Posts

Disney Plus Data Account Breach Thumbnail

Thousands of Disney Plus Accounts Hacked After Launch

Disney’s new streaming service was hacked a week after launching and hackers are offering breached accounts for sale online for $1 a month or $3 a year.

The service garnered over 10 million subscribers on their first day and within hours hackers took control of user accounts.

Disney+ users said on social media hackers were logging in to their accounts, logging them out and changing the email and password of their accounts.  If this is true, then some users could be in huge trouble. 59 percent of people use the same password everywhere, according to a poll conducted by Lastpass. Therefore, there’s a big chance Disney+ subscribers use the same email and password for multiple accounts.

Other streaming services such as Netflix, Hulu and HBO Now have been targeted by hackers too. Users report finding unfamiliar names and profiles in their accounts.  And if you’re a hacker looking to make a quick dollar, it this isn’t too hard to do.

How Did This Happen?

It’s estimated that millions of online accounts are scouted and tested using a method called credential stuffing. Hackers test a database of stolen information such as passwords and usernames against various accounts in order to find a match.

Hackers have programs that run these tests in seconds. And since we know over half of people use the same username and passwords across multiple accounts, there’s a huge probability they’ll find a match.

Another scam cybercriminals use to get your email, in the instance of Disney+, would be to send a fake email to a subscriber warning them their accounts were locked. The fraud email asks the user to provide their account information for “verification”. After a hacker gains this information, they log in to the account, change the password and block the subscriber from accessing his or her account. This is a form of phishing and it happens every day.

Disney Plus Data Account Breach Statistics

It’s a Bad Week for Disney+

The curious thing about Disney+ is that users who had unique passwords also got their accounts hacked according to a ZDNet report. Secondly, the new streaming service was still in the seven-day free trial period, even for people who signed up for it immediately after it went live. In other words, there wouldn’t be any profit for hackers since people were still using it for free. Moreover, if you’re a Verizon customer you get Disney+ free for a year.

The new streaming platform has had a rough first week since it went live on Nov. 12, with slow screen loads to messages on their homepage displaying ‘unable to connect’. The company said it was working hard to fix the problem and they were mainly due to a demand for the service that was higher than expected.

Subscribers of streaming services should ignore and avoid emails relating to their accounts and never provide account information through email. Also avoid using the same password for everything. It’s honestly an invitation to get hacked. If even one of your accounts is compromised that risks all your accounts.

Why Does it Happen?

And this isn’t something common just among streaming service users, it’s common for everyone. Even people who work in industries and companies with extremely valuable data fail to take precaution. It’s been reported repeatedly that human error is the leading cause of cybercrime. To be more specific, human error is the main cause of 95 percent of cyber security breaches according to an IBM study.

Human error encompasses a large variety of actions, not just password related errors. It can be downloading malware after opening a phishing email or working on an insecure network. Victims of ransomware attacks aren’t foolish, just careless.

The Disney breach might not seem related to company breaches until you consider Disney+ users are accountants, lawyers, financial advisers, and business owners. If over half of people use the same password for everything, what’s stopping them from using their Disney+ password to access their account information or login to their database?

For a cybercriminal, this is their best-case scenario. They access a user’s information, discover he works at a medium size accounting firm, and proceed to use the password they got from accessing their streaming service to access their firm. There are even cases where people use their work email as their login email for other accounts.

It Takes More than Good IT

There is only so much IT for accounting firms can do in this case. Companies must do more than rely on their IT infrastructure to keep them safe. Situations like these create huge compliance risks for those who work in the financial services industry. For those who work in or own their own business, it creates liabilities that could potentially ruin the company.

Hackers always look for the path of least resistance. They choose a small or medium sized business because it won’t attract too much attention. They send hyper-targeted phishing emails because people are likely to fall for them. Cybercriminals even buy malware programs on the dark web so they don’t have to develop it themselves. The trick is to do everything possible to make their jobs as difficult as possible by implementing smart, best-practice procedures. At the end of the day it’s about eliminating liabilities.

Disney+ users should be mindful of what email they use to login and what password they choose. It might affect more than their weekend.

Click here to read our blog about how  businesses can protect themselves from cyberattacks.

South Florida Law Firms Ransomware Data Breach

Ransomeware Attack in Coral Gables, Florida Puts Law Firms at Risk

Cyber Attack in Coral Gables, Fl

The Coral Gables-based company TrialWorks, a software company that manages electronic records for thousands of law firms in the US, was subject to a ransomware attack. Digital legal documents were held hostage in a classic ransomware attack.

Last Thursday, one of the law firms who’s information is kept by TrialWorks, was forced to request more timed to meet a filing deadline in an important case in federal court because it could not access its documents.

How did it Happen?

TrialWorks alerted its customers about the breach and stated it was caused by a Microsoft service outage affecting Outlook desktop and mobile apps, according to court records.

Software management services like TrialWorks continue to grow as law firms look to store their abundance of electronic documents in a host facility. This part of a larger trend of digital transformation.  In other words, the cloud. And as industries move their files and digital information to the cloud, security becomes essential against cyber threats. Government facilities throughout Florida have already suffered from cyber-attacks involving ransomware. Banks have experienced breaches as well.

Cloud computing is the natural progression of software technology. The old client-server model of getting physical disks and installing software on local servers was the only viable solution for the better part of two decades. Now industries are looking to cloud technology for a more practical approach to data storage.

TrialWorks alerted the law firms and attorneys that use its case management services that they could not access their electronically stored documents while they were resolving the breach issue. This created a more issues as TrialWorks informed customers that it had a high ticket volume and response times would be delayed.

The company merged with another company, Needles and expanded greatly. Law firms using Trialworks suffered significantly. Attorneys working cases couldn’t access the necessary files and creates set-backs that impact TrialWorks and all of their clients.

Data Breaches & Cyber Attacks

Data breaches, social engineering and ransomware attacks are devastating and are, unfortunately, underestimated by small and medium sized businesses. One of TrialWorks’ clients was a small firm of nine lawyers working on a civil litigation case. The TrialWorks breached slowed down their work. Their deadline issue was resolved, however, they have until November 14 to respond to a dispute over the testimony of an expert witness. This response requires access to critical documents in the case.

What happened at TrialWorks is not specific to them. In the month of September of 2019 alone there were 75 data breaches and a total of 531,596,111 breached records. This number is significantly less than August, which had 95 incidents total. However, there was an overall increase of 363% in terms of records breached.

A data breach happens when a cybercriminal successfully infiltrates data sources and extracts sensitive information. The more valuable the information, the likelier an organization is to become a target. The healthcare industry, for example, is often targeted. In fact, the medical industry is the top industries for cyberattacks. However, there are a number of other industries also vulnerable to attack.

The most targeted sectors for cyberattacks are the following:
1. Healthcare
2. Retail
3. Financial Services & Insurance
4. Public Administration
5. Information
6. Professional/Scientific
7. Education
8. Manufacturing

Among these, the top three are Healthcare, Retail and Financial Services. These verticals are where average consumers, clients and patients expose their most sensitive information.

South Florida Law Firms Ransomware Data Breach Statistics

Healthcare

In healthcare, hospitals house a lot of private data. A patient’s medical record, social security, insurance provider, and medication are all valuable to a hacker.

Retail

Retailers are lucrative because of the swipe and go payment machines and the high amount of transactions make credit card or debit card information accessible to cybercriminals through various methods like skimming. Skimming is a means to get card data by creating a duplicate payment cards and re-using the copies.

Financial Services

It’s well known that over 25 percent of all malware attacks target the financial sector. Cyber criminals target financial services companies by implementing Trojan viruses to steal banking information and download data. One of the most famous examples of this was the Equifax data breach. The company’s estimated to lose over $600 million because of it. Furthermore, companies in the financial services industry are paying more to secure infrastructures and protect critical data from theft. That is why financial cloud computing is becoming popular in the industry. Cloud accounting technology is also on the rise.  However, criminals are still motivated to commit cyber crime due to the low risk, high reward nature of cyber-attacks.

Not Your Average Theft

Unlike a physical robbery, it isn’t immediately apparent when you’ve experienced a data breach. It can take weeks, months or, in some cases, years before a breach is discovered. Hackers use this to their advantage, targeting the weaknesses within regulatory guidelines. That’s why it’s important not to take any compliance risks.

These cyber breaches are becoming more dangerous and harder to detect. A financial company’s IT infrastructure is not enough anymore. Organizations are adopting a more proactive approach by employing advanced cyber security software, multi-factor authentication and expert security response professionals layered on top of efficient cloud technology. As a result, financial cloud providers not only anticipate attacks as early as possible, but train financial services firms to assist in their own protection.

The breach in TrialWorks is a perfect anecdote to what can happen to any firm in a number or industries.  When you experience a breach, your company loses credibility, clients, resources and has to deal with all the ramifications of the breach itself. There are long, extensive investigations into the nature of the breach, potential lawsuits and compliance related hassles that can stagnate if not completely ruin a financial firm regardless of size.

For more blogs on cyber security news, fintech, the cloud and more visit our website.

Phishing Emails - Don't Get Hooked!

social engineering

Spear Phishing

What is spear phishing?

Spear phishing is an email scam targeting a specific individual, business or organizations. It’s like a standard phishing scam except the emails are personalized to target one group or person.

Cyber criminals use these types of attacks with the intention of accessing and selling confidential data to governments and private organizations.

The cyber criminals use individualized methods of social engineering to create a sense of legitimacy to the email. The objective of social engineering is to get anyone from a company or government agency to open a malicious link or visit a virus ridden website.

At that point the cyber criminals can steal the data they need in order to critically affect the target’s networks.

Spear Phishing Could Cost Millions

The city of Naples, Florida lost $700,000 in a spear phishing attack on Monday, August 5.

The money was sent to a fake bank account provided by an attacker posing as a Wright Construction Group representative contracted to work on an infrastructure project in downtown Naples, according to one of their news releases.

The city manager Charles Chapman said the cyber attack was an isolated incident and did not affect their data systems.

Other cities throughout Florida were also targeted in cyber attacks.

How Spear Phishing Works

Phishing and social engineering in general is increasingly becoming a popular method of hacking for cyber criminals, however spear phishing is particularly difficult to detect because they’re designed to appear legitimate and safe. It’s the same with counterfeit dollar bills. The more advanced the counterfeit is, the harder it is to recognize it as fraudulent or fake.
In a spear phishing attack, the hacker gets specific information about their victim to create a sense of trust and security. Like the cyber criminal in Naples who used the information concerning the contract between the city and Wright construction group to his or her advantage. They usually acquire this information through internet research, a previous phishing attempt, maybe a hacked account from within the organization and even social media.

Typical phishing attempts will ask you give some personal information. Sometimes hackers ask for a phone number, other times a credit card or bank account number. Spear phishing attempts follow a similar strategy only more specific. You might be manipulated to click on a link that downloads malware or led to a site that asks for a password or a social security number.

Whaling

There are other forms of spear phishing called “whaling”. Whaling involves targeting institutions posing as a company executive requesting an employee wire money to an account belonging to the hacker. The Naples attack is a modified version of whaling. Instead of posing as the CEO of Wright Construction Group targeting an employee, the cyber criminal posed as a representative of the company targeting one of its clients.

Like phishing, a successful whaling attempt involves coercing someone with a high profile or reputation. The intention can vary but it’s usually all about money. This could mean initiating a wire transfer as in the Naples case or installing malware that infects company servers and steals sensitive data.

Targets of whaling are executives, department heads, spokespeople. This means that they likely have information available to the public that other targets might not. Having importance within a company or an industry means that person is in the public eye. This might limit the pool of targets, but it also raises the reward.

Threats to Businesses

Because of what we’ve mentioned above, spear phishing is not only among the most common types of cyber-attacks, but probably the most dangerous. Most phishing attacks try to cast a wide net, hoping that a handful of email recipients unknowingly give them access to their business and data. All it takes is one person to click and the entire enterprise is at the mercy of a cyber criminal.

Phishing Email Statistics

The Naples example coupled with these statistics are indicative of how effective phishing scams are. It’s important to be aware of how volatile one of these attacks can be and prepare your business against them.

Red Flags of Phishing

The important thing is to avoid clicking on anything until you know what it is and who it’s from with certainty. If someone you know shares a link or a document with you and it’s out of the ordinary that’s a sign it may be malicious.

If the email has a strange address with too many numbers or letters, it’s probably a phishing scam. Another give-a-way is the vernacular contained in the email.

Here’s an example: Let’s say you live in the US and you receive an email from your boss who also lives in the US and was raised in the US. If the email says something like, “Hey, I need you to run some errands for me this afternoon. Send me your mobile.” Mobile is a phrase commonly used in the UK not in the US and could be an indicator of a fake email. A lot of the time cyber attacks will overlook these small but telling details.

This requires a bit of deduction on your part, but if you’re familiar with the person who allegedly sent the email, then it should use this as a way of catching any abnormalities in their word-usage. A little research goes a long way also. If you’re receiving an email from a company, look it up and message them. If things don’t check out, report it through your email provider like Google or Outlook.

When successfully  identifying an email as a phishing scam, alert anyone and everyone in your department. Raise awareness with as many people you can. This puts people in high alert and makes it less likely they fall for the same trick.

Protect Yourself

Phishing and spear phishing specifically might be difficult to spot, but that doesn’t mean you’re helpless against it.
Training employees and raising awareness is the first line of defense against phishing attacks. And with spear phishing becoming more selective, training should expand to clients, vendors and upper management.

Training

Just as we saw with the Naples attack, cyber-attacks are becoming more ingenious and varied. The city of Naples was a client of a construction company and rather than target the company, they targeted the vulnerable client. While employees might protect themselves from phishing attacks by implementing measures put in place by internal IT or a cloud provider, clients might not have these same advantages.

There needs to be a comprehensive training curriculum focused on educating as many people within an industry. Whether it’s clients of a financial firm or the firm itself, for example, there’s no telling who a hacker will target.

Mock tests

Simulating a phishing attack is a helpful tool to assess how employees behave under those circumstances. This would also help in gauging how aware your employees are of phishing attempts.
Spam filters: Once upon a time, spam was just annoying inconveniences that at worst lowered productivity. Now, spam is a useful tool for cyber attackers to target potential victims. Luckily, most spam filters work, and most companies have one.

Be aware of the kinds of information shared on social media. Useful details like birthdays and favorite activities can be found easily in today’s social media culture. Upcoming events can also be used to make spear phishing emails seem more legitimate. Be weary during a big conference or networking event of any strange requests in your inbox.

The Cloud

Cloud service providers often provide the protection and security to prevent a successful spear phishing attack. Nerds Support, for example, advises all its partners to send in any suspicious emails they receive to be analyzed and verified as safe to open. This is a simple technique that comes a long way in safeguarding against these kinds of attacks.
Going back to two factor authentication for a moment,

If an organization moves to the cloud, phishing risks must also be considered. If your company is using a public cloud, you’re accessing any and all relevant applications through the internet. Phishing is most successful when the apps are exposed to the internet, which is standard for a public cloud.

Private cloud hosted apps, like Nerd Support’s have the added security of a VPN (Virtual Private Network). VPN’s simply allow you to establish a secure connection with another network over the internet. However, hacker can always try and find the URL of a cloud service. That allows them to execute targeted phishing attacks on employees of the company.

Two-Factor Authentication

One of the best ways to fight against phishing attacks is a two-factor authentication. This is when you log in and the app or site requires you to log in through another device or apply another password. People see this usually with social media. Instagram and Facebook sometimes ask you to input a code sent to your phone or email. If a user inside a company is compromised in a phishing attack, the attacker won’t be able to access the organization’s IT if the second factor is constantly changing.

Two-factor authentication isn’t typical of most cloud services. Nerds Support offers this feature when you adopt its cloud system but it’s one of few exceptions. Dropbox is another cloud-based h

osting service that adopted a two-factor authentication.

We’re here to help

At the end of the day, its about adopting culture of verification and caution. Nothing is sacred to cyber attackers. They will exploit personal information that appeals to your emotions or they will use a recent tragedy in the news to increase the chances that you “donate” to their cause.

Calling and investigating the sender before replying, double checking with colleagues, making sure that no one is isolated or left out of the loop are all things that make a huge difference.

Hopefully you’ve learned enough to recognize a potential spear phishing attempt so that Naples story doesn’t turn into your own.

To learn more about cyber attacks, phishing and social engineering visit the Nerds Support website or feel free to call and we’ll be happy to answer any questions. Also, check out our video on tips against phishing right here.

If you need any help making your company  safer, feel free to fill out the form here or call us at 305-551-2009.

A business owner working on her laptop

3 Big Security Lessons for Growing Your Business

Ransomware is rapidly becoming the most pervasive cyber threat in the world today. It’s affected large companies like Arizona Beverages and FedEx to government institutions like police departments and schools across the US.

Although many of these organizations are large is size and scope, you don’t have to be a multinational bank or the National Health Service to become a victim of ransomware and other types of malware. As a matter of fact, small and medium-sized businesses are just as likely, if not more, to be attacked by ransomware because in many cases they’re more vulnerable and less likely to recover.

What is ransomware? Ransomware is a computer program or virus that encrypts and freezes your data files unless you pay the perpetrator a fee. These are some things to consider when navigating a business in today’s world. There are the dangers everyone faces.

3 big security concerns for business owners

1.You’re never too small to get hacked

About 70 percent of ransomware attacks in 2018 target small businesses, according to a March report from Beazley Breach Response Services.

Ransomware finds its way into your system by exploiting flaws in your security perimeter, but, more likely, it gets downloaded by an unsuspecting user through an ostensibly harmless email or file. It can infect not only the machine that opened the corrupted file, but all the programs it shares throughout the network, spreading like a dangerous contagion, encrypting all the files on that network.  If the initially infected machine has access to back-up files, it’ll encrypt them as well.

It’s easy to assume big businesses would be the main targets of something like this, but cyber criminals go after small, lower risk payments instead of one large payment. Smaller attacks are likelier to keep them under the radar. It’s also important to know that one cybercriminal alone can target thousands of businesses with little to no difficulty. They use social engineering to manufacture a huge email list and infect countless links and files before sending them off to as many people as possible. All it would take is one staff member or employee in the office to click on a single link. Some businesses may avoid this kind of attack but it’s a numbers game. All it takes is patience and eventually a cyber-hacker will get what they want.

2. Paying Won’t be Easy

So what if you pay the ransom? That’s always an option.  You can pay, get your files back and move on. Well, not exactly.

Hackers and cybercriminals don’t use traditional bank accounts when conducting “business”. They’ll want to be paid in Bitcoin to an anonymous account on the Dark Web. It’s untraceable and easy to manage for even the most novice of hackers. Adding insult to injury, you’ll have to spend time you may not have trying to get your hands on crypto currency you need to make payments to someone that’s extorting you. Even if you go through this strenuous process and pay the hacker their fee, it’s not a guarantee you’ll get your data back.

3. Hacking is a reality that cannot be avoided

Most businesses and even government institutions haven’t taken cyber security as seriously as they should. 43% of all cyber-attacks are aimed at small businesses, according to cyber defense magazine. Small businesses have minimal security and are therefore easier to breach.

In South Florida, it’s reasonable to assume you’ll experience a hurricane at some point. The environment in which you’re in often produces conditions favorable to those types of storms. In today’s world, with ever increasing reliance on technology and computer software in almost every industry, there will always be those looking to exploit vulnerability for profit. If you want to mitigate risks and continue to operate and grow your business, you’ll need to assume that getting hacked is inevitable. Prepare for the worst and you’ll have nothing to fear.

A Nerds Support partner, for example, has all of their files backed-up daily and monitored by our team of experienced engineers and IT professionals at all times. If there’s a questionable email, we can analyze it to ensure it’s safe and legitimate. Nerds Support has can help its partners establish a continuity plan in the case of an attack and snuff out potential risks before they become large vulnerabilities in your system.

A cloud based-infrastructure offers a level of security that is cost efficient and practical for any business. Contact us Today to Start Securing Your Business!