Posts

How to Improve Your Business’ Cyber Defense

Today, countless entrepreneurs set up an anti-virus software for their cyber protection and stop there. Nevertheless, there are actually numerous means to breach a system without triggering anti-virus applications. And especially in today’s evolving remote work world, you’ll need more than just a simple firewall to stop your data from being breached.

Cyber-criminals are actually producing various malware quicker than antivirus solutions may identify all of them (around 100,000 updated infection forms are introduced every day), and expert hackers will frequently assess their developments versus all readily accessible systems prior to launching them onto the internet.

The Scary Truth

Regardless of whether you possessed an ideal anti-virus solution that might sense as well as prevent all risks, there are actually countless cyber threats that can get around anti-virus software completely. For instance, if a cyber-criminal is able to manipulate a staff member to click on an infected email or link, or perhaps “brute force estimate” a low-strength password, all the anti-virus applications on earth couldn’t save you.

There are actually a number of weaknesses a hacker may prey on: the physical level, the individual level, the network level, and also the device level. You need to have a security strategy that will definitely enable you to swiftly detect as well as address violations at each level.
The physical level pertains to the PC’s as well as other devices that you store in your workplace. This is actually the simplest level to secure, yet is actually frequently abused. For example, employees lose devices with sensitive information such as smartphones or USB’s, which fall into the wrong hands.

For the physical level, you should:

  1. Retain all PC’s and also equipment under the oversight of a worker or even stored away in all opportunities.
  2. Solely permit approved team members to utilize your equipment.
  3. Never connect in any kind of unidentified USB gadgets.
  4. Demolish outdated computer hardware prior to tossing it away.

The Biggest Threat to Your Business

The truth is, 95% of protection occurrences include human mistakes. Ashley Schwartau of The Security Awareness Company states the most significant blunders a firm can make are “presuming their workers recognize internal safety strategies” as well as “presuming their staff members care sufficiently to comply with plan”.

Right here are some means cyber-criminals make use of human shortcomings:

  1. Attempting to brute-force deciphering passwords.
  2. Fooling workers to open up suspicious e-mails or go to endangered sites.
  3. Deceiving workers to reveal delicate info.

For the human level, you should:

  1. Implement obligatory password modifications every 30 to 60 days, or after a worker is lost.
  2. Train your staff members on ideal techniques every 6 months.
  3. Supply rewards for safety mindful actions.
  4. Disperse delicate details on a requirement to understand basis.
  5. Need 2 or even more people to approve any kind of transfer of funds.

A Strong Network Makes Your Security Work

The network level describes software application strikes supplied online. This is without a doubt one of the most typical avenue for strikes, impacting 61% of services last year. There are all sorts of malware: some will certainly spy on you, some will certainly siphon off funds, and some will certainly lock away your data.

Nevertheless, they are all transferred similarly, either with spam e-mails or suspicious websites, or with “Drive by” downloads.

To defend your business versus malware:

  1. Do not utilize service gadgets on an unsafe network.
  2. Do not permit international tools to access your Wi-fi network.
  3. Utilize firewall programs to safeguard your network.
  4. Make certain your Wi-fi network is secured.
  5. Utilize antivirus applications as well as maintain updates. Although it is not the perfect security solution, it will certainly secure you from one of the most typical infections as well as aid you to observe abnormalities.
  6. Utilize applications that identify dubious program actions.

Don’t Leave Your Data to its Own Devices

The mobile level pertains to the digital tools your team utilizes on a day-to-day basis. Cyber security awareness for mobile devices usually trails other technology, which explains the reason there are 11.6 million compromised devices in any instance.

There are many traditional methods for compromising mobile devices:

  • Customary viruses & ransomware
  • Suspicious applications
  • Extortions to your business internet system

To protect your equipment you should:

  1. Utilize strong passcodes.
  2. Utilize encryption.
  3. Utilize distinguished cyber defense software.
  4. Allow remote data clearing possibilities.

What You Can Do

Just as every source of protection would certainly have been pointless without an HQ to relocate security strength to where it’s required most, Cyber IT defense-in-depth strategy requires to have an individual who can check each level for dubious data movement and also react as necessary. With a managed IT services provider, those concerns are gone as you have a whole team of IT engineers you can count on 24/7 for your cyber defense while you can focus on running your business.

Nerds Support Contact Us Leaderboard

Accounting Firm Scams Vulnerabilities Thumbnail

Top 5 Vulnerabilities Accounting Firms Face

It seems like every other day now institutions big and small are experiencing some form of cyberattack. With the growing emergence of remote work solutions last year, businesses had to adapt to the need for flexibility for the their teams. Unfortunately, this came with a lot of security concerns about vulnerabilities. Local governments, banking institutions, tech and networking companies have all undergone some sort of cyber breach. However, accounting firms are likelier than other businesses to fall victim to a cyberattack due to the wealth of sensitive client information they store in order to conduct business.

Since cybercriminals are always exploiting vulnerabilities and finding new malware to access financial information of accounting clients, it’s important to understand cyber threats your firm faces in 2020. So when an accountant thinks about cyber risks they’re susceptible to they think about attacks from outside the firm. Unfortunately, the cyber threats that could negatively impact the firm are ones that firms are responsible for. The good news is they can be prevented.

Here are five  main vulnerabilities CPA’s face today.

Why are CPA Employees at the Root of a Data Breach?

1) Human Error

Human error is the leading cause of accounting mistakes and it’s also the leading cause of cyber security threats. 90 percent of data breaches are caused by human error, according to a study by Kaspersky.

Bring your own device (BYOD) culture puts financial firms at risk when accountants neglect to check their network security. If an accountant has sensitive data on their personal device and decides to go to a coffee shop like Starbucks, it’s possible that a hacker can access that information because the user’s connected to a vulnerable, public wifi network.

Solution

Establish strict guidelines to limit the use of personal devices when handling accounts and client data.

2) Weak Passwords

Among the most common mistakes accounting professionals make is setting up weak passwords for accounts. Accountants should create separate passwords for their email, applications, and systems according to best practices. The reality is accountants, like many other people, tend to use the same password for all three. As a result, they make a hacker’s job much easier.

Passwords are a lot like keys. Imagine if you had one key for your house, your car and your business.  All anyone has to do to ruin your life is get hold of that key. Now, lets push this analogy even further. Imagine that same universal key. Not only does it provide access to all these valuable things but every night before you go to bed you leave it under a flowerpot outside for safe keeping. It might not be as obvious as leaving it out in the open, but it wouldn’t take long to find.

That is exactly what accountants do online. They create passwords that are easy for them to remember. Passwords are often anniversary dates, names of pets or loved ones, or the schools they studied in. Like the key in the flowerpot, a thief might not know exactly where it’s is hidden, but after some snooping around and persistence, they’d find it.

Social Media is a Hackers’ Greatest Tool

In today’s world of social media and online communication, personal information is available to everyone willing to look for it. A cyber criminal just needs to do a minimum amount of work looking through social media accounts to find anniversary dates, names of pets or loved ones, and the schools a target studied in.

That’s not to say accountants should rid themselves of all social media and eliminate their online presence. That’s a very extreme approach and, more importantly, is impossible. We shop online, we bank online, we purchase food online, we buy tickets online. All these things create a profile of who you are and can be leveraged to gain access to your accounts.

Solution

It is essential for accountants to set strong passwords for all their accounts. What are strong passwords? A strong password is a combination of letters (capital and lowercase), special characters like punctuation marks, and numbers or numerals. Stay away from passwords relating to your personal life as often as possible. A hacker will use whatever information they can to infiltrate a firm.

To avoid this firms should consider simple security methods like having users change their passwords monthly or at least quarterly and limit access through mobile devices. Also using multi-factor authentication software when accessing accounts can prevent breaches.

Accounting Firm Scams Vulnerabilities Statistics

3) Phishing

This leads me to the next cybersecurity danger CPA’s face: Phishing. Phishing emails are used to manipulate the reader to click on a link or attachment infected with malware or a virus. They are a form of social engineering. Whether  you’re a large firm or small you’re vulnerable because statistics are on the hacker’s side.  All it takes is one successful attempt to access the firm’s data. In other words, they only need to trick one employee to access the firm’s data.

Phishing attacks a varied and wide-ranging. They can come in the form of a credit card alert, a notice from a non-profit, a package shipment delay and others. However, now that there’s more awareness of phishing scams, scammers adapted to make attacks even more believable by hyper focusing on a specific target.

A target phishing email is known as spear phishing. Cybercriminals use everything they can find on the target to legitimize the email. They’ll make references to people in your life, places you’ve lived in, things that you’ve done to give you a false sense of security. For example, if you get an email from a store you’ve shopped at offering you deals on products you’re likely to buy, you’re likelier to open the email without question.

Avoiding spear phishing attacks means having the proper securities in place and training personnel to create a security first culture. Businesses can use phishing simulations to train accountants to recognize them also.

4) Malware

Malware is installed through a phishing email attachment or link to an infected web page. The scary thing about malware is that it can stay dormant for weeks or even months before it’s used to steal information or take over systems. There are even ways to purchase malware online through the dark web. In other words, cyber criminals no longer need to be tech savvy to deploy malware. They can be anyone.

Solution

Since Malware is installed through social engineering, the solutions are the same.  Accounting firms should have protocols in place to alert IT personnel when a request comes in through email. Managed Service providers, like Nerds Support, have alert system that notifies systems engineers of potentially fraudulent emails.

Our e-book goes into more detail on the benefits of e-mail and spam security services.

5) Cryptojacking

Cryptojacking is relatively new and unlike malware attacks, its goal is to mine cryptocurrencies on behalf of the hacker by using the victim’s devices. They gain access to the devices by using phishing techniques. They imbed crypto mining malware in popular websites in the form of free browser extensions.

Crypto currencies are valuable to hackers because they’re untraceable and can be used for purchase and exchange on the dark web. Furthermore, the attractive thing about cryptojacking is that it runs secretly and can go undetected for a long time. And since nothing gets stolen or encrypted, there’s little incentive to do anything about it.

 Solution

Other than training firms should implement endpoint protection/antivirus software that detect crypto miners. IT support should create a continuity strategy in case of an attack.  Another thing you can do is keep track and maintain browser extensions.

Conclusion

An October 13 story by CNBC reported that Cyberattacks cost small companies $200,000 on average. 60% of the businesses attacked go out of business within six months. Accounting firms are among the most targeted types of businesses today. Moreover, cyber crime has become the fastest growing type of crime costing businesses 5.2 trillion worldwide in the next five years.

Pandora’s box has been opened and now more than ever CPA’s cannot afford to take unnecessary risks. Adopting strategies and continuity plans to limit the impact of cyberattacks and phishing scams is key.

P.S. Cloud accounting is a growing field and provides unique solutions to many of these problems. Visit our page on IT Support for Accountants to learn more about how IT solutions could give your CPA firm the security and advantage it deserves to stay competitive.

Nerds Support Contact Us Leaderboard

Workplace remote work.

Workplace: What You Should Know

Software-as-a-service companies are more and more common these days. With many industries seeing the benefits of SaaS, there is growing interest in these types of services. However, finding the right service is the key. Of all hosted services, Workplace_ is among the best.

Workplace promotes remote team collaboration and improves employee productivity for your company. A cleaner, user-friendly interface allows you and your co-workers to find, access and share files, websites and apps easier than ever before.

What’s more, Workplace’s key upgrades assure its users better security and regulatory compliance, as well as make the platform a tool for remote workers and organizations who care about keeping their data safe.

So, what are the main changes that will transform your Workplace_? 

Makeover of the Workplace Web App in Windows and Mac

On Windows, you are able to resize the app as big as you wish, even entering full-screen mode in your computer. You could also minimize it as small as you want so it doesn’t take the entire screen if you’re working with multiple applications or browser windows.

On Mac, Workplace works perfectly with the OS version, Mojave. Upgrades were installed, fixing an issue that previously affected users: the inability to see some virtual graphics products. Developers working on improving this app went above and beyond not only fixing what users weren’t able to see or the app wasn’t able to display, but also enabling Workplace to function on multiple monitors.

Pin Any File or Folder to Your Launch Page

Workplace has a feature that allows users to “star” websites, applications, folders and files that you can open directly from the Launch page with just a simple click.

Workplace’s Feature: Websites

You are able to see all the websites you visit and work with on a daily basis in a section dedicated specially for that! You can “star” (or pin) a website to your Launch page and see the Websites section there, or you can visit the sidebar menu on the left to see all of your featured and frequently visited sites.

Also, you can save websites with or without including login credentials and set up your username and password without depending on a company manager to do so. And let’s not forget about the feature that allows you to share bookmarks and websites with your colleagues, increasing collaboration and team productivity levels.

Find All Your Hosted Apps in One Place

Talking about simplifying workflows and increasing productivity, Workplace gives Citrix (“hosted”) applications their very own section. Click on “Hosted Apps” on the app sidebar and you will find all your hosted applications, or “star” the apps you use the most appear in your Launch page for quick and easy access.

Streamline device management, business continuity, & consistency of your remote operations with our Workplace cloud solution.

See If You Have Compliance Issues

All apps in the Workplace desktop platform have a feature that perfectly aligns with the company’s mission of keeping our customers’ data safe and improving security compliance. “Compliance Status”, the latest feature on Workplace, is implemented on both Windows and Mac machines. It checks your devices to see how your compliance level compares to the industry’s best practices.

What’s more, if you have compliance issues, recommendations will be made to fix the problem and get you to 100% compliance.

Run your Firm from the Cloud

Workplace provides a comprehensive solution that combines cybersecurity and compliance needs. The all-in-one, cloud based platform delivers and intuitive experience that reduces risk of data leakage.

You can protect your firm’s most important data by ensuring that all applications run only from this unified cloud environment. There is also improved continuity and disaster recovery features so your operation stays fully functional through any event.

Multi-Factor Authentication Keeps Your Firm Secure

Workplace also reduces the risk associated with logins and passwords. Employees access customized applications with one-click access. It also comes with multi-factor authentication that conforms to NIST (National Institute of Standards and Technology) guidelines.

Furthermore,  Multi-Factor Authentication enforces authentication methods required by regulation.  These methods are supported by both iOS and Android as well so employees can use them, regardless of device.

 

For more information on the cloud, cybersecurity and more, visit our website.

 

Nerds Support Contact Us Leaderboard

Emotet malware strikes in a cyber attack

UHS Cyber Attack and the Rise of Ransomware

The major hospital and health care network Universal Health System was hit by potentially the largest cyberattack in U.S. history so far.

The computer infrastructure of Universal Health Systems (UHS) showed signs of failure on Sunday morning throughout the United Kingdom, Puerto Rico and the United States. The attack took down UHS’ network cross the United States. As the situation worsened patients have been moved to different rooms and facilities. Appointments and test results were also delayed as a consequence of the attack.

The attack encouraged one the UHS hospitals to move towards an all paper filing system, according to some individuals familiar with the situation. UHS operates more than 400 hospitals and facilities with over 90,000 employees.

The fortune 500 company said that there was no evidence that patient or employee had been misused, stolen or copied. Bleeping Computers, the online publication that first reported on the attack, spoke to employees who determined the ransomware attack had the tell-tale signs of the Ryuk virus.

What is Ryuk Ransomware?

Justin Heard, Director of Security, Intelligence and Analytics at Nuspire, noted that up until recently, Ryuk was used solely to target financial services, but over the last several months Ryuk has been seen targeting manufacturing, oil and gas, and now healthcare.

Ryuk is a type of ransomware that uses encryptions to cut off access to systems, files, and devices until the victim pays ransom. The ransomware is placed in a system by other types of malware.

The most common is TrickBot, however Ryuk can also gain access through Remote Desktop Service.

The Ryuk ransomware takes payments through Bitcoin and instructs victims to deposit the money in a particular Bitcoin wallet. The demand is usually between $100,000-$500,000 in Bitcoin depending on the conversion price of the cryptocurrency.

Once installed, the Ryuk malware spreads through the network infecting as many servers as it can.

The Ryuk Attack

An employee told Bleeping Computer that, during the cyberattack, files were being renamed to include the .ryk extension. This extension is used by the Ryuk ransomware, reports BleepingComputer. “Another UHS employee told us that one of the impacted computers’ screens changed to display a ransom note reading “Shadow of the Universe,” a similar phrase to that appearing at the bottom of Ryuk ransom notes. Based on information shared with BleepingComputer by Advanced Intel’s Vitali Kremez, the attack on UHS’ system likely started via a phishing attack,” BleepingComputer says.

An employee of UHS told Bleeping Computer that files were being renamed to include the .ryk extension as the cyber-attack took place. Based on information provided to Bleeping Computers the attack on UHS’ system began as a phishing attack.

Many health care workers posted notes about the situation at various Universal Health facilities in a Reddit thread. One in Florida noted that it was “a hot mess in the ER today.” Ambulances with heart patients were being diverted because the facility’s catheterization lab was down, the person posted.

Another nurse in a facility in North Dakota said computers slowed down and then didn’t turn on Sunday morning.

Ransomware & Medical Facilities

Hospitals are high valued targets for cyber attackers because they hold incredibly valuable personal information that can be sold on the dark web or used as leverage for a ransom payment.
A ransomware bug called WannaCry was used in 2017 to target Microsoft Window’s operating system at the time. It spread through an exploit named EternalBlue and reached the U.K.’s National Health System.

The WannaCry ransomware impacted 80 medical facilities although there were no reported deaths as a result.

Hospitals are the perfect target for threat actors because they rely on critical and immediate care to assist patients in need. That means solutions and treatment are time sensitive and dependent on drug history and other medical information to proceed. Without this information patients can suffer or die. This makes hospitals likelier to pay a ransom instead of risking lives by delaying.

Ransomware and other Businesses

Hospitals are not the only industries suffering from malware. We’ve covered cases of schools, businesses and entire cities being impacted by ransomware attacks.

In October, 2019 the technology company Pitney Bowes, was attacked by malicious ransomware. Its shipping and mailing services were compromised and disrupted client access to their services.
Ransomware is a growing problem as over 140 attacks were reported in 2019 targeting state and local governments as well as health care providers like UHS.

As we’ve shown, hospitals and the health services industry are prime targets but are not the only targets. For this reason many businesses are adopting Managed IT services to help deal with this rise in cybercrime.

Emotet Malware

In July 2020 there was a rise in Emotet malspam campaigns. Emotet is a banking malware that infects systems to try and steal sensitive financial information.

The Emotet Malware was first identified in 2014. It was originally just a banking malware. However, later versions were designed to include spamming and malware delivery services. This made it more dangerous and easier to spread.

These campaigns infected victims with Trickbot and Qbot malware. If you’ve been paying attention, you’ll recognize TrickBot malware from earlier.

Emotet is a Trojan that spreads mainly through spam emails. These malicious emails might take on the disguise of legitimate emails. As a result they often persuade users to click on a link or button.
That’s how most likely how the UHS attack took place. As we’ve seen with Emotet, these ransomware attacks only get more sophisticated and more popular as their success rate increases.
Ransomware has become the most popular form of attack growing 350 percent since 2018. What’s more, ransomware from phishing emails like Emotet have increased by 109 percent since 2017.

What should be Done?

There are researchers that are calling for a ban on paying ransomware. However, that recommendation is controversial and not mainstream. They argue that refusing to pay ransomware reduces any incentive a hacker might have and will reduce the rise of malware hacks.

This solution doesn’t address the fact that hackers who gain access to company data can still use it.  Cyber attackers can sell it on the black market, or continue to freeze should the ransom remain unpaid.

The only real solution so far is to educate and train employees as much as possible to avoid malicious or fraudulent email scams.  IT services companies often play a role in educating their clients on these matters but it falls on the business to teach personnel of the risks.  IT consulting can benefit many smaller and medium sized companies who aren’t equipped with the appropriate tools needed to combat these threats.

Even the most dedicated cyber security team with the most sophisticated digital tools will mean nothing if an employee opens the wrong email, clicking on an infected link. Companies that don’t dedicate the time to training their employees turn them into liabilities and the more vulnerable your employees, the more vulnerable the company.

A data breach could cost your business everything if you don't have the correct remote cyber security measures in place.

The Cost of a Security Breach: Is it Always Business As Usual?

What is the Cost of a Cyber Breach?

A hacker stealing your information during a cyber breach is a bad situation. However, a hacker stealing your business’s information might be worse.

Running a successful business always implies a degree of risk. However, in today’s day and age, companies are finding themselves encountering a form of risk that often goes unnoticed: cyber attacks.

If a cyber criminal launches a cyber attack on your business the damage could be irreparable.

Think about it. A cyber attack leads to a huge loss of profit and productivity but thousands of dollars in fees. Not to mention the loss of business that follows.

The average cost from damage or theft of IT assets and infrastructure increased from $879,582 in 2016 to $1,027,053 in 2017.  The average cost due to disruption to normal operations increased from $955,429 to $1,207,965.

Even worse than this, according to Inc. 60% of all small business fail within 6 months due to cyber attacks.

41 percent of companies have over 1,000 sensitive files open to everyone, according to research by the Varonis Data Labs.

How Do Cyber Attacks Work?

Cyber attackers look for unsecured folders the moment they gain access to a network. Why? Because folders open to global access groups.  Global access groups include everyone, domain users and authenticated users. This gives them easy access to business plans, customer and employee data, credit card information and much more.

Overexposed data presents a huge risk to businesses of all sizes regardless of the industry or location. For small and medium size businesses, however, it could mean millions of dollars in losses, reimbursements, and legal fees that end up bankrupting the business.

Small businesses are often targets of cyber crime, yet invest less than $500 in cyber security.

What Are The Most Common Types of Attacks?

 

In the Ponemon study, 48 percent of small and medium sized businesses (SMB’s) report social engineering/phishing were the most common kind of attack.

54 percent of respondents in the study claimed data breaches occurred due to negligent employees or contractor.

Cyber Attacks in Remote Work

Phishing attacks:

Phishing is considered the top cause of data breaches. Hackers send apparently legitimate emails with dangerous links or attached documents. When a target clicks on the link or opens the attachment, a hacker gains access to their device. The link will contain malware or ransomware that corrupts and freezes important data.

Employees might work on personal devices which might not have the same protections as a company owned computer. As a result, the personal device might be more vulnerable to malware and other viruses. Make sure you use a company issued device whenever possible. Not just for the sake of the company, but for the sake of the remote employee as well. No one benefits when a device is breached.

Insecure Passwords:

53 percent of people rely on memory to keep track of their passwords. Therefore, they choose passwords that are easy to remember.  That makes it easy for a hacker to decipher an employees password by simply going through social media. It allows hackers to even access various accounts if the employee is using the same password.

Wi-Fi Security in a Remote environment: 

In an office environment, IT departments can protect employees and control network security. In a remote environment, however, employees probably don’t have the same protections. Hackers exploit networks with WEP security protections rather than WPA2, for example.  WEP settings are the standard Wi-Fi protection for average users.Even inexperienced hackers can download tools that allow them to break through this type of network.

Remote workers don’t realize how insecure they are until something happens. All remote employees need to consider what type of network they have at home before accessing company data. Using a VPN (virtual private network) also helps in protecting against certain types of attacks on remote workers.

During the lock-down period in 2020, there were record spikes in cyber attacks on remote workers. Hackers leverage remote workers’ devices to gain access to systems that would otherwise be more secure.

The Damage You Don’t See

Even assuming an SMB survives a cyber attack financially, the reputational damage would be just as catastrophic.

Security is everything in a business, both internally and to prospective clients. If a cybercriminal hacks your business, exposing your data, no one will want to take the risk of doing business with your company. The perception that your business is unreliable or even a liability can destroy your credibility and tank your business completely.

In the worst of scenarios, you may not even notice you’ve been breached for weeks or months, at which point recovery will be next to impossible.

One of the reasons so many businesses fail is because they have an inadequate strategy for managing cyber attacks.  SMB’s may have fire walls, anti-virus software, malware protection, and encryption but they don’t plan for the event of an actual breach.

While businesses focus on keeping attackers out, the actual data itself remains accessible and vulnerable to attack.

Businesses are losing more records in a data breach. Companies represented in the Ponemon study lost an average of more than 9,350 individual records as a result of a data breach in 2017, an increase from an average of 5,079 in the 2016.

A business needs a fully redundant system to access their applications and data and regular offline backups stored in multiple onsite and offsite locations.

Nerd Support’s experienced team can guarantee a secure business and keep your data safe. A breach doesn’t have to mean failure.

With a business continuity plan that is tailored to your needs your needs, you can get peace of mind knowing your information is safe.

Contact us today for a FREE IT Test! Or call us at 305-551-2009.

Nerds Support Contact Us Leaderboard