31 Days of Cybersecurity in October

It’s almost October meaning it’s time for pumpkin spice everything, Halloween preparations, and Cybersecurity Awareness Month! The month of October is designated to educate the public about the importance of cybersecurity.

For 31 days straight, we will be posting a tip a day on our Facebook page, so be sure to “like” us so you don’t miss out!

According to the Department of Homeland Security, the monthly awareness program was  “designed to engage and educate public and private sector partners through events and initiatives to raise awareness about the importance of cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident.”

With the direction technology is headed, it’s no secret that cybersecurity is at the top of the concern list for people all over the world. Global Cyberattacks, data breaches, and ransomware attacks have dominated the headlines recently, exposing citizens to an insurmountable amount of cyber problems. While these problems are in fact very real, we believe that a true weapon against cyber-destruction is knowledge.

In some cases, there is a breakout of a phenomenon known as “security fatigue.”

Is security fatigue real?

With the increasing number of cyber problems accumulating on a daily basis, it seems that individuals have been developing a phenomenon known as “security fatigue,” or risky computing behavior in response to too many instructions and ads against such attacks.

Constantly changing passwords, two factor authentication, captcha, and strong passwords are said to potentially add too much of a burden on employees. For those advanced companies, you might start seeing a move towards biometrics rather than counting on ever-changing passwords to act as your security wall.

For those of us who do not have access to biometrics and fingerprint authentication, we’re going to bring an innovative spin to tried-and-true methods all of us should be putting into practice.

Be sure to follow along on our Facebook page for daily tips that are quick to implement and easy to share. Be sure to let us know if you try them out! #Inverselogic #October #CybersecurityAwarenessMonth

Cybersecurity Experts Give 5 Tips to Avoid Ransomware

Malware – a mashup of the words ‘malicious’ and ‘software’ – is what cybersecurity experts use to describe any malicious program on a computer or mobile device. Ransomware, a type of malware, is a version that encrypts files and asks for a ransom (typically through bitcoin), in order to decrypt said files. Though there are various types of malware that exist, many versions install without user consent. The effects of malware range from crippling your computer to stealing sensitive data.

Recently, there has been an increase in attacks on hospitals in exchange for hefty funds. In February, Hollywood Presbyterian Medical Center paid a $17,000 ransom (40 bitcoin) after a hacker seized their patients medical records and important files. Unfortunately, this is a trend that is happening all too often. We’ve put together an infographic to help you fight against ransomware and protect your important files. If you do not have a proper backup plan set up, Inverselogic’s cybersecurity experts can put a plan of action together for you and your business.

Malware Infographic

Cybersecurity Trends for 2016

Today we can do just about everything with the help of the internet- view and control bank accounts, peruse and shop from stores around the world, connect with new people or video chat with distant friends and family, even control smart objects like kitchen appliances from afar. The same effect can be observed in business, with more and more day-to-day operations becoming automated or conducted online.

It’s no surprise that privacy and online security is going to be a prolific topic of concern in 2016 and beyond. With all kinds of sensitive information being transferred between different parties, hackers have more opportunity than ever to try and steal information to either sell on the dark web or use for their own financial gain.

There are many precautions consumers and businesses should take to stay in control of their confidential information and protect business assets. For users, get started with our comprehensive Guide to Cyber Security and our Guide to Email Security.

For a general idea of cybersecurity trends, check out our infographic:

 

Cybersecurity 2016

In the coming weeks, we will continue our Cybersecurity series to help inform users of how to protect their information. Stay tuned for more on common social engineering tactics, how to protect your inbox through safe email practices, bolstering information security on mobile devices, and how to control what is shared on social media.

Interested in protection for your business? Visit our website to learn more about our cybersecurity services and contact Inverselogic to speak with an expert.

Microsoft Ends Support for Older Internet Explorer Browsers

Are you running on Internet Explorer? If so, now might be a good time to upgrade to the latest browser. If you’re running on IE 8, 9, or 10, Microsoft wants you to know that they will no longer be supporting the previous versions of the web browser on most Windows computers. In an attempt to phase out of IE and over to their new default browser, Edge, Microsoft will be issuing security updates and bug fixes to IE 11 only.

If you decide to continue using an out-of-date browser, consider yourselves warned. You could be putting yourself at risk for malware and cyber attacks, since Microsoft will no longer push security updates and bug fixes. However, if you are running on Windows Vista, Microsoft will continue to support IE 9.

In this day in age, most of what we do is inter-connected. We can run entire businesses from a single web page, or collaborate with others on cloud-based file storage and sharing sites. By using an out-of-date web browser with known vulnerabilities, you are susceptible to cyber attacks that could be prevented with a single update – and that is what Microsoft is trying to avoid.  So to prevent any mishaps, let the automatic updates do what they’re meant to do.

With that in mind, there is still a continued and very urgent need to have proper security software in place. By ensuring that you have the proper security, new threats can be responded to in a matter of minutes as opposed to handling the fallout of attacks. If you’re lacking proper security software and need to get something in place, Inverselogic can help with that. Visit the ‘Contact Us’ form on our website and we will get in touch with you.

Microsoft first made the announcement to end support for older IE web browsers back in 2014. With the launch of Windows 10 in 2015, Microsoft gave users the newest default browser, Edge, which is said to be quite the improvement over Internet Explorer. Interestingly enough, the logo for Edge looks almost exactly like IE’s famous ‘e’ logo.

Microsoft encourages you to upgrade by letting you know the benefits of a newer web browser. “Microsoft recommends customers upgrade to the latest version of Internet Explorer available in order to experience increased performance, improved security, better backward compatibility, and support for the modern web technologies that power today’s websites and services.” (More Lifecycle Support information here)

$30 Million Paid as Ransom to Cryptolocker Creators

In the last 90 days, 200,000 to 250,000 PCs have been infected with Cryptolocker ransomware. The ransomware infects a system when users click a link, sometimes claiming to track a package. Instead, malware encrypts all files on the PC, making them inaccessible unless a fee is paid.

The average ransom paid between US and UK users is $300. Previously, if the ransom was not paid within a certain time period, the files were permanently locked, but creators of the malware have recently added a late payment option, at a high cost of $300,000.

cryptolocker

According to Dell Secured Counter Threat Team, those behind Cryptolocker have made over $30 million. in the last three months. The malware is said to have originated in Russia or Eastern Europe where “bullet-proof” hosting services are indifferent to criminal activity on their networks.

 

Maintaining Your Cyber Security

We are becoming increasingly connected to the world online through desktops, laptops, tablets, smart phones, e-readers, and even wearables. While this is great for staying in tune with current events and keeping in touch with others, the increased exposure makes us more vulnerable to cyber attacks than ever before. Surprisingly, some people are not as aware of the threat as they should be.

Norton Security’s 2012 Cyber Crime Report revealed that 55% of those surveyed had no idea whether their computer was “clean” or free of viruses. Another major concern today is maintaining mobile security. While two out of three adults access the Internet with their phones, 44% of them are not even aware that mobile security options exist.

Still not convinced that the threat of cyber attacks doesn’t apply to you? Check out the facts below:

Cyber Crime Stats

Most cyber attacks are launched in an attempt to steal your information. Scammers will send phishing emails, trying to get you to divulge of passwords, bank account details, and other sensitive data. Some will even prompt users to download a file, disguised as legitimate software, that turns out to be malware. In these cases, users might have software on their devices, accessing their information and sending that information to an outside source without the user’s knowledge or consent.

It is much easier to avoid falling victim to cyber attacks than to try and restore lost data or recover your financial assets. To avoid becoming a victim, it helps to become familiar with the different forms of cyber attacks, and the best practices to ensure that your information stays safe. In general, here are some basic rules to follow when it comes to protecting yourself on the Internet.

  1. Never give in to unauthorized requests to reveal confidential information.
  2. Don’t use unprotected computers or networks- make sure you have an updated anti-virus program and that your network has a firewall set up.
  3.  Never leave important documents out- lock them away or put them out of sight before leaving your desk.
  4. Use passwords to protect your devices and important documents- also make sure these passwords are changed often and are long and complex.
  5. Never click on suspicious links and do not open suspicious emails- Simply opening some can be a threat to your system.
  6. Do not plug in your personal devices without prior approval- they could have dormant malware on them that could compromise your information once plugged in.
  7. Never install unauthorized programs- if you have found a program that you think would be useful, consult your IT department first.
  8. Always stay alert and report anything suspicious as soon as possible.

Whether for personal use, or on the job, follow our Guide to Cyber Security to ensure that your information, and others’ is kept safe and out of the wrong hands.

 

CISPA Bill to be Revived

CISPA, short for the Cyber Intelligence Sharing and Protection Act will likely be brought back for voting in Washington after recent reports of cyber espionage attempts against U.S. targets. Chairman of the House Intelligence Committee, Mike Rogers, claims that “American businesses are under siege,” making the controversial bill a necessity. Today hackers are considered the new terrorists and the head of Homeland Security, Janet Napolitano, believes a “cyber 9-11” is probable if no cyber security legislation is enacted.

While we doubt that the threat of a nationwide crippling infrastructure cyber attack is near, businesses large and small should be taking the necessary precautions to prevent security breaches from hackers more interested in gaining valuable information. Recent targets have included several U.S. banks, the Federal Reserve’s website, the Wall Street Journal, New York Times and The Washington Post. Most of these attacks have been traced overseas to China.

security-100023223-gallery
Image courtesy of PCWorld.com

If passed, CISPA would grant immunity from privacy laws to companies and federal parties which share customer information that relates to “cyber security”. The issue of course, is how easy it is for companies to cross the fine line between “sharing” this information for security purposes and misusing this immunity for spying. CISPA was passed by the House of Representatives last Spring, but never made it to the floor after a veto threat was issued by the White House. President Obama is reportedly preparing to issue an executive order on cyber security after the Union Address scheduled for February 12.

So how could this affect us? Overall, if the bill passes with restrictions on the use of “sharing” information and companies act within those boundaries, the bill would work for its intended purpose of preventing cyber attacks from overseas. This seems unlikely though, and it would also increase the government’s surveillance abilities, making most uncomfortable. However, it is unlikely that the bill will pass through the House it’s second time around without major changes, and we hope the President’s plans to address cyber security will create more options for better security without compromising privacy.