alt tag

Posts Tagged ‘malware’


Unique IT Challenges Financial Services Providers Face Today

Tuesday, June 19th, 2018

Financial services providers find their IT challenges list is always growing because of security issues, employee needs, customer protection, regulatory laws and business requirements. Keeping up with IT concerns is important not just because failing to do so means lost business opportunities — but also, the financial services industry can incur substantial penalties over failure.

Performance Challenges

The large amount of data and secure nature of that data create a heap of unique challenges for the financial services industry. While the “if it ain’t broke, don’t fix it” philosophy is a best practice, relying on it for too long creates situations in which older hardware and software can’t perform fast enough or are incompatible with newer platforms. Aging infrastructure can cause performance and compatibility issues.

Financial services providers often rely on high-capacity internet and network infrastructure to move large amounts of data quickly and securely. When that infrastructure no longer performs it’s time to migrate to something that does. IT services can be an invaluable asset when migrating, implementing and performance-tuning new hardware and software.

Compliance Challenges

IT in the financial services industry faces unique challenges from regulation and technology; the challenges are so great that a substantial share of the IT budget can go toward meeting government mandates.

On the technology side, many businesses rely on legacy systems that either need to be better protected because of known vulnerabilities or migrated to newer and more secure platforms.

Businesses often learn about issues and challenges from a Securities and Exchange Commission audit. It is crucial to comply with making changes in order to address identified concerns from the audit. IT addresses much of the regulatory compliance challenges through technology. An IT services provider can help a financial services provider address compliance issues, with solutions for everything from backup practices to email security.

Security Challenges

The financial services industry works with both confidential information and finances, which offers a very desirable target for hackers. Security challenges are the biggest and most important issue facing financial services providers in the IT realm. In particular, the financial industry is the top target for Distributed Denial of Service (DDoS) attacks, which aim to disable online services for customers and staff alike. Businesses need to implement defensive technology that mitigates these attacks when they happen (as opposed to if they happen).

Additionally, the industry needs to protect customer data and avoid breaches, as there are always new security concerns to address. That means IT staff must keep up with software patches on all levels while also avoiding breaking features from updates with the goal of preventing attacks. Aging infrastructure is often the root of cyber-attack vulnerabilities and may need to be replaced for data protection.

Financial providers need to watch out for phishing and ransomware attacks on employees. The financial industry is on the receiving end of 8.5 percent of all phishing attacks, so IT staff must address these concerns on the technical and personal levels to avoid allowing impersonators to access private information. Ransomware is also a major concern in the industry. This increases the emphasis on keeping software patched to avoid attacks and maintaining reliable backups to minimize data loss if any attacks succeed.

If your Bay-area financial services provider business is looking to streamline its integrations with expert help, MPA Networks is here to help put years of professional expertise to use. Contact us today to learn more.

Which Industries Are Most Likely to be Targeted with Cyber Security Threats?

Monday, May 21st, 2018

To understand why some industries are targeted in cyber attacks more often than others, it’s important to understand what drives hackers and what makes a target appealing. Of the two, hackers are easier to understand:

According to a Verizon data security report, roughly 70 percent of attacks are financially motivated, and around a quarter of attacks are for espionage purposes. The rest tend to fall under the categories of personal grudges, ideological attacks, and “just for fun.”

A prime target for an attack will have some of, if not all of, the following qualities:

  • Works with important, confidential data
  • Possesses valuable information (not just financially)
  • Service disruptions require urgent action to restore access or information security
  • Target has substantial financial assets
  • Target has the financial means to pay a ransom

Businesses in the following industries often find themselves on the receiving end of a security attack because they are considered high-value targets.

1. Finance

As the financial industry works with money, it should come as no surprise that it is the most popular target for hackers. This industry is the target in 24 percent of all attacks, which are almost exclusively financially motivated. These attacks often try to compromise credentials so hackers can steal money through a second-step. Businesses in the finance space should make IT security a priority because attacks are less a matter of if and more a matter of when.

2. Healthcare

Hackers often look to exploit the urgency in the healthcare industry for a financial payout: This industry receives 15 percent of all attacks. In particular, ransomware accounts for 72 percent of all malware attacks on hospitals. The healthcare industry is singled out because disruptions to data access could put patient lives at risk, and hackers could be looking to exploit legal penalties for underprepared businesses losing data.

3. Public Sector

The public sector is a popular target because of the information it stores: Around 12 percent of all attacks are on this industry. Financial motivation only accounts for 20 percent of attacks on the public administration segment of the industry; instead, espionage is the motive in 64 percent of cases. Hackers are often trying to steal confidential information from government operations, but they still may try to go after schools with ransomware to earn a quick payout. Criminals may also target public sector operations because they believe the organization is under-resourced in IT security.

4. Retail and Accommodations

When combined, the retail and accommodations industries comprise another 15 percent of cyber attacks. In particular, 96 percent of retail attacks are financially motivated. These attacks often target payment and personal information that can be used to either directly steal money or play a role in identity theft.

5. Everyone Else

Just because your business isn’t in the four largest targeted industries, you shouldn’t fall victim to a false sense of security. Other businesses still account for 34 percent of attacks. In fact, overconfidence in existing security practices can make the difference between a failed or successful breach.

The IT experts at MPA Networks can help your Bay-Area business secure its internet-facing operations to help keep your information safe. Whether you’re in finance, healthcare, or another industry, MPA’s experience can improve your defenses. Contact us today to learn more.

7 Ways to Keep Work Secure on Employee Personal Devices

Monday, May 14th, 2018

Technology improvements have made it easy for employees to get work done on their personal devices from anywhere. However, that freedom comes with additional security risks and requires extra diligence to keep data secure. Safeguarding information is a combined process of utilizing technology and educating staff. The following considerations will help your business keep work secure on employee personal devices.

1. Always Update/Patch Software

Hackers invest time trying to find new ways to bypass security or take advantage of personal apathy and laziness.

According to PC World, failing to install the latest patches and updates for software is the top security risk for both business and private use.

Hackers can look for known exploits that the software creator closed and use them against people who haven’t updated the software to close that security hole. Unlike with business-owned devices, your business really can’t force employees to install software that will prompt updates, so it becomes a matter of training.

2. Use Cloud Apps

Cloud applications for both computers and mobile devices offer some excellent security benefits for your business, especially when your employees access them on personal devices. Cloud apps shift much of the data security burden to the server side, which alleviates many of the security problems that could come from traditional apps run on employee devices. Cloud email is an excellent example of this because the server can handle scans for phishing, malware and other malicious attacks before the content ever makes it to the employee device. Cloud apps generally run the most current software versions, so your business won’t have to worry about employees running updates.

3. Encourage Strong Antivirus and Anti-Malware Practices on All Devices

While employees don’t need to use the same security software your business runs on their personal devices, they do still need quality security software. There are many free and low-cost security programs for personal users that provide excellent protection. Your IT staff can help make recommendations for employees on personal devices.

4. Train to Avoid Phishing Scams

While security software and cloud apps do a great job of catching phishing scams, some still might slip through. That’s why it’s important to train your employees in how to identify and avoid phishing scams.

5. Use Strong Passwords, Password Managers and 2-Step Verification

Employees should also keep their accounts secure by using sophisticated access credentials. This means using 2-step verification for all accounts and programs when possible and using password managers to protect their credentials. Employees should be trained in creating strong passwords in the event that more advanced security techniques don’t work.

6. Practice Public Wi-Fi Safety

In general, employees should avoid using public Wi-Fi when working with confidential information. If employees are going to do work on Wi-Fi outside of the home or workplace, they need to be trained in identifying fake access points and how to tell if a library, restaurant or other business’s network is secure.

7. Consider Using Remote Wipe or Lock Software

As a final effort, your business should encourage employees to install software that allows them to remote wipe or lock mobile devices and laptops they are going to use for work purposes. That way if someone steals that device, the damage will be limited to the financial loss of the hardware and not related to a data security breach.

The IT consulting experts at MPA Networks can help your business implement both software and training practices to help keep your data safe when employees use their personal devices for work. You can read our previous blog on tips for managing remote employees for even more information on keeping data safe. Contact us today to learn more.

Addressing the Unique IT Management Needs at Law Firms

Wednesday, April 11th, 2018

Law firms face many unique IT management challenges that stem from the confidential nature of the information they work with. And that confidential data is why law firms must make the protection of information a key IT priority. Threats can come from outside (such as hackers using pressure to extort money from the firm) as well as inside (from technology failure). In order to adapt as threats change, it is important to understand both why law firms are prone to specific IT management challenges and how to address those challenges.

Why Are Law Firms a Prime Target for Ransomware?

As with other businesses, law firms must be ready for the growing number and scope of ransomware threats.

Hackers see law firms as ideal targets because lawyers may opt to pay the ransom to recover information for a case with an immediate court date.

Additionally, hackers may seek to exploit a larger law firm’s substantial financial backing to get an easy payday: A $300 ransom is worth much more to an individual than it is to a large firm. The 2017 ransomware attack against prominent global law firm DLA Piper demonstrates how serious these attacks can be.

Law Firms Are Vulnerable to Data Theft

While technology automates a great deal of law firms’ work, it also brings additional risks for information theft. The 2017 Equifax hack demonstrates exactly how far-reaching damage can be when hackers steal personal information.

Law firms also need to be concerned about keeping confidential client information confidential. Hackers may try to steal information stored on servers or personal computers through malware attacks and software exploits.

What’s less obvious is how criminals can use social engineering — such as posing as a client via email or during a phone conversation — to get law firms to give up confidential information.

External and Internal Data Loss

Law firms work with a substantial amount of information that can go missing due to both external and internal factors. For example, a firm’s server or an employee’s laptop may fail and lose all the data stored on the device. Additionally, employees may not always properly manage their documents and information, which makes them difficult to find. In fact, poor document management can cost a firm hours of productivity every week. IT management can help organize information through platforms such as a document management system to help minimize data loss related to human error.

Law Firm IT Management Solutions

While law firms face many unique IT challenges, businesses can take several steps to minimize risk and mitigate damage:

  • Implement a three-copy backup policy to safeguard against data loss related to ransomware, malware, device failure and human error.
  • Make sure that all software on all devices is up to date and running the latest version. Hackers tend to exploit user laziness by attacking security holes that could have been patched had the user not skipped an update.
  • Confirm that all information exchanges are secure. Don’t fall for social engineering schemes or use compromised public Wi-Fi networks.
  • Use document management systems to prevent losing data from mismanagement. These also serve as a type of backup.

If you would like to learn more about how your law firm can better manage its IT assets and protect itself from online threats, contact the IT experts at MPA Networks today.

10 Cyberattacks Your Business Should Defend Against

Thursday, March 29th, 2018

Cyberattacks are a major security concern for any business that uses the Internet. Even if your company doesn’t have a website, hackers can go after your email address and business service accounts.

Though they represent one of the more severe risks of a cyberattack, a data breach costs an enterprise $1.3 million and an SMB $117,000 on average.

Cyberattacks take many forms; your business should plan to protect itself from the following common types of cyberattacks:

1. Phishing: In phishing attacks, hackers impersonate a business in an email to persuade recipients to hand over personal information via a reply or to install malware. The email may also contain a fraudulent link to a fake version of a trusted website’s login page. Whaling and spearphishing are specific types of phishing that refer to attacks that single out a specific person or group.

2. SQL Injection: SQL injection is a technique cybercriminals use to exploit database-entry forms on a website. Rather than inputting a name, password, address or other information, a hacker will instead enter a code command designed to damage your database. This is typically successful when the website doesn’t properly sanitize and clean user-input data.

3. Cross-Site Scripting: XSS attacks occur when a hacker slips malicious code into your website or application. It’s common for hackers to exploit advertisement networks and user-feedback fields to sneak code onto a business’s public platform.

4. Man in the Middle: An MITM is similar to a phishing scam in that a hacker impersonates an endpoint in communication. For instance, the hacker might pose as a representative for your bank when communicating with you and pose as you when communicating with the bank — and obtain valuable information with this strategy. More sophisticated variations of this attack involve jumping into a legitimate conversation and impersonating a trusted individual.

5. Malware Attacks: Malware refers to malicious programs designed to infiltrate and disrupt user devices. Of all the different types of malware, ransomware is among the most high-profile and dangerous: It disables access to a device until the user pays a ransom. Trojans, worms, and spyware are other notable types of malware.

6. Denial-of-Service Attacks: DoS attacks disrupt networks and online platforms by overwhelming them with incredible amounts of traffic. Hackers can use these attacks to knock your website offline or slow your network to a crawl. Distributed-denial-of-service (DDoS) attacks are a DoS variation that utilize multiple devices to pull off the attack; one such example is the Mirai IoT Botnet, which caused a major internet disruption for the eastern United States.

7. Social Engineering: Social engineering refers to a hacker using psychological manipulation to get an employee to hand over confidential information or install malware.

8. Drive-By: These attacks trick a user into installing malware, usually a Trojan, by clicking a link in a web browser. Drive-bys typically exploit security holes in web browser plug-ins.

9. Unpatched Software: Unpatched software attacks are entirely avoidable: They work by hackers using known exploits in programs that have already been fixed. Hackers rely on the fact that some users neglect to install important updates.

10. Brute Force Password Hacks: Hackers may also seize your company and employee accounts through brute force password hacking. In this scenario, they use a program to continually guess an account’s password at login until the program finds one that works. Secure passwords will take far longer to crack, so hackers tend to target less secure accounts.

IT security is an incomplete process unless your business has the right hardware, software and employees working together to prevent attacks. The IT consulting experts at MPA Networks can help. Contact us today.

The Mirai Botnet Returns — and Why You Should be Concerned

Tuesday, March 13th, 2018

The Mirai botnet refers to a massive-scale network of Linux-running Internet of Things devices turned into remote-controlled bots through a malware infection. Hackers can use the network to run a distributed denial of service, or DDoS, by having the infected devices overwhelm a target with data traffic. Mirai malware and its copycats are an ongoing threat to Internet security and stability. All businesses should be concerned about Mirai’s damage potential and perform their security due diligence to avoid contributing to the problem.

A History of Attacks

Mirai first appeared September 2016, then reemerged in late 2017; its botnet of devices maxed out at around 600,000 infected devices.

While the average person probably doesn’t know what Mirai is, most people in the eastern half of the United States experienced what it can do: it was responsible for the October 2016 wide-scale slowdown of the Internet for the entire region.

Without diving too deep into the technical details, this outage-causing traffic came from malware-infected routers and cameras. In the malware botnet’s initial use, it created a massive 630 Gbps attack on a journalist’s website on September 20, 2017, double the traffic from the previous largest known attack.

While the hackers from the original Mirai attack eventually pleaded guilty, the threat from Mirai and similar malware is still very real. In late 2017, hackers used a variation to seize control of over 100,000 devices in just 60 hours, mostly consisting of unsecured modems made by ZyXEL.

How It Works

Mirai is a worm-like malware that infects Internet of Things devices by using factory default credentials. The malware scans the Internet for dozens of IoT devices with known vulnerabilities from default security settings and seizes them. Mirai exploits human behavior because owners often don’t change the default settings. The malware will control the device and use it to flood a target with Internet traffic when the hackers activate a signal. The malware creates an ad-hoc network of thousands of devices and has them all attack a target at the same time until the target’s web hosting platform is so overwhelmed with traffic it goes offline.

Mirai is dangerous because it inspires copycat malware that can be used for similar attacks. This malware family tends to target low-hanging fruit: low-cost electronics with little security. Device owners will have a difficult time identifying when their devices are infected because they remain dormant between the infection and the attack.

What It Means for Businesses

Businesses should be concerned about Mirai and similar malware in two areas: having their devices seized by the malware and being a target of a DDoS attack. Your business could be a victim of the malware without being a hacker’s target if your devices get infected and become a part of the network. An infection could potentially run up bandwidth usage, lead to slower network connections, and cause device malfunctions. Your business could be a target of a botnet DDoS attack, but your company’s devices are far more likely to be infection targets.

Do You Have a Crisis Management Plan for a Cyberattack?

Thursday, February 8th, 2018

A cyberattack crisis management plan is your business’s best defense for minimizing cyberattack damage after technology-based preventative measures have failed. Unfortunately for most businesses, cyberattacks are not a matter of if, but a matter of when. Establishing a crisis management plan can help your business minimize data compromise, limit attack scope, decrease recovery time and reduce harm to your reputation. Having a plan in advance means your operation can immediately get to work on containing the attack when it occurs rather than allow it to incur further damage while you scramble to develop a plan during the breach.

What Threats Do Cybersecurity Attacks Pose?

Cybersecurity attacks aren’t going away. According to CBS, as of 2015, criminals contributed to 1.5 million annual cyberattacks. These attacks can have major repercussions for a business.

According to IBM, the average breach costs a business $3.6 million.

Some attacks can lead to massive fallout that can put a business in financial trouble. In 2016, there were 15 breaches that exposed more than 10 million identities, Symantec reports.

The technical side of preventing cyber-attacks is an ongoing cat-and-mouse game. The tech industry pushes to close security holes as soon as — if not before — hackers find and exploit them. Hackers like to take advantage of businesses that haven’t applied software patches to close established security holes.

Malware, ransomware, botnets, IoT vulnerabilities and email phishing were all major threat sources in 2017. In particular, ransomware is a growing problem because businesses are paying more than $1,000 on average to recover “locked” data. Many of these payouts could have been avoided by implementing proper crisis management and disaster recovery plans in advance. While big businesses offer big targets, SMBs still need to protect themselves from attacks.

What Your Plan Should Contain

A cyberattack crisis management plan revolves around three main elements: preparation, response and recovery. Every step is crucial, because a poor response can actually make the situation worse. According to WIRED, Equifax’s management response could have stopped the problem before it started in their major 2017 breach, if they had not done such a poor job. Here’s what to consider:

  • Prepare: Your business should prepare for extreme-level attacks in advance. Part of this process involves creating a response team with key players from all necessary departments. The plan should include what each group needs to do in the event of an attack. The crisis response team should take action to plug major known security holes as they are discovered to prevent a breach.
  • Respond: The response team should identify the attack, secure the compromised systems, and investigate the cause of the breach in that order. Next, the team should take action to prevent further attacks that exploit the same or similar security holes.
  • Recover: The cycle continues after your business contains the threat. The response team should next work to minimize public damage and repair customer trust. According to a 2011 Ponemon Institute study, larger businesses say they averaged $332 million in diminished business value following a customer data breach.

The disaster recovery experts at MPA Networks can be a vital part of your business’s crisis management plan. Our experts can help your staff gets back to business as usual as quickly as possible. Contact us today to find out how we can help.

Four Security Threats Your Company Could Face in 2018

Tuesday, January 16th, 2018

Hot off the tail of the massive 2017 Equifax breach that exposed personal information of 143 million customers, businesses are on high alert concerning IT security in 2018. While the IT security industry has been successful in mitigating and cracking down on many common threats, hackers are finding new ways to exploit devices that haven’t received as much attention and protection as PCs and servers have. Trends indicate that your company could be looking at security threats from previously ignored devices and sources in 2018. Be on the lookout for the following threats this year.

1. Missing Windows Updates Over Incompatible Antivirus Software and the Meltdown-Spectre Fix

This is one security threat your company could already be facing: There’s an inherent flaw in the way modern CPUs by Intel, AMD and ARM handle data that can be exploited to leak information. This is a substantial problem because it stems from the hardware as opposed to the software, and fixing it can negatively impact device performance. To make matters worse, some types of antivirus software conflict with Microsoft’s fix. If your business is using one of those incompatible programs, you need to switch to a compatible option to continue receiving Windows Updates as of January 2018. Those Windows Update patches are vital to keeping your company’s computers safe.

2. Internet of Things Devices Become a Bigger Threat

As of 2017, there were 17.68 billion IoT-connected devices, and that number is expected to grow to 23.14 billion in 2018.

Your office may interact with devices like an Amazon Echo, a smart thermostat and dozens of smartwatches. These are all IoT devices that could be the targets of security attacks.

These devices can be used to piggyback onto your office network. Additionally, DDoS attacks from hijacked IoT device botnets could be an even bigger threat in 2018.

3. New Devices Are Targeted

Ransomware is for more than just computers now. In 2018, IoT devices could be the next major target for hackers using ransomware to get your business to fork over payment to regain control. A workplace that’s lost control of the thermostat because of ransomware might be highly motivated to pay. Hackers may also be looking to exploit security holes in your office router and modem, as these devices are often neglected when IT staff applies regular security updates. Hackers often exploit the fact that many users don’t change the default password on these devices.

4. Watch out for Mobile Malware

The growing mobile device user base is making the Android and iOS platforms much more attractive targets for hackers over the traditional PC targets. According to Kaspersky, Android devices are more vulnerable to malware, but attacks are easier to identify and fix. While iOS devices are more secure, it’s much harder to tell if a device has been compromised.

Keeping up with IT security in your workplace is your best bet to avoid disastrous breaches and downtime. Our IT consulting experts can help your company identify and protect its security weak points. Contact us today.

Scheduling Security: Take Control of Your OS Updates

Wednesday, May 10th, 2017

update-1672385_640

It happens to everyone: You turn your computer back on after you intended to leave the office, or come in early to get a head start on a new project, only to be greeted by a 20-minute operating system (OS) update session. This common workplace frustration turns what should have been a four-minute job into a half-hour ordeal, forcing you to stay behind or defeating any time gains from starting early.

OS updates provide essential security fixes that keep your business safe, but the platforms have a knack for pushing updates at what feels like “the worst possible time.”

Here’s what you can do to remain one step ahead of your updates at all times.

Change the Default Settings

Don’t leave operating system updates on their default settings, because they’re likely to interfere with work when you need the devices. The solution to this productivity- and attitude-killing problem is to adjust the system settings to force the updates at a specified time when your team won’t need them. Other software, like Office, Photoshop, and web browsers, tend to be less of a problem, since their update sessions are usually much quicker.

Updates Are a Security Issue

The worst solution to update inconvenience is to disable automatic updates. While updates that don’t add any new features may seem irrelevant, they’re actually doing lots of work keeping you safe behind the scenes in areas like IT security and virus/malware prevention.

According to TrendMictro, malware and other security exploits tend to target known security holes that have already been closed through updates and patches. Instead of finding new exploits, it’s easier for hackers to continue to exploit the old ones and take advantage of users who do not update their computer software.

Schedule Around Work to Increase Productivity

Microsoft usually posts their updates on the second Tuesday of every month, which is commonly known as “Patch Tuesday.” However, this may not work well with your business if it disables employee computers Tuesday night or Wednesday morning. The ideal time for updates will differ depending on your business, but for the typical Monday-to-Friday 9-to-5 office, you will be best served by installing updates around 2 a.m. on Sunday morning. Devices can even be individually customized for each employee based on their personal schedule.

The IT Consulting experts at MPA Networks, serving San Francisco, San Mateo County, San Jose, and other San Francisco Bay Area cities, are ready to help your business make technology work for you, not against you. Scheduling updates is a desktop management and support issue, which IT Managed Services can deliver. Contact us today to find out how we can help you better manage your office computers.