Cyber Security – What Is It and Examples of Cyber Threats

Technology and data is the core of most organizations.
But what is cyber security and have you put the effort into effective cyber security?
We’re here to explain what it is and cyber security practices for effectively defending against hazards in the digital world with the help of Mike at Cybir!

Cybir is a continued core focus on a full suite of in-house cyber security, digital forensic and data recovery expertise, honed for litigation support, eDiscovery and expert witness services.

What Is Cyber Security?

Cyber security (as stated by Merriam-Webster ), is the measures taken to protect a computer or computer system against unauthorized access or attack.
Any organization that uses modern technology must face with the risk of cyber threats. Taking steps to address this risk is crucial for the operational security of businesses. Data breaches and cyber-attacks against businesses have the potential to cause huge financial and reputational damage. It could not only affect the business, but also the employees.

Examples of Cyber Threats

Malware
Malware, shorthand for “malicious software,” is an application that’s intended to cause damage to systems, steal data, gain unauthorized access to networks, or otherwise wreak havoc. This is the most common type of cyber threat. 

There are a number of malicious software variants, including:

  • Viruses – Attaches themselves to clean files, replicate, and spread to other files. They may delete files, force reboots, join machines to a botnet, or enable remote backdoor access to infected systems.
  • Worms – Similar to viruses, but without the need for a host file. Worms infect systems directly and reside in memory, where they self-replicate and spread to other systems on the network.
  • Backdoor – Used by attackers to secure remote access to infected systems, or to obtain unauthorized access to privileged information.
  • Trojans – Disguises themselves as a legitimate application, or simply hide within one. They discretely open backdoors to give attackers easy access to infected systems, often enabling the loading of other malware.

Ransomware
Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Ransomware attacks often rely on social engineering techniques such as phishing, tricking users into downloading a dropper that retrieves and installs the payload. Once on the system, ransomware finds all files of a specific type locally and across the network, encrypting and often stealing them. The original files, recovery points, and backups are then deleted to prevent users from restoring the system on their own. Ransomware usually changes the file extension and adds a “help” file, explaining how victims can pay to recover their data.

Mike at Cybir also mentions data exfiltration. He states, “Ransomware is evolving where threat actors are also stealing data and saying, ‘ok great your backups worked and you restored, but you are still going to want to pay us if you do not want us to leak your data to the internet or dark web.'”

He states for protection, “For ransomware and malware traditional AV is no longer effective. Traditional AV basically has a definitions file where when it is running a scan it looks at the current file and compares it to its list of known good / bad files and then makes a decision about what happens to it from there. If it does not know anything about the file it likely skips right over it and allows it to pass. EDR/MDR/XDR SentinelOne provides best in class NextGen Antivirus, device control, firewall control and threat hunting capabilities.”

Cybir offers endpoint protection, detection, and response in conjunction to SentinelOne that provides best in class NextGen Antivirus, device control, firewall control and threat hunting capabilities.

Phishing
Phishing is a common attack technique that manipulates people into taking unsafe actions or divulging sensitive information. In typical phishing campaigns, attacks will use different types of communication – email, instant messages, SMS, and websites – to impersonate a trustworthy person or organization that they are familiar with and using that identity to trick users into clicking on malicious links, downloading malware-laden attachments, or disclosing sensitive personal information.

Mike at Cybir states, “This often leads to ransomware or a business email compromise type of attack.”

One way to stay protected from phishing attacks is training and education. Mike at Cybir states, “The keys are constant user training and education as well as a solution like ironscales that is going to profile an email and add banners/details to give the user a heads up.”

There are two types of phishing attacks – phishing which is wide-ranged and spear phishing which is targeting a specific individual/company.

Spear phishing requires a lot of research for the attacker, but these cyber threats are generally tailored to their target based on insider knowledge or information available on the web and/or through social media. They use reputable names within the company to attack someone who they think will fall for it. It requires extra effort to spear phish, but they are more likely to succeed.

PCS offers a variety of phishing training products to help you and your company stay protected and aware of what to look for when it comes to phishing attacks. 

Knowing the different malicious attacks out there, there are ways to monitor and keep protected again malicious attacks.

Cybir offers Security Operations Center As A Service (SOCAAS) with these key features –

For more information about cyber security and ways to stay protected, contact PCS today!

Cyber Insurance – How Important Is It?

Cyber attacks have increased throughout the years, but within the past year, more people are becoming aware of how important it is. Many are turning to cyber insurance as a means of protection against some of the effects of an incident,
but what is cyber insurance and how does it work?
We’re here to go over what you need to know with the help of Hardenbergh Insurance Group.

Hardenbergh Insurance states, “For many years now, there has been awareness that companies should be accountable for the safeguarding of the personally identifiable information of their customers.  One particular law that helped to raise awareness was the Health Insurance Portability and Accountability Act (HIPPA) of 1996.  The vast majority of states have amended their state laws to address how companies and state agencies must respond to a security breach that results the compromise or potential compromise of personally identifiable information.  Most state laws dictate that in the event of a breach, not only must the organization notify the affected individuals, but also the specific state agency.”

Businesses such as health care providers, banks, law firms, accountants, hotels, retail stores, schools, public entities, charitable organizations, mortgage brokers, insurance agents, and other professional service providers, restaurants and any other business that maintains records of personally identifiable information all have a cyber liability exposure.

Today, the vast majority of businesses rely on their computer systems to run their business and to service their customers.  The inability to operate their computer system due to a cyber attack can cause severe financial damage to the organization.

What Is Cyber Insurance?

Cyber insurance, also known as cyber-liability insurance, is an insurance policy that helps protect organizations from the fallout from cyberattacks and hacking threats. Having cyber insurance protect against losses that are related to computer- or network-based incident.

Any business with an online component or one that sends or stores electronic data might benefit from cyber insurance.

What Does Cyber Insurance Cover

Key first party insuring agreements include the following:

  • Cyber Extortion – Costs to investigate, negotiate and settle threats made against the insured related to intentional computer attacks
  • Privacy Breach Response – Expenses for breach response services such as notification, credit monitoring and identity/credit repair
  • Business Interruption – Loss of income due to interruptions in business caused by breaches of an organizations network
  • Crisis Management – Expense of retaining a public relations firm to help mitigate damage to the organizations reputation and brand image caused by a cyber attack

Key third party insuring agreements include the following:

  • Technology Errors & Omissions – Error or omission in the performance of technology services resulting in third-party loss.
  • Privacy Liability – Failure to protect private or confidential information.
  • Security Liability – Failure of network and information security to prevent the transmission of computer viruses.
  • Media/Content Liability – Libel, slander, and other forms of disparagement, etc. with respect to the display of materials as well as infringement of a copyright by your website content.
  • Regulatory Actions – Regulatory actions brought by state or federal agencies to enforce privacy regulations.

Not all cyber liability insurance policies are the same.  Coverages can and will vary depending on the carrier and the insuring agreements purchased.  When evaluating which cyber liability policy is appropriate for your organization, it is important to evaluate both the first party insuring agreements and third party insuring agreements being offered.

When evaluating cyber liability alternatives for your business, it is crucial to be sure that the policy you select to protect your business contains the appropriate insuring agreements.  The Risk Management professionals at Hardenbergh Insurance Group can work with you to evaluate your exposure and to ensure that the appropriate coverage is in place to protect your business.

Most businesses are requiring clients to get cyber insurance. 

Cyber Risk Management Techniques That Can Be Implemented To Protect Your Organization From Cyber Attacks Said By Hardenbergh Insurance Group:

Cyber Security Practices We Should All Do- Staying Protected

Cyber security is one of the most talked about subjects in the technology field.
Having your business data secured is crucial, but there are ways to stay protected.
We’re here to help you keep your data protected with these security practices we should all do to ensure cyber security!

Changing Passwords/Password Strength

Password safety cannot be stressed enough! Changing your passwords every 60-90 days will allow your information to stay protected. With that, your cyber security will continue to increase.

Not only will changing your password help, but also make sure it is STRONG. Adding symbols, numbers, and making sure the length is 8 or more characters will help keep the password strong. In the example presented above, pa$$word1a has a stronger password strength than password1 (please don’t use example above for your next password).

Webroot has given some greats tips for creating a new password. Using a phrase and incorporate shortcut codes and acronyms will keep the password strong while being able to remember your favorite phrase or saying. Some examples are 2BorNot2B_ThatIsThe? (To be or not to be, that is the question) or ABT2_uz_AMZ! (About to use Amazon).  Unique passwords are harder to break through than weak and simple passwords (please do not use any examples given above).

When selecting a password, do not use any personal information! Using personal information can lead to hackers knowing the answers to your security questions.

Examples of personal information to not use:
Your name
Age
Date of birth
Child’s name
Pet’s name
Favorite color/song

Don’t Use The Same Password For Everything!

Using the same password for multiple logins will cause a bigger issue than you may think. Having the same password for your banking, company sites, or even for your email will allow hackers to get into multiple accounts rather than just the one they got into.

Having different passwords will increase your cyber security to allow your data to be protected. It seems hard at first, but having that variety will allow not only your companies information to stay safe, but your own personal data will continue to stay protected.

Using A Password Manager

A password manager is program that allows users to store, generate, and manage their passwords for local applications and online services. It assists in generating and retrieving complicated passwords, storing the passwords in an encrypted database or calculating them on demand.

Having this will alleviate having to write your passwords down on a piece of paper.  Writing your passwords on paper or even putting them on a Word/Google document will create an easier passage for hackers to get into your information.

Updating Your Antivirus

Your antivirus is used to prevent, scan, detect and delete viruses from a computer. But what happens when you don’t update your antivirus?
There are always new viruses developing and keeping your computer clear from them are important. When you don’t update your antivirus, it won’t protect against the newest threats, leading it to believe that it is nothing to worry about. You might not be as protected from cyber security risks as you might think. Even worse, your device could be at risk of the latest threats that your security product is not yet aware of.  Making sure you are updated on the latest software could relieve all stress in not knowing whether or not you are protected from any threats. This will continue to add that extra layer of cyber security you need.

Installing Multi-Factor Authentication

Multi-Factor Authentication is a security technology that requires multiple methods of authentication from independent categories of credentials to verify a user’s identity for a login or other transaction. Having that extra layer of protection will allow your data to be protected while making it difficult for any malicious attacks to happen.

Once you login, you will get a prompt on your phone asking if it is you with the name and address that is trying to login to your account.  When you see the pop-up, you have to click accept or deny.  After you accept that it is you, you will be let in! This is just another layer of cyber security that will help protect your data. DENY any user that is not you logging in!

Phishing Training

Keeping up with your phishing training is IMPORTANT! Malicious attacks are happening within your emails. Clicking on one bad link could lead to a data breach. Knowing how to identify a phishing scam could not only impact your company data, but also your personal information. Phishing training allows you to see simulations of different ways a threat email can come through for you to identify.

Identifying an email could seem harder than you think. Hackers have been able to make it so users think the email is coming from someone reputable within your company. We have broken down the ways to identify phishing emails in our post “Phishing Emails – Ways To Detect and Prevent Attacks,” but having an added layer of security by taking phishing training will decrease your chances of malicious attacks.

For more information or need help getting set up, contact PCS!

Microsoft Issues URGENT Security Warning … Update Your PC Immediately!

Microsoft is urging Windows users to immediately install an update.
Security researchers found a serious vulnerability in the operating system.
We’re here to help you better understand what is going on and how to update your system!

PrintNightmare

The PrintNightmare flaw is a major security risk for enterprises, where print spoolers are used on Windows machines. Microsoft considered it serious enough to rush out a patch last week. The researchers announced in late May that they found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They published a proof-of-concept online by mistake and subsequently deleted it, but sadly not before it was published elsewhere online.

Microsoft warned that hackers could exploit the vulnerability and be able to install programs, view and delete data or even create new user accounts with full user rights.

Who Is Affected?

Anyone using Windows 10 and earlier are affected! Microsoft urges that everyone using Windows should update their systems IMMEDIATELY.

How To Update Your Windows PC

Updating is simple and fast!

  1. Select the Start button
  2. Select Settings
  3. Update & security
  4. Windows Update

This will help update your computer to the most recent Windows update.  Below is a picture example on how to update your PC.

Microsoft also released a patch for Windows 11. Its newest operating system, due out soon, is currently available to beta testers.

For help on updating your system, contact PCS!

Phishing Emails – Ways To Detect and Prevent Attacks

Phishing has become one of the most common methods of cybercrime. Despite how much we think we know about scam emails, people still frequently fall victim.
We’re here show you how to detect a phishing email.

phishing scams

Message Is Sent From A Public Email Domain/Misspelled Domain

Sometimes, the hacker will try to use the same information as someone higher up in your organization (such as a president or manager) and use the same credentials but different domain. The one part to check specifically is the email domain. If the email is not recognizable, don’t click on anything!

One example is if the email is allegedly from PayPal, but the domain of the link does not include “paypal.com,” that’s a huge giveaway.  Looking at all your sources will help you identify what is legitimate and what is a malicious attack.

Make sure you are checking ALL parts of the email (not just the display name). Many of us don’t ever look at the email address that a message has come from, but rather just look at the display name. Hackers will use that against you by using the real sender’s picture and name that they are trying to impersonate. Looking into the email address that is sending you anything helps with being able to identify if it is legitimate or if it is a phishing email.

Email Is Poorly Written

When it comes to crafting phishing messages, scammers will often use a spellchecker or translation machine. It will give them all the right words but not necessarily in the proper context. Noticing poorly written emails will usually mean that it is coming from an outside source and it’s a spoof.  Keep an eye on poor grammar and spelling errors.

Message Has a Sense of Urgency

Phishing emails have a tendency of not only having grammatical errors, but it seems like they always have a sense of urgency. Hackers know that an email that seems urgent receives a little more attention to others emails that can be thrown into the back burner. Criminals know that we’re likely to drop everything if our superiors email us with a vital request. Taking the time to actually look at the email domain and how the email is typed out, you will see that it is a malicious attack and not anyone within the company.
Knowing the difference will help not only you, but the company itself with avoiding a data breach.

Suspicious Links

Sometimes when phishing emails are sent, you see either a button or a link that is attached. You can spot a suspicious link if the destination address doesn’t match the context of the rest of the email. Unfortunately, when a suspicious link is hidden behind a button, it is hard to determine if it is legitimist or if it is a fraud. Looking at the email address and identifying if it is real will help with determining whether it is legitimate or not.

Ways To Stay Protected

One way to make sure you’re alert and aware of phishing attacks is educating yourself is phishing training. Phishing training will allow you and your employees to detect phishing emails and understanding what to look for. With simulations, you will be able to identify many different ways that a phishing attack can occur and ways to prevent a data breach for your company.

For more information about phishing training, contact PCS!

Cyber Security – It’s Not A Choice Anymore … It’s Necessary!

Malicious attacks have spiked throughout the years and cyber security has been discussed in so many ways.
Throughout the pandemic and employees working from home, companies have been targeted and attacked with many different methods.
Hackers don’t take a day off, so we’re here to help you stay protected.

Malicious Attacks – How Often Do They Happen?


According to Embroker, in 2021 cyber attacks happen every 11 seconds. That has increased through time, but it will continue to rise through time. It was said that in  2020, 155.8 million individuals were affected by data exposures …

Impact and Severity of Cyber Attacks

Cyber attacks can impact businesses and organizations in many ways – from minor disruptions to financial losses. Every consequence leads has some form of cost. Malicious attacks can impact your business weeks, if not months later.

Your business may suffer in these areas:
Financial losses
Loss of productivity
Reputation damage
Legal liability
Business continuity problems

Costs of Cybercrime

According to the FBI, the cost of cybercrime in the US was $3.5 billion in 2019, as stated by Colbalt. The cost could be much higher if it remains unnoticed. In 2020, the average business cost of a cyberattack is $3.86 million and it takes over 200 days to detect the breach (IBM). Statistics show that cyberattacks projected to hit $6 trillion in annual loss in 2021, which has doubled since 2015. (Cybersecurity Ventures).
Cybercrimes can cost enough to shut down small businesses if it remains unnoticeable or the malicious attacks are not safely resolved.  The average ransom demand is over $100,000, which continues to grow over time. Over a third of all companies attacked with a ransomware attack, end up paying that price, resulting, on average, in a 16-day downtime for the attacked firm. The percentage and increase of cost continues to rise through the years as hackers continue to learn and grow.

How To Prevent Malicious Attacks

Here at PCS, we help you with all your cyber security needs. With Managed Endpoint Protection/Next Generation Antivirus, Advanced E-mail Security/Phishing Training, and Multi-factor Authentication, it would be a challenge for malicious attacks to happen.

For more information or to make sure your company is protected, contact PCS!

Data Loss – What Is It and What Can You Do To Stop It

Data Loss
What exactly is it?
How can you avoid it?
We’re here to go over everything you need to know about preventing data loss to help keep your information safe!

What Is Data Loss?

Data loss is exactly what you think it is. Whether your information/back-ups are accidentally or maliciously deleted from your system, important data is lost. This might happen when a malicious internal user gains inappropriate administrator privileges, or when an external party seeking to do damage to your company’s reputation hacks into your system. It could be thanks to poorly configured backup jobs or other settings. In addition to these human causes, hardware failure or theft can also account for data loss.

What Can You Do To Protect Your Data?

iland is a cloud service provider of secure and compliant hosting for Backup as a Service (BaaS).  iland’s Insider Protection, guards you against straightforward deletion of all backups and even more sophisticated attacks. The service will assure that a copy of your backup is always available!

Internal or External Threat Protection

Insider Protection enables you to recover a full backup of deleted data! Instead of deleting your backup files, hackers may choose to corrupt or encrypt your backups. This would replace any recovery points you may have causing you to instead use damaged backups. With Insider Protection you will have access to backups that the attackers did not, giving you the confidence you need during a disaster recovery event.

How It Works and How To Recover

With iland Insider Protection, backup files that were deleted maliciously or accidentally are kept in an air-gapped directory. This directory will only be accessible to iland technicians! Backup files that were deleted will remain in this isolated folder for seven days and can be saved to be transferred back to you once you are ready to restore data. Your files will not go away until after seven days of isolated storage.

If you fall victim to a breach like a ransomware infection, the data protected by iland would be untouchable and could be trusted to restore critical data after an attack, easing your mind and reducing your downtime.

 

Contact your PCS Account Representative today
to add this increased security to your current iland cloud storage!

Data Breach – How Can It Happen And Ways To Avoid It!

It seems like recently, we have been hearing a lot more about how businesses have experienced data breaches.  But how did the hackers get into their systems?
We’re here to tell you different ways that hackers can get into your companies information and how to prevent it!

1. Weak and Stolen Credentials (Passwords)

Weak passwords are the easiest way for malicious attacks to happen to your company. They allow hackers to ease their way into your system faster than you could imagine. Having strong and secure passwords that change every 60-90 days will greatly decrease the chances of these attacks.

Password Managers can help store, generate, and manage your passwords for local applications and online services. They assist in generating and retrieving complicated passwords, storing the passwords in an encrypted database, or calculating them on demand.

2. Phishing Scams

Email has been used more for business throughout the years. Hackers have found a way to gain access into your information by creating email that impersonates those that you would receive every day, perhaps even from company executives. Phishing emails are scams that target a specific person/company. Having email security will help identify threats to make sure you keep your companies’ information safe. Identifying email threats will also help to keep your personal information and accounts from being hacked. Knowing what types of email are threats can make a big difference to you and your company!

3. No VPN/Secured Wi-Fi

Not using a VPN service, or logging into an unsecured network can allow hackers to gain access to your business data! Allowing your data to travel through an unsecured network gives access to someone who is using the same network, or even a hacker who is trying to gain access to information you were retrieving on your devices. Once you connect to an unsecured Wi-Fi network, your information is vulnerable. Make sure to use your VPN service, or log into a secured Wi-Fi when trying to access important information. These steps create an extra layer of security, helping to avoid malicious activity, and making it more difficult for your data to get into the wrong person’s hands.

4. Running Updating Operating Systems/Applications

If you’re still running Windows 7 or haven’t updated your applications … STOP HERE AND READ!! Using outdated software and applications can lead to system vulnerability. Microsoft confirmed that Windows 7 will no longer be supported for security updates or technical assistance. If you’re running an outdated operating system, you’ll open your company up to known hacks, malware, viruses and other potential future security flaws.
For example, any Google Chrome versions prior to 91.0.4472.114 may have vulnerabilities that allow attackers to execute arbitrary code in your browser. Having an outdated application or web browser could lead to malicious attacks within your systems, targeting all the information that hackers want to get their hands on. An attacker could view, change, or even delete data if they have the access to do so.
Try to keep track of everything and make sure you install all your software updates as new ones come out. It will help reduce system vulnerabilities and from being a target of a data breach!

Malicious attacks can be avoided if you take the proper steps. A VPN Service, Email Security, Password Manager, Multi-Factor Authentication, and up-to-date software will help keep your system protected and secure!

Want to make sure you’re protected and taking the right steps? Contact PCS for all your cyber security needs!

How Important Is Having A VPN Service?

The term “VPN” gets thrown around more often than others when it comes to your access.  Whether it be for business or personal, being told to have a VPN has always been standard protocol on our systems.  But what exactly is it? Where can we use it? What happens if you don’t have it?
We’re here to tell you what you need to know and how it works!

What Is A VPN?

VPN stands for Virtual Private Network. It gives you online privacy and anonymity by creating a private network from a public internet connection.  They mask your IP (internet protocol) address so your online actions are virtually untraceable. Virtual Private Networks  also secure connections to provide greater privacy than even a secured Wi-Fi hotspot.

Why Do You Need A VPN Service?

Having a VPN service is not only important for business settings, but you can also get it for your personal devices!  When you’re on the internet, especially on an unsecured Wi-Fi network, you could be exposing your private information and browsing history.

Imagine yourself being at an airport or even a coffee shop where there is no secured service.  You are browsing through your emails and even working on a big project for work that is due in a few days.  The amount of clicking you do and what is being put into the unsecured network could potentially get into  by a stranger using the same network. Unless it’s a secured network that allows you to put in a password when trying to connect, your information is vulnerable.

Having the ability to not worry about someone else getting into your information is one way to keep your data and your companies data secured.   Especially when most companies are working remotely, you don’t want to have that thought in the back of your mind whether or not someone can access your companies information.

How Does A VPN Protect Your IP Address And Privacy

The VPN essentially creates a data tunnel between your local network and an exit node in another location.  It makes it seem like you’re miles away in another place when really you are home! Having that luxury allows your location to stay private, while also keeping data and information private.  Think of it like a sturdy tunnel that no one can get into.
Virtual Private Networks use encryption to scramble data when it’s sent over a Wi-Fi network and encryption makes the data unreadable.

Without a VPN, your internet service provider can know your entire browsing history. With a VPN, your search history is hidden. That’s because your web activity will be associated with the VPN server’s IP address, not your own.

What A VPN Can Hide

  • Browsing history
  •  IP address and location
  •  Location for streaming
  • Devices
  • Web activity

Where Can You Use Your VPN?

The answer? Anywhere! Once you have it, you can use it to be able to keep your data secured. While traveling, at home, in the office, and even while enjoying a cup of coffee at your nearest coffee shop.  Having the VPN on your laptop, tablet, iPad, and even any phone device will help make sure your information is protected.

Need help with keeping you and your company safe? Contact PCS!