Imagine you get a call from the FBI or other law enforcement agency. An agent tells you an investigation has uncovered evidence that your network has been breached and customer data was stolen. After a little digging, you discover that not only have hackers been in your systems, but they’ve been lurking in your network for a year or more. By then, these intruders have made off with thousands of emails, attachments and confidential customer information.
Sadly, that is an increasingly common scenario. An Eastern European criminal gang reportedly used a phishing attack to steal credit card information for millions of Chipotle customers. Other attackers stole Social Security numbers from Equifax last year for roughly half the population of the United States. More recently, LifeLock — the identity theft protection firm whose whole business model is premised on protecting its customers’ identities online — may have exposed customers to attacks from ID thieves and phishers.
This Week in Cyber-insecurity
According to a new FBI public service announcement, Internet of Things (IoT) devices are currently being targeted and exploited by malicious actors. The IoT includes routers, printers, cameras and even smart locks and connected doors and devices that act as proxies to route malicious traffic for cyberattacks and computer network exploitation. These devices are being targeted by cyber criminals who are looking for a gateway into networks or even to break into physical locations. The FBI has warned that ignoring or mismanaging IoT device security could leave your organization wide open to attack.
Just this week, our security team was notified of new phishing and malware warnings, including reports of a large-scale phishing campaign that mimics Box.com and Office365 login pages (example below). Be suspicious of any requests asking you to log in to download or access files. In this case, if you click the Open Message button, you will be redirected to a website that looks like Office 365 and prompts you for your username and password.
As a reminder, if you or your organization use Office365, you should only enter credentials into a site with direct access, such as going directly to Microsoft’s website and choosing to login. Never provide your credentials to a website that you land on from a link. Even if your organization does not use Office365, you should never provide credentials to any website that requests them in this manner.
Steps to Protect Your Systems
According to experts, the best way to defend against these kinds of attacks is to ensure employees are always vigilant and suspicious of any requests for information online. (For more of our free tips and guidance on how to avoid email phishing scams, click here.)
The second important step is continual monitoring and reporting tools to spot intrusions and signs of phishing attempts. You can also use these programs to scan your systems for obvious flaws and points of failure, like an unsecured device.
These systems can:
- Control devices and computers on your network including laptops, workstations and servers.
- Monitor processes, files, user activity, network activity and other aspects of the system for suspicious behavior.
- Keep software up to date with security patches.
- Scan across networks for any outdated software or insecure configurations.
An Extra Pair of Eyes
Dealing with these and other security flaws is a lot of work, but the Troyka-TC can help. The traditional approach to managing IT — by adding technology experts to the payroll — simply isn’t practical for many businesses. If you’re a small or medium-sized business, you can have cybersecurity resources usually available only to large organizations by enlisting the help of a virtual Chief Information Officer (vCIO). Unlike other things labeled “virtual” these days, a vCIO is a real human being that serves as a dedicated and trusted advisor, and has a knack for strategically reaching your technology goals. A vCIO also serves as part of a team of technical experts who are at your disposal 24/7.
Tackling malware and protecting your network is a never-ending battle, but it can be managed. To make sure your business is completely protected, reach out to a Troyka-TC representative today for a free, no-obligation consultation to determine your business security needs. And, if you’re considering whether Managed IT and the vCIO services that come along with it are right for your business, be sure to check out our helpful comparison guide below.