Posts

Coronavirus Malware Phishing Scams Thumbnail

How Cyber Attackers Use The Coronavirus to Steal Your Data

Coronavirus Email Scams

The recent coronavirus outbreak has motivated cybercriminals to send virus related malware attacks across the world.

Phishing emails claiming to possess information on protecting against the virus have appeared, spreading misinformation and malicious software. These emails encourage victims to open attached documents containing malware that can freeze or completely steal valuable data.

Scammers use fear and uncertainty to manipulate victims into infecting their computer with malware. However, incorporating tragic events, potential pandemics or natural disasters into their attacks is nothing new.

Beware of Phishing After Any Big Event

Attackers customize phishing emails to current or upcoming events like tax season, hurricane season, and holidays. Regardless of the occasion, the goal is the same: to access valuable information. The attacks prey on people’s desperation for answers and suggest that they have can give them to you.

Furthermore, there have been cases of scams emerging in places like Michigan and New York. Officials in these states are warning residents to be vigilant of emails asking for donations or personal payment card information.

Coronavirus scam emails were popping up in early February which prompted Michigan’s Department of Health and Human Services to warn citizens on their dangers.

The Federal Trade Commission even sent out a memorandum advising people on how to spot email scams and stay safe online.

Additionally, the FTC says cyber criminals could be setting up fraudulent websites that sell fake products using illegitimate emails, social media posts and texts to trick people into sending them money or personal information.

Protecting Against Coronavirus Phishing Scams

Here are some tips recommended by the FTC to keep safe against scammers:

1) Be suspicious of emails claiming to be from the Center for Disease Control and Prevention (CDC) or anyone purporting to be an “expert” with information on the virus.

2) Avoid emails that allude to any “investment opportunities.” Social scams will promote products claiming they can cure, detect, treat or prevent the disease are fake.

3) If you’re going to donate, do the proper research into the organization and payment method. Don’t be pressured to donate and especially if it’s through an email link.

4) Ignore offers for vaccinations. Ads that say they have the cure or treatment for coronavirus are probably scams. Any medical breakthrough will be announced on mainstream media networks.

5) For up-to-date information on the virus visit the Center for Disease Control and Prevention (CDC) and the World Health Organization (WHO)

Don’t Be Misled

These scams will continue to spread and they won’t go away any time in the near future. In fact, scammers will certainly take greater advantage of the misinformation and fear from media coverage.

Moreover, cyber scammers in China were reported sending malicious emails containing malware. It’s difficult to protect yourself from these types of attacks but

Threat actors also targeted users in Japan with a campaign that spread malicious documents with supposed information on the virus.

Unsurprisingly, these social engineers even sent emails impersonating the CDC to lure unsuspecting users into malware traps.

The Coronavirus is a real threat but it’s important to keep a level head and not expose yourself to even greater harm online.

Ultimately, even Facebook has begun planning to ward off misinformation on the virus. Other social media platforms have voiced concern about the spread of false claims on their platforms as well.

The virus has attracted the attention of a global audience but that doesn’t mean you have to fall victim to those looking to profit off of that attention.

Coronavirus Malware Phishing Scams Leaderboard

New York Ransomware Payment Ban Thumbnail

New York Proposes Bills Banning Ransomware Payments

Two New York state senators proposed bills to ban local governments from paying ransomware with taxpayer money.

The bills, S7246 and S7289, are virtually the same except S7246 proposes to create a state fund to help municipalities strengthen their cyber-security. This is the first time states have proposed such a law.

Why is this happening?

In 2019 alone, there have been over 100 reported ransomware attacks across the U.S. in government entities and municipalities.

Texas suffered from 9 separate attacks. Florida had 8 and New York, Connecticut, and North Carolina each had 6 reported attacks.

Moreover, 37 of the 104 ransomware attacks, or 35.5%, were committed against schools. This isn’t surprising considering the fact that schools are particularly easy targets.
The reasons for this are simple: schools lack security. They lack security because they have limited budgets.

Neglecting cyber security has been a practice for both businesses and governments alike and now the consequences are being felt. In fact, school ransomware attacks are  so problematic, the United States Senate also introduced a bill in December that would mandate bolstering they cyber security and infrastructure of schools.

Local Governments

The problems aren’t just the schools, however. Six figure payments have been made to hackers freezing stolen data from other government facilities in cities like Riviera Beach, Fla., New Orleans and 22 separate municipalities in Texas.

In New York specifically, Albany County Airport authority chose to pay out a ransom demand and two school districts within a two month period were infected by ransomware.

Last July, the US Conference of Mayors adopted a resolution declaring they would not pay ransom demands after an attack and presented their cyber security plans, but the resolution was informal and toothless.

The bill indicates something Cyber security experts have been saying for years: If our society doesn’t prepare itself for the digital age it will cost everyone. Luckily for governments, they were able to rely on tax money to pay a ransom. The question is, what about a small, private business with no cyber security plan in place?

Who Really Pays?

The main point is, this type of negligence always costs.  An article  released by the New York Times stated in 2019, 205,280 organizations turned in files that were eventually hacked in a ransomware attack.

Furthermore, the average payment to went up to $84,116 towards the end of 2019.

Ransomware attacks have led to the shutdown of numerous businesses as well. The Heritage Company was forced to send more than 300 employees home after their IT department failed to recover last October.

The Heritage Company is by no means an isolated case. In fact, one in five businesses are forced to shut down after a ransomware attack according to a report by the security firm Malwarebytes.
All of the experts warn that cyber-attacks are becoming more sophisticated, targeted and costly.

Ransomware is the most damaging from of cyberattack because both businesses and governments haven’t kept up with security.

It’s as if someone invented a buzz saw and banks kept all of their money behind a wooden door.

They’re Getting Away With IT

As for the robbers, tracking them down has proven difficult because they ask for ransom in the form of bitcoin. Bitcoin is untraceable and can be encrypted to ensure anonymity.

Riviera Beach Fla., another victim of ransomware, agreed to pay over $600,000 to criminals and they still haven’t been identified. With payouts like those ransomware attacks are not going away.

The F.B.I. said it received nearly 1,500 ransomware reports in 2018 and the agency acknowledges all report numbers are under-reported. In other words, the problem is even bigger than anyone knows.

What New York is doing only begins to scratch the surface of this epidemic.

Cities, like Lake City,Fla., are rushing to improve and strengthen their back up systems and infrastructure. It’s even adopted a cloud-based back up system that cost $60,000 a year.

Then again, what would you pay to protect your business?

For more on cyber security, cloud and tech, follow us on social media to stay updated.

New York Ransomware Payment Ban Leaderboard

What Should Concern Businesses About the New Orleans Cyberattack

The city of New Orleans experienced a cyberattack so severe Mayor Latoya Cantrell declared a state of emergency.

The attack occurred on Friday, Dec. 13 and caused the city to shutdown government computers. Officials announced the shutdown via social media posts.

City Shutdown Government Computers

The attack started at 5 in the morning, according to the city of New Orleans. At around 11 a.m., employees noticed what they considered suspicious activity. As a result, the city’s IT department ordered employees disconnect from Wi-Fi and close down their computers.

Fortunately, an investigations into the attack is currently underway as Federal and State agencies gather more information. As of now, nothing is known about the malware used during the attack and the Mayor said no ransom demands had been made yet.

Louisiana’s Third Cyberattack

This ransomware attack is the third to affect Louisiana in five months. In November, another attack prompted Louisiana’s Office of Technological Services to shut down multiple state agencies. And in July, cyber criminals attacked several Louisiana school districts, shutting down their networks for ransom.

As a result of the schools attacks, Governor John Bel Edwards declare a state of emergency that allowed state agencies to help local governments recover from the attack.

What’s the Damage?

Unfortunately, it’s always difficult to tell the extent of the damage. It could take months and, in some cases, years to truly understand what information was stolen.  Furthermore, hackers could have stolen government employee information, financial information and more from New Orleans.

Moreover, they will have to contact financial institutions and implement new procedures to address cyberattacks like this as well as increase security on their networks.

This begs the question, if State governments have to shut down entire systems and declare a state of emergency to deal with a cyberattack, what will it cost a small business?

Since the attack in November, The National Governors Association (NGA) has urged states to develop a formal continuity plan for responding to cyber threats. Additionally, cyber forensic experts will need to be brought in to investigate the breach.

New Orleans Government Cyber Attack Statistics

 

Cyber Response Plan

The NGA released a State Cyber Response plan in July, that governments are developing and 15 states have made their plans public.

Without a doubt, the impact of ransomware attack is nothing to scoff at and governments are learning the hard way. Ultimately, having a continuity plans in place ensures recovery from a breach runs as smoothly as possible.

Cybercriminals Declare Hunting Season

The FBI issued a warning in October declaring an increase of cyberattacks on “big game” targets. These are targets with money and sensitive information, willing to pay ransoms to restore their systems.

That doesn’t just mean local and state governments, municipalities and agencies. For instance, hackers often target businesses, hospitals, accounting firms and financial advisers for their data.

Additionally, businesses have to adapt and invest in security if they expect to succeed. The first of several security lessons: no one is too big or to small to get hacked.  Sensitive data is always in high demand. More importantly, dark web marketplaces, like Joker’s Stash, are always willing to sell it.

The Future of Cybercrime

Researchers warn that ransomware attacks will intensity in 2020. What’s worse, attacks are getting more sophisticated.

On the other hand,with the year coming to a close and a new one beginning, now is the perfect time to audit your IT infrastructure and verify it’s competency against these types of threats. Fortunately, 2020 will also see the rise of things like cyber insurance, AI and cloud-based security solutions.

Transitioning to a cloud-based solution, like a hybrid cloud,  might help industries across the board avoid scenarios like the ones in Louisiana.

You can read our article on how businesses can protect themselves from a cyberattack.

If you want to know more on cybersecurity news, the cloud, managed IT services and more contact us or visit our blog.

 

DoorDash Gets Data Dashed After Breach

DoorDash Data Breach

The food delivery company DoorDash was compromised on May 4th 2019. The company said the data breach exposed the data of 4.9 million users, delivery workers and merchants. Fortunately, users who made accounts after April 5, 2018 were not affected by the breach. However, the breach exposed names, phone numbers, order histories, email addresses, and password information.  DoorDash said the breach happened through a third-party service. If it can happen to them it can happen to anybody and too often, it does.

DoorDash said in light of the hack, it took additional security steps to secure user data. It added security layers around the data and brought in outside consultants and experts to further identify and repel potential threats.

The company also said hackers obtained the last four digits of users’ credit card information. The customers’ full card numbers were not obtained, nor were the card verification values (CVV). The hackers also managed to steal the driver’s license numbers of about 100,000 delivery workers.

Hashing

DoorDash uses a method of encrypting data called Hashing. Hashing is taking a way of representing data in the form of a series of symbols. Moreover, it allows you to take an input, say a password, of any length and turn it into a string of characters that turn out to be the same length.

There are algorithms, like SHA1 and SHA256, that do this for you and generate unique hashes. They will take a name like Thomas Johnson and turn it into something that resembles “aeb4048c96b086739900f4f4144cd1f5”. The good thing about these hashing algorithms is that there’s no way of reversing the process. If someone had access to the hash, they couldn’t reverse engineer the name. At least in theory.

Brute Force-Attacks

There is are some methods of getting the non-hashed password or information hackers often exploit, sometimes quite successfully. One of these methods is called a brute force attack or a dictionary attack. The hackers take a long list of passwords and run it through the appropriate algorithm. Then the hacker looks at the hash they wish to recover and look for it in the list of hashes. Like looking for a number in the phone book when all you have is a name. If they find a hash in the list that matches the one they have, they simply look at the plain text version on their list.

If you couldn’t tell, this is a very intensive process. However, experienced hackers will use huge word lists and run them through their systems. These systems can analyze passwords in a matter of seconds.

Hash Collision

Hash collisions happen when two sets of data correspond to the same hash. This is very rare but useful. The hacker would be able to use a series of characters to access your account since it generates the same hash as your password.

Doordash assured its users and the cyber community that the hashing routine used salt to increase its complexity. No, not actual salt. “Salt” in cryptography simply means adding random data to the input (the password going into the algorithm)  so the hash is unique. This decreases the chances of a brute force attack or a hash collision.

Adding Salt to a Hash

Hashing isn’t full proof. It’s very deterministic, meaning a certain input will always give you the same output. Thomas Johnson as an input will always produce the same hash. So, if two people coincidentally use the same input for a password, they will both generate the same hash.

Adding salt to a hash means you take a random variable of a specific length and add it to the input. So, even if the input itself isn’t unique, the variable makes the hash unique. Metaphorically adding salt gives the hash a more distinctive flavor.

Despite the fact DoorDash took these extra precautions to encrypt their users passwords, experts suggest that any user affected by the breach should change their passwords to something as complex and secure as possible.

It’s Common

Unfortunately,  data breaches like the one in DoorDash occur fairly often. The more sensitive the information the more lucrative the hack will seem to a cybercriminal. That’s why the healthcare, accounting and financial services industry are often targets of cyber-attacks. 71 percent of breaches in 2019 were financially motivated, meaning hackers are looking to get information they can use to enrich themselves. Then, company that regularly deals with clients’ financial information would be a prime target. Doordash has credit card information to facilitate purchases but accountants and financial advisers have much more specific information.

That’s why managed IT for Finance and accounting is so important. Companies take their IT infrastructure for granted, often times, because they see it as an extra expense not a necessity. However, security is an expectation not a luxury. Providing managed IT for accounting and fiance is mostly about planning with compliance and security in mind.

That’s why agencies regulate these types of companies . Many compliance laws force industries like fiance and accounting to maintain high levels of security. That way, financial information isn’t compromised. Yes a thief is blamed for a robbery, but if the bank has poor security and didn’t install security cameras to cut costs, the bank is just as much to blame. This metaphor might simplify things a bit too much, but sadly that is the case for many industries. They don’t invest in newer cyber security because they’re too small to get attacked. Other times companies will think the security measures they take are good enough.

Small Sized Businesses are More at Risk

If a business owner reads this article and thinks to themselves, “I’m not Doordash, I run a small accounting firm,” they’re sadly mistaken. As a matter of fact, 43 percent of data breaches in 2019 targeted small businesses. People only take notice of the breaches occurring in large companies like Doordash and Capital One because those make interesting news articles and blogs. More often, it’s the smaller companies that suffer the greatest losses. 60 percent of small companies go out of business within six months to a year of a cyberattack. This is a number taken from the U.S. National Cyber Security Alliance.

Most of these breaches occur because a low level employee does something wrong. They open an email that contains malware, they don’t secure their passwords, they expose valuable information on social media, they are victims of an elaborate phishing scam. Nerds Support works as a financial cloud provider giving extensive training, security protocols, policies and procedures within the company.

Now, notice how they published a blog regarding the incident. They didn’t have to do this. DoorDash could’ve gone to the press but they knew it was important to retain a sense of confidence in the company. The company needed to tell as many people as possible that everything was taken care of. That’s obviously because perception builds trust and trust is the currency that builds companies.

A Data-Breach in Trust

If a breach occurs it’s highly likely that confidence in the companies ability to secure sensitive data will decrease. Restaurants have gone out of business because a customer found insects or filth in their foods. Companies fail more often from a decline in trust than anything else.

Nerd Support provides FINRA approved cloud storage to financial firms because keeping with industry compliance creates a safer digital environment for both the company and its clients. If someone is looking for a firm and sees it’s following all regulatory and security standards, then it’s a subconscious relief that builds confidence in the firm.
That being said, IT solutions for finance differ from the solutions other companies need, but all industries are regulated to some degree.

What can you do to Avoid a Breach?

Create a business continuity plan. This will mitigate the impact of a breach and ensure your business survives and recovers. DoorDash has one, which is why it immediately took steps to bounce back from the attack. The company added new security measures to their systems, hired outside consultants, and took to social media to update everyone on the status of the company. There is no doubt the company discussed all of this at some point in it’s history.

This was a swift and comprehensive move on DoorDash’s part because they knew the longer it takes to act after a disaster the bigger the losses.

Delete all emails, links online posts that you suspect might lead to a virus or data-breach. These are how many cybercriminals steal information.

Update and secure all software. This is often overlooked but it can be one of the best defenses against malware and viruses.

Encrypt sensitive data. Like DoorDash, encrypting sensitive data will make access to it difficult at worst and nearly impossible at best. Encrypting data is just converting data into another form.  Like hashing a password by turning it into a series of numbers and letters. Nerds Support encrypt its partner’s data and store it in a highly secure data center. We focus more on software encryption but you can also encrypt hardware.

DoorDash is just an example of what can befall any company in today’s world. Companies experience hacks, data  leaks, and personal data’s constantly stolen. The threat is more visible to the public now as larger companies fall victim to attacks. Cyber-crime is the world’s highest paying business, estimated in the trillions of dollars.

Business owners need to take action. If they don’t do anything, they’re just waiting to be next

A man looking closely at his emails to avoid phishing scams

Miami Phishing Emails and How Not to Get Ripped Off

There are many phishing email schemes in Miami that seem too good to be true. You might get an email or pop up as an advertisement, promising money or other luxuries. Then, as they expect, you go opening these without even thinking. Sooner than later, you might find that something horrible has happened to you, as a result of a scam.

You may have your identity stolen or money taken out of your bank account. But you also will experience an invasion of a malware that infects your computers. The truth is, you can never be too careful by having the proper programs installed.

Having your computer activity tracked is not unusual. It’s most likely to happen when you are using the internet. As a result, you could find more strange emails, bizarre ads or even worse.

The malware may also be starting back doors on your company. A hacker stealing company information is very common. So imagine if a hacker stole your company secrets and sold them to your competitors? What would happen in the event that they destroyed your backups?

One terrible instance of Phishing is when you click a link in an e-mail and your whole laptop goes black. Next, you get a message demanding a stressful fee before your files get deleted forever. This is a Ransomware attack and in 2017, attacks like these exploded into a full scale business model.

How to Avoid Miami Email Phishing Scams?

Nerds Support’s Email Protection team knows how important protecting your business can be. So it is important to know the common signs of phishing emails. Here are a few signs of phishing emails:

  • You do not recognize the sender’s email address
  • There are grammar and spelling mistakes
  • The email claims to be from a corporation
  • The email says you won a prize
  • You are required to give personal information
  • You are being asked to send money
  • There is a time frame in which you have to send your information

Using these tips will keep your company information safe, regardless of the email program you use. However, the best way to keep your information safe is by having a strong data protection plan. Nerds Support’s data protection plans are some of the best in South Florida. Our IT Support Miami specialists are always prepared to keep your business secure.

Clients who use our cloud are some of the most secure companies in South Florida. Our email servers filter through all the emails your company gets and throws away all the bad emails. That way, you only get emails that you need to make your business more efficient.

Nerds Support’s data protection team is also in compliance with the latest rules and regulations. With this, you don’t have to ever worry about company compliance. Nerds Support IT support Miami team will handle all that for you. That means, the only thing you have to do is keep your business profitable.

Looking for reliable IT security solutions in Miami? Contact Nerds Support!