash Player, which has been a leading source of vulnerabilities for over 20 years.

Modern browsers have been phasing out Adobe Flash over the past 5 years. In December 2016, Google Chrome completely disabled Flash Player by default.

Mozilla Firefox started to block the most vulnerable parts of Flash Player by default in 2016 and 2017.

The latest Flash Player vulnerability, designated CVE-2018-5002 by Adobe, aims to circumvent those browser changes by hiding the attack in a Microsoft Excel file, which is then distributed by targeted emails disguised as legitimate bulletins from hiring websites.

To hide this from anti-virus software, the hackers went another step further by not including the malicious code directly in the Excel file. Instead, they just embed a small snippet that tells the file to load a Flash module from somewhere else on the Internet. Due to this, the file appears to be a normal Excel document with Flash controls to anti-virus applications.

CVE-2018-5002 is what’s known as a Zero Day vulnerability, which means it was used by attackers before it was discovered and patched.

This particular vulnerability appears to have been used in the Middle East already.

In one instance, businesses in Qatar received an email that mimicked “bayt.com,” a Middle Eastern job search website. The attackers sent the email from “dohabayt.com.”

With Doha being the capitol of Qatar, it was easy to assume that dohabayt was simply an extension of the main website.

However, a true branch of bayt.com, known as a subdomain, would be separated by a period like so: doha.bayt.com. Once the target was tricked into opening the email, they were directed to download and open the attached Microsoft Excel file named “Salaries.”

This was a normal-looking table of average Middle Eastern job salaries, but in the background, the attack was already going to work.

How To Avoid Being Infected
The fake email scenario described above is known as phishing. Phishing is the attempt to disguise something as legitimate to gain sensitive information or compromise their computer.

The word phishing is a homophone of fishing, coined for the similarity of using bait in an attempt to catch a victim.

The attack described above was a type of phishing known as spear phishing, where the attacker tailored their methods specifically to the intended victim.

They disguised the email as a local site used for job or employee hiring, and the file as a desirable database of salary information.

Phishing emails are most easily identified by checking the sender’s email address. Look at the unbroken text just before the “.com”.

If this is not a website known to you or if it contains gibberish such as a random string of numbers and letters, then the email is almost always fake.

While the attack above was sophisticated, most phishing emails simply try to trick the user by saying things like “Your emails have been blocked, click here to unblock them” or “Click here to view your recent order” when you did not actually order anything.

Always be vigilant. When in doubt, forward the email to your IT department or provider for them to check the email for viruses or other threats.

How Can You Improve Your Online Privacy?

Frank DeLuca is a field technician for Tech Experts.

You have probably heard about the myriad of security blunders that have plagued the business and IT worlds. We’ve seen considerable security and privacy miscues from some of the world’s biggest businesses, organizations, and government agencies.

This includes data breaches, attacks from hackers, privacy concerns, and theft where massive amounts of private user data were lost and/or misplaced. If major institutions can fall victim to these privacy and security lapses, then so can individuals and society at large.

The Internet can certainly be a scary, confusing place, especially for the uninitiated, but there are many ways in which you can protect yourself, mitigate risk, and increase your privacy while having an online presence.

Use Strong Passwords For Your Sensitive Accounts
Using strong, unique passwords (symbols, long phrases, capitalization, punctuation) can help you avoid that gut-wrenching feeling that you get when you realize that someone has hacked your account and has access to your personal information. Not knowing what’s going to happen to your work or your memories is something no one wants to experience.

Creating strong and unique passwords for each of your online accounts is a smart practice. The reason is quite simple: if one of your online accounts is hacked, then the others will soon follow. Consider a password manager like LastPass or Keeper to create, store, and manage your passwords.

Don’t Allow Or Accept Cookies From Third Parties
The purpose of the computer cookie is to help websites keep track of your visits and activity for convenience. Under normal circumstances, cookies cannot transfer viruses or malware to your computer.

However, some viruses and malware may try to disguise themselves as cookies, replicating after deletion or making it easier for parties you can’t identify to watch where you are going and what you are doing online.

Because cookies are stored in your web browser, the first step is to open your browser. Each browser manages cookies in a different location. For example, in Internet Explorer, you can find them by clicking “Tools” and then “Internet Options.” From there, select “General” and “Browsing history” and “Settings.”

In Chrome, choose “Preferences” from the Chrome menu in the navigation bar, which will display your settings. Then expand the “Advanced” option to display “Privacy and security.” From there, open “Content settings” and “Cookies.”

Use A VPN Or VPN Provider
A virtual private network, or VPN, can help you secure your web traffic and protect your anonymity online from snoops, spies, and anyone else who wants to steal or monetize your data.

A VPN creates a virtual encrypted tunnel between you and a remote server operated by a VPN service. All external Internet traffic is routed through this tunnel, so your data is secure from prying eyes. Best of all, your computer appears to have the IP address of the VPN server, masking your identity.

To understand the value of a VPN, it helps to think of some specific scenarios in which a VPN might be used. Consider the public Wi-Fi network, perhaps at a coffee shop or airport.

Normally, you might connect without a second thought. But do you know who might be watching the traffic on that network? If you connect to that same public Wi-Fi network using a VPN, you can rest assured that no one on that network will be able to intercept your data.

Additional tips: keep your Windows operating system and your applications such as Microsoft Office up to date at all times, don’t post private information on your social media accounts, and use browser ad/tracking blockers.

Network Security: What Does Your Firewall Do For You?

Jason Cooley is Support Services Manager for Tech Experts.

“Security.” It’s a word that we are all familiar with, but it can have many different meanings depending on context. Security to people nearing retirement age may mean financial security for their future.

At a large event like a concert, it could mean both security guards and the overall security of the event.

However, as time goes by, the word security has become increasingly related to the digital world.

Using the Internet to pay bills, access banking information, or even applying for loans is commonplace. We must be prepared to protect our identity and personal information.

Now, whether you are talking about your home or your business, network security starts with a firewall.

So what is a firewall?

A firewall, in terms of network security, can be a physical device that your incoming and outgoing data is routed through. It could also be a program on your device that can strengthen and supplement your devices’ security.

Both of these have different capabilities and purposes and can be used individually or together.

While there are different types, their essential function is the same. A firewall is put in place to allow or deny traffic, based on a set of security rules.

In a business setting where many staff members use a computer daily, a firewall can be put in place to block unwanted traffic.

A simple security rule to check for secure certificates can stop unwanted traffic easily.

Websites have security certificates, so when you access a page, your firewall can check the certificate. If the certificate is digitally signed and known as trusted, the firewall will allow traffic to proceed.

Search results can often display links of potentially harmful websites.

A firewall adds a layer of security making sure your employees don’t accidently find themselves on a website that could compromise your network.

This same principle works for home networks and can allow you to set some security rules. These rules can be put in place to help keep Internet usage safe, especially with children around the house. A firewall can also block certain content.

In an office setting, you could turn off access to social media to stop staff from accessing sites that aren’t needed to complete work.

It can block certain search engines and even limit the use of unsecure versions of websites.

At home, you can block content from websites you don’t want your family to have access to.

There is also the option of having active network times. You can have your Wi-Fi network only active during business hours, keep your kids off their devices at bedtime, or limit access to certain days.

There are many other things that your firewall can do to help keep your network safe.

Keeping your network secure has the potential to save you thousands of dollars, depending on the number of devices and your dependency on those devices.

Safety and security always has a high value to you. It can also help you rest easier knowing that either your business, or your family, is a little bit safer.

Google Study Reveals Phishing Attacks Are The Biggest Threat To Web Security

A recent study by Google and UC Berkeley suggests that cyber thieves are successfully stealing 250,000 valid usernames and passwords every week.

The study, which was based on 12 months of login and account data that was found on criminal websites and forums, aimed to ascertain how the data had been hacked and the actions that can be employed to avoid criminal activity in the future.

Google claims the research is vital for developing an understanding of how people fall victim to scammers and hackers and will help to secure online accounts.

The research found that, over a 12-month period, keyloggers (programs that monitor every keystroke that someone make on a computer) stole 788,000 account credentials, 12 million were harvested via phishing (emails or phone calls that con people into handing over confidential data), and an incredible 1.9 billion were from breaches of company data. The study found the most productive attacks for cyber-thieves came from phishing and keylogging. In fact, in 12%-15% of cases, the fraudsters even obtained users’ passwords.

Malicious hackers had the most success with phishing and were able to pick up about 234,000 valid usernames and passwords every week, followed by keyloggers who managed to steal 15,000 valid account details per week.

Hackers will also look to gather additional data that could be useful in breaching security measures, such as the user’s Internet address (IP), the device being used (Android versus Apple) and the physical location. Gathering this data, however, proved far harder for those with malign intent.

Of the people whose credentials were secured, only 3.8% also had their IP address identified, and less than 0.001% had their detailed device information compromised.

Google said in a follow-up blog post that the research would be used to improve the way it detects and blocks attempts to misappropriate accounts.

Historical data of the physical location where users logged on and the devices they used will increasingly be used as part of a range of resources that users can use to secure their accounts.

The research, however, did acknowledge that the account hacking problem was ‘multi-pronged’ and would require countermeasures across a number of areas including corporate networks.

Education of users is set to become a ‘major initiative’ as the research also revealed that only 3.1% of people whose account had been hijacked subsequently started using enhanced security measures such as two-step authentication (Google authenticator or a similar service) after control of a stolen account was regained.

Cyber Security: How Safe Are You?

Jason Cooley is Support Services Manager for Tech Experts.

In 2017, Equifax, one of the largest credit bureaus in the US, suffered a data breach that exposed the names, Social Security numbers, date of birth, and some driver’s license numbers for 143 million people. An additional 209,000 people also had their credit card information exposed.

The attack was discovered on July 29th, but according to Equifax, the breach began sometime in May.

Let that sink in. One of the companies that rates credit scores and stores tons of financial information, had their data stolen for months.

Some would think that the larger the company (especially with sensitive data), the better the security. That isn’t always how it works out.

eBay, the online giant, is not immune. In 2014, 145 million user accounts were compromised.

The list goes on, and it contains some pretty big names. Target (2013), JP Morgan Chase (2014), The Home Depot, VeriSign, and even Sony’s Playstation Network (2011) have all suffered at the hands of hackers.

Don’t panic just yet, though. There are many things to consider when it comes to data security. From businesses to your personal data at home, we all obviously want to keep our private information private. While there is no foolproof way to keep yourself safe, there are some things that you should know.

 This isn’t a movie.

The Hollywood portrayal of hackers is over-the-top for many reasons. Having one person just sitting around and deciding, “Well, I think I will hack the government or this bank,” isn’t a realistic vision of reality. Most of these data breaches come due to an unknown security vulnerability. Then groups of people will try to exploit this vulnerability.

There are different needs for everyone.

While cyber security can affect everyone, you shouldn’t be overly afraid as an everyday consumer. Most well-known websites are secure and checking out with personal information is often doubled down with extra security.

Still, if you are uncomfortable, use a wallet site, such as Paypal. More and more websites offer these types of payment options, putting down yet another layer of safety to keep your financial information safe.

What about my business?

 That greatly depends on what kind of business you have. If you have a convenience store, there’s a pretty good chance your credit card processing is the only issue with data you’d ever have. Since this is typically handled by a vendor, you don’t have nearly as much to worry about.

Now, if your company stores any sensitive data (especially the personal information of others), you are going to need to step up the security.

How much do you have to lose?

 This isn’t a trick question. Really, how much do you have to lose? Financial information? Client information? As bad as it is to have your data compromised, if you run a business that deals with any sensitive customer or client information, you should not only be careful, but you should be protected.

A managed service provider, like Tech Experts, can help maintain your network and data security. This may include firewalls, blocking specific websites, and running routine checks of the security. Sensitive data, like data that can be used in identity theft, should be protected proactively. You can’t save it once it’s been taken.

Browsing The Internet In Safety

Evan Schendel is a help desk specialist for Tech Experts.

Browsing the Internet safely comes with many hurdles. Not all of them are obvious, however. These hurdles are numerous and potentially dangerous, but with the proper knowledge and mindfulness, they can be avoided quite easily.

Viruses and Spyware

The Internet is a minefield of harmful applications and criminals trying to take anything they can, but these attempts can be counteracted.

A user must always watch out for suspicious links or websites. Some websites, though legitimate-looking enough, may be spoofed or fake, hiding malicious code or something equally devious.

Hints to these websites being fake can lie in any aspect of the page, but most commonly, it is a slightly different URL or domain name, typically off by only a letter or two.

The viruses dwelling in pop-ups usually attempt to scare users into clicking their product and downloading the malware or spyware-stuffed application linked in the pop-up.

Spyware can not only steal information input while loaded onto a system, but also slows the system to a crawl and tends to be easy to pick up. Simply navigating to a poisoned web page or opening a suspicious e-mail can infect a workstation with spyware.

The real dangers lie in file-sharing sites, where any file could be dangerous. When downloading any application, evaluate it carefully and make fully sure that not only the site is legitimate, but also that the application is safe too.

Preventative measures do exist, and any workstation should have an anti-virus and anti-spyware application installed and running to prevent most malicious applications from doing any serious damage.

Phishing and Scams

Viruses aren’t the only dangers that come with browsing the Internet. Many scams plague the Internet, preying on people uneducated about their existences.

Older scams were typically through e-mail, with scammers posing as long-lost relatives or people who could offer the victim a large sum of money, but only if they helped them out with a fraction of what they claimed they could pay the victim.

While it seems silly that these scams could work, many fall prey to the empathetic connection one might have when speaking a person in apparent need. These scams, while still common, occur less and less while newer and more sophisticated traps are being developed.

Phishing attempts also come in a method previously discussed – pop-ups. These can have dangerous-looking warnings, alerting you that your machine is infected with a petrifying number of viruses and scaring the user into clicking their links or graphics.

These links or graphics can lead down a dangerous path, including giving the scammers your credit card information or worse.

In the event a pop-up like this occurs, do not panic or give in.

If it is a pop-up, close the window and make certain you click nothing else on the page. If it is a re-direct to a suspicious page, close that as well, and immediately scan the system for any viruses or spyware just to be safe.

No computer is untouchable, but best practices and well-implemented safety measures can make a computer system much more secure, letting you browse the Internet without fear.

In addition to anti-virus programs, constant system updates and application patches can keep any potentially dangerous backdoors or vulnerabilities covered and safe.

With all of this information kept in mind, falling prey to viruses, spyware, and scams will be far less likely and sites will seem much safer.

Five Keys For Small Business Preventive Security Measures

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

We continually mention the importance of network and password security for small businesses for good reason. The increasing security threats and cases of security breaches in both large and small enterprises show that we are more at risk than ever before of suffering a security violation.

Regulated entities such as medical offices (HIPAA) and financial institutions (FINRA) are especially susceptible to breachs and security incidents.

Prevention is always better than cure. To this end, here are five security measures you should start putting in place today.

Limit lateral data transfers
One of the biggest contributors to internal data breaches is a lack of employee knowledge of security issues. It’s important to protect strategically important information and data by limiting who has access to it.

Furthermore, you can employ network segmentation to reduce any unnecessary communication between internal and external networks.

Ensure machines and devices are updated
Internal breaches can result from the use of unprotected machines. Without being aware, employees may download malware or ransomware.

However, this may not be a problem if the software and operating systems on the machines are up to date.

Keeping all devices and the accompanying software and security structures up to date will make a significant contribution to protecting your systems.

Monitor activity to identify suspicious activity
Sometimes, a security breach may not involve any employees. Network administrators should ensure the latest monitoring software is in use to monitor behaviors and immediately detect anything that looks amiss.

Cyber criminals are aware of these types of activities and often conceal themselves deep in the network to exploit the system over a prolonged period of time.

Even if you miss the threat the first time, the monitoring system will provide meaningful insights that will help you recognize foul play.

Ensure robust passwords are in place
When it comes to system passwords and login procedures, you can always improve. In addition to the more traditional text-based password access, you should also ensure you have more up-to-date security mechanisms in place such as fingerprint access and smartcards. These are much more challenging for cyber criminals to replicate.

Embrace cyber insurance policies
No system can be completely safe from a cyber attack. Criminals are getting smarter and smarter, and what appears to be an impenetrable system one day can be infiltrated the next.

For this reason, you may wish to take out cyber insurance to cover any costs you incur if things do go seriously wrong.

Yahoo! And The Hack Heard ‘Round The World

Evan Schendel is a help desk specialist for Tech Experts.

In the age of Russian super-hackers and nationwide credit reporting agencies with pitiful security, what could be safe? One thing is for sure – not Yahoo!.

In September of 2016, Yahoo! released the news that 500 million accounts were hacked in the latter half of 2014. That news severely impacted Verizon’s business deal to buy them out, but they only lowered the price by $350 million USD to a total of $4.48 billion USD.

Three months after this business deal was done and the prior hack had been announced, Yahoo! let the nation know that approximately 1 billion accounts had been hacked in 2013. Verizon was not pleased, to say the least.

Just recently, Yahoo! released even more grave information.

In the earlier part of October, Yahoo! bumped the number of affected accounts up to 3 billion. This estimate encompasses every single Yahoo! account, including its subsidiaries like Tumblr and Flickr. That is a lot of data – and if you had any accounts (even unused) linked to these websites dating back to 2014, you could have even had the information sold.

The cybersecurity firm InfoArmor has reported some of this information has been sold on the dark web, a small part of the web not indexed by search engines.

The group selling this information has sold the data to three sources, two of which are known spammers. All paid upwards of $300,000 USD.

With this information, reused passwords from past accounts can be the largest risk, as many people recycle the same password(s) for all of their various online accounts. While no financial information was stolen, security questions, dates of birth, and backup emails were taken.

All of this can be used for not only breaking into the Yahoo! account in question, but also any other accounts with similar information.

A good course of action from here on would be to, as you should, never reuse passwords, and change any existing passwords you feel might be in danger. Ensure that no shady happenings have occurred with any accounts, up to and including bank accounts.

The information sold was reportedly utilized to spy on a range of US White House and military officials, alongside Russian business executives and government officials.

With this information kept in mind, a document was released stating that four men were indicted, two of whom were Russian intelligence officers working for the Russian Federal Security Service. Which is, ironically enough, an agency dedicated to aiding foreign intelligence agencies track cybercriminals.

To finalize, remember to keep safety measures on all your accounts and protect yourself from email fraud or spam to the best of your ability. Only sign up for accounts on legitimate websites and, when you do create an account, use a unique password for that site. For sites with sensitive information, elect to use two-factor authentication when possible.

That way, when a company’s security is pushed back in lieu of other things, you can serve as a second defense for yourself.